DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
An Examiner's Amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
In attempt to accelerate the prosecution process, the Examiner has contacted the Applicant’s representative, Mr. Dagim Tilahun (Registration No: 75722), and conducted a telephone interview on 03/04/2021. During the interview, the Examiner proposed an examiner amendment to the claims with some minor amendments for better clarity of the claims’ scope, and for putting the application in condition for allowance. 
Authorization for this Examiner's Amendment was given in a telephone interview with Applicant's representative Mr. Dagim Tilahun (Registration No: 75722), on 03/04/2021.




Examiner Amendments


Claims

Please replace claims as following:

PROPOSED AMENDMENTS TO THE CLAIMS

Claim 1. 	(Currently Amended) A mobile device, comprising:
one or more computer-readable memories storing program instructions; and
one or more processors configured to execute the program instructions to cause the mobile device to perform operations comprising:  
analyzing a user interface on the mobile device, the analyzing including detecting a Hypertext Markup Language (HTML) element and/or a string associated with authentication information indicating a request for the authentication information;
determining, based on the analyzing, that the authentication information has been requested from the mobile device by a requesting device; 
in response to the determining that authentication information has been requested by the requesting device, identifying requestor information corresponding to the requesting device; 
detecting that a user interface element corresponding to a transmission of the authentication information has been selected on the mobile device;
accessing a blacklist database containing one or more risk indications indicating security risks to the mobile device; 
determining, based on the accessing, whether the requestor information is associated with the one or more risk indications; and
in response to determining that the requestor information is associated with the one or more risk indications, implementing one or more security measures including intercepting the transmission of the authentication information prior to the authentication information being received by the requesting device and altering one or more fields of the user interface that correspond to the requested authentication information, the altering configured to prevent an entry of the requested authentication information into the mobile device and indicate to a user of the mobile device that the requestor information is associated with the one or more risk indications. 
	


Claim 3. 	(Cancelled) 

Claim 4. 	(Previously Presented) The mobile device of claim 1, wherein the authentication information includes personal information, financial information, and/or login information.

Claim 5. 	(Previously Presented) The mobile device of claim 1, wherein the altering the one or more fields of the user interface includes making the one or more fields of the user interface inactive. 

Claim 6. 	(Cancelled Herein) 

Claim 7. 	(Previously Presented) The mobile device of claim 1, wherein the analyzing the user interface of the mobile device includes determining that the one or more fields contained in the user interface correspond to the authentication information. 

Claim 8-10. 	(Cancelled Herein)

Claim 11.	(Previously Cancelled)

Claim 12-13.	(Cancelled Herein) 

Claim 14.	(Previously Cancelled)

Claim 15.	(Currently Amended) A method, comprising:
analyzing a user interface on a mobile device, the analyzing including detecting a Hypertext Markup Language (HTML) element and/or a string associated 
determining, based on the analyzing, that authentication information has been requested from the mobile device by a requesting device; 
in response to the determining that authentication information has been requested by the requesting device, identifying requestor information corresponding to the requesting device; 
detecting that a user interface element corresponding to a transmission of the authentication information has been selected on the mobile device;
accessing a blacklist database containing one or more risk indications indicating security risks to the mobile device;
checking, based on the accessing, whether the requestor information is associated with the one or more risk indications; and
implementing one or more security measures if the checking indicates the requestor information is associated with the one or more risk, the one or more security measures including intercepting the transmission of the authentication information prior to the authentication information being received by the requesting device and altering one or more fields of the user interface that correspond to the requested authentication information, the altering configured to prevent an entry of the requested authentication information into the mobile device and indicate to a user of the mobile device that the requestor information is associated with the one or more risk indications. 

Claim 16.	(Previously Presented) The method of claim 15, further comprising:
if the checking indicates the requestor is not associated with the one or more risk indications, accessing a credential database to identify a record of a plurality of records that corresponds to the authentication information of a user of the mobile device; and
automatically inputting the authentication information into the one or more fields of the user interface. 



Claim 18.	(Cancelled)  

Claim 19.	(Previously Presented) The method of claim 15, wherein the authentication information includes personal information, financial information, and/or login information.

Claim 20.	(Currently Amended) The method of claim 15, further comprising:
detecting that information has been input into one or more fields contained in a user interface of the mobile device, the one or more fields corresponding to the authentication information; and

	
Claim 21.	(Previously Presented) The method of claim 15, wherein the identifying the requestor information corresponding to the requesting device includes analyzing a Secure Socket Layer (SSL) Certificate associated with the requesting device. 

Claim 22.	(Previously Presented) The mobile device of claim 1, wherein the operations further comprise overriding the one or more security measures in response to receiving, at the user interface on the mobile device, an instruction to override the one or more security measures. 
	
Claim 23.	(Cancelled Herein) 



Claim 25.	(New) A non-transitory computer-readable medium (CRM) having stored thereon computer-readable instructions executable to cause a computer system to perform operations comprising:
analyzing a user interface on the mobile device, the analyzing including detecting a Hypertext Markup Language (HTML) element and/or a string associated with authentication information indicating a request for the authentication information;
determining, based on the analyzing, that the authentication information has been requested from the mobile device by a requesting device; 
in response to the determining that authentication information has been requested by the requesting device, identifying requestor information corresponding to the requesting device; 
detecting that a user interface element corresponding to a transmission of the authentication information has been selected on the mobile device;
accessing a blacklist database containing one or more risk indications indicating security risks to the mobile device; 
determining, based on the accessing, whether the requestor information is associated with the one or more risk indications; and
in response to determining that the requestor information is associated with the one or more risk indications, implementing one or more security measures including intercepting the transmission of the authentication information prior to the authentication information being received by the requesting device and altering one or more fields of the user interface that correspond to the requested authentication information, the altering configured to prevent an entry of the requested authentication information into the mobile device and indicate to a user of the mobile device that the requestor information is associated with the one or more risk indications.



Claim 27.	(New) The non-transitory CRM of claim 25, wherein the authentication information includes personal information, financial information, and/or login information.

Claim 28.	(New) The non-transitory CRM of claim 25, wherein the altering the one or more fields of the user interface includes making the one or more fields of the user interface inactive.

Claim 29.	(New) The non-transitory CRM of claim 25, wherein the analyzing the user interface of the mobile device includes determining that the one or more fields contained in the user interface correspond to the authentication information. 

Claim 30.	(New) The non-transitory CRM of claim 25, wherein the operations further comprise overriding the one or more security measures in response to receiving, at the user interface on the mobile device, an instruction to override the one or more security measures. 

Claim 31.	(New) The non-transitory CRM of claim 25, wherein the operations further comprise:
if the determining whether the requestor information is associated with the one or more risk indications indicates that the requestor is not associated with the one or more risk indications, accessing a credential database to identify a record of a plurality of records that corresponds to the authentication information of a user of the mobile device; and
automatically inputting the authentication information into the one or more fields of the user interface. 



Examiner’s Statement of reason for Allowance
Claims 1-2, 4-5, 7, 15-17, 19-22 and 24-31 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is when a mobile device determines that authentication information has been requested. Determining that authentication information has been requested by the real requesting device. The computer system identifies information corresponding to the requesting device and determines if any risk. In response to the risk, the computer system implements one or more security measures.
The closest prior art, as previously recited, are Child (US 20170078326), McGeehan (US 20090228780), Sasamura (US 20090165100), Rajagopal (US 20110247045) in which, Child discloses an identity management system prevents users' credential information from being harvested by phishing attackers. McGeehan discloses when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Sasamura discloses display unit a target web page including an authentication information input field into which input authentication information is inputted by the user terminal. Rajagopal discloses secure use and retention of user credentials, as well as methods for dynamic authentication of users and integrity checking of service providers in online environments.
However, none Child (US 20170078326), McGeehan (US 20090228780), Sasamura (US 20090165100), Rajagopal (US 20110247045) teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent Claim1 and similarly Claim 15 and Claim 25. For example, none analyzing a user interface on the mobile device, the analyzing including detecting a Hypertext Markup Language (HTML) element and/or a string associated with authentication information indicating a request for the authentication information; determining, based on the analyzing, that the authentication information has been requested from the mobile device by a requesting device; in response to the determining that authentication information has been requested by the requesting device, identifying requestor information corresponding to the requesting device; detecting that a user interface element corresponding to a transmission of the authentication information has been selected on the mobile device; accessing a blacklist database containing one or more risk indications indicating security risks to the mobile device; determining, based on the accessing, whether the requestor information is associated with the one or more risk indications; and in response to determining that the requestor information is associated with the one or more risk indications, implementing one or more security measures including intercepting the transmission of the authentication information prior to the authentication information being received by the requesting device and altering one or more fields of the user interface that correspond to the requested authentication information, the altering configured to prevent an entry of the requested authentication information into the mobile device and indicate to a user of the mobile device that the requestor information is associated with the one or more risk indications. 
	
Therefore the claims are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAO WANG whose telephone number is (313)446-6644.  The examiner can normally be reached on Monday-Friday 7:30-4:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  
For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

	

	/C.W./Examiner, Art Unit 2439                 



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439