DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/08/2020 has been entered.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 10/08/2020 have been fully considered. 
Regarding claim[s] 1, 2, 4 5, 6, 8, 10 that were previously rejected under 35 U.S.C. 103 as being un-patentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], further in view of Pal [US PGPUB # 2012/0233678], applicant's remarks are not persuasive, therefore, see the examiner’s response to such remarks in the office action below. 
Regarding claim[s] 3 that was previously rejected under 35 U.S.C. 103 as being unpatentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], and Pal [US PGPUB # 2012/0233678] as applied to the rejection of claim[s] 1 above, and further in view of Gupta et al. [US PAT # 8302187], 
The examiner will address all other remarks that do not concern the prior art rejection, if any, in the office action below. 
Applicant states on page[s] 9 and 10 of the remarks as filed: “1. The Office Action alleges that Tohmo teaches “receiving, by said device from the trusted entity a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a single-use connection code” and quotes paragraph 0048, lines 2 - 22, wherein “An OTP [i.e. applicant's single - use connection code] is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) [i.e. applicant's datum relating to a uniform resource locator] stored in the profile to connect to the restricted resource and ask for transactions to be signed” is underlined in the Office Action. The Applicant respectfully disagrees.
“Said request” corresponds to a request for connection to a service that has been sent by the device in the preceding feature of claim 1. According to the Office Action, this request is disclosed by Tohmo, at [0037], lines 2-10, more precisely by request 301 sent by the user to the secure domain (see Fig.3).”
	In response the examiner isn’t persuaded. The examiner points to the prior art of Tohmo. Here again of Tohmo, at paragraph 0048, lines 2 – 22, When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified [i.e. applicant’s request], the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. [i.e. applicant’s response] The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information.  
	The examiner notes of paragraph: 0048 of Tohmo, the user requests for signature of bank transactions [i.e. applicant’s request……(emphasis added)], then the trusted entity allows for the user of the user device to select a profile, then download the selected profile by the user to the user device for signature of transaction[s] with the restricted resource [i.e. bank transactions] from the trusted entity [i.e. applicant’s response……(emphasis add)].  Meanwhile, the trusted entity collects and stores the OTP + URL [i.e. of the restricted resource] + user identifier and populates that user’s profile with such data. Thus, we arrive at applicant’s argued claim limitation above. 
	Therefore, the examiner can conclude that applicant’s claimed/argued operation of: “receiving, by said device from the trusted entity a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a single-use connection code,” is an obvious variation of the identity transaction/profile operation of Tohmo, and nothing more. 
Applicant states on page[s] 11 of the remarks as filed: “Moreover Tohmo does not teach in [0042] that a single-use connection code is sent with this response because during this “procedure for setting up a user device” the OTP generation application 202 does not generate OTPs before the profile 211 is installed into the application 202 ([0042] When the profile 211 is received by the user device, it is installed into the OTP generation application 202 for subsequent use when generating OTPs).
Tohmo [0048], lines 2 - 22, quoted in the Office Action discloses a method for on-line signing. This paragraph is describing flowchart of Figure 5.”
In response the examiner isn’t persuaded, applicant is claiming that the connection code is generated and sent from the trusted entity to the contact address associated with the user of the device; this part of the claimed invention is an obvious variation of the an operation of Tohmo.  Tohmo at Figure # 4, step 403, and paragraph: 0048, an OTP is then generated [i.e. by the user device] and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions. The examiner points out that Tohmo discloses an OTP generated by the user device that is used to access the restricted resource, whereas applicant’s trusted entity generated connection code is obvious, which is an obvious variation of Tohmo. Therefore, Tohmo discloses or makes obvious applicant’s argued claim limitation, and no basis for allowance of the claimed invention. 
Applicant states on page[s] 12 of the remarks as filed: “In Tohmo, [0048], lines 2-22, only one message is sent by the restricted resource to the user device, which could have been considered in - the restricted resource prompts the user to use the device 201 to sign the transactions, 502: this message “signing prompt” does not include any URL.
Furthermore, OTPs are sent by the user device and not by the trusted entity. In Fig. 5, OTP is sent by the user device to the restricted resource in the message “request transaction(s)+OTP” 503.”
	In response the examiner isn’t persuaded. The examiner points to the prior art of Tohmo. Here again of Tohmo, at paragraph 0048, lines 2 – 22, When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified [i.e. applicant’s request], the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. [i.e. applicant’s response] The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information.  
	The examiner notes of paragraph: 0048 of Tohmo, the user requests for signature of bank transactions [i.e. applicant’s request……(emphasis added)], then the trusted entity allows for the user of the user device to select a profile, then download the selected profile by the user to the user device for signature of transaction[s] with the restricted resource [i.e. bank transactions] from the trusted entity [i.e. applicant’s response……(emphasis add)].  Meanwhile, the trusted entity collects and stores the OTP + URL [i.e. of the restricted resource] + user identifier and populates that user’s profile with such data. Thus, we arrive at applicant’s argued claim limitation above. 
	Therefore, the examiner can conclude that applicant’s claimed/argued operation of: “receiving, by said device from the trusted entity a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a single-use connection code,” is an obvious variation of the identity transaction/profile operation of Tohmo, and nothing more. 
	This meets applicant’s argument of: “In Tohmo, [0048], lines 2-22, only one message is sent by the restricted resource to the user device, which could have been considered in - the restricted resource prompts the user to use the device 201 to sign the transactions, 502: this message “signing prompt” does not include any URL,” (emphasis added).
Further the examiner isn’t persuaded, in response, applicant’s is claiming that the connection code is generated and sent from the trusted entity to the contact address associated with the user of the device; this part of the claimed invention is an obvious variation of the an operation of Tohmo.  Tohmo at Figure # 4, step 403, and paragraph: 0048, an OTP is then generated [i.e. by the user device] and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions. Tohmo discloses an OTP generated by the user device that is used to access the restricted resource, whereas applicant’s trusted entity generated connection code is obvious, which is an obvious variation of Tohmo. Therefore, Tohmo discloses or makes obvious applicant’s argued claim limitation, and no basis for allowance of the claimed invention. 
This meets applicant’s argument of: “Furthermore, OTPs are sent by the user device and not by the trusted entity. In Fig. 5, OTP is sent by the user device to the restricted resource in the message “request transaction(s)+OTP” 503,” (emphasis added).
Applicant states on page[s] 12 and 13 of the remarks as filed: “2. The Office Action alleges that Tohmo teaches that this response is “sent to a contact address associated with the user identifier at the trusted entity” [paragraph 0048, lines 2 - 22, When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource.

The Applicant respectfully disagrees with this statement.
As indicated above, in Tohmo [0048], lines 2-22, only one message is sent by the restricted resource to the user device, which could have been considered in the Office Action as teaching a response to a request for connection to a service:
- the restricted resource prompts the user to use the device 201 to sign the transactions, 502: this message “signing prompt” prompts the user to use the user device to sign 201 the transactions.
Tohmo [0048], lines 2-22, teaches that the “signing prompt” is sent to the user without any mention to a contact address and the message “signing prompt” is represented as being addressed to the user computer in Figure 5.”
When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified [i.e. applicant’s request], the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. [i.e. applicant’s response] The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information.  
	The examiner notes of paragraph: 0048 of Tohmo, the user requests for signature of bank transactions [i.e. applicant’s request……(emphasis added)], then the trusted entity allows for the user of the user device to select a profile, then download the selected profile by the user to the user device for signature of transaction[s] with the restricted resource [i.e. bank transactions] from the trusted entity [i.e. applicant’s he trusted entity collects and stores the OTP + URL [i.e. of the restricted resource] + user identifier and populates that user’s profile with such data. Thus, we arrive at applicant’s argued claim limitation above. 
	Therefore, the examiner can conclude that applicant’s claimed/argued operation of: “receiving, by said device from the trusted entity a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a single-use connection code,” is an obvious variation of the identity transaction/profile operation of Tohmo.
Applicant states on page[s] 13 and 14 of the remarks as filed: “3. The Office Action also alleges that Tohmo teaches sending by said device of a request for access to a page of the service whose address corresponds to said datum [paragraph 0048, lines 20 - 22; The online URL can then be used by the end user to download "confirmation requests" from the restricted resource] the received connection code being associated with said access request [Figure# 5 and paragraph 0050, lines 1-7, Depending on the format of the message, the user can reply, e.g. by selecting a button or entering a value into a text field. A new OTP is generated with corresponding increase of counter by one step. A reply message is then generated which will be sent back to the restricted resource and which includes the transaction (signing) number and the generated OTP, 505].
Applicant respectfully disagrees with the argument that, in Tohmo, the received connection code is associated with the request for access to a page of the service. In Tohmo [0050] lines 3-7 a new OTP is generated by the user device and consequently reply message is then generated which will be sent back to the restricted resource and which includes the transaction (signing) number and the generated OTP, 505).”
	In response the examiner isn’t persuaded. The examiner points to the prior art of Tohmo. Specifically, at 0051, The restricted resource receives the reply, verifies the OTP and executes the transactions if the OTP is valid. If not, the transactions will not be executed and the user is notified thereof. Finally, the restricted resource user counter is increased by one step.
	The examiner disagrees with applicant’s assessment of the operation of Tohmo. Specifically, of Tohmo, at paragraph: 0051, the reply for an approval for a subsequent transaction wouldn’t be allowed if the OTP of the particular user reply wasn’t approved beforehand.
Applicant states on page[s] 15 of the remarks as filed: “5. The Office Action alleges that Kalbratt teaches said connection code being generated by the trusted entity and the user identifier and the service being stored in association with said connection code:
[paragraph 0039, lines 12 - 18, A user account is created at the trusted third party [i.e. applicant's trusted entity], wherein a global user ID [i.e. applicant's user identifier], the mobile number and the one-time code [i.e. applicant's connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the onetime code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically.
Then paragraph 0049, According to another embodiment of the present invention a global user ID [i.e. applicant's service] for the second party may be received in combination with the identification data for the first party [i.e. applicant's user identifier].].
This feature has been amended to clarify that the user identifier and a parameter designating the service are two distinct information data which are stored in association with the connection code generated by the trusted entity.
Kalbratt does not teach that the user identifier and a parameter designating the service are stored in association with said connection code. That is, in Kalbratt, a parameter designating the service is not stored in association with the one-time code and the user identifier.”
	In response the examiner isn’t persuaded. The examiner points to the prior art of Kalbratt. Specifically, at paragraph: 0054, Alternatively, the IP-address of the second party is also transmitted to the first party from the trusted third party in combination with the reference number [i.e. applicant’s a parameter designating the service] and the random private key, that is if the first party does not already hold this information in for example an infocard of the second party. Where at paragraph: 0058, lines 6 – 10, Another advantage is that the reference number connects the first and the second parties to the specific transaction, since the authentication only can relate to the second party holding the relevant reference number and random open key.
Applicant states on page[s] 15 and 16 of the remarks as filed: “6. The Office Action alleges that Kalbratt teaches:
the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user Identifier at the trusted entity [paragraph 0039, lines 12 - 18, A user account is created at the trusted third party [i.e. applicant's trusted entity], wherein a global user ID [i.e. applicant's user identifier], the mobile number and the one-time code [i.e. applicant's connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the onetime code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically.
Then paragraph 0049, According to another embodiment of the present invention a global user ID [i.e. applicant's service identifier] for the second party may be received in combination with the identification data for the first party [i.e. applicant's user identifier].
Applicant respectfully disagrees with these allegations.
In Kalbratt, the one-time code does not enable the trusted entity to obtain the global user ID nor the requested service. In paragraph [0039], lines 9-12, the one-time 
Furthermore, in paragraph [0049] of Kalbratt, two distinct parties are mentioned, the first one and the second one, as illustrated for example in Fig. 2, first party A and second party B. Kalbratt teaches a method for authentication of a first party to a second party ([0009]). In the claimed method the service identifier and the user identifier are associated with a sole user.”
In response the examiner isn’t persuaded. The examiner points out that applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., ……..In Kalbratt, the one-time code does not enable the trusted entity to obtain the global user ID nor the requested service……..) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Applicant states on page[s] 16 and 17 of the remarks as filed: “7. By incorporating Kalbratt’s and Pal’s teachings with the Tohmo’s teachings, one skilled in the art would not have obtained the claimed method. All of the cited references are silent regarding receiving, by said device, from the trusted entity, a response to said 
In the claimed method, the datum relating to a uniform resource locator associated with said service and a single-use connection code are sent each time the user is requesting for connection to the service and the single-use connection code enables the trusted entity to uniquely identify the user and the requested service. The trusted entity uses the connection code to determine the service identifier for the service associated with the user identifier. The customer route is highly simplified and secure.
For at least the above-reasons, independent claim 1 and its dependent claims are allowable over the cited combination of references. Independent claims 4-6, 8 and 10 are also allowable over the cited combination of references for similar reasons. Therefore, the Applicant respectfully requests that the claim rejections based on Tohmo, Kalbratt and Pal be withdrawn.”
When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified [i.e. applicant’s request], the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. [i.e. applicant’s response] The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information.  
	The examiner notes of paragraph: 0048 of Tohmo, the user requests for signature of bank transactions [i.e. applicant’s request……(emphasis added)], then the trusted entity allows for the user of the user device to select a profile, then download the selected profile by the user to the user device for signature of transaction[s] with the restricted resource [i.e. bank transactions] from the trusted entity [i.e. applicant’s he trusted entity collects and stores the OTP + URL [i.e. of the restricted resource] + user identifier and populates that user’s profile with such data. Thus, we arrive at least at part of applicant’s argued claim limitation above. 
Response to Amendment
Status of the instant application:
Claim[s] 7, 9 have been cancelled in the instant application. 
Regarding claim[s] 1, 2, 4 5, 6, 8, 10 that were previously rejected under 35 U.S.C. 103 as being un-patentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], further in view of Pal [US PGPUB # 2012/0233678], applicant's claim amendments have been considered, however, they are not persuasive. The examiner has addressed such newly added claim amendments in the office action below. 
Regarding claim[s] 3 that was previously rejected under 35 U.S.C. 103 as being unpatentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], and Pal [US PGPUB # 2012/0233678] as applied to the rejection of claim[s] 1 above, and further in view of Gupta et al. [US PAT # 8302187], 
The examiner has addressed all of the newly added claim amendments in the office action below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim[s] 1, 2, 4 5, 6, 8, 10 is/are rejected under 35 U.S.C. 103 as being un-patentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], further in view of Pal [US PGPUB # 2012/0233678]
As per claim 1. Tohmo does teach a connection method for connection to a service of a user device [Tohmo, paragraph 12, lines 1 – 8, According to the present invention, it is provided a method for one-time password generation, the one-time password being used for user authentication by a restricted resource, wherein the one-time password is generated by means of a mathematical algorithm in a user-specific device, and wherein the one-time password is generated by the mathematical algorithm using at least one user-specific password generation parameter], said method comprising:
sending a request for connection to said service from the device to a server hosting said service [paragraph 0037, lines 2 – 10, When the restricted resource (online banking service 204) has received the request [i.e. applicant’s sending a request for connection to said service from the device to a server hosting said service], the online banking service 204,], wherein an identifier of a user of the device at a trusted entity is associated with said request [paragraph 0037, lines 2 – 10, When the restricted resource (online banking service 204) has received the request, the online banking service 204, preferably following a validity check of the request (i.e. a verification of the user actually being the user he/she claims to be, which can be accomplished in any suitable manner) requests generation of an online banking service 204 user profile from a trusted entity 207, step 302. Where at paragraph 0024, 1 – 4, When a user request access to such restricted resources, the user, in general, enters a user name and associated password, which password is often kept unchanged for longer periods of time];
receiving, by said device, from a the trusted entity, a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a single-use connection code [paragraph 0048, lines 2 – 22, When a restricted resource service [i.e. applicant’s service], such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP [i.e. applicant’s single – use connection code] is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) [i.e. applicant’s datum relating to a uniform resource locator]stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity [i.e. applicant’s trusted entity] in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information] and being sent to a contact address associated with the user identifier at the trusted entity [paragraph 0048, The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information], …………………………….;
sending, by said device, of a request for access to a page of the service whose address corresponds to said datum [paragraph 0048, lines 20 – 22, The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource] said page being hosted on the server [paragraph 0037, lines 2 – 10, When the restricted resource (online banking service 204) has received the request [i.e. applicant’s page being hosted on the server], the received connection code being associated with said access request [Figure # 5 and paragraph 0050, and
connecting the user device to the server hosting said service [paragraph: 0022, lines 1 – 10,   In the present description and the appended claims, the term "restricted resource" is used to represent any kind Internet site that require user identification, e.g. by means of user name and associated password. Examples of such restricted resources include online banking services, e-mail service providers, e-commerce stores, user forums, government web site services etc. Where at paragraph: 0024, lines 1 – 4, When a user request access to such restricted resources, the user, in general, enters a user name and associated password, which password is often kept unchanged for longer periods of time.] for a service identifier associated with the user identifier at the trusted entity, following validation of the connection code by the trusted entity [paragraph 0051, The restricted resource receives the reply, verifies the OTP and executes the transactions if the OTP is valid [i.e. validation of the connection code]. If not, the transactions will not be executed and the user is notified thereof. Finally, the restricted resource user counter is increased by one step. Where at paragraph 0049, The restricted resource first verifies that the OTP is correct for the specific end-user and then creates a message, e.g. an XML message comprising all outstanding requests. The message also includes a unique transaction number [i.e. applicant’s service identifier]. The corresponding counter for the particular user at the 
Tohmo does not clearly said contact address and a service identifier, under which the user connects to the service, being previously associated with said user identifier at the trusted entity, said connection code being generated by the trusted entity and the user identifier and a parameter designating the service being stored in association with said connection code;
and transmission by the trusted entity to the server of an authorization for connection to the service for the service identifier, the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity; and 
receiving a denial for connection to said service, following invalidation of the connection code by the trusted entity and transmission by the trusted entity to the server of a denial for connection to the service, when said connection code was previously used in association with another access request. 
However, Kalbratt does teach said contact address and a service identifier [paragraph: 0054, Alternatively, the IP-address of the second party [i.e. applicant’s contact address] is also transmitted to the first party from the trusted third party in combination with the reference number [i.e. applicant’s service identifier] and the random private key], under which the user connects to the service, being previously associated with said user identifier at the trusted entity [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code is registered], said connection code being generated by the trusted entity and the user identifier and a parameter designating [paragraph: 0054, Alternatively, the IP-address of the second party is also transmitted to the first party from the trusted third party in combination with the reference number [i.e. applicant’s a parameter designating the service] and the random private key, that is if the first party does not already hold this information in for example an infocard of the second party. Where at paragraph: 0058, lines 6 – 10, Another advantage is that the reference number connects the first and the second parties to the specific transaction, since the authentication only can relate to the second party holding the relevant reference number and random open key.] the service being stored in association with said connection code [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code [i.e. applicant’s connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically. 
a global user ID [i.e. applicant’s service] for the second party may be received in combination with the identification data for the first party [i.e. applicant’s user identifier].];
and transmission by the trusted entity to the server of an authorization for connection to the service for the service identifier [paragraph: 0009, According to a first aspect of the present invention there is provided a method for authentication of a first party to a second party, by a trusted third party, the first party being registered at the trusted third party.], the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code [i.e. applicant’s connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically. 
Then paragraph 0049, According to another embodiment of the present invention a global user ID [i.e. applicant’s service identifier] for the second party may be received in combination with the identification data for the first party [i.e. applicant’s user identifier].]. 

Tohmo and Kalbratt do not teach clearly and receiving a denial for connection to said service, following invalidation of the connection code by the trusted entity and transmission by the trusted entity to the server of a denial for connection to the service, when said connection code was previously used in association with another access request. 
However, Pal does teach and receiving a denial for connection to said service, following invalidation of the connection code by the trusted entity and transmission by the trusted entity to the server of a denial for connection to the service, when said connection code was previously used in association with another access request [paragraph 0025, lines 14 – 23, The VPN server 110 receives the credentials of the VM (block 340). The authentication server 130 [i.e. applicant’s trusted entity] of the enterprise computing system 100 authenticates the credentials [i.e. applicant’s connection code] against the previously- -generated OTP and VM ID (block 350). If the authentication is successful, a secure connection is established and the VM If the authentication is unsuccessful, the VM will be denied access to the enterprise computing system 100 [i.e. applicant’s denial for connection to said service]].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo as modified and Pal in order for the authorizing and sending of the user’s authorization data [profile, identification] by the secure domain for access to service/resource of Tohmo as modified to include user authorization data that includes a one-time password or OTP for user authorization of Pal. This would allow for the secure domain to authorize the user based on a time limited password is that is useless after being authorized by the domain, thereby preventing any replay attacks by an intruder against the secure domain. See paragraph 0018 of Pal. 
As per claim 2. Tohmo does teach the connection method as claimed in claim 1, in which the contact address is a telephone number allowing the user of the device to be reached [Tohom, paragraph 0038, lines 20 – 23, The user profile request 302 from the restricted resource 204 includes a user ID and, optionally, a mobile phone number (use of the mobile phone number will be described below)].
As per claim 4. Tohmo does teach a method for connection to a service of a user device [Tohmo, paragraph 12, lines 1 – 8, According to the present invention, it is provided a method for one-time password generation, the one-time password being used for user authentication by a restricted resource, wherein the one-time password is said method comprising:
receiving, by a trusted entity, from the device, a request for connection to said service, wherein an identifier of a user of the device at the trusted entity is associated with said request [paragraph 0037, lines 2 – 10, When the restricted resource (online banking service 204) has received the request, the online banking service 204, preferably following a validity check of the request (i.e. a verification of the user actually being the user he/she claims to be, which can be accomplished in any suitable manner) requests generation of an online banking service 204 user profile from a trusted entity 207, step 302. Where at paragraph 0024, 1 – 4, When a user request access to such restricted resources, the user, in general, enters a user name and associated password, which password is often kept unchanged for longer periods of time]; 
sending, to the device, by the trusted entity, a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and a said connection code [paragraph 0048, lines 2 – 22, When a restricted resource service [i.e. applicant’s service], such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device An OTP [i.e. applicant’s single – use connection code] is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) [i.e. applicant’s datum relating to a uniform resource locator]stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity [i.e. applicant’s trusted entity] in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information] and being sent to a contact address associated with the user identifier at the trusted entity [paragraph 0048, lines 2 – 22, When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information]; 
 authorizing connection to said service for the service identifier associated with the user identifier at the trusted entity, when a connection code received, by the trusted entity, from a server implementing the service [paragraph 0048, 2 – 22, An OTP [i.e. applicant’s single – use connection code] is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to connect to the restricted resource and ask for transactions to be signed. Where at 0038, lines 1 – 5, The trusted entity 207 can, for example, constitute an entity that supplies user profiles for a plurality, or all restricted resources that utilizes a system according to the present invention. Alternatively, plural trusted entities can be used, or as a further alternative the trusted entity can constitute part of the restricted resource itself. Then at paragraph 0042, lines 1 – 12, Once prompted to get the profile, the user starts the OTP generation application and selects, e.g., option "get profile" and enters the profile name. When the trusted entity 207 receives the profile request, 305, the profile 211 associated with the profile name (i.e. key, counter, images, etc.) is sent to the user device 201, e.g. as an XML message, step 306. The user device 201 can optionally acknowledge receipt of the profile, step 307, and the restricted resource is then informed of the transmission (transmission/reception) of the profile, step 308. Once transmitted to the user device 201, the generated profile 211 can be deleted from the trusted entity (the unique profile name can be stored so as to ensure that no two profiles having the same name will be generated to avoid possible ambiguities at restricted resources and/or OTP generation applications], in association with a service identifier request, is valid [paragraph 0051, The restricted resource receives the reply, verifies the OTP and executes the transactions if the OTP is valid [i.e. validation of the connection code]. If not, the transactions will not be executed and the user is notified thereof. Finally, the restricted resource user counter is increased by one step. Where at paragraph 0049, The restricted resource first verifies that the OTP is correct for the specific end-user and then creates a message, e.g. an XML message comprising all outstanding requests. The message also includes a unique transaction number [i.e. applicant’s service identifier]. The corresponding counter for the particular user at the restricted resource is also increased by one step. The message is sent to the user device, 504, which present the signing requests to the user and prompt for a reply].
Tohmo does not clearly said connection code being generated by the trusted entity and the user identifier and the service being stored in association with said connection code;
the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity; and 
receiving a denial for connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request. 
However, Kalbratt does teach said connection code being generated by the trusted entity and the user identifier and the service being stored in association with said connection code [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code [i.e. applicant’s connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically. 
Then paragraph 0049, According to another embodiment of the present invention a global user ID [i.e. applicant’s service] for the second party may be received in combination with the identification data for the first party [i.e. applicant’s user identifier].];
the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code [i.e. applicant’s connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically. 
Then paragraph 0049, According to another embodiment of the present invention a global user ID [i.e. applicant’s service identifier] for the second party may be received in combination with the identification data for the first party [i.e. applicant’s user identifier].]. 
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo and Kalbratt in order for the authorizing and sending of the user’s authorization data [user profile, user identification] by the secure domain for access to service/resource of Tohmo to include sending the user’s authorization data in encrypted form while in transit to the secure domain for authorization of Kalbratt. This would allow for the user’s authorization data to be protected while in transit to the secure domain. See paragraph 0035 of Kalbratt. 
Tohmo and Kalbratt do not teach clearly denying connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request. 
However, Pal does teach denying connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request [paragraph 0025, lines 14 – 23, The VPN server 110 receives the credentials of the VM (block 340). The authentication server 130 [i.e. applicant’s trusted entity] of the enterprise computing system 100 authenticates the credentials [i.e. applicant’s connection code] against the previously- -generated OTP and VM ID (block 350). If the authentication is successful, a secure connection is established and the VM is granted access to the resources of the enterprise computing system 100 using the secure connection (block 360). If the authentication is unsuccessful, the VM will be denied access to the enterprise computing system 100 [i.e. applicant’s denial for connection to said service]].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo as modified and Pal in order for the authorizing and sending of the user’s authorization data [profile, identification] by the secure domain for access to service/resource of Tohmo as modified to include user authorization data that includes a one-time password or OTP for user authorization of Pal. This would allow for the secure domain to authorize the user based on a time limited password is that is useless after being authorized by the domain, thereby preventing any replay attacks by an intruder against the secure domain. See paragraph 0018 of Pal. 
As per user device claim #5, which includes the same or similar claim limitations as method claim 1, and similarly rejected. 
***The examiner further notes that applicant’s claimed processor and non – transitory computer readable medium is taught by Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5.  One of ordinary skilled in the art would know that the depicted “user device,” and “user computer,” at least contain a general purpose memory, processor, and instructions to execute the operational embodiments of Tohmo. 
As per claim 6. Tohm does teach a trusted entity, designed to authorize connection of a user device to a service [Tohmo, paragraph 12, lines 1 – 8, According to the present invention, it is provided a method for one-time password generation, the one-time password being used for user authentication by a restricted resource, wherein the one-time password is generated by means of a mathematical algorithm in a user-specific device, and wherein the one-time password is generated by the mathematical algorithm using at least one user-specific password generation parameter], said trusted entity comprising: 
a processor [Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5, user computer]; 
and a non-transitory computer-readable medium comprising instructions stored thereon, which when executed by the processor configure the trusted entity [Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5, user computer with general memory] to perform acts comprising:
receiving, by a trusted entity, from the device, a request for connection to said service, wherein an identifier of a user of the device at the trusted entity is associated with said request, the user identifier having been recorded at the trusted entity in association with a contact address and a service identifier [Tohmo, paragraph 0048, lines 2 – 22, When a restricted resource service [i.e. applicant’s service], such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The An OTP [i.e. applicant’s single – use connection code] is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) [i.e. applicant’s datum relating to a uniform resource locator]stored in the profile to connect to the restricted resource and ask for transactions to be signed, 503, and the application increases the counter by one step. The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity [i.e. applicant’s trusted entity] in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information]; 
sending, to the device, by the trusted entity, a response to said request, said response comprising a datum relating to a uniform resource locator associated with said service and said connection code and being sent to the contact address associated with the user identifier at the trusted entity [Tohmo, paragraph 0048, lines 2 – 22, When a restricted resource service, such as a user requesting a bank account transaction, 501, requires the transaction to be signed or verified, the transaction can be temporarily stored in a data base in the restricted resource. Immediately following the transaction request, or after a user has requested a number of transactions, the restricted resource can prompt the user to use the device 201 to sign the transactions, 502. The user then starts the application 202 and selects appropriate profile according to the above. The user then selects, e.g., "signing", and enters, if so required, the PIN code. An OTP is then generated and, together with user ID, the device uses an on-line URL Uniform Resource Locator) stored in the profile to The URL can be specified by the restricted resource and, e.g., be transmitted to the trusted entity in step 302 to be included in the profile that subsequently is downloaded by the user device. The on-line URL can then be used by the end user to download "confirmation requests" from the restricted resource. The requests are then presented to the end user as questions or information]. 
Tohmo does not clearly teach generating, by the trusted entity, a single-use connection code and storing the user identifier and the service in association with said connection code; 
authorizing connection to said service for the service identifier associated with the user identifier at the trusted entity, when a connection code received, by the trusted entity, from a server implementing the service, in association with a service identifier request, is valid, the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity; and
denying connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request.
However, Kalbratt does teach generating, by the trusted entity, a single-use connection code and storing the user identifier and the service in association with said connection code [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID, the mobile number and the one-time code [i.e. applicant’s single use connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party.]; 
authorizing connection to said service for the service identifier associated with the user identifier at the trusted entity, when a connection code received, by the trusted entity, from a server implementing the service, in association with a service identifier request, is valid, the connection code enabling the trusted entity to obtain the user identifier and the service that are associated with said connection code and the service identifier associated with the user identifier at the trusted entity [paragraph 0039, lines 12 – 18, A user account is created at the trusted third party [i.e. applicant’s trusted entity], wherein a global user ID [i.e. applicant’s user identifier], the mobile number and the one-time code [i.e. applicant’s connection code] is registered. Further, the trusted third party sends the ID application to the first party, and the first party chooses a personal identification code in combination with transmitting the one-time code, for the user data of the first party to get registered at the trusted third party. The application may send the mobile number and for example IMEI automatically. 
a global user ID [i.e. applicant’s service identifier] for the second party may be received in combination with the identification data for the first party [i.e. applicant’s user identifier].
Where at paragraph 0008, In view of the above-mentioned and other drawbacks of the prior art, it is an object of the present invention to provide a secure method for authentication of a first party to a second party by a trusted third party.
Where at paragraph 0036, As used in this application, "authentication" relates to the concept of establishing the authenticity of one party to another. This is typically used for authorization, i.e. to grant authority or give permission for a specified request, such as allowing access to resources only to those permitted to use them. Authorization [i.e. applicant’s authorization connection to service] is a process that protects computer resources by only allowing those resources to be used by parties that have been granted authority to use them]. 
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo and Kalbratt in order for the authorizing and sending of the user’s authorization data [profile, identification] by the secure domain for access to service/resource of Tohmo to include sending the user’s authorization data in encrypted form while in transit to the secure domain for authorization of Kalbratt. This would allow for the user’s authorization data to be protected while in transit to the secure domain. See paragraph 0035 of Kalbratt. 
Tohmo and Kalbratt do not clearly teach denying connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request.
However, Pal does teach denying connection to said service, following invalidation of the connection code by the trusted entity, said connection code having already been received associated with another access request [paragraph 0025, lines 14 – 23, The VPN server 110 receives the credentials of the VM (block 340). The authentication server 130 [i.e. applicant’s trusted entity] of the enterprise computing system 100 authenticates the credentials [i.e. applicant’s connection code] against the previously- -generated OTP and VM ID (block 350). If the authentication is successful, a secure connection is established and the VM is granted access to the resources of the enterprise computing system 100 using the secure connection (block 360). If the authentication is unsuccessful, the VM will be denied access to the enterprise computing system 100 [i.e. applicant’s denial for connection to said service]].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo as modified and Pal in order for the authorizing and sending of the user’s authorization data [profile, identification] by the secure domain for access to service/resource of Tohmo as modified to include user authorization data that includes a one-time password or OTP for user authorization of Pal. This would allow for the secure domain to authorize the user based on a time limited password is that is useless after being 
***The examiner further notes that applicant’s claimed processor and non – transitory computer readable medium is taught by Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5.  One of ordinary skilled in the art would know that the depicted “user device,” and “user computer,” at least contain a general purpose memory, processor, and instructions to execute the operational embodiments of Tohmo.
As per non – transitory computer readable medium claim 8, which includes the same or similar claim limitations as method claim 1, and similarly rejected.
***The examiner further notes that applicant’s claimed processor and non – transitory computer readable medium is taught by Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5. One of ordinary skilled in the art would know that the depicted “user device,” and “user computer,” at least contain a general purpose memory, processor, and instructions to execute the operational embodiments of Tohmo.
As per non – transitory computer readable medium claim 10, which includes the same or similar claim limitations as method claim 4, and similarly rejected.
***The examiner further notes that applicant’s claimed processor and non – transitory computer readable medium is taught by Tohmo at Figure # 1, and paragraph 0033, lines 1 – 5. One of ordinary skilled in the art would know that the depicted “user device,” and “user computer,” at least contain a general purpose memory, processor, and instructions to execute the operational embodiments of Tohmo.
Claim[s] 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tohmo et al. [US PGPUB # 2010/0263029] in view of Kalbratt [US PGPUB # 2011/0088087], and Pal [US PGPUB # 2012/0233678] as applied to the rejection of claim[s] 1 above, and further in view of Gupta et al. [US PAT # 8302187]
As per claim 3. Tohmo and Kalbratt and Pal do teach what is taught in the rejection of claim 1 above.  
Tohmo and Kalbratt and Pal do not appear to teach clearly the connection method as claimed in claim 1, in which the contact address is an electronic mail address associated with the user of the device.
However, Gupta does teach the connection method as claimed in claim 1, in which the contact address is an electronic mail address associated with the user of the device [col. 2, lines 47 – 57, email address].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Tohmo as modified and Gupta in order for the validation of the onetime password for access to the restricted resource of Tohmo as modified to include monitoring the number of attempted validations of the onetime password of Gupta. This would allow for the prevention of a brute force attacks and also prevent fraudulent transactions. See col. 1, lines 21 – 34 of Gupta. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT B SHAIFER HARRIMAN whose telephone number is (571)272-7910.  The examiner can normally be reached on M - F: 8am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434