Detailed Action
This is a Non-final Office action in response to communications received on 11/13/2024. Claims 1-16 are pending and are examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings, filed 11/13/2024, are acknowledged.
Foreign Priority
The foreign priority date of 11/16/2023 is acknowledged.
Claim Objections
Claims 2-14 are objected to because of the following informalities:
Regarding claims 2-14, the claims recite “An apparatus as claimed in…”. The claims should more correctly recite “The apparatus as claimed in…”.
Regarding claim 7, the claim appears to contain a remnant reference to drawings “display 104a”, however, previous recitations of the “display” do not. Examiner recommends removing the drawing element reference.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-7 and 10-15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 1, the claim recites “the first and second hashes at least substantially matching”. The term “substantially” is a relative term which renders the claim indefinite. The term “substantially” is not defined by the claim. Claim 8 provides an adequate definition for “substantially”. Claim 15 contains similar deficiencies.
Claims 2-7 and 10-14 fail to remedy the issues of claim 1 and are likewise similarly rejected.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim(s) 1, 4-7, 10-11 and 15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Stow (US 20200059368 A1).
Regarding claim 1, Stow teaches the limitations of claim 1 substantially as follows:
An apparatus comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to: (Stow; [0037]: a system comprising a processor; and a computer readable medium storing one or more instruction(s) arranged such that when executed the processor is caused to perform the methods)
capture a presentation on a display, wherein the presentation includes data representative of a first hash; (Stow; [0008]-[0009]: creating a digest of a document via obtaining an image of the document (i.e., capture a presentation on a display))
generate a second hash from the captured presentation; (Stow; [0012]: generating a digest associated with the document therefrom, wherein the digest comprises one or more hash functions corresponding to a respective dataset)
read a digital code from the display or the captured presentation, the digital code comprising the first hash and a digital signature associated with the first hash; (Stow; [0073]: the signature digest (i.e., the first hash and a digital signature associated with the first hash) is extracted from the printed signature on the document (i.e., read a digital code from the display or the captured presentation))
compare the first hash and second hash; and (Stow; [0074]: The document digest and the original digest (i.e., first and second hash) are compared with one another)
send an indication on whether the digital signature is legitimate in response to the first and second hashes at least substantially matching. (Stow; [0074]: If the document digest and the original digest match one another (i.e., the first and second hashes at least substantially matching) (e.g., they are identical), this is an indication that the document and signature have not been tampered with, and the document is verified (i.e., send an indication on whether the digital signature is legitimate))
Regarding claim 4, Stow teaches the limitations of claim 1.
Stow teaches the limitations of claim 4 as follows:
An apparatus as claimed in claim 1, wherein the presentation comprises one or more from the group of: an image for presentation on the display; a plurality of images for presentation on the display; a video for presentation on the display; or data representative of a user prompt, interactive prompt, or dialog box for rendering on the display. (Stow; [0008]-[0009]: creating a digest of a document via obtaining an image of the document (i.e., an image for presentation on the display))
Regarding claim 5, Stow teaches the limitations of claim 1.
Stow teaches the limitations of claim 5 as follows:
An apparatus as claimed in claim 1, wherein the captured presentation comprises a first image associated with the first hash and a second image associated with the digital code; (Stow; [0073]; Fig. 4: In addition to the generation of the document digest (i.e., a first image associated with the first hash), the signature digest is extracted from the printed signature on the document (i.e., a second image associated with the digital code))
wherein the generating of the second hash of the captured presentation further comprises: apply a hashing algorithm to the first image for outputting the second hash; and (Stow; [0073]; Fig. 4: In addition to the generation of the document digest (i.e., apply a hashing algorithm to the first image ), the signature digest is extracted from the printed signature on the document)
wherein reading the digital code from the display further comprises reading the digital code from the second image. (Stow; [0073]; Fig. 4: In addition to the generation of the document digest, the signature digest is extracted from the printed signature on the document (i.e., reading the digital code from the second image))
Regarding claim 6, Stow teaches the limitations of claim 5.
Stow teaches the limitations of claim 6 as follows:
An apparatus as claimed in claim 5, wherein the apparatus is further caused to crop the captured presentation to generate the first image and crop the captured presentation to generate the second image. (Stow; [0064]: The image undergoes a transformation into text data. This step differs from the corresponding step in a “block of text” digest in that each of the fields must first be identified (i.e., crop the captured presentation to generate the first image and crop the captured presentation to generate the second image))
Regarding claim 7, Stow teaches the limitations of claim 1.
Stow teaches the limitations of claim 7 as follows:
An apparatus as claimed in claim 1, the digital code further comprising one or more from the group of: a bar code; a two-dimensional matrix bar code; a Quick Response, QR, code; a High Capacity Colored two-Dimensional, HCC2D, Code; a digital code embedded in a presentation or image; a digital code represented by presentation or image; any other encoding using images; or any other encoding capable of being presented on the display 104a and decoded from the presented encoding when captured. (Stow; 0024]: The visual representation may comprise a 1 dimensional or 2 dimensional barcode, such as a QR code)
Regarding claim 10, Stow teaches the limitations of claim 1.
Stow teaches the limitations of claim 10 as follows:
An apparatus as claimed in claim 1, wherein the first hash and the second hash are generated using a hashing algorithm based on one or more hashing algorithms from the group of: an Average Hashing, aHash, algorithm; a Median Hashing, mHash, algorithm; a Perceptual Hashing, pHash, algorithm; a Difference Hashing, dHash, algorithm; a Block Hashing, bHash, algorithm; a Wavelet Hashing, wHash, algorithm; a ColorMoment Hashing algorithm; a Color Hashing, Colorhas, algorithm, a Marr–Hildreth, marrhildreth, hashing algorithm; a fuzzy hashing algorithm; a video hashing algorithm; a locality-sensitive hashing algorithm; a machine learning hashing algorithm; a pair of machine learning hashing models; or any other hashing algorithm configured for generating a hash from one or more images. (Stow; [0036]: As the hash functions are generated in dependence on the datasets within the documents, that is, each line or field of text, if one of the further hash functions corresponding to the datasets in the original version of the document does not match one of the hash functions corresponding to the datasets in the document to be verified, it is possible to identify which of the datasets has been changed (i.e., any other hashing algorithm configured for generating a hash from one or more images))
Regarding claim 11, Stow teaches the limitations of claim 10.
Stow teaches the limitations of claim 11 as follows:
An apparatus as claimed in claim 10, wherein: the hashing algorithm used for the generating the first hash and the second hash is the same hashing algorithm; or the hashing algorithm used for the generating the first hash and the second hash are similar or different hashing algorithms that generate the same hash. (Stow; [0036]: As the hash functions are generated in dependence on the datasets within the documents, that is, each line or field of text, if one of the further hash functions corresponding to the datasets in the original version of the document does not match one of the hash functions corresponding to the datasets in the document to be verified, it is possible to identify which of the datasets has been changed (i.e., the hashing algorithm used for the generating the first hash and the second hash is the same hashing algorithm))
Regarding claim 15, Stow teaches the limitations of claim 15 substantially as follows:
A non-transitory computer readable medium comprising program instructions stored thereon for performing at least the following: (Stow; [0037]: a system comprising a processor; and a computer readable medium storing one or more instruction(s) arranged such that when executed the processor is caused to perform the methods)
capturing a presentation presented on a display to a user, wherein the presentation includes data representative of a first hash; (Stow; [0008]-[0009]: creating a digest of a document via obtaining an image of the document (i.e., capture a presentation on a display))
generating a second hash from the captured presentation; (Stow; [0012]: generating a digest associated with the document therefrom, wherein the digest comprises one or more hash functions corresponding to a respective dataset)
reading a digital code from the display or the captured presentation, the digital code comprising the first hash associated with the presentation and a digital signature associated with the first hash; (Stow; [0073]: the signature digest (i.e., the first hash and a digital signature associated with the first hash) is extracted from the printed signature on the document (i.e., read a digital code from the display or the captured presentation))
comparing the first hash and second hash; and (Stow; [0074]: The document digest and the original digest (i.e., first and second hash) are compared with one another)
sending an indication to the user as to whether the digital signature is legitimate or valid in response to the first and second hashes at least substantially matching. (Stow; [0074]: If the document digest and the original digest match one another (i.e., the first and second hashes at least substantially matching) (e.g., they are identical), this is an indication that the document and signature have not been tampered with, and the document is verified (i.e., send an indication on whether the digital signature is legitimate))
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 2-3, 13-14 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Stow (US 20200059368 A1), as applied to independent claims, in view of Eisen (US 20210044558 A1).
Regarding claim 2, Stow teaches the limitations of claim 1.
Stow does not teach the limitations of claim 2 as follows:
An apparatus as claimed in claim 1, wherein the display is part of a user device separate to the apparatus, the apparatus comprising an imaging component for capturing the presentation on the display of the user device.
However, in the same field of endeavor, Eisen discloses the limitations of claim 2 as follows:
An apparatus as claimed in claim 1, wherein the display is part of a user device separate to the apparatus, the apparatus comprising an imaging component for capturing the presentation on the display of the user device. (Eisen; [0058]: The user device can be used to scan (i.e., comprising an imaging component for capturing the presentation on the display) a visual graphical barcode such as a QR code displayed on a display device (i.e., the display is part of a user device separate to the apparatus))
Eisen is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate capturing a QR code from a display and requesting user input for verification as in Eisen as a predictable substitution of one known delivery mechanism for another (i.e., displaying a code electronically instead of printing it) enabling the system to function in computer based communication scenarios.
Regarding claim 3, Stow teaches the limitations of claim 1.
Stow does not teach the limitations of claim 3 as follows:
An apparatus as claimed in claim 1, wherein the display is part of the apparatus, wherein the capturing of the presentation on the display of the apparatus further comprises: capture a screenshot of the presentation on the display, wherein the screenshot is the captured presentation.
However, in the same field of endeavor, Eisen discloses the limitations of claim 3 as follows:
An apparatus as claimed in claim 1, wherein the display is part of the apparatus, wherein the capturing of the presentation on the display of the apparatus further comprises: capture a screenshot of the presentation on the display, wherein the screenshot is the captured presentation. (Eisen; [0058]: The user device can be used to scan (i.e., capturing of the presentation on the display of the apparatus; capture a screenshot of the presentation on the display, wherein the screenshot is the captured presentation) a visual graphical barcode such as a QR code displayed on a display device)
Eisen is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate capturing a QR code from a display and requesting user input for verification as in Eisen as a predictable substitution of one known delivery mechanism for another (i.e., displaying a code electronically instead of printing it) enabling the system to function in computer based communication scenarios.
Regarding claim 13, Stow teaches the limitations of claim 1.
Stow teaches the limitations of claim 13 as follows:
based on whether the digital signature from the service is legitimate or valid and in response to the first and the second hashes substantially matching. (Stow; [0074]: If the document digest and the original digest match one another (e.g., they are identical), this is an indication that the document and signature have not been tampered with, and the document is verified (i.e., based on whether the digital signature from the service is legitimate or valid and in response to the first and the second hashes substantially matching))
Stow does not teach the limitations of claim 13 as follows:
An apparatus as claimed in claim 1, wherein the presentation is associated with a prompt or request from a service for user action or information from the user of the apparatus and/or a user device of the user using the service, and the sending of the indication to the user further comprises: provide an indication to the user via the apparatus or the user device as to whether to perform the prompt or request for user action or information on the apparatus or the user device, respectively,
However, in the same field of endeavor, Eisen discloses the limitations of claim 13 as follows:
An apparatus as claimed in claim 1, wherein the presentation is associated with a prompt or request from a service for user action or information from the user of the apparatus and/or a user device of the user using the service, and the sending of the indication to the user further comprises: provide an indication to the user via the apparatus or the user device as to whether to perform the prompt or request for user action or information on the apparatus or the user device, respectively, (Eisen; [0047]: A recipient may be prompted to click or touch the graphical object to verify that the recipient wants to proceed with sending the processed information (i.e., provide an indication to the user via the apparatus or the user device as to whether to perform the prompt or request for user action or information on the apparatus or the user device))
Eisen is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate capturing a QR code from a display and requesting user input for verification as in Eisen as a predictable substitution of one known delivery mechanism for another (i.e., displaying a code electronically instead of printing it) enabling the system to function in computer based communication scenarios.
Regarding claim 14, Stow and Eisen teach the limitations of claim 13.
Stow and Eisen teach the limitations of claim 14 as follows:
An apparatus as claimed in claim 13, wherein the request for user action or information includes one or more from the group of: a request from a service requiring input from or action by the user; a request for the user to enter sensitive user information; a request for user for scanning sensitive information; a request for user for scanning a user passport, user photo, or contactless credit card; a request for user credentials or login credentials from the user; a request for confidential information of or associated with the user; a request for organizational information associated with the user; a request for the user to accept and/or proceed with installation of software on the user device; a dialogue request related to downloading, accepting and/or opening file attachments received from the service; or any other request requiring user input on the user device via a client service application associated with service. (Eisen; [0047]: A recipient may be prompted to click or touch the graphical object to verify that the recipient wants to proceed with sending the processed information (i.e., a request from a service requiring input from or action by the user))
The same motivation to combine as in claim 13 is applicable to the instant claim.
Regarding claim 16, Stow teaches the limitations of claim 16 substantially as follows:
An apparatus comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to: (Stow; [0037]: a system comprising a processor; and a computer readable medium storing one or more instruction(s) arranged such that when executed the processor is caused to perform the methods)
wherein the digital code comprises a hash associated with the presentation and a digital signature associated with the hash; and (Stow; [0073]: the signature digest is extracted from the printed signature on the document (i.e., the digital code comprises a hash associated with the presentation and a digital signature associated with the hash))
wherein the request comprises data representative of the presentation and digital code for display on the user device to authenticate the request from the service by the user. (Stow; [0074]: If the document digest and the original digest match one another (i.e., data representative of the presentation and digital code for display on the user device to authenticate the request from the service by the user) (e.g., they are identical), this is an indication that the document and signature have not been tampered with, and the document is verified)
Stow does not teach the limitations of claim 16 as follows:
generate a presentation and digital code associated with requesting a user action or information at a user device using the service,
send a request for the user action or information to the user device,
However, in the same field of endeavor, Eisen discloses the limitations of claim 16 as follows:
generate a presentation and digital code associated with requesting a user action or information at a user device using the service, (Eisen; [0006]: receiving, by a verification system, a request from a sender of the verification system, to create a visual graphical code)
send a request for the user action or information to the user device, (Eisen; [0047]: A recipient may be prompted to click or touch the graphical object to verify that the recipient wants to proceed with sending the processed information (i.e., send a request for the user action or information to the user device))
Eisen is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate capturing a QR code from a display and requesting user input for verification as in Eisen as a predictable substitution of one known delivery mechanism for another (i.e., displaying a code electronically instead of printing it) enabling the system to function in computer based communication scenarios.
Claims 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Stow (US 20200059368 A1), as applied to independent claims, in view of Davis (US 20200285836 A1).
Regarding claim 8, Stow teaches the limitations of claim 1.
Stow does not teach the limitations of claim 8 as follows:
An apparatus as claimed in claim 1, wherein the comparing of the first hash and the second hash further comprises: calculate a distance between the first hash and second hash; and
determine the first hash and second hash are at least substantially matching when the distance is less than or equal to a predetermined distance threshold or error threshold.
However, in the same field of endeavor, Davis discloses the limitations of claim 8 as follows:
An apparatus as claimed in claim 1, wherein the comparing of the first hash and the second hash further comprises: calculate a distance between the first hash and second hash; and (Davis; [0029]: a Euclidean distance (i.e., calculate a distance between the first hash and second hash) between the embedding vectors of the plurality of facial images and the embedding vector of the incoming user image can be determined in order to validate the incoming user image)
determine the first hash and second hash are at least substantially matching when the distance is less than or equal to a predetermined distance threshold or error threshold. (Davis; [0029]: a Euclidean distance between the embedding vectors of the plurality of facial images and the embedding vector of the incoming user image can be determined in order to validate the incoming user image (i.e., determine the first hash and second hash are at least substantially matching ))
Davis is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate measuring a Euclidean distance as a means of comparison as in Davis in order to improve the security of the system by including a measurable means of determining authenticity or similarity.
Regarding claim 9, Stow and Davis teach the limitations of claim 8.
Stow and Davis teach the limitations of claim 9 as follows:
An apparatus as claimed in claim 8, wherein the distance is one or more from the group of: a hamming distance between the first and second hash; a Euclidean distance between the first and second hash; or any other distance metric between the first and the second hash used by a hashing algorithm that generates the first and the second hash. (Davis; [0029]: a Euclidean distance between the embedding vectors of the plurality of facial images and the embedding vector of the incoming user image can be determined in order to validate the incoming user image)
The same motivation to combine as in claim 8 is applicable to the instant claim.
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Stow (US 20200059368 A1), as applied to independent claims, in view of Angelino (US 20190073481 A1).
Regarding claim 12, Stow teaches the limitations of claim 1.
Stow does not teach the limitations of claim 12 as follows:
An apparatus as claimed in claim 1, wherein the digital code further includes data representative of a seed associated with the digital signature, wherein the seed is used by a digital signature algorithm to verify whether the digital signature is legitimate or valid.
However, in the same field of endeavor, Angelino discloses the limitations of claim 12 as follows:
An apparatus as claimed in claim 1, wherein the digital code further includes data representative of a seed associated with the digital signature, wherein the seed is used by a digital signature algorithm to verify whether the digital signature is legitimate or valid. (Angelino; [0057]: the object reordering may be tracked using a seed value. By using a seed value or a relocation table to indicate the reordered layout, the signature of the device vendor can be verified at the server)
Angelino is combinable with Stow because all are from the same field of endeavor of verification of authenticity and tamper detection. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Stow to incorporate seed based signature verification as in Angelino in order to improve the security of the system by including a method to verify an included signature.
Prior Art Considered But Not Relied Upon
Brown (US 20170063535 A1) which teaches a method for generating cryptographic function parameters are described. In some examples, a solution to a puzzle is obtained. A pseudorandom generator is seeded based on the solution.
Sabin (US 20130111208 A1) which teaches a method for authentication via a mobile device.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BLAKE ISAAC NARRAMORE whose telephone number is (303)297-4357. The examiner can normally be reached on Monday - Friday 0700-1700 MT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BLAKE I NARRAMORE/Examiner, Art Unit 2438