DETAILED ACTION
Claim 12 is canceled.
Claims 1-11 and 13-14 are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Specification
The disclosure is objected to because of the following informalities:
In page 1, line 16, “access authorization s as well as mechanical blocking elements” should read “access authorization as well as mechanical blocking elements.”
In page 4, line 20, “whether a person is identical to another person based stored in a system” should read “whether a person is identical to another person stored in a system.”
In page 6, lines 27-28, “the stored on the software, algorithm, and/or application stored on the mobile device” should read “the software, algorithm, and/or application stored on the mobile device.”
In page 11, line 29, “Further, there identification device and/or access control means can be configured” should read “Further, the identification device and/or access control means can be configured.”
In page 11, lines 30-31, “This allows that the authorization device can be placed remote from the identification device” should read “This allows the authorization device to be placed remote from the identification device.”
In page 18, line 13, “If access should be granted the person 16” should read “If access should be granted to the person 16.”
Appropriate correction is required.
Claim Objections
Claims 1, 3, 10-11, and 13 are objected to because of the following informalities:
In Claims 1, 3, 10-11, and 13, “authorised” should read “authorized.”
Appropriate correction is required.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
Claims 10 and 11 has/have been interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because it uses/they use a generic placeholder access control means coupled with functional language “for allowing or denying access to a restricted area” without reciting sufficient structure to achieve the function. Furthermore, the generic placeholder is not preceded by a structural modifier.
Since Claims 10 and 11 invoke 35 U.S.C. 112(f) or pre-AJA 35 U.S.C. 112, sixth paragraph, claims 10 and 11 has/have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f or pre-AJA 35 U.S.C. 112, sixth paragraph limitation:
In reviewing the specification, the disclosed structure corresponding to access control means for allowing or denying access to a restricted area is a mechanical blocking element in the form of turnstiles, blocking arms, sliding doors, lifting-sliding doors, or flap gates (page 3, lines 11-18).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1-9, 11, and 14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 1, the claim recites “wherein the identity of the person remains solely with the authorization device”. It is unclear if “the identity of the person” refers to “identity information of the person” recited earlier in the claims. For the purpose of examination, “the identity of the person” and “identity information of the person” will be interpreted the same. Claims 1-9 and 14 inherit this rejection.
Regarding claim 2, the claim recites “wherein the access authorization data are associated with the identity of the person or the biometric data”. It is unclear if “the identity of the person” refers to “identity information of the person” recited in claim 1. Moreover, it is unclear if “identity information of the person” is the same or different from “access authorization data” because claim 1, already defines identity information.
Regarding claim 8, the claim contradicts claim 1. Claim 8 recites “storing the information on the identity of the person or access authorization data on the mobile device”, however, in claim 1, “the identity of the person remains solely with the authorization device”. Therefore, it is unclear if the identity of the person is stored solely with the authorization device.
Regarding claim 11, the claim recites limitations already recited in the independent claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-3, 7-11, and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 20100277278 A1 to Courouble et al. (Courouble) in view of US 20240013597 A1 to Nam (Nam).
Regarding claim 1, Courouble teaches a method for identifying a person, comprising: [sending identity information of the person or access authorization data from a mobile device to an authorization device]; obtaining biometric data of the person by an identification device (Courouble [0051], e.g., The terminal 2 then displays for example a message so that the user places his or her finger or his or her hand onto the biometric reader); sending biometric data from the identification device to the mobile device (Courouble [0044], e.g., terminal 2 includes a reader to acquire an image of the venous network of a user's finger; [0051], e.g., When biometric information is generated by the terminal 2, the latter sends 13 such biometric information to devices in its environment. Such biometric information is then received by all the personal devices 3 and 4 within the transmission range of the terminal 2); comparing, only on the mobile device, the biometric data from the identification device with stored biometric data for verifying the identity of the person (Courouble [0051], e.g., Upon reception of such biometric information, the device 3 compares 41 the biometric information received and the biometric data stored within its memory. The device 4 also performs 42 such a comparison); sending a confirmation signal from the mobile device to the authorization device if the comparison of the biometric data from the identification device with the stored biometric data verifies the identity of the person (Courouble [0052], e.g., On the contrary, the comparison made by the device 4 gives a positive result, and the device 4 transmits 50 positive authentication data to the terminal 2, so as to inform the terminal 2 that the user having used the biometric reader of the terminal 2 is the authentic holder of the personal authentication device 4).
Courouble does not explicitly teach, but Nam teaches sending identity information of the person or access authorization data from a mobile device to an authorization device (Nam [0044], e.g., the user terminal transmits the result of the authentication and the information about the access authorization to the authentication server); and sending, by the authorization device , an access signal allowing access by an access control means (Nam [0046], e.g., the authentication server transmits a control signal to the specific gate according to operation S260), wherein the access control means is arranged for allowing or denying access, to a restricted area to the access control means if the confirmation signal is received by the authorization device and if the authorization device determines that the person is authorised to pass the access control means (Nam [0046], e.g., the authentication server receives authentication-related information from the user terminal and determines whether the user is a user for whom access is allowed, and transmits a control signal to the gate), wherein the authorization device is separate to the identification device and the access control means (Nam Fig. 2 and Fig. 5, e.g., authentication server 130, gates 120, camera 120b), wherein the identity of the person remains solely with the authorization device (Nam [0045], e.g., For example, the authentication server may retrieve access restriction information of the user to check whether access is allowed. The access restriction information includes at least one of a criminal record, a departure prohibition record, and an entry prohibition record for each of the plurality of users, and the authentication server includes a database that stores access restriction information of a plurality of users. Then the authentication server determines whether the user is a person for whom access is allowed by retrieving the access restriction information of the user using the database), and wherein the identification device does not store the obtained biometric data (Nam [0014], e.g., In addition, since biometric information of a user for which authentication is completed is not stored, the biometric information protection guidelines can be observed; [0066], e.g., after the two-stage authentication on the user according to the above-described process, transmits the authentication result of the gate control module. Then, the authentication module deletes the face image, the template, and the authentication result of the user from the database; Note authentication module is located on the gate 120; the authentication module is different from the authentication server).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Courouble with the teachings of Nam with reasonable expectation of success. One of ordinary skill in the art would have been motivated to make the modification for the benefit of rapidly and accurately processing biometric information-based double authentication for gate access, improved security, and convenience (Nam [0012]-[0015], e.g., the method and apparatus for authenticating gate access can allow user's gate access to be rapidly and accurately processed through biometric information-based double authentication…… since biometric information of a user for which authentication is completed is not stored, the biometric information protection guidelines can be observed…… since there is no need to make a separate input or touch on a body part for gate access, the convenience of the authentication process can be increased).
Regarding claim 2, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble does not explicitly teach, but Nam teaches wherein the access authorization data are associated with the identity of the person or the biometric data (Nam [0045], e.g., Meanwhile, the authentication server includes a database that stores the result of the authorization and the information about the access authorization as data…… For example, the authentication server may retrieve access restriction information of the user to check whether access is allowed. The access restriction information includes at least one of a criminal record, a departure prohibition record, and an entry prohibition record for each of the plurality of users, and the authentication server includes a database that stores access restriction information of a plurality of users).
The motivation to combine is the same as that of claim 1.
Regarding claim 3, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble does not explicitly teach, but Nam teaches wherein the person is authorised to pass the access control means if the identity of the person is on a list of authorised persons stored with the authorization device or the access authorization data are valid (Nam [0045]-[0046], e.g., the authentication server includes a database that stores the result of the authorization and the information about the access authorization as data. The authentication server checks whether access of the user of the user terminal is allowed on the basis of the result of the authentication stored in the database according to operation S250…… when the user is identified as a person for whom access is allowed, the authentication server transmits a control signal to the specific gate according to operation S260).
The motivation to combine is the same as that of claim 1.
Regarding claim 7, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble further teaches wherein the identification device includes a fingerprint scanner and the biometric data includes fingerprint recognition data (Courouble [0019], e.g., the biometric reader is so arranged as to acquire an image of the venous network of a finger or of the hand of the user. This more particularly makes it possible to provide a biometric characteristic without a track of the user).
Courouble does not explicitly teach, but Nam teaches wherein: the identification device includes a camera and the biometric data includes face recognition data or eye recognition data (Nam [0011], e.g., a camera configured to, in response to a user of the user terminal approaching an area in which capture is performable, capture a face image of the user).
The motivation to combine is the same as that of claim 1.
Regarding claim 8, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble further teaches storing the biometric data of the person on the mobile device of the person (Courouble [0044], e.g., the memory 10 includes biometric data required for authenticating the user when information from such an image of the venous network of the finger are received by the device 3).
Courouble does not explicitly teach, but Nam teaches storing the information on the identity of the person or access authorization data on the mobile device (Nam [0044], e.g., the user terminal transmits the result of the authentication and the information about the access authorization stored in advance to the authentication server).
The motivation to combine is the same as that of claim 1.
Regarding claim 9, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble further teaches wherein the obtained biometric data comprises raw biometric data (Courouble [0044], e.g., terminal 2 includes a reader to acquire an image of the venous network of a user's finger), and wherein sending the biometric data includes sending the raw biometric data or the identification device creates meta data of the raw data biometric data obtained (Courouble [0044], e.g., terminal 2 includes a reader to acquire an image of the venous network of a user's finger, the memory 10 includes biometric data required for authenticating the user when information from such an image of the venous network of the finger are received by the device 3. Such data can correspond to data on the minutiae of the venous network).
Regarding claim 10, Courouble teaches a system for identifying a person, comprising; a mobile device (Courouble [0063], e.g., the fact that the personal authentication device 3 and 4 could have the shape of a payment card has been described. It should be understood that such device can also be inserted into a cellular phone); an identification device configured to obtain biometric data of the person (Courouble [0040], e.g., a biometric reader 5 likely to acquire a biometric image of a user, for example a reader for acquiring an image of the venous system of a finger or the hand of the user); and an authorization device (Courouble [0040], e.g., The terminal 2) wherein the identification device is configured to send the obtained biometric data of the person to the mobile device (Courouble [0044], e.g., terminal 2 includes a reader to acquire an image of the venous network of a user's finger; [0051], e.g., When biometric information is generated by the terminal 2, the latter sends 13 such biometric information to devices in its environment. Such biometric information is then received by all the personal devices 3 and 4 within the transmission range of the terminal 2), wherein only the mobile device is configured to compare the biometric data from the identification device with stored biometric data for verifying an identity of the person (Courouble [0051], e.g., Upon reception of such biometric information, the device 3 compares 41 the biometric information received and the biometric data stored within its memory. The device 4 also performs 42 such a comparison) [wherein the mobile device is configured to send an identity of the person or access authorization data to the authorization device] and is configured to send a confirmation signal to the authorization device if the comparison verifies the identity of the person (Courouble [0052], e.g., On the contrary, the comparison made by the device 4 gives a positive result, and the device 4 transmits 50 positive authentication data to the terminal 2, so as to inform the terminal 2 that the user having used the biometric reader of the terminal 2 is the authentic holder of the personal authentication device 4).
Courouble does not explicitly teach, but Nam teaches wherein the mobile device is configured to send an identity of the person or access authorization data to the authorization device (Nam [0044], e.g., the user terminal transmits the result of the authentication and the information about the access authorization to the authentication server), the system further comprising an access control means for allowing or denying access to a restricted area (Nam Fig. 2, e.g., gates 120), wherein the authorization device is further configured to send an access signal allowing access by the access control means to the access control means if the confirmation signal is received by the authorization device and if the authorization device determines that the person is authorised to pass the access control means (Nam [0046], e.g., the authentication server receives authentication-related information from the user terminal and determines whether the user is a user for whom access is allowed, and transmits a control signal to the gate), wherein the authorization device is separate to the identification device and the access control means (Nam Fig. 2 and Fig. 5, e.g., authentication server 130, gates 120, camera 120b), wherein the identity of the person remains solely with the authorization device (Nam [0045], e.g., For example, the authentication server may retrieve access restriction information of the user to check whether access is allowed. The access restriction information includes at least one of a criminal record, a departure prohibition record, and an entry prohibition record for each of the plurality of users, and the authentication server includes a database that stores access restriction information of a plurality of users. Then the authentication server determines whether the user is a person for whom access is allowed by retrieving the access restriction information of the user using the database), and wherein the identification device is adapted to not store the obtained biometric data (Nam [0014], e.g., In addition, since biometric information of a user for which authentication is completed is not stored, the biometric information protection guidelines can be observed; [0066], e.g., after the two-stage authentication on the user according to the above-described process, transmits the authentication result of the gate control module. Then, the authentication module deletes the face image, the template, and the authentication result of the user from the database; Note authentication module is located on the gate 120; the authentication module is different from the authentication server).
The motivation to combine is the same as that of claim 1.
Regarding claim 11, most of the limitations of this claim have been noted in the rejection of claim 10. Courouble does not explicitly teach, but Nam teaches an access control means for allowing or denying access to a restricted area (Nam Fig. 2, e.g., gates 120), wherein the authorization device is configured to send an access signal allowing access by the access control means to the access control means if the confirmation signal is received by the authorization device and if the authorization device determines that the person is authorised to pass the access control means (Nam [0046], e.g., the authentication server receives authentication-related information from the user terminal and determines whether the user is a user for whom access is allowed, and transmits a control signal to the gate).
The motivation to combine is the same as that of claim 1.
Regarding claim 13, Courouble teaches a mobile device, comprising a processor (Courouble [0070], e.g., CPU processor), a memory (Courouble [0070], e.g., a memory), and a transceiver (Courouble [0072], e.g., The transmission channel more particularly includes a contactless communication channel including radio communication circuits on the card 3), wherein the processor is configured to: [send an identity of a person or access authorization data to an authorization device via the transceivers], receive biometric data obtained by an identification device via the transceivers (Courouble [0044], e.g., terminal 2 includes a reader to acquire an image of the venous network of a user's finger; [0051], e.g., When biometric information is generated by the terminal 2, the latter sends 13 such biometric information to devices in its environment. Such biometric information is then received by all the personal devices 3 and 4 within the transmission range of the terminal 2), compare the biometric data from the identification device with biometric data stored in the memory for verifying the identity of the person (Courouble [0051], e.g., Upon reception of such biometric information, the device 3 compares 41 the biometric information received and the biometric data stored within its memory. The device 4 also performs 42 such a comparison); send a confirmation signal, via the transceiver, to the authorization device if the comparison verifies the identity of the person (Courouble [0052], e.g., On the contrary, the comparison made by the device 4 gives a positive result, and the device 4 transmits 50 positive authentication data to the terminal 2, so as to inform the terminal 2 that the user having used the biometric reader of the terminal 2 is the authentic holder of the personal authentication device 4).
Courouble does not explicitly teach, but Nam teaches to send an identity of a person or access authorization data to an authorization device via the transceivers (Nam [0044], e.g., the user terminal transmits the result of the authentication and the information about the access authorization to the authentication server), and send, by the authorization device, an access signal allowing access by an access control means (Nam [0046], e.g., the authentication server transmits a control signal to the specific gate according to operation S260), wherein the access control means is arranged for allowing or denying access, to a restricted area to the access control means if the confirmation signal is received by the authorization device and if the authorization device determines that the person is authorised to pass the access control means (Nam [0046], e.g., the authentication server receives authentication-related information from the user terminal and determines whether the user is a user for whom access is allowed, and transmits a control signal to the gate), wherein the authorization device is separate to the identification device and the access control means (Nam Fig. 2 and Fig. 5, e.g., authentication server 130, gates 120, camera 120b), wherein the identity of the person remains solely with the authorization device (Nam [0045], e.g., For example, the authentication server may retrieve access restriction information of the user to check whether access is allowed. The access restriction information includes at least one of a criminal record, a departure prohibition record, and an entry prohibition record for each of the plurality of users, and the authentication server includes a database that stores access restriction information of a plurality of users. Then the authentication server determines whether the user is a person for whom access is allowed by retrieving the access restriction information of the user using the database), and wherein the identification device does not store the obtained biometric data (Nam [0014], e.g., In addition, since biometric information of a user for which authentication is completed is not stored, the biometric information protection guidelines can be observed; [0066], e.g., after the two-stage authentication on the user according to the above-described process, transmits the authentication result of the gate control module. Then, the authentication module deletes the face image, the template, and the authentication result of the user from the database; Note authentication module is located on the gate 120; the authentication module is different from the authentication server).
The motivation to combine is the same as that of claim 1.
Claim(s) 4 and 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Courouble in view of Nam, and in further view of US 20220230498 A1 to Prevost et al. (Prevost).
Regarding claim 4, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble does not explicitly teach, but Nam teaches wherein the authorization device , the access control means , and the identification device are integrated in a single system exchanging information (Nam Fig. 5, e.g., camera 120b and [0040], e.g., Referring to FIG. 2, a substantial subject for performing authentication is the authentication server, and the user terminal and the gate device may operate according to a result of the authentication of the authentication server), wherein the mobile device communicates with the identification device [and the authorization device] using short-range wireless technology (Nam [0041], e.g., The user terminal, upon identifying at least one gate device, among the plurality of gate devices, located within an area in which a short-range wireless communication is available).
The motivation to combine is the same as that of claim 1.
Courouble and Nam do not explicitly teach, but Prevost teaches wherein the mobile device communicates with the authorization device using short-range wireless technology (Prevost [0029], e.g., In some examples, the authentication device 508 is a Reader device that includes authentication capability. The secure communication channel may be a BLE communication channel, WiFi channel, or other radio frequency (RF) communication channel established between the Reader device and the smartphone 542).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to have modified the combined teachings of Courouble and Nam with the teachings of Prevost with reasonable expectation of success. One of ordinary skill in the art would have been motivated to make the modification for the benefit of reducing the cost and complexity of the identification device (Prevost [0015], e.g., The physical access control authorization logic is moved from a Reader device or an Access Controller local to the physical access portal to a Secure Internet of Things (IoT) Gateway (SIG) that can be remote from the physical access portal. Because the policy can be controlled centrally with this architecture, this can provide advantages in changing access policy and in reducing the complexity and cost of remote Reader devices. The Reader devices, or Front End (FE) devices, at or near the portal location are still present, but can be simplified to basically include an antenna and a modulator/demodulator to exchange signals with Credential Devices). Additionally, allowing the mobile device to communicate via internet and short-range wireless technologies increases the versatility of the system.
Regarding claim 5, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble does not explicitly teach, but Nam teaches wherein the mobile device communicates with the identification device using short-range wireless technology (Nam [0041], e.g., The user terminal, upon identifying at least one gate device, among the plurality of gate devices, located within an area in which a short-range wireless communication is available).
The motivation to combine is the same as that of claim 1.
Courouble and Nam do not explicitly teach, but Prevost teaches the mobile device communicates with the authorization device via the internet (Prevost [0029], e.g., In some examples, the authentication device 508 is a Reader device that includes authentication capability. The secure communication channel may be a BLE communication channel, WiFi channel, or other radio frequency (RF) communication channel established between the Reader device and the smartphone 542).
The motivation to combine is the same as that of claim 4.
Claim(s) 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Courouble in view of Nam, and in further view of US Patent Number 9,864,992 B1 to Robinson et al. (Robinson).
Regarding claim 6, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble and Nam do not explicitly teach, but Robinson teaches wherein the information on the identity of the person and the biometric data of the person is verified by a third party and cannot be changed by the person (Robinson Col. 4, lines 17-47, e.g., system user records are marked according to various states of activity in a biometric authorization system…… After a system user record includes enabling enrollment information, the system user record is marked active, and a history of the record's activity is stored in the system user record. In an additional embodiment, system user records that are enabled and are marked active are also marked as verified or unverified. Verified records are those that have been reviewed and verified by at least one system operator, third party, and/or third party database…… The system also comprises system operator records that hold information useful for authenticating an operator, such as a name or ID number, device ID numbers associated with the operator, an address, and a phone number).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to have modified the combined teachings of Courouble and Nam with the teachings of Robinson with reasonable expectation of success. One of ordinary skill in the art would have been motivated to make the modification for the benefit of reducing/preventing fraudulent use of credentials (Robinson Col. 10 lines 53-62, e.g., The recorded enrollment process may then be employed to verify the user and/or the system operator and aid in the prevention of fraudulent use).
Claim(s) 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Courouble in view of Nam, and in further view of US 20120075059 A1 to Fyke et al (Fyke).
Regarding claim 14, most of the limitations of this claim have been noted in the rejection of claim 1. Courouble further teaches wherein sending the identity information of the person or the access authorization data from the mobile device to the authorization device comprises sending a unique identifier of the biometric data to the authorization device (Courouble [0017]-[0018], e.g., According to one embodiment of the invention, the biometric means include a biometric reader so arranged as to acquire a biometric image of the user and processing means so arranged to generate biometric information from the biometric image…… the processing means are so arranged as to retrieve minutiae from a biometric image and biometric information include a condensate of the minutiae. This condensate is for example carried out using a hashing function which can be applied at the terminal and the personal authentication device), the unique identifier uniquely defines the biometric data but does not allow conversion of the unique identifier into the biometric data (Courouble [0018], e.g., This condensate is for example carried out using a hashing function which can be applied at the terminal and the personal authentication device; Note hash functions are one-way, meaning that the unique identifier would not easily be converted back to the biometric data.).
Courouble and Nam do not explicitly teach, but Fyke teaches wherein the authorization device denies access if the unique identifier was already used with another person (Fyke [0027], e.g., the mobile device 134b may have an authorized valid security code assigned thereto (such as for an employee, etc.), and the mobile controller 137b may provide a temporary or single-use (i.e., “one-time”) code to the other mobile device 134a (see Block 51′, FIG. 6), such as to allow guest or visitor access; [0033], e.g., the security controller 233 may also be configured to further selectively grant personnel access also based upon the determined unique ID. More particularly, the security controller 233′ may check to see whether the unique ID is valid, at Block 258′. By way of example, a unique ID may no longer be valid if it corresponds to a user that is no longer an employee or is no longer authorized to grant access. Even though the unique ID may have been issued by an electronic device 231 having a valid unique ID at the time the temporary security code was issued, if the unique ID is no longer valid at the time access by the mobile device 234 is requested, then it may be desirable to exclude the temporary personnel access in some implementations).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to have modified the combined teachings of Courouble and Nam with the teachings of Fyke with reasonable expectation of success. One of ordinary skill in the art would have been motivated to make the modification for the benefit of enhancing security by disallowing the reuse of expire/outdate credentials.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 20200349786 A1 to Ho et al. discloses using a biometric data device (user device) to validate biometric data. The biometric data device compares biometric data to stored biometric data of users that are authorized to unlock/lock an electronic lock. The stored biometric data resides locally on the biometric data device.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LAWRENCE TRUONG whose telephone number is (571)272-6973. The examiner can normally be reached Monday - Friday, 8:00 am - 4 pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ali Shayanfar can be reached at (571) 270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LAWRENCE TRUONG/Examiner, Art Unit 2434
/ALI SHAYANFAR/Supervisory Patent Examiner, Art Unit 2434