Acknowledgements
This communication is in response to applicant’s response filed on 04/21/2021.
Claims 1, 10-11, and 17 have been amended. 
Claims 1-20 are pending and have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 04/21/2021 has been entered.
 
Response to Arguments
Regarding applicant’s arguments:
Regarding applicant’s arguments under Claim Rejections - 35 USC § 103 that the combination of Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) does not disclose “presenting, on the trusted user device, a dashboard interface identifying the first user device as the public device having the username loaded to the application on the first user device, wherein the dashboard interface comprises a graphical rendition of a plurality of devices including the first user device in the predefined proximity to the trusted user device; providing, within the dashboard interface, an option to remove the username from the application, wherein the option prevents the use of the account using the username on the first user device; and responsive to a selection of the option, causing the username to be removed from the application,” examiner respectfully argues applicant’s arguments are moot in light of the new grounds of rejection necessitated by the amendments made to claim 1. 
Applicant makes a similar argument for claims 10 and 17 as claim 1 above. Examiner respectfully argues applicant’s arguments are moot for the same reasons listed above for claim 1
	Applicant argues dependent claims 2-9, 11-16, and 18-20 are allowable based on their dependence upon allowable base claims, examiner respectfully argues applicant’s arguments are moot in light of the new rejections for claims 1, 10, and 17.

Priority
This application is a continuation-in-part of US Patent Application No. 15/193,487 filed on 06/27/2016. Applicant’s claim for the benefit of this prior-filed application is acknowledged.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 6-11, 14, and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) in further view of Jiang (US 20160316369) in further view of Bhimanaik (US 8,627,438 B1).

Regarding Claims 1, 10, and 17, Dollard teaches a trusted user device stores a user credential and a username for an account associated with an application installed on the trusted user device (Col. 3, lines 50-67, and Col. 7, lines 1-9 teach data may be retrieved, stored or modified by the processor in accordance with the instructions, wherein the data may comprise any information sufficient to identify the relevant information; for example, the data of the computer (i.e., trusted user device) may include authentication information that  determining that the application is installed on a first user device of the one or more user devices, wherein the first user device is different from the trusted user device (Col. 2, lines 54-64, and Col. 7, lines 42-47, teach the user may attempt to authenticate his mobile computing device (i.e., first user device) by capturing the image that is displayed on the personal computer (i.e., trusted user device); if the user profile stored on the mobile device corresponds to the previously submitted user profile that is encoded in the captured image, the device is authenticated; examples of accessing data using the mobile computing device may include accessing a mobile banking application (i.e., first user device application has the same banking application installed as the personal computer); the corresponding website may be launched on the mobile computing device and the user may access data and/or interact with the website using the mobile computing device to, for example, conduct a transaction and exchange information therewith; in addition to launching a website, accessing data using the mobile computing device may include executing an application on the mobile computing device); identifying a user indication to enable a use of the account on the first user device (Col. 6, lines 37-38 and 45-53, teaches the scannable image may be generated after the user accesses the data or interacts with the website; data access permissions and restrictions are encoded in the scannable image, and ; determining electronic transaction processing data through the application on the trusted user device (Col. 6, lines 29-44, teaches a scannable image is generated based on the user profile and may be used to uniquely identify the user and the user's mobile computing device; the scannable image may embed the information provided by the user when the user profile was created; in the event that the scannable image is generated after the user accesses the data/website (i.e., banking application), the scannable image may include information that corresponds to the accessed data/website (i.e., electronic transaction processing data); in other embodiments, the scannable image includes encrypted messages that are generated at the accessed website for the user to decrypt, access and read); responsive to identifying the user indication and determining the electronic transaction processing data, wirelessly transmitting the electronic transaction processing data from the trusted user device to the first user device (Col. 6, lines 63-67, and Col. 7, lines 1-6, teaches the scannable image contains information associated with the previously generated user-specific profile; the scannable image may also include encrypted messages intended for the authorized user, application-specific encryption keys, and/or other authentication credentials for applications that access and/or store data (e.g., mobile banking applications, payment wallet information); the user utilizes the mobile computing device to be authenticated to capture the scannable image from the display of the computer; the scannable image may be captured using an image capturing feature of the mobile computing device such as a camera); enabling the use of the account in the application installed on the first user device (Col. 7, lines 16-44, teaches a determination is made whether the user profile stored on the mobile device corresponds to the user profile that was used to generate the scannable image; in the event that the user profile stored on the mobile device corresponds to the user profile that was used to generate the scannable image (as indicated in the decoded data captured from the scannable image), processing continues to block where the mobile device is authenticated; after the mobile device is authenticated, the corresponding website may be launched on the mobile computing device and the user may access data and/or interact with the website using the mobile computing device to, for example, conduct a transaction and exchange information); and loading the username and the electronic transaction processing data to the application on the first user device based on the enabling the use of the user credential (Col. 8, lines 30-57, teaches in the event that the two user profiles match, the mobile computing device is authenticated, wherein the user profile was located in the previously captured image that contains an embedded set of data retrieved from the previously created user profile such as user credentials and login information; the online banking transaction may be completed on the authenticated mobile computing device, and the user is allowed access to data or may interact with the website to conduct a transaction (i.e., the user is able to access data because the login information (i.e., username) has been loaded on the first user device)). 
However, Dollard does not explicitly teach does not explicitly teach determining an IP addresses of the first user device on a wireless network at the location; and determining that the first user device is a public device based on the IP address of the first user device on the wireless network.
Sokolov from same or similar field of endeavor teaches determining an IP addresses of the first user device on a wireless network at the location (Col. 7, lines 17-20 and 45-57, teach to determine whether a computer is public or shared, shared device detection component may combine a fingerprint of a web browser and an IP address with an indication of a number of users associated with the browser fingerprint/IP address pair); and determining that the first user device is a public device based on the IP address of the first user device on the wireless network (Col. 2, lines 15-23, and Col. 7, lines 17-20, 40-57, teach determining whether the user device is a shared device may comprise determining an IP address associated with the user device, identifying one or more web browser characteristics of a web browser associated with the user device, and counting a number of unique sessions at the website, wherein the sessions are associated with the IP address and the web browser having the one or more web browser characteristics; and determining whether the number of unique sessions exceeds a specified threshold; to determine whether a computer is public or shared, shared device detection component may determine first whether website accesses (e.g., logins, sessions, etc.) are coming from a same computer; shared device detection component may calculate a combination of one or more browser characteristics combined with an IP address may uniquely identify a browser; shared device detection component may combine a fingerprint of a web browser and an IP address with an indication of a number of users associated with the browser fingerprint/IP address pair (e.g., a count of logins from the pair) to provide  shared device detection component may also use other indicators of whether a device is shared; for example, shared device detection component may use a count of logins from an IP address in some cases as a weaker indicator to determine that a computer may be shared).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Dollard to incorporate the teachings of Sokolov to determine an IP addresses of the first user device on a wireless network at the location; and determine that the first user device is a public device based on the IP address of the first user device on the wireless network.
There is motivation to combine Sokolov into Dollard because the base invention is improved because the server can limit/deny access to the user credential because public or shared computers have higher security risks. Public or shared computers can be found in libraries, schools, hotel business centers, and many times are the only option to get Internet access when travelling outside of the country. However, there are well-known risks with browsing on a public computer. For example, users may forget to logout and leave their sessions active, data from a browsing session may be left in cache after the user leaves, users might accidentally check “keep me signed in” or “remember me” options, and other people nearby might peek, photograph, or record things on the screen (Sokolov Col. 1, lines 13-24).
However, the combination of Dollard and Sokolov does not explicitly teach wirelessly detecting, using a trusted user device, a presence of one or more user devices within a predefined proximity to the trusted user device at a location; authenticating the account in the application installed on the first user device independent of storing the user credential to the first user device using a one-time use secure key associated with the account, wherein the one-time use secure key -2-comprises a usage restriction on processing the electronic transaction processing data via the application; and enabling the use of the account in the application installed on the first user device for processing the electronic transaction processing data via the application based on the usage restriction for the one-time secure key.
Ruparelia from same or similar field of endeavor teaches wirelessly detecting, using a trusted user device, a presence of one or more user devices within a predefined proximity to the trusted user device at a location (Paragraphs 0049-0050 and 0062 teach when the user enters the vicinity of the ATM kiosk, a pairing request is initiated by the on the user device (i.e., trusted user device) wherein the pairing request can be initiated by switching on the NFC/Bluetooth™ or any other short range protocol enabled at the User Device); authenticating the account in the application installed on the first user device independent of storing the user credential to the first user device using a one-time use secure key associated with the account, wherein the one-time use secure key -2-comprises a usage restriction on processing the electronic transaction processing data via the application (Paragraph 0071-0072, 0053-0055, and 0041 teach a token (i.e., one-time use secure key) is generated and sent to the device pairing module, then the device pairing module issues specific commands to the user interface on the user device; inputs provided and enabling the use of the account in the application installed on the first user device for processing the electronic transaction processing data via the application based on the usage restriction for the one-time secure key (Paragraph 0054 and 0074 teach as indicated previously, the ATM kiosk is customized to facilitate/enable the banking transaction using the user device via the Bank server; the pairing process is configured in such a way that only one user can access the ATM kiosk for a particular transaction(s); the ATM kiosk issues the commands to the Banking module to complete the financial transaction).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard and Sokolov to incorporate the teachings of Ruparelia to wirelessly detect, using a trusted user device, a presence of one or more user devices within a predefined proximity to the trusted user device at a location; authenticate the account in the application installed on the first user device 
There is motivation to combine Ruparelia into the combination of Dollard and Sokolov because despite the security and authentication protocols available in ATM's, the user’s PIN can be traced in different ways, such as by tracking the user's keystrokes. In addition, if the PIN is forgotten, the user has to request the bank to regenerate the new PIN, until then the user cannot use the ATM to perform any financial transactions (Ruparelia Paragraph 0006). The base invention is improved because transactions are performed without the need for the user to carry the card/enter the PIN every time, thereby avoiding fraud attacks like tracing the PIN (i.e., password) (Ruparelia Paragraphs 0090).
However, the combination of Dollar, Sokolov, and Ruparelia does not explicitly teach presenting, on the trusted user device, a dashboard interface identifying the first user device having the username loaded to the application on the first user device, wherein the dashboard interface comprises a graphical rendition of a plurality of devices including the first user device; providing, within the dashboard interface, an option to remove the username from the application, wherein the option prevents the use of the account using the username on the first user device; and responsive to a selection of the option, causing the username to be removed from the application.
Jiang from same or similar field of endeavor teaches presenting, on the trusted user device, a dashboard interface identifying the first user device having the username loaded to the application on the first user device, wherein the dashboard interface comprises a graphical rendition of a plurality of devices including the first user device (Paragraphs 0057 and 0097-0098 teach the second terminal (i.e., first user device) is in a logged-in state; the information management server may receive a device lock deletion command carrying the account and a first terminal identifier from the trusted device; in FIG. 8, the first terminal presents an interface for setting a device lock; the interface displays correspondences between all first terminal identifiers and the account, and a list of trusted devices on which a device lock is unlocked); providing, within the dashboard interface, an option to remove the username from the application, wherein the option prevents the use of the account using the username on the first user device (Paragraph 0098 teaches the list includes a device name of the trusted device and a corresponding deleting button; when a user selects to lock the device lock on the interface, in the information management server, a state of the device lock corresponding to the stored account is changed to be locked); and responsive to a selection of the option, causing the username to be removed from the application (Paragraph 0098 teaches when the user selects to delete a trusted device on the interface, in the information management server, a state corresponding to the first terminal identifier corresponding to the trusted device is changed so that the device lock is locked).

There is motivation to combine Jiang into the combination of Dollar, Sokolov, and Ruparelia because data security is improved because after the electronic transaction processing is completed, the user may remove account information from the first user device to protect said user account information from future fraudulent use.
However, the combination of Dollar, Sokolov, Ruparelia, and Jiang does not explicitly teach presenting, on the trusted user device, a dashboard interface identifying the first user device as the public device having the username loaded to the application on the first user device, wherein the dashboard interface comprises a graphical rendition of the first user device in the predefined proximity to the trusted user device.
Bhimanaik from same or similar field of endeavor teaches presenting, on the trusted user device, a dashboard interface identifying the first user device as the public device having the username loaded to the application on the first user device (Col. 8 lines 62-65 and Col. 6, lines 62-67-Col. 7, lines 1-6, teach the user interface of the mobile device application (i.e., on trusted user device) provides an option or on-screen button for revoking the access of the secondary device, which may be a network-accessible parking meter (i.e., public device); the parking meter has the account information loaded in order to charge the parking fees to the user's account, without the need to enter customer identification information into the parking meter), wherein the dashboard interface comprises a graphical rendition of the first user device in the predefined proximity to the trusted user device (Col. 11, lines 21-28 teaches the secondary devices communicate with the primary device (i.e., trusted user device) using short-range communication (such as Bluetooth or NFC) (i.e., within predefined proximity)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the base invention of the combination of Dollard, Sokolov, Ruparelia, and Jiang which teaches detecting one or more users within a predefined proximity and wirelessly transmitting transaction processing data to at least one of the devices after determining the IP address of the at least one of the devices, and then removing the transaction processing data from a device, to incorporate the teachings of 
There is motivation to combine Bhimanaik into the combination of Dollard, Sokolov, Ruparelia, and Jiang because once logged-in to the user's account, the user may use the parking meter to charge the parking fees to the user's account, without entering customer identification information into the parking meter. After the user leaves the parking meter, the user can remove account information so the next person who parks at the parking meter cannot use the first user’s account information to pay for their parking. Thus, the base invention is improved because the user can edit what device(s) have access to user’s account information, allowing the user to remove trusted devices protecting the user from potential future fraudulent use of user’s account information.
Regarding Claim 1, Dollard teaches a system (Col. 1, lines 65-67, and Col. 2, lines 1-8, teach a system includes a first computing device (i.e., trusted device) and a second computing device (i.e., first user device), wherein the first user device is configured to generate a scannable image that encodes a first user profile, and outputs the scannable image to display, and the second computing device captures the scannable image, decodes the data, and is authenticated), comprising: a non-transitory memory (Col. 3, lines 20-25, teach the system includes the computer (i.e., trusted user device), and the computer contains a memory; the memory stores information accessible by the processor); and one or more hardware processors coupled to the non-transitory memory and configured to execute instructions from the non-transitory memory to cause the system to perform operations (Col. 3, lines 20-28, teach the system includes the computer (i.e., trusted user device), and the computer contains a processor; the memory stores information accessible by the processor including instructions and data that may be executed or otherwise used by the processor).
Regarding Claim 10, Dollard teaches a non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations (Col. 3, lines 38-42, teaches the instructions may be any set of instructions to be executed directly (such as machine code) or indirectly (such as scripts) by the processor, for example, the instructions may be stored as computer code on the computer-readable medium).
Regarding Claim 17, Dollard teaches a method (Col. 5, lines 60-62, teaches a process of authenticating a mobile computing device using capturable images displayed on a different computing device).

Regarding Claim 3, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 1 above; and as shown in claim 1 above Ruparelia teaches activating a hardware Near Field Communication (NFC) module of the trusted user device, wherein the wirelessly detecting the presence of the one or more user devices uses the NFC module (Paragraphs 0049-0050 and 0062 teach when the user enters the vicinity of the ATM kiosk, a pairing request is initiated by the on the user device (i.e., trusted user 

Regarding Claim 6, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 1 above; however the combination does not explicitly teach wherein enabling the account in the application installed on the first user device comprises providing the one-time use secure key for user account associated with the application installed on the first user device.
Ruparelia further teaches wherein enabling the account in the application installed on the first user device comprises providing the one-time use secure key for user account associated with the application installed on the first user device (Paragraphs 0039 and 0072 teach the Bank server issues a token (i.e., one-time use secure key) upon validating whether the user device is in the midst of a valid card less transaction session with the ATM kiosk; the token issued comprises information such as the transaction related details; specifically, a module of the Bank Server sends an issue token to the device pairing module, which then issues a specific command such as a form (User Interface) UI command to the User application management module with a valid token; further, the User application management module sends the formed UI command to the ATM kiosk (i.e., first user device) with a UI template, themes, and a plurality of valid user commands to enable the banking transaction).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the 
There is motivation to further combine Ruparelia into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because of the same reasons listed above for claim 1.

Regarding Claim 7, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 1 above; and Dollard further teaches wherein enabling the use of the account in the application installed on the first user device does not require a user action on the first user device (Col. 2, lines 56-62, teaches if the user profile stored on the mobile device corresponds to the previously submitted user profile that is encoded in the captured image, the device is authenticated; the authenticated mobile computing device may then be used to access data and/or interact directly with the website without entering any additional information from the mobile computing device).

Regarding Claim 8, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 1 above; and Dollard further teaches wherein the operations further comprise imposing the usage restriction on the application installed on the first user device (Col. 6, lines 46-51, teaches the scannable image may be generated in response to selection of a 

Regarding Claim 9, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik all the limitations of claim 8 above; and Dollard further teaches wherein the usage restriction comprises at least one of: a transaction amount restriction or a merchandise restriction (Col. 6, lines 46-51, teaches the scannable image may be generated in response to selection of a subset of privileges to grant a user; example privileges include: payment restrictions (e.g., transaction limits)).

Regarding Claim 11, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teach all the limitations of claim 10 above; however the combination does not explicitly teach wirelessly disabling, using the trusted user device, the account in the application installed on the first user device based on the selection of the option.
Bhimanaik further teaches wirelessly disabling, using the trusted user device, the user account in the application installed on the first user device based on the selected option (Col. 8, lines 62-67 and Col. 9, lines 1-5, teach the user interface of the mobile device application provides an option or on-screen button for revoking access of the personal computer to the online shopping service, and upon selecting the button, the mobile device (i.e., original trusted device) may transmit a notification to the authentication server indicating a desire to revoke the 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the further teachings of Bhimanaik to wirelessly disable the user account in the application installed on the first user device based on the selection of the option.
There is motivation to further combine Bhimanaik into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because the authentication server may transmit an alert message to the mobile device in the event that a problem or security issue with the customer account is detected. For example, the online resource provider or the authentication server may detect an attempt to access the customer account by another device while the personal computer is signed-in to the customer account. The alert may be displayed via the user interface of the mobile device application, and the mobile device may transmit a message to revoke all access to the customer account responsive to selection of the button (Bhimanaik Col. 9, lines 6-16).

Regarding Claim 14, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teach all the limitations of claim 10 above; and as shown in claim 10 above Ruparelia teaches wherein the operations are executed using a short-range wireless communication protocol (Paragraphs 0049-0050 and 0062 teach when the user enters the vicinity of the ATM kiosk, a pairing request is initiated by the on the user device (i.e., trusted user device) wherein the pairing 

Regarding Claim 16, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 10 above; and Dollard further teaches wherein the username identifies the account with an online transaction processor (Col. 6, lines 10-27, teaches any given mobile computing device may be associated with multiple sets of user credentials (i.e., username) such as a phone-specific profile and several application-specific profiles; example application-specific accounts include a banking account profile).

Claims 2, 4-5, 13, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) in further view of Jiang (US 20160316369) in further view of Bhimanaik (US 8,627,438 B1) in further view of Robinton (US 20160080343).

Regarding Claim 2, 13, and 18, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claims 1, 10, and 17 above; however the combination does not explicitly teach activating a hardware Bluetooth Low Energy (BLE) transmission module of the trusted user device, wherein the wirelessly detecting the presence of the one or more user devices uses the hardware BLE transmission module.
activating a hardware Bluetooth Low Energy (BLE) transmission module of the trusted user device (Paragraphs 0011, 0028, and 0053 teach the mobile device interface of a trusted mobile device may correspond to a Bluetooth module in the trusted mobile device, wherein the Bluetooth module may be Bluetooth 4 (i.e., Bluetooth Low Energy), in which case the trusted mobile devices can be configured to exchange wireless communications with an untrusted mobile device and establish a connection), wherein the wirelessly detecting the presence of the one or more user devices uses the hardware BLE transmission module (Paragraphs 0014 and 0053 teach a connection is established between the trusted mobile device and the untrusted mobile device, wherein the trusted mobile device interface is capable of communicating with the visitor (e.g., untrusted) mobile device, to enable the mobile device to receive at least some information describing the visitor mobile device).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Robinton to activate a hardware BLE transmission module to detect the presence of one or more user devices.
There is motivation to combine Robinton into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because it is advantageous to leverage Bluetooth technologies to distribute access credentials. In some embodiments, a trusted mobile device is used as a mechanism for requesting a guest credential on behalf of a visitor or untrusted mobile device and then transferring the guest 
Note: Bluetooth 4.0 specification permits devices to implement Bluetooth Low Energy. The Bluetooth 4.0 specification enabled Bluetooth Low Energy connectivity. Bluetooth Low Energy essentially offers low power consumption of a magnitude of 1-50% of that of Classic Bluetooth (“Bluetooth Classic Vs Bluetooth Low Energy (BLE): Which one is right for you?,” page 1).

Regarding Claim 4, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 1 above; however the combination does not explicitly teach detecting that an account secure key is stored on a user device; and responsive to the detecting, identifying the user device as the trusted user device.
Robinton from same or similar field of endeavor teaches detecting that an account secure key is stored on a user device (Paragraphs 0056 and 0057 teach the trusted mobile device may include information in the request that proves the identity of the trusted mobile device, in particular, the trusted mobile device may provide the credential issuer with information proving that the trusted mobile device knows a predetermined secret and the credential issuer may analyze the information to determine if the request is valid); and responsive to the detecting, identifying the user device as the trusted user device (Paragraph 0030 teaches the credential request unit of the trusted mobile device may also be configured to format the request for the guest credential such that the credential 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Robinton to detect that a secure key is stored on a user device and to identify the user device as the trusted user device.
There is motivation to combine Robinton into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because the credential request unit of the trusted mobile device authenticates the trusted device to the credential issuer (Robinton Paragraph 0030).

Regarding Claim 5, the combination of Dollard, Sokolov, Ruparelia, Jiang, Bhimanaik, and Robinton teaches all the limitations of claim 4 above; however the combination does not explicitly teach wherein detecting that the account secure key is stored on a user device comprises detecting that the account secure key is stored in a secure hardware element of the user device.
Robinton further teaches wherein detecting that the account secure key is stored on a user device comprises detecting that the account secure key is stored in a secure hardware element of the user device (Paragraph 0034 teaches credentials may correspond to access control credentials that are stored in a secure area of memory such as a Secure Element).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the 
There is motivation to further combine Robinton into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik, Robinton because the secure element is encrypted and physically tamper-proof (Robinton Paragraph 0034).

Regarding Claim 19, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teaches all the limitations of claim 17 above; however the combination does not explicitly teach wherein the enabling the account in the application installed on the first user device comprises: generating the one-time use secure key using the primary key. 
Ruparelia further teaches wherein the enabling the account in the application installed on the first user device comprises: generating the one-time use secure key using the primary key (Paragraphs 0039 and 0072 teach the Bank server issues a token (i.e., one-time use secure key) upon validating whether the user device is in the midst of a valid card less transaction session with the ATM kiosk; the token issued comprises information such as the transaction related details; specifically, a module of the Bank Server sends an issue token to the device pairing module, which then issues a specific command such as a form (User Interface) UI command to the User application management module with a valid token; further, the User application management module sends the formed UI command to the ATM kiosk (i.e., first user device) with a UI template, themes, and a plurality of valid user commands to enable the banking transaction).

There is motivation to further combine Ruparelia into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because of the same reasons listed above for claim 17.
However, the combination does not explicitly teach identifying a primary key corresponding to the user credential associated with the application on the trusted user device.
Robinton from same or similar field of endeavor teaches identifying a primary key corresponding to the user credential associated with the application on the trusted user device (Paragraphs 0032 and 0057 teach the credential request unit of the trusted mobile device may have a first credential (i.e., primary key) and may utilize some or all of the first credential to authenticate the trusted mobile device to the credential issuer, wherein the credential issuer may analyze the first credential to determine if the request is valid).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Robinton to identify a primary key corresponding to the user credential associated with the application on the trusted user device.
.

Claims 12 is rejected under 35 U.S.C. 103 as being unpatentable over Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) in further view of Jiang (US 20160316369) in further view of Bhimanaik (US 8,627,438 B1) in further view of Boval (US 20170374075).

Regarding Claim 12, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teach all the limitations of claim 10 above; however the combination does not explicitly teach wherein enabling the user account in the application installed on the first user device comprises: determining the account identified by the user credential; determining that the application installed on the first user device is logged in using a second user credential, wherein the second user credential identifies a second account different from the account; in response to the determining, logging the second account out of the application installed on the first user device; and logging the account into the application installed on the first user device.
Boval from same or similar field of endeavor teaches wherein enabling the user account in the application installed on the first user device comprises: determining the account identified by the user credential (Paragraph 0137 teaches the messaging server may access a database of users of the messaging service and determine whether user credentials (e.g., a password, pin, and/or authentication code) supplied with the validation request correlate to a valid user name on the messaging service, and the server may attempt to authenticate the account credentials with the messaging service); determining that the application installed on the first user device is logged in using a second user credential, wherein the second user credential identifies a second account different from the account (Paragraphs 0095, 0122-0123 teach the first user may be considered to be logged in to the messaging application and/or the messaging service and the messaging application receives a second user login request, and when the server-side account validation operation is successful (e.g., the second user's user name and password are valid), the server generates and transmits a validation confirmation message to the client who then proceeds to perform a client-side first user account logout operation); in response to the determining, logging the second account out of the application installed on the first user device (Paragraphs 0095 and 0097 teach the first user account logout operation may involve marking the first user as inactive on the messaging application of the client, and transmitting a logout request to the server, then the server may receive the logout request and, in response, may perform a server-side first user account logout operation); and logging the account into the application installed on the first user device (Paragraph 0101 teaches as part of the second user account login operation, the messaging application may generate and transmit a login request requesting that the second user be logged in 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Boval to log out the second account and login the user account identified by the user credential.
There is motivation to combine Boval into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because allowing multiple messaging accounts to be registered and switching between them in this manner ensures continual network accessibility of the messaging client by a messaging server (Boval Paragraph 0002).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) in further view of Jiang (US 20160316369) in further view of Bhimanaik (US 8,627,438 B1) in further view of Ziraknejad (US 10,231,128 B1).

Regarding Claim 15, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teach all the limitations of claim 14 above; however the combination does not explicitly teach restricting, from the trusted user device, the use of the account in the application installed on the first user device using a long-range wireless communication protocol.
restricting, from the trusted user device, the use of the account in the application installed on the first user device using a long-range wireless communication protocol (Col. 22, lines 56-67, and Col. 23, lines 1-7, teach as the second electronic device moves away, the first electronic device may lock itself or otherwise restrict access in response; for example, the first electronic device may determine a signal strength of the wireless connection between the first electronic device and the second electronic device satisfies a threshold level, where the threshold level corresponds to distance to automatically restrict access to the first electronic device and as a result, an access control agent can restrict access to the first electronic device (e.g., by locking a user session, logging out the user, etc.) in response to determining that the signal strength satisfies the threshold level).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Ziraknejad to restrict the use of the account using a long-range wireless communication protocol.
There is motivation to combine Ziraknejad into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to protect the user credential from potential fraudulent use. The thresholds that are used to determine whether proximity has been achieved may be set by the system provider or an administrator. For example, a default distance may be set by the system or by a security policy, e.g., 3 ft., 5 ft., 10 ft., and so on, or a signal strength corresponding to those distances. The system may require a greater signal strength .

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Dollard (US 8,807,426 B1) in further view of Sokolov (US 10,382,416 B2) in further view of Ruparelia (US 20160364729) in further view of Jiang (US 20160316369) in further view of Bhimanaik (US 8,627,438 B1) in further view of Wilson (US 20160359848).

Regarding Claim 20, the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik teach all the limitations of claim 17 above; however the combination does not explicitly teach identifying the first user device as a secondary user device.
Wilson from same or similar field of endeavor teaches identifying the first user device as a secondary user device (Paragraphs 0034, 0048-0049, and 0051 teach an exemplary method for transferring a trusted device status performed by a device services manager at a server includes an authentication token being 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik to incorporate the teachings of Wilson to identify the first user device as a secondary user device.
There is motivation to combine Wilson into the combination of Dollard, Sokolov, Ruparelia, Jiang, and Bhimanaik because authenticating an added user device by transferring a trusted device status from a separate trusted user device to the added user device allows a user to authenticate in such a way that the user is not required to sign in and authenticate manually on the added user device (Wilson Paragraph 0022).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Dawoud et al. (US 20160080380) teaches the list of trusted devices 108 may be devices that are officially distributed to and registered to individual employees of a company (e.g., laptop computers, desktop computers, smartphones, smart 
Murillo Jr. et al. (US 20140136633) teaches the controller 210 receives, from the server 300, a list of trusted devices that have been registered with the server 300. In a similar fashion, when the user wishes to register the device 200 with the server 300 as a trusted device, the controller 210 controls the communication unit 220 to transmit registration information to the server 300. In response to the registration, the server 300 may transmit a list of trusted devices to the device 200, which the controller 210 stores in a storage unit (not shown). In addition, the controller 210 may also receive an updated trusted list from the server 300. The updates may be received on a regular (periodic) basis or may be received when a change in the list occurs (i.e., a device is added to or removed from the list) (Paragraph 0031).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137.  The examiner can normally be reached on 7:30 am - 5:00 pm CST (M-F).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/C.P.J./Examiner, Art Unit 3685

/JAY HUANG/Primary Examiner, Art Unit 3685