CTNF 19/020,692 CTNF 80724 Notice of Pre-AIA or AIA Status 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. DETAILED ACTION This office action is in response to the application filed on or reply to the remarks of 1/14/2025. The instant application has claims 1-20 pending. The system, method and medium for comparing the stored IP address and browser settings associated with user with previously stored browser settings. There a total of 20 claims. Drawings The drawing filed on 1/14/2025 has been accepted and in compliance of 37 CFR 1.83 & 37 CFR 1.84. Specification The disclosure filed on 1/14/2025 is accepted. Claim Rejections - 35 USC § 101 07-04-01 AIA 07-04 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The steps can be performed by an human on an generic computer. The claim recites verifying the user based on the IP address and browser settings when accessing an website can be done by human on the organization side with generic computer. The limitation of “in response to receiving the request, determining current browser settings associated with the device”, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “by a processor,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “by a processor” language, “in response to receiving the request, determining current browser settings associated with the device” in the context of this claim encompasses the user manually determine at the organization’s side determine the IP address accessing the server. Similarly, the limitation of “in response to determining that the current browser settings associated with the device match the previously stored set of browser settings, execute a first authentication process for authenticating the user to access the information”, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation done in the mind but for the recitation of generic computer components the 2019 Revised Patent Subject Matter Eligibility Guidance (“2019 PEG”) Federal Register January 7, 2019. For example, but for the “by a processor” language, “in response to determining that the current browser settings associated with the device match the previously stored set of browser settings, execute a first authentication process for authenticating the user to access the information” in the context of this claim encompasses the administrator/representative checking the stored information about the user in database . If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” & “Certain methods of organizing human activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – using a processor to perform both the “in response to receiving the request, determining current browser settings associated with the device “ and “in response to determining that the current browser settings associated with the device match the previously stored set of browser settings, execute a first authentication process for authenticating the user to access the information. “ steps. The processor in both steps is recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of verifying the user based on the IP address and browser settings when accessing an website can be done by human on the organization side with generic computer.) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to perform verifying the user based on the IP address and browser settings when accessing an website can be done by human on the organization side with generic computer steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible. Claim Rejections - 35 USC § 102 07-07-aia AIA 07-07 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – 07-12-aia AIA (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. 07-15-03-aia AIA Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticiapted by US Patent 9237146 to Casillas Regarding claim 1, 9, 15, 20, Casillas discloses a system comprising: a processing device; and a memory device storing instructions executable by the processing device for causing the processing device to perform operations comprising: receiving a request to access information from a device of a user(Fig. 2 item Access Website & ; in response to receiving the request, determining current browser settings associated with the device (Fig. 2 item Server creates Device fingerprint associate with userID & Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified) ; determining a previously stored set of browser settings associated with a user account of the user(Fig. 2 Server Collects/Stored PC characteristics & Fig. 8 item 820 & Col 3 Ln 25-49); comparing the current browser settings associated with the device with the previously stored set of browser settings(Col 3 Ln 25-49 & Col 7 Ln 50-65; and in response to determining that the current browser settings associated with the device match the previously stored set of browser settings, execute a first authentication process for authenticating the user to access the information(Fig. 8 item 820 & Fig. 6 item 640 & Fig. 2 item Server collects/stores PC characteristics, the IP address of user is stored for comparing later). Regarding claim 2, 11, 16, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 1, wherein the operations further comprise: in response to determining that the current browser settings associated with the device match the previously stored set of browser settings, adding an IP address of the device to a list of IP addresses associated with the user(Fig. 8 item 820 & Fig. 6 item 640 & Fig. 2 item Server collects/stores PC characteristics, the IP address of user is stored for comparing later). Regarding claim 3, 17, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 1, wherein the operations further comprise, in response to determining the current browser settings associated with the device do not match the previously stored set of browser settings: determine an IP address of the device; compare the IP address of the device to a previously stored IP address associated with the user account; and in response to determining that the IP address of the device matches the previously stored IP address associated with the user account, execute the first authentication process for authenticating the user to access the information(Fig. 8 item 820 & Fig. 6 item 640 & Fig. 2 item Server collects/stores PC characteristics, the IP address of user is stored for comparing later). . Regarding claim 4, 10, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 3, wherein the operations further comprise, in response to determining that the IP address of the device matches the previously stored IP address associated with the user account: determining whether the IP address of the device is private or public; and in response to determining that the IP address of the device is private, executing the first authentication process(Fig. 2 item Server creates Device fingerprint associate with userID). Regarding claim 5, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 3, wherein the operations further comprise, in response to the user successfully authenticating via the first authentication process, storing the current browser settings of the device in association with the user account(Col 7 Ln 5-19, parameters about the device accessing the server). Regarding claim 6, 12, 18-19, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 3, wherein the operations further comprise, in response to determining that the IP address of the device matches the previously stored IP address associated with the user account: determining whether the IP address of the device is private or public(Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified) ; and in response to determining that the IP address of the device is public, executing a second authentication process that is different than the first authentication process(Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified). . Regarding claim 7, 13, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 1, wherein the operations further comprise, in response to determining the current browser settings associated with the device do not match the previously stored set of browser settings: determine an IP address of the device(Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified); compare the IP address of the device to a previously stored IP address associated with the user account(Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified) ; and in response to determining that the IP address of the device does not match the previously stored IP address associated with the user account, execute a second authentication process for authenticating the user to access the information, the second authentication process being different than the first authentication process(Col 3 Ln 25-49 & Fig. 9 item 950 & Fig. 8 item 850, fingerprint is stored and verified). Regarding claim 8, 14, the combined system/method/medium of Casillas, mutatis mutandis, Casillas discloses the system of claim 7, wherein the operations further comprise, in response to the user successfully authenticating via the second authentication process, storing the current browser settings and the IP address of the device in association with the user account(Col 4 LN 25-34, browser settings) . Conclusion 07-96 AIA The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US Patent 8156335 to Lin which discloses the IP address being used for authentication. US Patent Pub 2008/0028444 to Loeschl, which discloses the IP address being verified in sign-in credentials. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213. The examiner can normally be reached 9-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached at 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492 Email: venkatanarayan.perungavoor@uspto.gov Application/Control Number: 19/020,692 Page 2 Art Unit: 2492 Application/Control Number: 19/020,692 Page 3 Art Unit: 2492 Application/Control Number: 19/020,692 Page 4 Art Unit: 2492 Application/Control Number: 19/020,692 Page 5 Art Unit: 2492 Application/Control Number: 19/020,692 Page 6 Art Unit: 2492 Application/Control Number: 19/020,692 Page 7 Art Unit: 2492 Application/Control Number: 19/020,692 Page 8 Art Unit: 2492 Application/Control Number: 19/020,692 Page 9 Art Unit: 2492