DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of the Claims
The amendment received on 09 March 2026 has been acknowledged and entered.
Claims 1, 3, 5, 12, 14, 19, 21-22, and 24 have been canceled.
Claims 2, 11, 13, 20, and 23 have been amended.
No new claims have been added.
Claims 2, 4, 6-11, 13, 15-18, 20 and 23 are currently pending.
Response to Amendments and Arguments
Applicant's arguments filed 09 March 2026 in regards to the rejection of claim 23 under 35 U.S.C. 112(a) have been fully considered and persuasive. Therefore, the rejection of claim 23 under 112(a) has been withdrawn.
Applicant’s arguments, see REMARKS, pages 7 of 10, filed 09 March 2026, with respect to claims 2, 4, 6-11, 13, 15-18, 20, and 22-24 under 35 U.S.C. 101 have been fully considered and are persuasive. The rejection of claims 2, 4, 6-11, 13, 15-18, 20, and 22-24 under 35 U.S.C. 101 has been withdrawn.
Applicant's arguments filed 09 March 2026 with respect to the rejection of Claims 2, 4, 6-11, 13, 15-18, 20 and 23 under 35 U.S.C. 103 have been fully considered but they are not persuasive.
Applicant argues (in REMARKS, pages 8-9 of 10) that Schoenfelder does not disclose, nor was Schoenfelder cited to disclose "an access request...that causes the system to generate account data...that comprises a unique access credential," where "the system is configured to determine that the unique access credential matches the access credential of the account data." Although Schoenfelder discloses access credentials (see paragraphs 27 and 28), Schoenfelder does not suggest or disclose that an access request causes a system to generate account data comprising a unique access credential, let alone "without the first device submitting a request to create a new account or a new user login for an application." For example, Schoenfelder discloses: "The server determines the appropriate credential based on the authenticated user who is requesting them. For example, the user can be authenticated in the system through user account authentication, e.g., by providing user details when setting up an account with the system." Paragraph 32.
Further, Schoenfelder does not disclose, nor was Schoenfelder cited to disclose "determin[ing] that the unique access credential matches the access credential of the account data." Tippett does not cure the deficiencies of Schoenfelder. Accordingly, claim 2 is not obvious in view of Schoenfelder and Tippett. Accordingly, applicant requests that the rejection of claim 2 be withdrawn and the claim be allowed.
In response to Applicant’s argument, the Examiner respectfully disagrees and notes that Tippett et al.: discloses an access request that causes the system to generate account data and to maintain the account data that comprises a unique access credential; and a unique access credential for access and that was generated without the first device submitting a request to create a new account or user login for an application in [0050], see In step 303, the authentication platform 119 may transmit the authentication code to the relying party. After receiving an authentication code request, the authentication platform 119 may generate a random code, which would be unique from any other code generated by the authentication platform in past and future requests. After generating this unique code, the authentication platform 119 may transmit this code back to the web server, and eventually RP device 103, from which the user initially loaded the login page via communication network 123); (Tippett et al.: [0051] In step 305, the authentication platform 119 may authenticate a user with respect to the relying party by determining that a second device associated with the user has read the authentication code from the authentication user interface of the first device, wherein the second device is a previously authenticated device. The user trying to log into the first device, or RP device 103, should already be a registered user in with the authentication platform. That is, the user had established a profile with the authentication platform and registered his UD 101 and RP account logins with the authentication platform 119. Additionally, the user had already authenticated his identity with the UD 101 through the authentication platform 119. Thus, the system 100 has already authenticated the user of the device is the same person as the registered owner of the device. Thus, when the authentication platform receives from this user's device 101 an image of the authentication code sent to the kiosk from the earlier example, the authentication platform will know to apply this user's already authenticated credentials to the kiosk's check-in system such that the kiosk may notify the airline company that this passenger is present and checked-in for boarding. Additionally, the authentication platform 119 may send confirmation of this authorization to the UD 101, which may notify the user of a successful check-in); also see [0053] linking account data; {The Examiner interprets this to mean that account logins (account data) and unique access credentials are maintained}.
Further, Tippett et al. discloses wherein the system is configured to determine that the unique access credential matches the access credential of the account data in [0054], see The authentication platform 119 may trace the information of the UD 101 and/or application 125 to the appropriate user profile. Once the authentication platform 119 identifies the appropriate profile, the authentication platform may proceed to authenticate the user's account with the relying party's website or point of access. Proceeding with the example above, when the authentication platform 119 receives the image captured from the homeowner's UD 101, a personal mobile phone, the authentication platform 119 may read the image in conjunction with the device information from which the image was sent, that is, the homeowner's cell phone and/or the application 125 that contains an active session with the authentication platform 119. The UD 101 and/or application 125 information supplied allows the authentication platform 119 to authenticate the session with the homeowner's profile, as the image was taken by his person mobile phone). {The Examiner interprets the identifying to mean matching}.
Applicant argues (in REMARKS, page 9 of 10) that Independent claims 11 and 20, although different in scope from independent claim 2 and each other, are allowable for at least the same reasons as independent claim 2. The dependent claims are allowable for at least the same reasons as their respective independent claims.
In response to Applicant’s argument, the Examiner respectfully disagree for reasons stated above regarding the rejection of claim 2.
Examiner’s Note: The Examiner left a message for Therese Paoletta requesting an eTD. However, the Examiner upon further review saw that an eTD was filed on 08/27/2025; and upon performing a new search discovered that Schoenfelder et al. (US PG Pub. 2015/0194000 A1) in view of Tippett et al. (US PG Pub. 20150089613 A1) teaches the added limitations, and therefore will maintain the 103 rejection.
Terminal Disclaimer
The terminal disclaimer filed on 05/28/2026 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of US Patent No. 12,118,481 has been reviewed and is accepted. The terminal disclaimer has been recorded.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 2, 4, 11, 13, 15-18, 20 and 23 are rejected under 35 U.S.C. 103 as being unpatentable over Schoenfelder et al. (US PG Pub. 2015/0194000 A1) in view of Tippett et al. (US PG Pub. 20150089613 A1).
As per claims 2 and 20, Schoenfelder et al. discloses a method Schoenfelder et al.: [0028]; Fig. 1b), cause the one or more computers to perform operations comprising:
transmitting, by a first device implemented on the one or more computers and to a system via a computer network, an access request for a property (Schoenfelder et al.: [0027]-[0028] The credential can provide authentication and grant access to the user when it is paired with the user mobile device. For example, access control device 102 can grant access to a unit that can be owned or rented by a tenant that carries mobile device 108 and stores the appropriate credential. When the user approaches their unit, access control device 102 and user mobile device 108 can wirelessly communicate to grant the user access, e.g., unlock the door, to the unit. Moreover, a single credential can grant the user access to all buildings and establishments that implement the disclosed system. For example, the user can use the credential stored in their mobile device to access their office, their gym, their private club, or any area that has installed access control devices that can control access to secure areas);
in response to transmitting the access request for the property, receiving, by the first device and from the system via the computer network based on one or more access conditions associated with the property, the unique access credential for access to at least a portion of the property (Schoenfelder et al.: [0027]-[0028] The credential can provide authentication and grant access to the user when it is paired with the user mobile device. For example, access control device 102 can grant access to a unit that can be owned or rented by a tenant that carries mobile device 108 and stores the appropriate credential. When the user approaches their unit, access control device 102 and user mobile device 108 can wirelessly communicate to grant the user access, e.g., unlock the door, to the unit. Moreover, a single credential can grant the user access to all buildings and establishments that implement the disclosed system. For example, the user can use the credential stored in their mobile device to access their office, their gym, their private club, or any area that has installed access control devices that can control access to secure areas);. (Schoenfelder et al.: [0028] According to aspects of the invention, an exemplary system architecture is illustrated in FIG. 1b. FIG. 1b shows server 152 in communication with database 154, and also in communication with building manager device 156, user mobile device 158, guest mobile device 160, and service provider device 162. Server 152 can generate and manage credentials that can be stored in database 154. A building manager using device 156, for example, a computer, tablet, or cell phone, can request from server 152 to generate a credential for a user, for example, a new building tenant, according to access provisions specific for the user. The building manager can specify the access provisions, e.g., granting access to user unit, granting access to building gym, etc., for the particular user when requesting the credential generation. The building manager can modify the access provisions at any time, for example, when the user gym membership has expired, the building manager can request from server 152 a new credential for the user through an interface running on building manager device 156. The user can receive from server 152 and can store the credential in mobile device 158. Server can allow different permissions to users, according to provisions specified by the building manager. For example, the server can enable the user to grant to their guests access to their building. A user can request using an application running on mobile device 158 from server 152 to generate a credential for their guest with mobile device 160. For example, the user can send to the guest an invitation to an event taking place in their building using the access control management app. According to aspects of the invention, the credential can be requested automatically Once server 152 generates the credential, it can send it to guest mobile device 160. The guest mobile device 160 and the generated credential will be paired and, can provide authentication of the guest. Then the guest can access the building and unit using their mobile device 160. For example, the server can enable the user to grant to their guests access to their building. The user can also request using the application running on mobile device 158 from server 152 to generate a credential for a service provider with mobile device 162. The service provider mobile device 162 and the generated credential will be paired and, can provide authentication of the service provider); and [0032] The credential can be used to generate an authenticated unlock request, for example using an unlock protocol. When a user requests credentials from the server, for example, for a guest or a service provider, the server can determine the appropriate credential to send to the guest or service provider. The server determines the appropriate credential based on the authenticated user who is requesting them. For example, the user can be authenticated in the system through user account authentication, e.g., by providing user details when setting up an account with the system), also see [0055]
using the unique access credential and the application, transmitting, by the first device, and via the computer network, an instruction to control an electronic lock to provide access to a first region within the property (Schoenfelder et al.: [0011]-[0012],[0032] The access control devices and mobile devices in range of any access control device in the system can form a local mesh network. In the local mesh network, the access control devices can communicate with mobile devices and with other access control devices in the system. The mobile devices can store credentials that can control access to one or more access control devices and can unlock the locking mechanisms controlled by the one or more access control devices. According to aspects of the invention, mobile devices of other approved users can receive credentials to their mobile devices that can also grant permission to unlock the locking mechanisms controlled by the one or more access control devices);
wherein the instruction causes the electronic lock to switch from a locked state to an unlocked state (Schoenfelder et al.: [0011]-[0012] The mobile devices can store credentials that can control access to one or more access control devices and can unlock the locking mechanisms controlled by the one or more access control devices. According to aspects of the invention, mobile devices of other approved users can receive credentials to their mobile devices that can also grant permission to unlock the locking mechanisms controlled by the one or more access control devices); (Schoenfelder et al. [0027]When the user approaches their unit, access control device 102 and user mobile device 108 can wirelessly communicate to grant the user access, e.g., unlock the door, to the unit); and (Schoenfelder et al. [0032] When access to a lock is requested, the appropriate credential is transmitted securely to an application running on a mobile device, for example, using a secure transport such as SSL/TLS and can be stored in the mobile device. The credential can be used to generate an authenticated unlock request, for example using an unlock protocol).
.
Schoenfeld et al. does not explicitly disclose, however, Tippett et al. discloses one or more non-transitory computer storage media encoded with instructions that, when executed by a computer (Tippett et al.: FIG. 5, [0076]; processor 803 executing an arrangement of instructions contained in main memory 805. Such instructions can be read into main memory 805 from another computer-readable medium), and
an access request that causes the system to generate account data and to maintain the account data that comprises a unique access credential (Tippett et al.: [0050] In step 303, the authentication platform 119 may transmit the authentication code to the relying party. After receiving an authentication code request, the authentication platform 119 may generate a random code, which would be unique from any other code generated by the authentication platform in past and future requests. After generating this unique code, the authentication platform 119 may transmit this code back to the web server, and eventually RP device 103, from which the user initially loaded the login page via communication network 123); (Tippett et al.: [0051] In step 305, the authentication platform 119 may authenticate a user with respect to the relying party by determining that a second device associated with the user has read the authentication code from the authentication user interface of the first device, wherein the second device is a previously authenticated device. The user trying to log into the first device, or RP device 103, should already be a registered user in with the authentication platform. That is, the user had established a profile with the authentication platform and registered his UD 101 and RP account logins with the authentication platform 119. Additionally, the user had already authenticated his identity with the UD 101 through the authentication platform 119. Thus, the system 100 has already authenticated the user of the device is the same person as the registered owner of the device. Thus, when the authentication platform receives from this user's device 101 an image of the authentication code sent to the kiosk from the earlier example, the authentication platform will know to apply this user's already authenticated credentials to the kiosk's check-in system such that the kiosk may notify the airline company that this passenger is present and checked-in for boarding. Additionally, the authentication platform 119 may send confirmation of this authorization to the UD 101, which may notify the user of a successful check-in); also see [0053] linking account data; {The Examiner interprets this to mean that account logins (account data) and unique access credentials are maintained}.
a unique access credential for access and that was generated without the first device submitting a request to create a new account or user login for an application (Tippett et al.: [0050] In step 303, the authentication platform 119 may transmit the authentication code to the relying party. After receiving an authentication code request, the authentication platform 119 may generate a random code, which would be unique from any other code generated by the authentication platform in past and future requests. After generating this unique code, the authentication platform 119 may transmit this code back to the web server, and eventually RP device 103, from which the user initially loaded the login page via communication network 123); (Tippett et al.: [0051] In step 305, the authentication platform 119 may authenticate a user with respect to the relying party by determining that a second device associated with the user has read the authentication code from the authentication user interface of the first device, wherein the second device is a previously authenticated device. The user trying to log into the first device, or RP device 103, should already be a registered user in with the authentication platform. That is, the user had established a profile with the authentication platform and registered his UD 101 and RP account logins with the authentication platform 119. Additionally, the user had already authenticated his identity with the UD 101 through the authentication platform 119. Thus, the system 100 has already authenticated the user of the device is the same person as the registered owner of the device. Thus, when the authentication platform receives from this user's device 101 an image of the authentication code sent to the kiosk from the earlier example, the authentication platform will know to apply this user's already authenticated credentials to the kiosk's check-in system such that the kiosk may notify the airline company that this passenger is present and checked-in for boarding. Additionally, the authentication platform 119 may send confirmation of this authorization to the UD 101, which may notify the user of a successful check-in); and
wherein the system is configured to determine that the unique access credential matches the access credential of the account data (Tippett et al.: [0054] The authentication platform 119 may trace the information of the UD 101 and/or application 125 to the appropriate user profile. Once the authentication platform 119 identifies the appropriate profile, the authentication platform may proceed to authenticate the user's account with the relying party's website or point of access. Proceeding with the example above, when the authentication platform 119 receives the image captured from the homeowner's UD 101, a personal mobile phone, the authentication platform 119 may read the image in conjunction with the device information from which the image was sent, that is, the homeowner's cell phone and/or the application 125 that contains an active session with the authentication platform 119. The UD 101 and/or application 125 information supplied allows the authentication platform 119 to authenticate the session with the homeowner's profile, as the image was taken by his person mobile phone). {The Examiner interprets the identifying to mean matching}. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the access control system of Schoenfelder et al. to include receiving an access credential without log-in as taught by Tippett et al. for applying a user authentication mechanism that is based on little to no manual sign on actions (i.e., zero sign on) by the user (Tippett et al.: [0001]).
As per claims 4 and 13, Schoenfelder et al. in view of Tippett et al. discloses the non-transitory computer storage media and system of claims 1 and 11, respectively, wherein:
the property comprises the first region and a second region (Schoenfelder et al.: [0035] In addition to providing access to a unit, users can provision access credentials to their guests with appropriate restrictions, allowing them to delineate which facilities the guest can access across the entire building, with time limitations, and other restrictive characteristics. This can enhance the user experience for both those occupying the building and those visiting the building, creating value for the building manager); and (Schoenfelder et al.: [0027] For example, the user can use the credential stored in their mobile device to access their office, their gym, their private club, or any area that has installed access control devices that can control access to secure areas. The user can conveniently manage all of their access, guest and service provider provisioning through the same interface, e.g., an app running on their mobile phone or a website); and
the access credential enables the application to provide access to the first region and not the second region within the property ([0035] In addition to providing access to a unit, users can provision access credentials to their guests with appropriate restrictions, allowing them to delineate which facilities the guest can access across the entire building, with time limitations, and other restrictive characteristics), and
wherein the first region comprises a first sub-unit in a multi-unit dwelling (Schoenfelder et al.: [0034] he can request access to the unit (step 302), and
the second region comprises a second sub-unit in the multi-unit dwelling (Schoenfelder et al.: [0059] Users can perform their regular activities in the building, for example, visit the lounge area, the terrace, the gym, the laundry room, while carrying their mobile devices (step 802). The access control devices located throughout the building can track active and passive activities of users across the building (step 804) [0065] gym, garage).
.
As per claims 6 and 15, Schoenfelder et al. in view of Tippett et al. discloses the non-transitory computer storage media and system of claims 2 and 11, respectively. Schoenfelder et al. further discloses, wherein the access credential comprises an alphanumeric code (Schoenfelder et al.: [0043] Types of available credentials can include a Bluetooth based credential, a digital copy of a physical key (KeyMe), an alphanumeric password, or even a pre-programmed digital radio frequency credential).
As per claims 7 and 16, Schoenfelder et al. in view of Tippett et al. discloses the non-transitory computer storage media and system of claims 2 and 11, respectively. Schoenfelder et al. further discloses, wherein the access credential is valid during a period during which a user is allowed access to the first region of the property (Schoenfelder et al.: [0034] This is illustrated in FIG. 3, generally at 300. When a guest of an unit owner/tenant in a multi-unit building arrives at the building, he can request access to the unit (step 302). The guest and the owner then can enter a transaction (step 304), for example, through a mobile device application or app. As an illustrative example, the request for access from the guest can appear as a notification from an app running on a user mobile device. The owner can then determine whether to grant access to the guest or not (steps 308 and 310). If the owner decides to grant access to the guest, the owner can optionally specify a time period during which the guest will have access to the unit (step 312). Then the guest receives the necessary credentials for the building (step 314), which would authorize a guest's mobile device to provide access to the building and all necessary access points until the user unit (step 316)..
As per claim 8 and 17, Schoenfelder et al. in view of Tippett et al. discloses the non-transitory computer storage media and system of claims 2 and 11, respectively. Schoenfelder et al. further discloses, wherein the access credential specifies access to one or more electronic devices associated with a monitoring system of the property through the application (Schoenfelder et al.: [0048] real-time view, [0056] sensors, [0059],[0062] tracking).
As per claim 9 and 18, Schoenfelder et al. in view of Tippett et al. and Hess et al. discloses the non-transitory computer storage media and system of claims 2 and 11, respectively. Schoenfelder et al. further discloses, wherein the application enables exchange of communications with one or more devices associated with a monitoring system of the property (Schoenfelder et al.: [0056] sensors, [0059],[0062] tracking).
As per claim 10, Schoenfelder et al. in view of Tippett et al. discloses the non-transitory computer storage media of claim 2. Schoenfelder et al. further discloses receiving, from a second device, input that specifies the one or more access conditions associated with the property ([0028] The building manager can modify the access provisions at any time, for example, when the user gym membership has expired, the building manager can request from server 152 a new credential for the user through an interface running on building manager device 156. The user can receive from server 152 and can store the credential in mobile device 158. Server can allow different permissions to users, according to provisions specified by the building manager. For example, the server can enable the user to grant to their guests access to their building. A user can request using an application running on mobile device 158 from server 152 to generate a credential for their guest with mobile device 160. For example, the user can send to the guest an invitation to an event taking place in their building using the access control management app. According to aspects of the invention, the credential can be requested automatically).
As per claim 11, Schoenfelder et al. discloses a system comprising:
one or more computing devices (Schoenfelder et al.: [0028], Fig. 1b); and
Schoenfelder et al.: [0028], Fig. 1b) comprising:
transmitting, to a second system, an access request for a property or a request to list the property (Schoenfelder et al.: [0028]);
in response to transmitting the access request for the property, receiving, from the second system via the computer network based on one or more access conditions associated with the property, a unique access credential for access to at least a portion of the property (Schoenfelder et al.: [0027]-[0028] The credential can provide authentication and grant access to the user when it is paired with the user mobile device. For example, access control device 102 can grant access to a unit that can be owned or rented by a tenant that carries mobile device 108 and stores the appropriate credential. When the user approaches their unit, access control device 102 and user mobile device 108 can wirelessly communicate to grant the user access, e.g., unlock the door, to the unit. Moreover, a single credential can grant the user access to all buildings and establishments that implement the disclosed system. For example, the user can use the credential stored in their mobile device to access their office, their gym, their private club, or any area that has installed access control devices that can control access to secure areas)
using the unique access credential and the application, controlling, by the first device, an electronic lock to provide access to a first region within the property (Schoenfelder et al.: [0011]-[0012] The access control devices and mobile devices in range of any access control device in the system can form a local mesh network. In the local mesh network, the access control devices can communicate with mobile devices and with other access control devices in the system. The mobile devices can store credentials that can control access to one or more access control devices and can unlock the locking mechanisms controlled by the one or more access control devices. According to aspects of the invention, mobile devices of other approved users can receive credentials to their mobile devices that can also grant permission to unlock the locking mechanisms controlled by the one or more access control devices); and
wherein the instruction causes the electronic lock to switch from a locked state to an unlocked state (Schoenfelder et al.: [0011]-[0012] The mobile devices can store credentials that can control access to one or more access control devices and can unlock the locking mechanisms controlled by the one or more access control devices. According to aspects of the invention, mobile devices of other approved users can receive credentials to their mobile devices that can also grant permission to unlock the locking mechanisms controlled by the one or more access control devices); (Schoenfelder et al. [0027]When the user approaches their unit, access control device 102 and user mobile device 108 can wirelessly communicate to grant the user access, e.g., unlock the door, to the unit); and (Schoenfelder et al. [0032] When access to a lock is requested, the appropriate credential is transmitted securely to an application running on a mobile device, for example, using a secure transport such as SSL/TLS and can be stored in the mobile device. The credential can be used to generate an authenticated unlock request, for example using an unlock protocol).
Schoenfeld et al. does not explicitly disclose, however, Tippett et al. discloses one or more non-transitory computer storage media encoded with instructions that, when executed by a computer (Tippett et al.: FIG. 5, [0076]; processor 803 executing an arrangement of instructions contained in main memory 805. Such instructions can be read into main memory 805 from another computer-readable medium), and
a unique access credential for access and that was generated for the access request and without the first device submitting a request to create a new account or user login for an application (Tippett et al.: [0050] In step 303, the authentication platform 119 may transmit the authentication code to the relying party. After receiving an authentication code request, the authentication platform 119 may generate a random code, which would be unique from any other code generated by the authentication platform in past and future requests. After generating this unique code, the authentication platform 119 may transmit this code back to the web server, and eventually RP device 103, from which the user initially loaded the login page via communication network 123); (Tippett et al.: [0051] In step 305, the authentication platform 119 may authenticate a user with respect to the relying party by determining that a second device associated with the user has read the authentication code from the authentication user interface of the first device, wherein the second device is a previously authenticated device. The user trying to log into the first device, or RP device 103, should already be a registered user in with the authentication platform. That is, the user had established a profile with the authentication platform and registered his UD 101 and RP account logins with the authentication platform 119. Additionally, the user had already authenticated his identity with the UD 101 through the authentication platform 119. Thus, the system 100 has already authenticated the user of the device is the same person as the registered owner of the device. Thus, when the authentication platform receives from this user's device 101 an image of the authentication code sent to the kiosk from the earlier example, the authentication platform will know to apply this user's already authenticated credentials to the kiosk's check-in system such that the kiosk may notify the airline company that this passenger is present and checked-in for boarding. Additionally, the authentication platform 119 may send confirmation of this authorization to the UD 101, which may notify the user of a successful check-in); also see [0053] linking account data. {The Examiner interprets this to mean that account logins (account data) and unique access credentials are maintained}. and
wherein the system is configured to determine that the unique access credential matches the access credential of the account data (Tippett et al.: [0054] The authentication platform 119 may trace the information of the UD 101 and/or application 125 to the appropriate user profile. Once the authentication platform 119 identifies the appropriate profile, the authentication platform may proceed to authenticate the user's account with the relying party's website or point of access. Proceeding with the example above, when the authentication platform 119 receives the image captured from the homeowner's UD 101, a personal mobile phone, the authentication platform 119 may read the image in conjunction with the device information from which the image was sent, that is, the homeowner's cell phone and/or the application 125 that contains an active session with the authentication platform 119. The UD 101 and/or application 125 information supplied allows the authentication platform 119 to authenticate the session with the homeowner's profile, as the image was taken by his person mobile phone). {The Examiner interprets the identifying to mean matching}. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the access control system of Schoenfelder et al. to include receiving an access credential without log-in as taught by Tippett et al. for applying a user authentication mechanism that is based on little to no manual sign on actions (i.e., zero sign on) by the user (Tippett et al.: [0001]).
As per claim 23, Schoenfelder et al. in view of Tippett et al. discloses the method of claim 20.
Schoenfelder et al. does not further disclose, however, Tippett et al. discloses wherein receiving the unique access credential comprises, in response to transmitting the access request for the property, receiving, by the first device and from the system based on one or more access conditions associated with the property, the unique access credential for access to at least a portion of the property and that was generated a unique access credential for access and that was generated for the access request and without the first device submitting a request to create a new account or user login for an application (Tippett et al.: [0050] In step 303, the authentication platform 119 may transmit the authentication code to the relying party. After receiving an authentication code request, the authentication platform 119 may generate a random code, which would be unique from any other code generated by the authentication platform in past and future requests. After generating this unique code, the authentication platform 119 may transmit this code back to the web server, and eventually RP device 103, from which the user initially loaded the login page via communication network 123); (Tippett et al.: [0051] In step 305, the authentication platform 119 may authenticate a user with respect to the relying party by determining that a second device associated with the user has read the authentication code from the authentication user interface of the first device, wherein the second device is a previously authenticated device. The user trying to log into the first device, or RP device 103, should already be a registered user in with the authentication platform. That is, the user had established a profile with the authentication platform and registered his UD 101 and RP account logins with the authentication platform 119. Additionally, the user had already authenticated his identity with the UD 101 through the authentication platform 119. Thus, the system 100 has already authenticated the user of the device is the same person as the registered owner of the device. Thus, when the authentication platform receives from this user's device 101 an image of the authentication code sent to the kiosk from the earlier example, the authentication platform will know to apply this user's already authenticated credentials to the kiosk's check-in system such that the kiosk may notify the airline company that this passenger is present and checked-in for boarding. Additionally, the authentication platform 119 may send confirmation of this authorization to the UD 101, which may notify the user of a successful check-in), and
wherein the system is configured to determine that the unique access credential matches the access credential of the account data (Tippett et al.: [0054] The authentication platform 119 may trace the information of the UD 101 and/or application 125 to the appropriate user profile. Once the authentication platform 119 identifies the appropriate profile, the authentication platform may proceed to authenticate the user's account with the relying party's website or point of access. Proceeding with the example above, when the authentication platform 119 receives the image captured from the homeowner's UD 101, a personal mobile phone, the authentication platform 119 may read the image in conjunction with the device information from which the image was sent, that is, the homeowner's cell phone and/or the application 125 that contains an active session with the authentication platform 119. The UD 101 and/or application 125 information supplied allows the authentication platform 119 to authenticate the session with the homeowner's profile, as the image was taken by his person mobile phone). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the access control system of Schoenfelder et al. to include receiving an access credential without log-in as taught by Tippett et al. for applying a user authentication mechanism that is based on little to no manual sign on actions (i.e., zero sign on) by the user (Tippett et al.: [0001]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
1) Mohiuddin et al. (US PG Pub.20130257589 A1) discloses access control using an electronic lock employing short range communication with mobile device wherein the method involve receiving, by a mobile communication device, a unique identifier associated with the electronic locking device via a first short range communication; and in response to the reception of the unique identifier, an automated call is placed to a remote telephone, and a code for unlocking the electronic locking device is received from the remote telephone.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FREDA A. NELSON whose telephone number is (571)272-7076. The examiner can normally be reached Monday-Friday, 10:00am - 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shannon Campbell can be reached on 571-272-5587. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/F.A.N/Examiner, Art Unit 3628
/SHANNON S CAMPBELL/ Supervisory Patent Examiner, Art Unit 3628