DETAILED ACTION
This office action is in reply to applicant communication filed on March 21, 2021.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on March 21, 2021.

Claims 1-18 have been amended.
Claims 1-18 are pending. 

Response to Argument
Applicant’s arguments filed on March 21, 2021 with respect to the 35 USC 102/103 rejections of independent claims 1, 6, and 11 have been fully considered but they are not persuasive.

Applicant’s argues that the prior arts on record, Dascola (US Pub. No. 2016/0366128) in view of Samuelsson (US Pub. No. 2013/0347129) and further in view of Tipton (US Pub. No. 2015/0138962), fails to teach the limitation of independent claims, “…as part of non-account-configuration connecting of the first user device to the at least one of a local area network and a wide area network ………. causing a captive portal to be presented on the first user device that receive the first username corresponding to the first user of the first user device”. Examiner respectfully disagrees.


A review of the prior arts of the record (Dascola in view of Tipton), corresponding to the above argued claim limitation reveals that the argued claim limitation is disclosed by the Dascola reference as, (Paragraph 54 of Dascola, in block 506, if a match is determined between the unique data attributes and a stored signature key 306, the processor 202 identifies the user associated with the stored signature key 306 matching the unique data attributes. Each signature key 306 may be associated with a user identifier 300 in the centralized database 208. The processor 202 may use the user identifier 300 associated with the signature key 306 to determine the user) and (paragraph 55 of Dascola, in block 508, the user may be authenticated. In some aspects, the secure information associated with the user may be transmitted to the user device 100 for display on the display unit 224) and (paragraph 35 of Dascola, FIG. 2 shows a remote system 226 coupled to the authentication system 200 and the user device 100 via the network 212 (i.e., the claimed wide area network). In one example, the user device 100 may access the remote system 226 to view secure information 230 stored in a database or other storage device of the remote system 226. In another example, the user device 100 may access the remote system 226 to access secure information for conducting a transaction). Dascola fails to clearly disclose the method of causing a captive portal to be presented on the first user device that receive the first username corresponding to the first user of the first user device. However, in the same field of endeavor, Tipton teaches this limitation as, (paragraph 29 of Tipton, the central controllers 123 and 124 of the wireless local area network 102 and 103 may configure the access points to provide the mobile communication services only to particular communication devices (e.g., using an authorization mechanism). In one embodiment, the access points may include access controls and may provide the mobile communication services to the particular communication devices in response to user authorization information (e.g., usernames and passwords) received at the access points from the communication devices. To illustrate, when a communication device attempts to access an access point, the access point may provide a captive portal login to the communication device as part of a user authentication mechanism. The communication device may provide authentication information to gain access to the mobile communication services).



In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, Dascola teaches the method of creating a first new user account corresponding to a user as, (paragraph 44 of Dascola, the processor 202 receives textual authentication information. The textual authentication information may correspond to authentication information 302 stored in the centralized database 208. In one example, the textual authentication information may include user login information received by the authentication system 200 in response to user input from a displayed user interface on the user device 100. In some aspects, the user login information may include information such as a username, password, or personal identification number, inputted by the user via an interface generated and displayed by the key engine 206 or a software application stored on the user device 100). Also Dascola teaches the method of determining whether the second biometric sample matches the first biometric sample as, (paragraph 52 of Dascola, in block 502, unique data attributes may be extracted from the biometric signature) and (paragraph 53 of Dascola, in block 504, the unique data attributes are compared to signature keys 306 stored in the centralized database 208) and (Paragraph 54 of Dascola, in block 506, if a match is determined between the unique data attributes and a stored signature key 306, the processor 202 identifies the user associated with the stored signature key 306 matching the unique data attributes. Each signature key 306 may be associated with a user identifier 300 in the centralized database 208. The processor 202 may use the user identifier 300 associated with the signature key 306 to determine the user). In addition to the textural authentication information used during generating a signature key, Dascola also used the user identifier 300 during the access authentication process as disclosed in paragraph 54 of Dascola. The user identifier 300 is defined the user identifiers 300 may be associated with authentication information 302, electrocardiograms ("EKGs") 304, signature keys 306, and, in some aspects, secure information 308 stored in the centralized database 208) and (paragraph 39 of Dascola, the authentication information 302 may include information provided by the user, including, but not limited to, a username, password, social security number, passcode, or other authenticating information). According to Dascola, the user identifiers are part of the authentication process, even though they are not entered by the requesting user at the time of authentication. On the other hand, Tipton teaches the method of causing a captive portal to be presented on the first user device as, (paragraph 29 of Tipton, the central controllers 123 and 124 of the wireless local area network 102 and 103 may configure the access points to provide the mobile communication services only to particular communication devices (e.g., using an authorization mechanism). In one embodiment, the access points may include access controls and may provide the mobile communication services to the particular communication devices in response to user authorization information (e.g., usernames and passwords) received at the access points from the communication devices. To illustrate, when a communication device attempts to access an access point, the access point may provide a captive portal login to the communication device as part of a user authentication mechanism. The communication device may provide authentication information to gain access to the mobile communication services). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola and include the above limitation using the teaching of Tipton in order to secure the computing system by verifying the user using captive portal and provide access to the verified user.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-3, 6-8 and 11-13 are rejected under 35 U.S.C. 103 as being unpatentable Dascola (US Pub. No. 2016/0366128) in view of Samuelsson (US Pub. No. 2013/0347129) and further in view of Tipton (US Pub. No. 2015/0138962).

 	As per claim 1 Dascola discloses:
A method for authenticating users connecting to at least one of a local area network and a wide area network using biometric signatures, comprising: creating a first new user account corresponding to a first user device, comprising: receiving a first username from the first user device; (paragraph 17 of Dascola, new systems having secure user information may be added to the platform without requiring new authentication systems to be established for each system. The centralized database may dynamically expand to accommodate new users of each system as the biometric authentication system may be configured to generate a signature key in response to receiving a biometric signature from the new systems' sensors) and (paragraph 44 of Dascola, the processor 202 receives textual authentication information. The textual authentication information may correspond to authentication information 302 stored in the centralized database 208. In one example, the textual authentication information may include user login information received by the authentication system 200 in response to user input from a displayed user interface on the user device 100. In some aspects, the user login information may include information such as a username, password, or personal identification number, inputted by the user via an interface generated and displayed by the key engine 206 or a software application stored on the user device 100).
Storing the first biometric sample in association with the first username; (paragraph 46 of Dascola, a biometric signature 106 is received. In some aspects, the biometric signature 106 may be obtained by a sensor 104 of the user device 100 and transmitted by the user device 100 via the network 212 to the authentication system 200) and (paragraph 47 of Dascola, a signature key is generated using the biometric signature 106) and (paragraph 48 of Dascola, the signature key is associated with the user in the centralized database 208. In some aspects, the signature key may be stored in a list of signature keys 306 in a manner that associates the signature key with a user identifier 300).
As part of non-account-configuration connecting of the first user device to the at least one of a local area network and a wide area network: receiving, from the first user device, an indication that the first user device is to be connected to the at least one of a local area network and wide area network; (paragraph 34 of Dascola, the authentication system 200 may receive requests (i.e., the claimed indication) and commands from the user device 100 through the intermediary user device and configure the user interfaces to be provided to the user device 100 through the intermediary user device in response to the requests and commands) and (paragraph 35 of Dascola, FIG. 2 shows a remote system 226 coupled to the authentication system 200 and the user device 100 via the network 212 (i.e., the claimed wide area network). In one example, the user device 100 may access the remote system 226 to view secure information 230 stored in a database or other storage device of the remote system 226. In another example, the user device 100 may access the remote system 226 to access secure information for conducting a transaction).
a biometric signature 106 is received. In some aspects, the biometric signature 106 may be obtained by a sensor 104 of the user device 100 and transmitted by the user device 100 via the network 212 to the authentication system 200).
Determining whether the second biometric sample matches the first biometric sample; (paragraph 52 of Dascola, in block 502, unique data attributes may be extracted from the biometric signature) and (paragraph 53 of Dascola, in block 504, the unique data attributes are compared to signature keys 306 stored in the centralized database 208).
In response to determining that the second biometric sample matches the first biometric sample, granting access to the at least one of a local area network and a wide area network. (Paragraph 54 of Dascola, in block 506, if a match is determined between the unique data attributes and a stored signature key 306, the processor 202 identifies the user associated with the stored signature key 306 matching the unique data attributes. Each signature key 306 may be associated with a user identifier 300 in the centralized database 208. The processor 202 may use the user identifier 300 associated with the signature key 306 to determine the user) and (paragraph 55 of Dascola, in block 508, the user may be authenticated. In some aspects, the secure information associated with the user may be transmitted to the user device 100 for display on the display unit 224) and (paragraph 35 of Dascola, FIG. 2 shows a remote system 226 coupled to the authentication system 200 and the user device 100 via the network 212 (i.e., the claimed wide area network). In one example, the user device 100 may access the remote system 226 to view secure information 230 stored in a database or other storage device of the remote system 226. In another example, the user device 100 may access the remote system 226 to access secure information for conducting a transaction).
Dascola teaches the method of receiving and storing a user biometric information associated with user infomation (see paragraph 46 of Dascola), but fails to clearly disclose:
Transmitting, by a hardware processor to the first user device, a first passcode: and receiving, by the hardware processor from the first user device, a first version of the passcode; determining whether the version of the first passcode matches the first passcode transmitted to the first user device; in 
However, in the same field of endeavor, Samuelsson teaches this limitation as, (paragraph 70 of Samuelsson, if the user is not already enrolled in voice biometrics, the logic can move to decision diamond 370 to determine whether the user input the correct pass code on his user computer in response to the onscreen challenge at block 366. If not, the challenge screen is presented again. If the user successfully input the pass code, however, the logic may move to block 360 to allow the user to enroll in voice biometrics) and (paragraph 67 of Samuelsson, at block 360 the user is permitted to enroll in a voice biometric program, wherein if the user wishes to enroll, he is prompted at block 362 to call a predetermined phone number, enter a session ID number if desired, and repeat a predetermined phrase a predetermined number of times. The user's voice is recorded and correlated to the user's name, and then the user is sent to the target page of the institution at block 364).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola and include the above limitation using the teaching of Samuelsson in order to enroll user in a secure system and provide access to sensitive data by authenticating user using user secure information provided in the process of enrolling.
The combination of Dascola and Samuelsson teaches the method of providing a user interfaces to the user device 100 through the intermediary user device in response to the user requests (see paragraph 34 of Dascola), but fails to clearly disclose:
In response to receiving the indication, causing a captive portal to be presented on the first user device that receives the first username corresponding to the first user of the first user device.
However, in the same field of endeavor, Tipton teaches this limitation as, (paragraph 29 of Tipton, the central controllers 123 and 124 of the wireless local area network 102 and 103 may configure the access points to provide the mobile communication services only to particular communication devices (e.g., using an authorization mechanism). In one embodiment, the access points may include access controls and may provide the mobile communication services to the particular communication devices in response to user authorization information (e.g., usernames and passwords) received at the when a communication device attempts to access an access point, the access point may provide a captive portal login to the communication device as part of a user authentication mechanism. The communication device may provide authentication information to gain access to the mobile communication services).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola and Samuelsson to include the above limitation using the teaching of Tipton in order to secure the computing system by verifying the user using captive portal and provide access to the verified user.

Claims 6 and 11 are rejected under the same reason set forth in rejection of claim 1:

As per claim 2 Dascola in view of Samuelsson and further in view of Tipton discloses:
The method of claim 1, further comprising determining whether the first username corresponding to the first user of the first user device is included in a stored database of usernames, wherein receiving the second biometric sample is in response to determining that the first username is included in the stored database of usernames. (Paragraph 45 of Dascola, in some aspects, the processor 202 may receive the textual authentication information from the user device 100 via the network 212 and compare it with authentication information 302 stored in the database to determine a match. The processor 202 may identify a user identifier 300 associated with the authentication information 302 found to match the textual authentication information entered on the user device 100) and (paragraph 46 of Dascola, in block 402, a biometric signature 106 is received. In some aspects, the biometric signature 106 may be obtained by a sensor 104 of the user device 100 and transmitted by the user device 100 via the network 212 to the authentication system 200). 

Claims 7 and 12 are rejected under the same reason set forth in rejection of claim 2:

As per claim 3 Dascola in view of Samuelsson and further in view of Tipton discloses:
The centralized database may dynamically expand to accommodate new users of each system as the biometric authentication system may be configured to generate a signature key in response to receiving a biometric signature from the new systems' sensors) and (paragraph 5 of Dascola, the method may also include extracting a first set of data attributes from the biometric signature. The method may also include comparing one or more data attributes in the first set of data attributes to stored biometric signature information in a centralized database accessible to one or more systems. The stored biometric signature information may include a plurality of signature keys, each signature key of the plurality of signature keys corresponding to a stored set of data attributes extracted from corresponding biometric signatures of a plurality of users). 

Claims 8 and 13 are rejected under the same reason set forth in rejection of claim 3:

As per claim 16 Dascola in view of Samuelsson and further in view of Tipton discloses:
The combination of Dascola and Tipton teaches the method of providing a user interfaces to the user device 100 through the intermediary user device in response to the user requests (see paragraph 34 of Dascola), but fails to disclose:
The method of claim 1, wherein the first biometric sample is a voice signate.
However, in the same field of endeavor, Samuelsson teaches this limitation as, (paragraph 67 of Samuelsson, at block 360 the user is permitted to enroll in a voice biometric program, wherein if the user wishes to enroll, he is prompted at block 362 to call a predetermined phone number, enter a session ID number if desired, and repeat a predetermined phrase a predetermined number of times. The user's voice is recorded and correlated to the user's name, and then the user is sent to the target page of the institution at block 364. When the user does not wish to enroll and no pass code is required by the institution, the user is sent directly to the target page from block 360).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola and Tipton to include the above limitation using the teaching of Samuelsson in order to secure the computing system by verifying the user using a unique information of the user.

Claims17 and 18 are rejected under the same reason set forth in rejection of claim 16:

Claims 4-5, 9-10 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Dascola (US Pub. No. 2016/0366128) in view of Samuelsson (US Pub. No. 2013/0347129) and further in view of Tipton (US Pub. No. 2015/0138962) and  Boye (US Pub. No. 2007/0061590).

As per claim 4:
The combination of Dascola, Samuelsson and Tipton teaches the method of authenticating user using a biometric information of the user (see paragraph 46 of Dascola), but fails to clearly disclose:
The method of claim 3, further comprising: transmitting, to the second user device, a second passcode; and receiving, from the second user device, a version of the second passcode, wherein receiving the third biometric sample corresponding to the second user of the second user device is in response to the version of the second passcode matching the second passcode transmitted to the second user device.
However, in the same field of endeavor, Boye teaches this limitation as, (paragraph 27 of Boye, in an alternative embodiment of the enrollment process, a session code is employed similar to the challenge code/response code discussed above. After receipt of a biometric enrollment request from the master authentication server, the biometric services server generates a unique session code and communicates it to the master authentication server, which communicates it to the user during enrollment. When the user initiates communication with the biometric services server to provide biometric specimens, the biometric services server queries the user for the unique session code before accepting the biometric specimens. In other embodiments of the invention, two or more biometric specimens of the same or a different type are collected from the user).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola, Samuelsson and Tipton to include the above limitation using the teaching of Boye in order to verify the new user before accepting the biometric information/specimens (see paragraph 27 of Boye). 

Claims 9 and 14 are rejected under the same reason set forth in rejection of claim 4:

As per claim 5:
The combination of Dascola, Samuelsson and Tipton teaches the method of authenticating user using a biometric information of the user (see paragraph 46 of Dascola), but fails to clearly disclose:
The method of claim 3, further comprising validating the second new username received from the second user device.
However, in the same field of endeavor, Boye teaches this limitation as, (paragraph 27 of Boye, in an alternative embodiment of the enrollment process, a session code is employed similar to the challenge code/response code discussed above. After receipt of a biometric enrollment request from the master authentication server, the biometric services server generates a unique session code and communicates it to the master authentication server, which communicates it to the user during enrollment. When the user initiates communication with the biometric services server to provide biometric specimens, the biometric services server queries the user for the unique session code before accepting the biometric specimens. In other embodiments of the invention, two or more biometric specimens of the same or a different type are collected from the user).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Dascola, Samuelsson and Tipton to include the 

Claims 10 and 15 are rejected under the same reason set forth in rejection of claim 5: 


Conclusion
The prior art made on record and not relied upon is considered pertinent to applicant’s disclosure is Hoyos (US Pub. No. 2014/0337930). Hoyos discloses the method and systems for providing biometrically authenticated access to devices, online services, physical location or any networked environment using a mobile device.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESHOME HAILU whose telephone number is (571)270-3159.  The examiner can normally be reached on M-F 8 a.m. - 5 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 




/TESHOME HAILU/Primary Examiner, Art Unit 2434