Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The communication is responsive to the action filed 4/9/2026, the following claims 1-20 are presented for examination. Examiner has withdrawn Double Patent Rejection. No further action is needed.
Response to Arguments
Applicant's arguments filed 4/9/2026 have been fully considered but they are not persuasive.
2. Applicant argues that the prior art Pruthi in view of Singh does not disclose “receive one or more edits to the webpage data associated with the first set of login credentials; provide to the second user a user interface of the webpage form that includes the one or more edits; reject, by the second set of login credentials, the one or more edits to the webpage data; and in response to the rejection, reset the webpage form such that the webpage data is removed from the webpage form”, as recited in independent claims.
In response to Applicants arguments, the Examiner respectfully disagrees with the applicant and would like to show that Pruthi in view of Singh discloses receive one or more edits to the webpage data associated with the first set of login credentials; provide to the second user a user interface of the webpage form that includes the one or more edits; reject, by the second set of login credentials, the one or more edits to the webpage data; and in response to the rejection, reset the webpage form such that the webpage data is removed from the webpage form. The Examiner points out that Singh discloses the REST APIs may be RBAC controlled such that a user has read-only access to a screen, but the user is not permitted to create an/or modify objects presented on the screen (Col 7, lines 24-27). Singh further discloses a “Submit” or “Enter” button enabling input/output interfaces 106 to receive an input indicating that the user is ready to submit a username and a password for authentication. After user interface 100A receives the submission of login information indicative of the username and password, in some cases, user interface 100A may use processing unit 110 to encrypt the login information. Processing unit 11o may use a plurality of different encryption algorithms to encrypt the login information. Such algorithms may include Rivest-Shamir-Adleman (RSA), advanced encryption standard (AES), elliptic curve integrated encryption scheme (ECIES), data encryption standard (DES), twofish, threefish, or key exchange method, as examples (Col 15, lines 5-20).
Examiner points out that Singh discloses a system for providing secure access to resources using multiple sets of credentials. Examiner asserts that providing secure access is inherently include the ability to view and verify data. Examiner asserts that the access control in Singh is functionally the same as the verification UL, as described in Applicant’s invention.
Further, Examiner points out that Pruthi automated block correlates to the User 2 rejection in applicant invention. Examiner asserts that human rejection is just a well know equivalent to an automated security alert which is taught in Pruthi.
As such the Examiner maintains the rejection.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Pruthi (US Patent 9071618) in view of Singh (US Patent 11070540).
As per claims 1: Pruthi discloses a system for performing a confirmation process via a resetting webpage form, the system comprising (see abstract):
a host server operated by a processor; and a memory including instructions that when executed cause the host server to (Col 6, lines 23-27; server 204 may be any suitable server, processor, computer, or data processing device, or combination of the same. Server 204 may be used to process the instructions received from, and the transactions entered into by, one or more participants):
generate a first set of login credentials associated with a first user to a webpage form, wherein the first set of login credentials has at least read and edit privileges for the webpage form with respect to a webpage data (Col 8, lines 47-50; one or more access levels to be assigned to and/or otherwise associated with the one or more passwords and/or other login credentials that are defined for and/or otherwise set for the user account);
generate a second set of login credentials associated with a second user to the webpage form, wherein the second set of login credentials has at least read and verification privileges for the webpage form with respect to the webpage data (Col 8, lines 56-63; define a first password for the user's own personal use that provides full access to his or her user account, as well as a second password which provides limited access to the user's user account (e.g., read-only access) and which the user can share with other individuals and/or entities to provide them with such limited access to the user's user account and/or to otherwise serve the user's purposes);
Pruthi does not specifically disclose receive one or more edits to the webpage data associated with the first set of login credentials; provide to the second user a user interface of the webpage form that includes the one or more edits; reject, by the second set of login credentials, the one or more edits to the webpage data; and in response to the rejection, reset the webpage form such that the webpage data is removed from the webpage form.
Singh discloses the REST APIs may be RBAC controlled such that a user has read-only access to a screen, but the user is not permitted to create an/or modify objects presented on the screen (Col 7, lines 24-27). Singh further discloses a “Submit” or “Enter” button enabling input/output interfaces 106 to receive an input indicating that the user is ready to submit a username and a password for authentication. After user interface 100A receives the submission of login information indicative of the username and password, in some cases, user interface 100A may use processing unit 110 to encrypt the login information. Processing unit 11o may use a plurality of different encryption algorithms to encrypt the login information. Such algorithms may include Rivest-Shamir-Adleman (RSA), advanced encryption standard (AES), elliptic curve integrated encryption scheme (ECIES), data encryption standard (DES), twofish, threefish, or key exchange method, as examples (Col 15, lines 5-20).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Pruthi and Singh in it’s entirety, to modify the technique of Pruthi for define a first password for the user's own personal use that provides full access to his or her user account, as well as a second password which provides limited access to the user's user account (e.g., read-only access) by adopting Singh's teaching for a user has read-only access to a screen, but the user is not permitted to create an/or modify objects presented on the screen. The motivation would have been to improve performing a confirmation process via a resetting webpage form.
As per claim 2: The system of claim 1 wherein the memory further includes instructions that when executed cause the server to receive a verification indication of the webpage data, the verification indication associated with the first set of login credentials (See Singh; Col 7, lines 24-27; “Submit” or “Enter” button enabling input/output interfaces 106 to receive an input indicating that the user is ready to submit a username and a password for authentication).
As per claim 3: The system of claim 1 wherein the memory includes instructions that when executed cause the server to, in response to the rejection, reset one or more verification controls associated with the webpage data (See Singh; Col 7, lines 24-27; the REST APIs may be RBAC controlled such that a user has read-only access to a screen, but the user is not permitted to create an/or modify objects presented on the screen).
As per claim 4: The system of claim 1 wherein the memory includes instructions that when executed cause the server to transmit the first and second sets of login credentials to the first and second users, respectively, via a two-party secured key exchange between the host server and the respective associated user (See Pruthi; Col 8, lines 47-50; one or more access levels to be assigned to and/or otherwise associated with the one or more passwords and/or other login credentials that are defined for and/or otherwise set for the user account).
As per claim 5: The system of claim 1 wherein the read and edit privileges of the first set of login credentials are restricted to a portion of the webpage form, such that the first user is only able to read or edit the portion of the webpage form (See Pruthi; Col 8, lines 56-63; define a first password for the user's own personal use that provides full access to his or her user account, as well as a second password which provides limited access to the user's user account (e.g., read-only access) and which the user can share with other individuals and/or entities to provide them with such limited access to the user's user account and/or to otherwise serve the user's purposes).
As per claim 6: The system of claim 1 wherein the webpage data is a first webpage data, and wherein the memory includes instructions that when executed cause the server to, in response to the rejection, reset the webpage form such that a second webpage data is removed from the webpage form (See Singh; Col 7, lines 24-27; the REST APIs may be RBAC controlled such that a user has read-only access to a screen, but the user is not permitted to create an/or modify objects presented on the screen), wherein the first set of login credentials had read and edit privileges of the second webpage data (See Pruthi; Col 8, lines 56-63; define a first password for the user's own personal use that provides full access to his or her user account, as well as a second password which provides limited access to the user's user account (e.g., read-only access) and which the user can share with other individuals and/or entities to provide them with such limited access to the user's user account and/or to otherwise serve the user's purposes).
As per claim 7: The system of claim 1 wherein the memory includes instructions that when executed cause the server to:
subsequent to resetting the webpage form, receive additional edits to the webpage data associated with the first set of login credentials; provide, to the second user, the user interface of the webpage form that includes the additional edits; and receive, from the second set of login credentials, a verification indication associated with the webpage data (See Pruthi; Col 8, lines 56-63; define a first password for the user's own personal use that provides full access to his or her user account, as well as a second password which provides limited access to the user's user account (e.g., read-only access) and which the user can share with other individuals and/or entities to provide them with such limited access to the user's user account and/or to otherwise serve the user's purposes).
As per claim 8: The system of claim 1 wherein the webpage data is associated with a municipal bond closing, and wherein the one or more edits includes a name of a recipient, a name of a recipient bank, a source and user of funds, an amount of funds to be wired, an ABA number, or an account number (See Pruthi; Col 6, lines 42-54; computing environment 300 may include a customer computing device 302 (which may, e.g., be used by a customer of an organization, such as a financial institution, as discussed below), a customer mobile device 304 (which may, e.g., also be used by a customer of an organization, such as a financial institution, as discussed below), and a third-party computer system 306 (which may, e.g., be used by and/or operated by an individual, organization, or other entity different from the financial institution and different from the customer of the financial institution identified in the previous examples, as discussed below).
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472. The examiner can normally be reached 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached at 5712705440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ANTHONY D BROWN/Primary Examiner, Art Unit 2408
Prosecution Insights