METHOD, SYSTEM AND COMPUTER PROGRAM FOR REGISTERING A USER WITH A THIRD-PARTY SERVICE

§102 §103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Priority Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55. Information Disclosure Statement The information disclosure statement (IDS) submitted on 2/12/2025 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Drawings The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because: Regarding Fig. 5: The drawing does not include reference sign(s) mentioned in the description. Specifically, paragraph 0036 of the specification recites, “the third-party service 502 sends 510 first configuration data 512 to the identity verification service 501.” Reference character “first configuration data 512” is not represented in Fig. 5. This reference character is in Fig. 6. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Claim Objections Claim(s) 1-12 and 14 are objected to because of the following informalities: Regarding claims 1 and 14: Where each claim recites, “… application data associated with the third-party service, using the configuration data …”, there is a potential for misinterpretation of the steps. The comma after “service” should be replaced with a semicolon to indicate that “using the configuration data” is its own step which is subsequent to “receiving configuration data,” and not directly linked to the “application data.” Regarding claims 2-12: Each of these claims begins with “A method according to …”. These claims are dependent on, and are presumably referencing the method recited in, their parent claim 1, and should be amended to, “[[A]] The method according to …”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. Claim 13 is rejected under 35 U.S.C. 112(a) as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, at the time the application was filed, had possession of the claimed invention. Regarding claim(s) 13: The claim recites, “A processing system … for use in registering a user of a third-party service”. The claim goes on to recite, “the service being configured to: receive configuration data from the third-party service …”. The specification and sibling claims 1 and 14 are explicit in that the invention receives configuration data from a third party service, and that the invention is not the third party service itself. This claim is contrary to the written description in that it describes the third party service as receiving the configuration data from itself. This rejection can be overcome by amending the claim such that it recites subject matter supported by the specification (i.e. “the processing system being configured to: receive configuration data from the third-party service …”). Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1, 5, 6, 10, 13, and 14 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by ZOU (Doc ID US 9124578 B2). Regarding claim 1: ZOU teaches: A method of registering a user with a third-party service using an identity verification process, wherein the method is performed by a processing system comprising at least one processor and at least one memory, and comprises ((116) Col 14 lines 23-27 "the present invention may be implemented by a program instructing relevant hardware. The program may be stored in a computer readable storage medium. When the program is run, the steps of the … present invention are performed." and Claim 1. ... a capability opening management and control unit that includes a hardware processor ..."): receiving configuration data from the third-party service, wherein the configuration data comprises: a user number associated with the user of the third-party service ((43) Col 7 lines 13-17 "Step 402: The third-party application sends a service request to the capability opening management and control unit, where the service request carries type information of a requested service, parameter information of the service ..." and (44) Col 7 lines 20-22 "... the parameter information of the service may further include an identity (ID) of an end user."); and application data associated with the third-party service ((44) Col 7 lines 18-20 "The type information of the service may specifically be services indicated by ordinary strings, such as weather, SMS message and stock information query …"), using the configuration data to generate a uniform resource identifier for an application associated with the identity verification process ((50) Col 7 lines 57-63 "Step 406: ... the capability opening management and control unit stores parameter information, generates a parameter identity (ID) ..., and returns an authentication address …"); distributing the URI to a device associated with the user ((52) Col 8 lines 15-16 "Step 407: The third-party application transfers the URL for authentication to the client."); receiving a notification from the device indicating that the user has accessed the URI ((53) Col 8 lines 17-18 "Step 408: The end user accesses the identity management unit through the URL of the client." and (54) Col 8 lines 19-22 "Step 409: After determining ... that the URL is not modified during the process, the identity management unit queries the service directory unit ..."); and responsive to the notification, sending at least part of the configuration data to configure the application on the device in order for the user to perform the identity verification process, associated with the third-party service, to register with the third-party service ((57) Col 8 lines 30-32 "Step 412: The capability opening management and control unit returns the service parameter value to the identity management unit." and (58) Col 8 lines 33-35 "Step 413: The identity management unit returns a user authentication page to the client, so that the end user can log in ..."). Regarding claim 5: ZOU teaches: A method according to claim 1, wherein distributing the uniform resource identifier comprises providing the uniform resource identifier to at least one of the third-party service and the device associated with the user (ZOU (52) Col 8 lines 15-16 "Step 407: The third-party application transfers the URL for authentication to the client."). Regarding claim 6: ZOU teaches: A method according to claim 1, wherein the application data comprises at least one of a message, a logo, an identity document, a choice of language or a redirection uniform resource identifier associated with the third-party service (ZOU (44) Col 7 lines 18-20 "The type information of the service may specifically be services indicated by ordinary strings, such as weather, SMS message …"). Regarding claim 10: ZOU teaches: A method according to claim 1, wherein providing the uniform resource identifier to the third-party service further comprises: providing, by the third-party service to the device associated with the user of the third-party service, the uniform resource identifier (ZOU (52) Col 8 lines 15-16 "Step 407: The third-party application transfers the URL for authentication to the client."). Regarding claims 13 and 14: These claims are rejected with the same justification, mutatis mutandis, as their counterpart claim 1 above. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 1 above, and further in view of SATOH et al (Doc ID US 20050039054 A1). Regarding claim 2: ZOU teaches: A method according to claim 1, further comprising: receiving an identity verification outcome from the identity verification process performed by the user (ZOU (61) Col 8 lines 48-50 "Step 416: The identity management unit sends, to the capability opening management and control unit, a message indicating that the user authentication succeeds."); and SATOH teaches the following limitation(s) not taught by ZOU: notifying the third-party service of the identity verification outcome ([0052] "The proxy service 30 request the security token service 40 to authenticate the client 10 ... and acquires the authentication result. The proxy service ... and notifies the determination result … to the provider 20."). Notifying a third party of the result of the identity verification is a known technique in the art, as demonstrated by SATOH. It would have been obvious to a person having ordinary skill in the art (PHOSITA) before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the verification notification of SATOH with the motivation to pass on the verification results to the third party so that are able to complete any follow-on actions. Claims 3 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 1 above, and further in view of PALLER (Doc ID US 20040103308 A1). Regarding claim 3: ZOU teaches: A method according to claim 1, PALLER teaches the following limitation(s) not taught by ZOU: wherein generating the uniform resource identifier comprises: storing the configuration data in a configuration table ([0039] "... The configuration files 260 may stored at the network element 250, or at other storage locations accessible by the gateway 230."); using a location of the configuration data in the configuration table to determine an identifier associated with the configuration data ([0042] "... information stored in the mobile network's service registry 240 includes a location reference, e.g., a uniform resource locator (URL), pointing to the location of configuration files …"); and providing the identifier as part of the uniform resource identifier ([0047] "... the service registry may initiate the identification by sending a message .... The message includes the location reference, i.e., URL, pointing to the location of the configuration files."). Providing the location of configuration data as part of a generated URL is a known technique in the art, as demonstrated by PALLER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the data location identifier of PALLER with the motivation to store the data until the user device is ready to initiate the verification. It is obvious to provide this ability since the user may not use the URL immediately. Regarding claim 4: The combination of ZOU and PALLER teaches: A method according to claim 3, further comprising: upon receipt of the notification from the device, using the notification to determine the identifier associated with the configuration data (PALLER [0049] "The protocol gateway accesses the configuration files using the location reference acquired during the identification process …"); using the identifier to determine the location of the configuration data in the configuration table (PALLER [0049] "The protocol gateway accesses the configuration files using the location reference acquired during the identification process …"); and retrieving the configuration data from the configuration table (PALLER [0049] "The protocol gateway accesses the configuration files using the location reference ..., downloads the configuration files …"). Using location data to locate and retrieve data is a known technique in the art, as demonstrated by PALLER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU and PALLER with the data location identifier of PALLER with the motivation to use the stored configuration data rather than requiring it to be resent. Claims 7 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 1 above, and further in view of REGEP (Doc ID US 20180027354 A1). Regarding claim 7: ZOU teaches: A method according to claim 1, REGEP teaches the following limitation(s) not taught by ZOU: wherein receiving configuration data from the third-party service comprises receiving configuration data via an application programming interface ([0073] "According to FIG. 5 ..., in the step W25 the local configuration service 27 ... call the public configuration service 41 ... for getting further configuration information specific to the target device or service 51."). Utilizing an API to receive required data is a known technique in the art, as demonstrated by REGEP. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the data transfer API of REGEP with the motivation to use a widespread and well known manner of interacting with remote applications to pass on the configuration data. Regarding claim 8: ZOU teaches: A method according to claim 1, REGEP teaches the following limitation(s) not taught by ZOU: wherein configuring the application causes the application to be downloaded on to the device associated with the user ([0018] "... if the mobile client application for this specific target process had not yet been installed on the mobile device, then the ... local configuration service which will attend to the download of the required client application."). Installing an application as a part of configuration of the application is a known technique in the art, as demonstrated by REGEP. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the application installation of REGEP with the motivation to immediately install the application so that further actions can proceed without waiting for the installation to be triggered manually. Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 1 above, and further in view of PANDRANGI et al (Doc ID WO 2016112226 A1). Regarding claim 9: ZOU teaches: A method according to claim 1, PANDRANGI teaches the following limitation(s) not taught by ZOU: wherein, when the application is already installed on the device, the method comprises causing the installed application to be updated based on at least part of the configuration data sent to the device associated with the user ([0007] "... the application can be downloaded to the computing device of the second user if the computing device does not have the application installed already, and the configuration data can also be downloaded to the computing device of the second user. The application sharing system can then cause the configuration data to be applied to the application ..."). Updating an application which has already been installed is a known technique in the art, as demonstrated by PANDRANGI. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the application update trigger of PANDRANGI with the motivation to ensure that the application is up to date prior to use, and that the current configuration data can be applied to the application. Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 10 above, and further in view of LOUIS et al (Doc ID US 20170318000 A1). Regarding claim 11: ZOU teaches: A method according to claim 10, LOUIS teaches the following limitation(s) not taught by ZOU: further comprising: using the user number to determine, by the third-party service, contact data associated with the user of the third-party service ([0044] "… For example, when the user authentication data provided to server computer 130 by data provider 120 includes a user phone number,"); using the contact data associated with the user to provide the uniform resource identifier to the device ([0044] "… server computer 130 may send the URL directly to user device 110 via text message."). Using user contact data to send a URL to the user’s device is a known technique in the art, as demonstrated by LOUIS. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the user contact details of LOUIS with the motivation to ensure that the URL is sent to a device associated with the user, and not necessarily the device which the user used to initiate the request. Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over ZOU (Doc ID US 9124578 B2) as applied to claim 1 above, and further in view of MAIEREAN (Doc ID US 20200007542 A1). Regarding claim 11: ZOU teaches: A method according to claim 1, MAIEREAN teaches the following limitation(s) not taught by ZOU: further comprising registering the user with the third-party service based on the result of the identity verification process ([0032] "… In block 240, a user may request to register with a third party .... The third party may then send a request to the verification service to verify the identifier information in block 250. ... the verification service in FIG. 2 may ... transmit a verification message .... Upon receiving the verification message, the third party may complete the user registration in block 270."). Registering a user with a service after verifying the user is a known technique in the art, as demonstrated by MAIEREAN. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the third party user identification of ZOU with the verified user registration of MAIEREAN with the motivation to complete the registration of a user only after they have been verified, in order to prevent an unauthorized user from being registered with the service. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON BINCZAK whose telephone number is (703)756-4528. The examiner can normally be reached M-F 0800-1700. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BB/Examiner, Art Unit 2437 /BENJAMIN E LANIER/Primary Examiner, Art Unit 2437