DETAILED ACTION
This communication responsive to the Application No. 19/123,324 filed on April 22, 2025. A preliminary amendment was filed on 04/22/2025 in which claims 1-11 have been amended, claims 12-21 have been canceled, and claims 22-31 have been added new. Claims 1-11 and 22-31 are pending and are directed towards MULTI-FACTOR AUTHENTICATION USING A WEARABLE DEVICE.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/22/2025 was Acknowledge. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1-11 and 22-31 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 1, 22 and 29 recite the limitation “the image data includes an interface for receiving the authentication code” which is vague and not clear. it is not understood how image data include an interface for receiving the authentication code.
Claims 7 and 26 recite the limitation “wherein the authentication code is configured to be anchored to the location regardless of head movements” which is vague and not clear, it is not understood the relationship between the head movements and the location of the code.
Claims 2-11, 23-28 and 30-31 are rejected by dependency.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-7, 9, 12-17, 29 and 30 are rejected under 35 U.S.C. 103 as being unpatentable over Krejci et al. US 2021/0216618 A1 (hereinafter “Krejci”) in view of Tomizawa US 2019/0266318 A1 hereinafter “Tomizawa”
As per claims 1, 22 and 29, Krejci teach a method comprising:
receiving, by a wearable device, an authentication code associated with multi-factor authentication (the artificial reality device can display a code from the artificial reality device-specific key, specific to the artificial reality device. Krejci, para [0078])(the administrator can setup user accounts and/or verify that user accounts have correct contact information, can select whether the authentication procedure will require one-factor or two-factor authentication. Krejci, para [0057]);
receiving image data from a camera on the wearable device (the artificial reality device can also enable a camera providing a passthrough system which allows the user to view images from the camera while wearing the artificial reality device. Krejci, para [0078]); and
displaying, by the wearable device, the authentication code at a location that corresponds to the interface (The code can be displayed as an overlay on the passthrough image, allowing the user to see the code while interacting with a personal user device without having to remove the artificial reality device. In other implementations, the code can be provided to a personal user device through the user's voice or when the user has removed the headset, in which case the passthrough system may not be used. In yet further implementations…the personal user device can receive user or network input, e.g., via a keyboard, voice command, or network connection, specifying the code displayed by the artificial reality device. Krejci, para [0078-0079]).
Krejci does not explicitly teach detecting, by the wearable device, that the image data includes an interface for receiving the authentication code.
However, teaches detecting, by the wearable device, that the image data includes an interface for receiving the authentication code (The camera 61 follows a signal entered via the interface 211, executes imaging, and outputs captured image data or a signal indicative of the result of capturing image to the interface 211. Tomizawa, para [0081])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Krejci in view of Tomizawa. One would be motivated to do so, to enhance the flexibility of the system by presenting the authentication code on the interface.
As per claims 2, 23 and 30, Krejci and Tomizawa teach the method of claims 1, 22 and 29, wherein the image data is first image data, wherein receiving the authentication code associated with the multi- factor authentication includes: detecting the authentication code from second image data received from the camera (The user dons her artificial reality device and enables a passthrough camera that takes images of the environment and presents them to the user on a display of the artificial reality device. The user positions the printed QR code in front of this camera and a QR reader on the artificial reality device decodes it. This provides the user account-specific key and URL to the artificial reality device, which the artificial reality device activates by further embedding the artificial reality device's serial number in the URL and accessing the UR. Krejce, para [0020]).
As per claims 3 and 24, Krejci and Tomizawa the method of claims 1 and 22, wherein receiving the authentication code associated with the multi-factor authentication includes:
receiving the authentication code from a computing device communicatively coupled to the wearable device (block 502 in FIG. 8 can be performed by a separate hardware device in wired or wireless communication with the artificial reality device, such as an external processing component that can interact with the artificial reality device (e.g., via a USB port) to generate the artificial reality device-specific key. Krejci, Para [0078]).
As per claim 4, Krejci and Tomizawa the method of claim 1, wherein receiving the authentication code associated with the multi-factor authentication includes: receiving the authentication code from a server computer (server 310 can be an edge server which receives client requests and coordinates fulfillment of those requests through other servers, such as servers 320A-C. Server computing devices 310 and 320 can comprise computing systems, such as computing system 100. Though each server computing device 310 and 320 is displayed logically as a single server, server computing devices can each be a distributed computing environment encompassing multiple computing devices located at the same or at geographically disparate physical locations. Krejci, para [0039])
As per claims 5 and 25, Krejci and Tomizawa the method of claims 1 and 22, wherein receiving the authentication code associated with the multi-factor authentication includes: receiving the authentication code from an authenticator application executing on the wearable device (creating an authorization record following activation of an artificial reality device-specific key via an authenticated application. Process 800 elaborates on some implementations of process 500, showing interactions in these implementations between the authentication system performing process 500 and actions by a personal user device and an artificial reality device. Krejci, para [0075])( The personal user device can receive the user account-specific key from a physically connected hardware device, in an email message, in a text message, via an application associated with the user account, or by another messaging system. At block 704, the personal user device can display the code (e.g., barcode, QR code, character string, etc.) or cause the code to be printed. Krejci, para [0068]).
As per claims 6 and 26, Krejci and Tomizawa the method of claims 1 and 22, further comprising:
estimating a position of the interface in three-dimensional (3D) space based on the image data, wherein the authentication code is displayed at the position (the IMU 215, position sensors 220, and locators 225 can track movement and location of the HMD 200 in the real world and in a virtual environment in three degrees of freedom (3DoF) or six degrees of freedom (6DoF). For example, the locators 225 can emit infrared light beams which create light points on real objects around the HMD. Krejci, para [0031]).
As per claims 7 and 26, Krejci and Tomizawa the method of claims 1 and 22, wherein the authentication code is configured to be anchored to the location regardless of head movements (the electronic display 245 can be a single electronic display or multiple electronic displays (e.g., a display for each user eye). Examples of the electronic display 245 include: a liquid crystal display (LCD), an organic light-emitting diode (OLED) display, an active-matrix organic light-emitting diode display (AMOLED), a display including one or more quantum dot light-emitting diode (QOLED) sub-pixels, a projector unit (e.g., microLED, Lauthentication systemER, etc.), some other display “the code will be displayed inside the display area regardless of the head movements”. Krejci, para [0032]).
As per claim 9, Krejci and Tomizawa the method of claim 1, wherein the image data is first image data, further comprising:
detecting that a character of the authentication code is entered on the interface based on second image data from the image camera (The user dons her artificial reality device and enables a passthrough camera that takes images of the environment and presents them to the user on a display of the artificial reality device. The user positions the printed QR code in front of this camera and a QR reader on the artificial reality device decodes it. This provides the user account-specific key and URL to the artificial reality device, which the artificial reality device activates by further embedding the artificial reality device's serial number in the URL and accessing the UR. Krejce, para [0020]); and
adjusting a display appearance of the character based on whether or not the character is accurate (The tablet can process and adjust or “augment” the images as they pass through the system, such as by adding virtual objects. “Mixed reality” or “MR” refers to systems where light entering a user's eye is partially generated by a computing system and partially composes light reflected off objects in the real world. For example, a MR headset could be shaped as a pair of glasses with a pass-through display, which allows light from the real world to pass through a waveguide that simultaneously emits light from a projector in the MR headset, allowing the MR headset to present virtual objects intermixed with the real objects the user can see. “Artificial reality,” “extra reality,” or “XR,” as used herein, refers to any of VR, AR, MR, or any combination or hybrid thereof. Krejce, para [0022]).
As per claim 27, Krejci and Tomizawa the wearable device of claim 22. Krejci does not explicitly teach wherein the interface is a first interface, wherein the executable instructions include instructions that cause the at least one processor to: detect an authentication request; in response to the authentication request, display a second interface; receive, via the second interface, a plurality of gestures, the plurality of gestures including eye gestures or head gestures; determine whether the plurality of gestures correspond to a stored pattern of gestures; and in response to the plurality of gestures being determined as corresponding to the stored pattern of gestures, authenticate the authentication request.
However, Tomizawa teach detect an authentication request (send a character string input by the input controller together with an authentication request and to cause the communication unit to receive an authentication result. Tomizawa, para [0009]);
in response to the authentication request, display a second interface (cause the display unit to display a user interface for character input and to cause the character string generated by the character string generating unit to be input to an input area arranged in the user interface. Tomizawa, para [0005]);
receive, via the second interface, a plurality of gestures, the plurality of gestures including eye gestures or head gestures (a plurality of images of hands having different shapes can be set as input images in the input assistance data 145. In this case, a character string is allowed to be input on the condition that the camera 61 causes images of hands in different shapes to be successively captured. That is, the shapes of the hand are changed in a specific order to be captured by the camera 61, to thus cause a character string to be entered. This allows the user U performing gesture inputs of changing the shapes of the hand to enter a character string. Tomizawa, para [0115]);
determine whether the plurality of gestures correspond to a stored pattern of gestures (The input assistance data 145 may include data for determining whether an image extracted from a captured image of the camera 61 matches an image set as an input image. For example, the input assistance data 145 includes an image characteristic amount of an input image and data for comparing an input image with another image by pattern matching. Tomizawa, para [0113]); and
in response to the plurality of gestures being determined as corresponding to the stored pattern of gestures, authenticate the authentication request (the controller 150 causes the data such as a character string having been input to the user interface to be compared with the authentication data 149, and performs authentication based on the matching result. Tomizawa, para [0119]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the system of Krejci in view of Tomizawa. One would be motivated to do so, to enhance the security of the system by the authentication process.
Claim(s) 8, 11 and 31 are rejected under 35 U.S.C. 103 as being unpatentable over Krejci et al. US 2021/0216618 A1 (hereinafter “Krejci”) in view of Tomizawa US 2019/0266318 A1 (hereinafter “Tomizawa”) and further in view of Yasuda et al. US 2022/0129069 A1 (hereinafter “Yasuda”)
As per claim 8, Krejci and Tomizawa the method of claim 1, wherein the interface includes a code entry field, wherein the authentication code is positioned at a location outside of the code entry field (FIG. 2 is a diagram illustrating an example of display control of the head-mounted display 10 according to the first embodiment. At Step S11 illustrated in FIG. 2, when the user U inputs the character string of “myspace”, the user U has completed the input of characters up to “mysp”. “mysp” are arranged in the order in which the characters are selected. In FIG. 2, “mysp” are arranged in the horizontal direction. Furthermore, the arrangement direction of the selected input candidate data 130 may also be appropriately decided in accordance with an input language. Yasuda, Fig. 2 and related paragraphs).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the system of Krejci in view of Yasuda. One would be motivated to do so, to enhance the security of the system by verifying the code before its entered in the code field.
As per claim 11, Krejci and Tomizawa the method of claim 1, further comprising:
displaying a first portion of the authentication code on the wearable device (the artificial reality device can display a code from the artificial reality device-specific key, specific to the artificial reality device. In some implementations, the artificial reality device can also enable a camera providing a passthrough system which allows the user to view images from the camera while wearing the artificial reality device. The code can be displayed as an overlay on the passthrough image, allowing the user to see the code while interacting with a personal user device without having to remove the artificial reality device. Krejci, para [0078]); and
Krejci does not explicitly teach aligning, based on head movement, the first portion of the authentication code with a second portion.
aligning, based on head movement, the first portion of the authentication code with a second portion (The HMD 10 has an input function for inputting characters, symbols, or the like in combination with a movement of the line of sight of the user U on the input screen 100 and an operation performed with respect to the operation input unit 50. For example, the HMD 10 displays the input screen 100 in the discrimination field of view of the user U. The discrimination field of view is a field of view in a range in which a person is able to recognize the shape or content of a certain type of display object. For example, the HMD 10 displays the input screen 100 in front of the user U and detects an input candidate point P on the input screen 100 based on the line of sight information of the user U. In the present disclosure, it may be assumed that the input candidate point P corresponds to a gaze point of the user. Yasuda, para [0029])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the system of Krejci in view of Yasuda. One would be motivated to do so, to enhance the flexibility of the system.
As per claim 31, Krejci and Tomizawa the non-transitory computer-readable medium of claim 29, wherein the operations further comprise:
estimating a position of the interface in three-dimensional (3D) space based on the image data, wherein the authentication code is displayed at the position (See rejection of claim 6),
wherein the authentication code is configured to be anchored to the location regardless of head movements (See rejection of claim 7),
wherein the interface includes a code entry field, wherein the authentication code is positioned at a location outside of the code entry field (See rejection of claim 8).
Claim(s) 10 is rejected under 35 U.S.C. 103 as being unpatentable over Krejci et al. US 2021/0216618 A1 (hereinafter “Krejci”) in view of Tomizawa US 2019/0266318 A1 (hereinafter “Tomizawa”) and further in view of Liu. CN 114168063 A (hereinafter “Liu”)
As per claim 10, Krejci and Tomizawa the method of claim 1. Krejci does not explicitly teach the method further comprising: determining, by the wearable device, a depth value of the interface; and determining, by the wearable device, a font size of the authentication code based on the depth value, wherein the authentication code is displayed with the font size.
However, teaches determining, by the wearable device, a depth value of the interface (determining the display depth of the virtual key interface. In practice, the execution main body can according to the preset three-dimensional space depth mapping relation, the mapping depth of the three-dimensional space of the scene depth information mapped to the display screen display of the head-mounted display device is determined as the display depth. wherein, the three-dimensional spatial depth mapping relationship can be a preset depth mapping ratio. For example, the depth mapping ratio can be 1: 2, representing the depth of depth of the scene depth information: the mapping depth of the three-dimensional space is 1: 2. Liu, para [0036]); and
determining, by the wearable device, a font size of the authentication code based on the depth value, wherein the authentication code is displayed with the font size (according to the display depth, displaying the virtual key interface in the display screen of the head-mounted display device. In practice, the execution main body can display the virtual key interface at the display depth of the three-dimensional space displayed by the display screen of the head-mounted display device. Liu, para [0037]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the system of Krejci in view of Liu. One would be motivated to do so, to enhance the system by displaying the authentication code with proper font size.
Claim(s) 28 is rejected under 35 U.S.C. 103 as being unpatentable over Krejci et al. US 2021/0216618 A1 (hereinafter “Krejci”) in view of Tomizawa US 2019/0266318 A1 (hereinafter “Tomizawa”) and further in view of Lozon. CA 3219809 C (hereinafter “Lozon”)
As per claim 28, Krejci and Tomizawa the wearable device of claim 27, wherein the image data is first image data, wherein the executable instructions include instructions that cause the at least one processor to: receive second image data from the camera on the wearable device (The camera 61 follows a signal entered via the interface 211, executes imaging, and outputs captured image data or a signal indicative of the result of capturing image to the interface 211. Krejci, para [0081]);
Krejci does not explicitly teach detect that the second image data includes an optical label; and in response to the optical label, detect the authentication request. (receiving image data associated with a machine- readable optical label. Lozon, Para [0016]); and
in response to the optical label, detect the authentication request (the optical label encoding transaction details of a first transaction; and generating a request based on the transaction details to access the protected resource for initiating the first transaction, the request including the access token. Lozon, para [0016]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the system of Krejci in view of Lozon. One would be motivated to do so, to enhance the system by using optical label for authentication request.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A. Inoue et al US 2018/0373884 A1 directed to method for providing content via a virtual reality space such as head-mounted device.
B. Lindemann US 9,898,596 B2 directed to method for eye tracking during authentication.
C. PAN et al. US 2017/0155644 A1 directed to identification code generating system using virtual reality process.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALID M ALMAGHAYREH whose telephone number is (571)272-0179. The examiner can normally be reached Monday - Thursday 8AM-5PM EST & Friday variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, RUPAL DHARIA can be reached at (571)272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Respectfully Submitted
/KHALID M ALMAGHAYREH/ Primary Examiner, Art Unit 2492