DETAILED ACTION
This communication responsive to the Application No. 18/923161 filed on 10/22/2024. Claims 1-20 are pending and are directed towards METHOD FOR AUTHENTICATING ELECTRONIC DEVICE, AND ELECTRONIC DEVICE THEREFOR
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefore, subject to the conditions and requirements of this title.
Claims 1-30 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Independent claim
Step 1:
Claims 1, 11 are drawn to a method, therefore falls under one of four categories of statutory subject matter (process/method, machines/products/apparatus, manufactures, and compositions of matter).
Step 2A, Prong 1:
Nonetheless, claims 1,11 are directed to a judicially recognized exception of an abstract idea without significantly more. Claim 1,11 recites a method of “identify at least one neighboring electronic device that is capable of performing user authentication in response to a user authentication request”, “provide, via the user interface module, a list of the at least one neighboring electronic device capable of performing user authentication”, enumerates a mental concept and information processing workflow. Identifying devices capable of authentication is an act of evaluation and classification. Providing a list of devices and selecting a device and requesting authentication is nothing more than organizing, decision making and delegation. These steps are directed to organizing, evaluating and selecting authentication options. As such, these steps are nothing more than an abstract mental concept (MPEP 2106.04(a)(2)(III)).
Step 2A, Prong 2:
Claims 1,11 recites additional step of “transmit a request to an authentication server for performing user authentication using an electronic device selected from the list of the at least one neighboring electronic device capable of performing user authentication” that fails to integrate the abstract idea into a practical application. Reviewing available authenticators, listing eligible ones, choosing one and asking that authenticator to authenticate a user, is not an improvement to the system. This additional step, transmitting a request based on a selection, is a form of insignificant extra solution activity of automating a conventional authentication decision process using generic computing components is necessary for all uses of the judicial exception. The additional step of listing available authenticators, allowing a selection and forwarding a request to a server, fails to integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea (MPEP 2106.05(g)) (MPEP 2106.05(g)).
Step 2B:
The additional step that is a form of insignificant extra-solution activity, does not amount to significantly more than an abstract idea because the courts have recognized that this additional step to be well-understood, routine, and conventional when claimed in a merely generic manner for receiving and retrieving data (See MPEP 2106.05(d)(II)(i)). As such claims 1,11 is not patent eligible.
Dependent claims
Dependent claims 2-10, 12-20 are ineligible for the same reasons given with respect to claims 1, 11.
Step 1:
Claims 2-10,12-20 are drawn to a method, therefore falls under one of four categories of statutory subject matter (process/method, machines/products/apparatus, manufactures, and compositions of matter).
Step 2A-2B:
Dependent claims 2-10,12-20 recites additional steps of “list of the at least one neighboring electronic device is produced based on authentication-related information of the at least one neighboring electronic device” and others that fails to integrate the abstract idea into a practical application. These steps involve listing, allowing and forwarding a request, can be performed in a human mind. These steps merely specify how the abstract mental process of identifying, listing, selecting and requesting authentication is performed such as refining the presentation of information, narrowing the selection criteria or specifying generic communication steps.
These additional steps that is a form of insignificant extra-solution activity, does not amount to significantly more than an abstract idea because the courts have recognized that this additional step to be well-understood, routine, and conventional when claimed in a merely generic manner for receiving and retrieving data (See MPEP 2106.05(d)(II)(i)). As such dependent claims 2-10, 12-20 are not patent eligible.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-6,10-16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Johnston et al. (US 20110072507 A1), hereinafter referred to as Johnston, in view of Ben et al. (US 20110215921 A1), hereinafter referred to as Ben.
As per claim 1, Johnston discloses an electronic device comprising:
a communication circuit; (Computer-based system or network 10, Johnston, para [0014])
memory; (Memory devices, Johnston, para [0018])
a user interface module; and (Graphical user interface (GUI), Johnston, para [0027])
at least one processor operatively connected to the communication circuit, the memory and the user interface module, wherein the memory stores instructions that, when executed by the at least one processor individually or collectively, cause the electronic device is configured to: (Client device motherboard, Johnston, para [0027])
identify at least one neighboring electronic device that is capable of performing user authentication in response to a user authentication request; (The user selects the login button and client scans for available authentication devices, Johnston, Fig 3 S104 and S116)
provide, via the user interface module, a list of the at least one neighboring electronic device capable of performing user authentication; and (Client displays list of authentication devices within the GUI, Johnston, Fig 3, S120).
However, Johnston does not explicitly disclose the limitation:
transmit a request to an authentication server for performing user authentication using an electronic device selected from the list of the at least one neighboring electronic device capable of performing user authentication
Ben discloses:
transmit a request to an authentication server for performing user authentication using an electronic device selected from the list of the at least one neighboring electronic device capable of performing user authentication (Requesting a list of services from said second mobile device and receiving a corresponding response, on authenticating said second mobile device, said access to NFC application is authorized, Ben, para [0031]).
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 2, Johnston and Ben disclose the electronic device of claim 1, wherein
Furthermore, Johnston discloses:
the list of the at least one neighboring electronic device is produced based on authentication-related information of the at least one neighboring electronic device (A list of available authentication devices 74 that are found to be present and a list of the various identities stored thereon or the corresponding data entry needed, e.g., fingerprint data, is then presented inside the GUI on the client device display 46, as indicated at 120 and 124. In various embodiments, a username and password may additionally be required to access the list of identities on one or more of the authentication devices 74 found to be present, Johnston, para [0029])
As per claim 3, Johnston and Ben disclose the electronic device of claim 2, wherein
Furthermore, Johnston discloses:
the authentication-related information comprises at least one of device identification information, location information, a security level, or an authentication method in association with the at least one neighboring electronic device (The location of the client device 14, what kind of network the device 14 is connected to, how frequently the client device 14 is inspected and maintained, how many different users are allowed access to the client device 14, who is allowed access to the client device 14 as well as what credentials are required to allow access to the remote server 18, Johnston, para [0049]).
As per claim 4, Johnston and Ben disclose the electronic device of claim 2 or claim 3, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device
Furthermore, Ben discloses:
search for the at least one neighboring electronic device over a short-range communication network, and to obtain the authentication-related information from the at least one retrieved neighboring electronic device (Using a second Bluetooth device, the user searches for Bluetooth devices, selects system for wireless authentication and initiates a pairing request, Ben, para [0136]. This explicitly describes searching for nearby Bluetooth devices)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 5, Johnston and Ben disclose the electronic device of any of claim[[s]] 4 the instructions, when executed by the at least one processor individually or collectively, cause the electronic device
Furthermore, Ben discloses:
obtain, from the authentication server, at least one of the authentication-related information or the list of the at least one neighboring electronic device capable of performing user authentication (Application sends request for data to system for wireless authentication. Application authenticates response from system for wireless authentication, Ben, para [0138]. This shows an exchanging of data used for authentication after pairing or discovery, which is analogous to obtaining authentication related information from the discovered device).
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 6, Johnston and Ben disclose the electronic device of any of claim[[s]] 5 the instructions, when executed by the at least one processor individually or collectively, cause the electronic device
Furthermore, Ben discloses:
transmit a multi-cast message for searching for the at least one neighboring electronic device, to obtain the authentication-related information from the at least one neighboring electronic device that responds to the multi-cast message, and to request the authentication server to perform user authentication using the selected electronic device (Authenticating a response may involve local authentication, whereby the received data is authenticated. Application provides access to user, Ben, para [0139])
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 10, Johnston and Ben disclose the electronic device of 1, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic
Furthermore, Johnston discloses:
identify, via the authentication server, whether the authentication using the selected electronic device is successfully performed, and to perform user login (sign in) in response to the successful authentication (Upon validation of the selected identities, the relay program 66 then brokers an encrypted proxy session between the server 18 and the client device 14, as indicated at 136. Particularly, the relay program 66 substantiates a server-side proxy 78 and communicates with the client device connector program 70, via the second communication channel 30, whereby the connector program 70 substantiates a client-side proxy 82. Once the client-side proxy 82 is established, the relay program 66 establishes the high-level security third communications channel 34 and the encrypted proxy session between the client-side proxy 82 and the server-side proxy 78, via the high-level security third communications channel 34, Johnston, para [0032]).
As per claim 11, Johnston discloses a method of an electronic device, the method comprising:
identifying at least one neighboring electronic device capable of performing user authentication in order to perform user authentication for the electronic device; (The user selects the login button and client scans for available authentication devices, Johnston, Fig 3 S104 and S116)
providing a list of the at least one neighboring electronic device capable of performing user authentication; and (Client displays list of authentication devices within the GUI, Johnston, Fig 3, S120).
However, Johnston does not explicitly disclose the limitation:
transmitting a request to an authentication server for performing user authentication using an electronic device selected from the list of the at least one neighboring electronic device capable of performing user authentication
Ben discloses:
transmitting a request to an authentication server for performing user authentication using an electronic device selected from the list of the at least one neighboring electronic device capable of performing user authentication (Requesting a list of services from said second mobile device and receiving a corresponding response, on authenticating said second mobile device, said access to NFC application is authorized, Ben, para [0031]).
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 12, Johnston and Ben disclose the method of claim 11, wherein
Furthermore, Johnston discloses:
the list of the at least one neighboring electronic device is produced based on authentication-related information of the at least one neighboring electronic device (A list of available authentication devices 74 that are found to be present and a list of the various identities stored thereon or the corresponding data entry needed, e.g., fingerprint data, is then presented inside the GUI on the client device display 46, as indicated at 120 and 124. In various embodiments, a username and password may additionally be required to access the list of identities on one or more of the authentication devices 74 found to be present, Johnston, para [0029])
As per claim 13, Johnston and Ben disclose the method of claim 12, wherein
Furthermore, Johnston discloses:
the authentication-related information comprises at least one of device identification information, location information, a security level, or an authentication method in associated with the at least one neighboring electronic device (The location of the client device 14, what kind of network the device 14 is connected to, how frequently the client device 14 is inspected and maintained, how many different users are allowed access to the client device 14, who is allowed access to the client device 14 as well as what credentials are required to allow access to the remote server 18, Johnston, para [0049]).
As per claim 14, Johnston and Ben disclose the method of claim 12
Furthermore, Ben discloses:
searching for the at least one neighboring electronic device over a short-range communication network; and obtaining the authentication-related information from the at least one retrieved neighboring electronic device (Using a second Bluetooth device, the user searches for Bluetooth devices, selects system for wireless authentication and initiates a pairing request, Ben, para [0136]. This explicitly describes searching for nearby Bluetooth devices)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 15, Johnston and Ben disclose the method of any of claim[[s]] 14
Furthermore, Ben discloses:
at least one of the authentication-related information or the list of the at least one neighboring electronic device capable of performing user authentication is obtained from the authentication server (Application sends request for data to system for wireless authentication. Application authenticates response from system for wireless authentication, Ben, para [0138]. This shows an exchanging of data used for authentication after pairing or discovery, which is analogous to obtaining authentication related information from the discovered device)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 16, Johnston and Ben disclose the method of claim 15, further comprising:
Furthermore, Ben discloses:
transmitting a multi-cast message for searching for the at least one neighboring electronic device, to obtain the authentication-related information from the at least one neighboring electronic device that responds to the multi-cast message, and requesting the authentication server to perform user authentication using the selected electronic device (Authenticating a response may involve local authentication, whereby the received data is authenticated. Application provides access to user, Ben, para [0139])
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) with wireless authentication based on Bluetooth proximity (Ben). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston with Ben in order to efficiently allow automatic wireless authentication (See Ben, para [0002])
As per claim 20, Johnston and Ben disclose the method of claim 1, further comprising:
Furthermore, Johnston discloses:
identifying, via the authentication server, whether the authentication using the selected electronic device is successfully performed, and performing user login (sign in) in response to the successful authentication (Upon validation of the selected identities, the relay program 66 then brokers an encrypted proxy session between the server 18 and the client device 14, as indicated at 136. Particularly, the relay program 66 substantiates a server-side proxy 78 and communicates with the client device connector program 70, via the second communication channel 30, whereby the connector program 70 substantiates a client-side proxy 82. Once the client-side proxy 82 is established, the relay program 66 establishes the high-level security third communications channel 34 and the encrypted proxy session between the client-side proxy 82 and the server-side proxy 78, via the high-level security third communications channel 34, Johnston, para [0032]).
Claims 7-9, 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Johnston et al. (US 20110072507 A1), hereinafter referred to as Johnston, in view of Ben et al. (US 20110215921 A1), hereinafter referred to as Ben in further view of Decharms et al. (US 20140368601 A1), hereinafter referred to as Decharms.
As per claim 7, Johnston and Ben disclose the electronic device of 2 the instructions, when executed by the at least one processor individually or collectively, cause the electronic device
However, Johnston in view of Ben does not explicitly disclose the limitation:
produce a priority order based on the authentication-related information of the at least one neighboring electronic device, and to provide the list of the at least one neighboring electronic device according to the priority order
Decharms discloses:
produce a priority order based on the authentication-related information of the at least one neighboring electronic device, and to provide the list of the at least one neighboring electronic device according to the priority order (The mobile computing device 102 can display a list of the computing devices 108a-d, their corresponding users 1116a-d and their corresponding status, Decharms, para [0059]. This discloses providing a list of devices or entities with associated information)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059]).
As per claim 8, Johnston and Ben disclose the electronic device of claim 7, wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device
However, Johnston in view of Ben does not explicitly disclose the limitations:
provide the list arranged in colors distinguished based on the priority order
Decharms discloses:
provide the list arranged in colors distinguished based on the priority order (The safety level may be presented as a color. An icon may be presented showing a color-coded representation of the first user’s safety level, Decharms, para [0197]. The list is prioritized by level and provides entries with distinct colors corresponding to that level is analogous to the list being arranged in colors distinguished based on the priority order)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059])
As per claim 9, Johnston and Ben disclose the electronic device of claim 7
However, Johnston in view of Ben does not explicitly disclose the limitation:
the priority order is produced based on a security level among the authentication-related information
Decharms discloses:
the priority order is produced based on a security level among the authentication-related information (The mobile computing device 102 itself can automatically select one or more of the computing devices 108a-d based on a variety of factors including ratings, expertise and predefined preferences, one or more lists/rankings of entities 116a-d, Decharms, para [0062]. Here, lists/rankings and other factors are used to select recipients which is analogous to priority-based ordering/selection).
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059])
As per claim 17, Johnston and Ben disclose the method of claim 12, further comprising:
However, Johnston in view of Ben does not explicitly disclose the limitation:
producing a priority order based on the authentication-related information of the at least one neighboring electronic device, and providing the list of the at least one neighboring electronic device according to the priority order
Decharms discloses:
producing a priority order based on the authentication-related information of the at least one neighboring electronic device, and providing the list of the at least one neighboring electronic device according to the priority order (The mobile computing device 102 can display a list of the computing devices 108a-d, their corresponding users 1116a-d and their corresponding status, Decharms, para [0059]. This discloses providing a list of devices or entities with associated information).
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059])
As per claim 18, Johnston and Ben disclose the method of claim 17, wherein
However, Johnston in view of Ben does not explicitly disclose the limitation:
the providing the list of the at least one neighboring electronic device comprises providing the list arranged in colors distinguished based on the priority order
Decharms discloses:
the providing the list of the at least one neighboring electronic device comprises providing the list arranged in colors distinguished based on the priority order (The safety level may be presented as a color. An icon may be presented showing a color-coded representation of the first user’s safety level, Decharms, para [0197]. The list is prioritized by level and provides entries with distinct colors corresponding to that level is analogous to the list being arranged in colors distinguished based on the priority order)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059])
As per claim 19, Johnston and Ben disclose the method of claim 17, wherein
However, Johnston in view of Ben does not explicitly disclose the limitation:
the priority order is produced based on a security level among the authentication-related information
Decharms discloses:
the priority order is produced based on a security level among the authentication-related information (The mobile computing device 102 itself can automatically select one or more of the computing devices 108a-d based on a variety of factors including ratings, expertise and predefined preferences, one or more lists/rankings of entities 116a-d, Decharms, para [0062]. Here, lists/rankings and other factors are used to select recipients which is analogous to priority-based ordering/selection)
A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Johnston with Ben by multi-identity access control tunnel relay object (Johnston) and wireless authentication based on Bluetooth proximity (Ben) with mobile security technology (Decharms). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Johnston and Ben with Decharms in order to efficiently prioritize list of users using color coding (See Decharms, para [0059]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAGHAVENDER CHOLLETI whose telephone number is (703) 756-1065. The examiner can normally be reached M-F 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, RUPAL DHARIA can be reached on (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Respectfully submitted,
/RAGHAVENDER NMN CHOLLETI/Examiner, Art Unit 2492
/RUPAL DHARIA/Supervisory Patent Examiner, Art Unit 2492