DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 15-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Claims 15-20 recite "a computer program product” which is defined in the specification to include a computer readable signal. A memorandum from Director Kappos was issued January 26, 2010 entitled "Subject Matter Eligibility of Computer Readable Media" hereinafter "Kappos 1/26/2010". According to "Kappos 1/26/2010", in the absence of a definition in the specification explicitly excluding transitory propagating/transmission type memory medium, the broadest reasonable interpretation of "a computer readable medium" is interpreted to include both "non-transitory tangible media" and "transitory propagating signals" medium where the latter renders the claim non-statutory. "Kappos 1/26/2010" directs the patent community to overcome 101 rejections of this nature by amending the claim language to add the limitation "non- transitory" to the claim, for example "processor readable non-transitory media".  


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 3 and 8 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Chhabra et al. (US Pub. 20170169231 A1).

	Regarding claim 1, Chhabra discloses a system comprising: 
a secure computer system accessed via a biometric authentication gateway, wherein said secure computer system hosts a plurality of secure services and sensitive data (para. 32- embodied as hardware, firmware, software, or a combination thereof. For example the various modules, logic, and other components of the environment 200 may form a portion of, or otherwise be established by, the processor 120 or other hardware components of the computing device 102. As such, in some embodiments, any one or more of the modules of the environment 200 may be embodied as a circuit or collection of electrical devices (e.g., an authentication circuit, a coercion detection circuit, etc.).); 
a network-enabled secure end-user device utilizing a secure device architecture that requires successful biometric authentication of an authorized user by the biometric authentication gateway for functions of the secure end-user device and the plurality of (para. 34- authentication module 202 is configured to verify one or more user authentication factors. Each authentication factor may be embodied as any type of authentication credential (e.g., password, passcode, biometric data, etc.) usable by the computing device 102 to authorize a user. For example, the authentication module 202 may verify a user password, passcode, personal identification number (PIN), or other user authentication credentials. In some embodiments, the authentication module 202 may verify a biometric factor such as a fingerprint pattern, iris pattern, retina pattern), wherein said secure device architecture encapsulates software programs requiring a similar security level into distinct partitions to prevent intrusions between software programs of different partitions, wherein each partition is allocated a distinct set of dedicated device resources (para. 33- The various modules of the environment 200 may be embodied as hardware, firmware, software, or a combination thereof. For example the various modules, logic, and other components of the environment 200 may form a portion of, or otherwise be established by, the processor 120 or other hardware components of the computing device 102. As such, in some embodiments, any one or more of the modules of the environment 200 may be embodied as a circuit or collection of electrical devices (e.g., an authentication circuit, a coercion detection circuit, etc.); and 
a coercion security system having an application running on the secure end-user device configured to capture and analyze verbal communication proximate to the secure end-user device to address coercion of the authorized user (Fig. 3, para. 51- As an additional example, the computing device 102 may analyze data from the voice sensor 138 to detect perturbations or other patterns in the user's voice that may indicate that the user is under stress) by a nefarious actor to access at least one of the secure computer system and the secure end-user device (para. 54- malicious attacker), wherein, 
without coercion of the authorized user, said nefarious actor is unable to access the secure end-user device and the secure computer system, wherein the coercion security system executes at least one security command upon the secure end-user device in response to detected coercion. (para. 54- in which the computing device 102 performs a security operation. The computing device 102 may perform any appropriate security operation in response to the detected likely coercion. In some embodiments, in block 322 the computing device 102 may allow access to false, but plausible data instead of allowing access to real user data. That is, the computing device 102 may allow access to false data that is configured to appear to be accurate data. For example, instead of allowing access to a user document, the computing device 102 may allow access to a different document (e.g., a document including publicly-available information, non-sensitive information, nonsense information, etc.). As another example, instead of allowing access to a user's bank account or other financial account, the computing device 102 may allow access to a false account that includes a relatively small balance amount. By presenting false but plausible information, the user's data may be protected and a malicious attacker may not suspect that a security operation has been performed. In some embodiments, in block 324 the computing device 102 may generate a security event such as an alarm, an alert, a log event, or other notification of the potential security breach. The computing device 102 may generate a silent or remote alarm to protect user safety. After performing the security operation, the method 300 loops back to block 302 to perform additional authentication)

Regarding claim 3, Chhabra discloses in the system of claim 1, wherein biometric data used for biometric authentication of the authorized user excludes voice-based data. (para. 33- a biometric factor such as a fingerprint pattern, iris pattern, retina pattern)

Regarding claim 8, Chhabra discloses in the system of claim 1, wherein the at least one security command comprises at least one of power down the secure end-user device, allow the secure end-user device to remain powered and track its location, request identity validation of an unauthorized user from the authorized user, limit the functions that are executable by the secure end-user device, and notify a designated person or agency.  (para. 54- in which the computing device 102 performs a security operation. The computing device 102 may perform any appropriate security operation in response to the detected likely coercion. In some embodiments, in block 322 the computing device 102 may allow access to false, but plausible data instead of allowing access to real user data. That is, the computing device 102 may allow access to false data that is configured to appear to be accurate data. For example, instead of allowing access to a user document, the computing device 102 may allow access to a different document (e.g., a document including publicly-available information, non-sensitive information, nonsense information, etc.). As another example, instead of allowing access to a user's bank account or other financial account, the computing device 102 may allow access to a false account that includes a relatively small balance amount. By presenting false but plausible information, the user's data may be protected and a malicious attacker may not suspect that a security operation has been performed. In some embodiments, in block 324 the computing device 102 may generate a security event such as an alarm, an alert, a log event, or other notification of the potential security breach. The computing device 102 may generate a silent or remote alarm to protect user safety. After performing the security operation, the method 300 loops back to block 302 to perform additional authentication)


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Chhabra as applied to claim 1 above, and further in view of Bock et al. (US Pat. 8644896 B1).

Regarding claim 2, Chhabra does not specifically teach to increase security of the secure end-user device, said secure end-user device is configured to run a secure real-time operating system (RTOS), wherein the secure RTOS is INTEGRITY.  However, this concept is well known and used in the art as evidenced by Bock (see col. 7, line 64- col. 8, line 7) and therefore, one skilled in the art would have found it obvious to utilize it in Chhabra as a simple known alternative to achieve the desirable effect of having a secure, royalty-free operating system.  

Claim 5-7, 9-20 are rejected under 35 U.S.C. 103 as being unpatentable over Chhabra and further in view of Laughlin et al. (US Pub. 20190020676 A1).

Regarding claim 4, Chhabra does not specifically teach the coercion security system further comprises: a voice biometric library containing voice biometric data for the authorized user; and a coercion security server configured to analyze voice data captured by the coercion security application running on the secure end-user device in conjunction with the voice biometric library to determine a presence of the nefarious actor and return the at least one security command to the coercion security application for execution.  However, this concept is known and used in the art of device security using voice biometrics as evidenced by Laughlin (see para. 19, 29, 49) and therefore, one skilled in the art would have found it obvious to utilize it in Chhabra as a simple known alternative to achieve the desirable effect of detecting and identifying nefarious users or bad actors of a mobile device (para. 19). 

	Regarding claim 5, Laughlin discloses in the system of claim 4, wherein the voice biometric library includes a record of voice biometric data for the nefarious actor, wherein the coercion security server is able to determine an identity the nefarious actor speaking in the voice data received from the coercion security application, wherein selection of the at least one security command is based upon the identity of the nefarious actor. (para. 49- After the voice characteristics 604 are generated, an identification of the unauthorized user 192 is determined based on the voice characteristics 604. According to one implementation, the transmitter 410 sends the voice characteristics 604 to the above-mentioned authorities to assist the authorities in identifying the unauthorized user 192. According to another implementation, the processor 106 accesses one or more voice databases and compares the voice characteristics 604 to voices in the databases. If a match is determined, the processor 106 determines the identity of the unauthorized user 192, and the transmitter 410 sends information associated with the identity to the appropriate authorities)

Regarding claim 6, Chhabra discloses in the system of claim 4, wherein the coercion security system is a secure service provided by the secure computer system. para. 32- embodied as hardware, firmware, software, or a combination thereof. For example the various modules, logic, and other components of the environment 200 may form a portion of, or otherwise be established by, the processor 120 or other hardware components of the computing device 102. As such, in some embodiments, any one or more of the modules of the environment 200 may be embodied as a circuit or collection of electrical devices (e.g., an authentication circuit, a coercion detection circuit, etc.).)

Regarding claim 7, Laughlin discloses in the system of claim 4, wherein the coercion security server further comprises: a detection module configured to determine distinct voice sources within the voice data and identify if each determined distinct voice source belongs to the authorized user or the nefarious actor using the voice biometric library; and a security handler configured to ascertain the at least one security command for execution on the secure end-user device based upon the determination of the detection module. (para. 29- the processor 106 may activate a microphone to record a voice sample of the particular user. The processor 106 may compare the image, the voice sample, or both, to information associated with the authorized user 190; para. 49- After the voice characteristics 604 are generated, an identification of the unauthorized user 192 is determined based on the voice characteristics 604. According to one implementation, the transmitter 410 sends the voice characteristics 604 to the above-mentioned authorities to assist the authorities in identifying the unauthorized user 192. According to another implementation, the processor 106 accesses one or more voice databases and compares the voice characteristics 604 to voices in the databases. If a match is determined, the processor 106 determines the identity of the unauthorized user 192, and the transmitter 410 sends information associated with the identity to the appropriate authorities)

	Regarding claim 9, the rejection of claim 1 is incorporated herein. Chhabra discloses a method for addressing user coercion comprising: while a secure end-user device is being accessed (para. 32- embodied as hardware, firmware, software, or a combination thereof. For example the various modules, logic, and other components of the environment 200 may form a portion of, or otherwise be established by, the processor 120 or other hardware components of the computing device 102. As such, in some embodiments, any one or more of the modules of the environment 200 may be embodied as a circuit or collection of electrical devices (e.g., an authentication circuit, a coercion detection circuit, etc.).), monitoring of verbal communications made proximate to the secure end-user device by a client application of a coercion security system for a presence of an unauthorized user (Fig. 3, para. 51- As an additional example, the computing device 102 may analyze data from the voice sensor 138 to detect perturbations or other patterns in the user's voice that may indicate that the user is under stress; para. 54- malicious attacker), wherein the secure end-user device implements a secure device architecture that encapsulates software programs requiring a similar security level into distinct partitions to prevent intrusions between software programs of different partitions, wherein each partition is allocated a distinct set of dedicated device resources (para. 33- The various modules of the environment 200 may be embodied as hardware, firmware, software, or a combination thereof. For example the various modules, logic, and other components of the environment 200 may form a portion of, or otherwise be established by, the processor 120 or other hardware components of the computing device 102. As such, in some embodiments, any one or more of the modules of the environment 200 may be embodied as a circuit or collection of electrical devices (e.g., an authentication circuit, a coercion detection circuit, etc.), wherein access to the secure end-user device is controlled by biometric authentication of the authorized user, prohibiting direct access to the secure end-user device by the unauthorized user (para. 34- authentication module 202 is configured to verify one or more user authentication factors. Each authentication factor may be embodied as any type of authentication credential (e.g., password, passcode, biometric data, etc.) usable by the computing device 102 to authorize a user. For example, the authentication module 202 may verify a user password, passcode, personal identification number (PIN), or other user authentication credentials. In some embodiments, the authentication module 202 may verify a biometric factor such as a fingerprint pattern, iris pattern, retina pattern); determining at least one security command as a means to address potential coercion of the authorized user by the unauthorized user; and executing the determined at least one security command on the secure end-user device (para. 54- in which the computing device 102 performs a security operation. The computing device 102 may perform any appropriate security operation in response to the detected likely coercion. In some embodiments, in block 322 the computing device 102 may allow access to false, but plausible data instead of allowing access to real user data. That is, the computing device 102 may allow access to false data that is configured to appear to be accurate data. For example, instead of allowing access to a user document, the computing device 102 may allow access to a different document (e.g., a document including publicly-available information, non-sensitive information, nonsense information, etc.). As another example, instead of allowing access to a user's bank account or other financial account, the computing device 102 may allow access to a false account that includes a relatively small balance amount. By presenting false but plausible information, the user's data may be protected and a malicious attacker may not suspect that a security operation has been performed. In some embodiments, in block 324 the computing device 102 may generate a security event such as an alarm, an alert, a log event, or other notification of the potential security breach. The computing device 102 may generate a silent or remote alarm to protect user safety. After performing the security operation, the method 300 loops back to block 302 to perform additional authentication). 
	Chhabra doesn’t specifically teach that the presence of the unauthorized user is detected in voice data corresponding to the verbal communications.  However, this concept is known and used in the art of device security using voice biometrics as evidenced by Laughlin (see para. 19, 29, 49) and therefore, one skilled in the art would have found it obvious to utilize it in Chhabra as a simple known alternative to achieve the desirable effect of detecting and identifying nefarious users or bad actors of a mobile device (para. 19).
Laughlin further teaches wherein voice biometric data for authorized users of the secure end-user device is collected in a voice biometric library during registration with the coercion security system (para. 24- the access data 126 includes biometric data (e.g., a fingerprint scan, a retinal scan, a facial scan, etc.), voice recognition data, etc. The user login unit 114 verifies the access data 126) 

Regarding claim 10, the combination of Chhabra and Laughlin discloses in the method of claim 9, wherein monitoring verbal communications further comprises: capturing the proximate verbal communications as voice data using a microphone component of the secure end-user device (Chhabra- Fig. 3, para. 51- As an additional example, the computing device 102 may analyze data from the voice sensor 138 to detect perturbations or other patterns in the user's voice that may indicate that the user is under stress); analyzing the captured voice data to identify distinct voice sources; correlating each voice source to an authorized user of the secure end-user device based upon contents of a voice biometric library, wherein said voice biometric library at least includes the voice biometric data of authorized users of the secure end-user device; and when a voice source fails to correlate to an authorized user of the secure end-user device, denoting the voice source as belonging to an unauthorized user and indicating the presence of an unauthorized user. (Laughlin- para. 29- the processor 106 may activate a microphone to record a voice sample of the particular user. The processor 106 may compare the image, the voice sample, or both, to information associated with the authorized user 190; para. 49- After the voice characteristics 604 are generated, an identification of the unauthorized user 192 is determined based on the voice characteristics 604. According to one implementation, the transmitter 410 sends the voice characteristics 604 to the above-mentioned authorities to assist the authorities in identifying the unauthorized user 192. According to another implementation, the processor 106 accesses one or more voice databases and compares the voice characteristics 604 to voices in the databases. If a match is determined, the processor 106 determines the identity of the unauthorized user 192, and the transmitter 410 sends information associated with the identity to the appropriate authorities)

Regarding claim 11, Laughlin discloses in the method of claim 10, wherein correlating authorized user voice sources further comprises: identifying the voice biometric data of all authorized users for the secure end-user device within the voice biometric library; comparing the voice data that corresponds to each voice source to the identified voice biometric data for all authorized users; and when the voice data of a voice source matches the voice biometric data of one of the authorized users, denoting the voice source as belonging to an authorized user. (para. 29- Alternatively or in addition, the processor 106 may activate a microphone to record a voice sample of the particular user. The processor 106 may compare the image, the voice sample, or both, to information associated with the authorized user 190.)

Regarding claim 12, Laughlin discloses in the method of claim 10, wherein the voice biometric library further includes voice biometric data for known nefarious actors, said method further comprises: for each voice source denoted as belonging to an unauthorized user, comparing the voice data corresponding to said each voice source to the voice biometric data entries in the voice biometric library for the known nefarious actors; and when the voice data of the voice source matches the voice biometric data of a known nefarious actor, denoting the voice source as belonging to the known nefarious actor, wherein a likelihood of the potential coercion of the authorized user is increased. (para. 29- the processor 106 may activate a microphone to record a voice sample of the particular user. The processor 106 may compare the image, the voice sample, or both, to information associated with the authorized user 190; para. 49- After the voice characteristics 604 are generated, an identification of the unauthorized user 192 is determined based on the voice characteristics 604. According to one implementation, the transmitter 410 sends the voice characteristics 604 to the above-mentioned authorities to assist the authorities in identifying the unauthorized user 192. According to another implementation, the processor 106 accesses one or more voice databases and compares the voice characteristics 604 to voices in the databases. If a match is determined, the processor 106 determines the identity of the unauthorized user 192, and the transmitter 410 sends information associated with the identity to the appropriate authorities)

Regarding claim 13, Laughlin discloses in the method of claim 11, wherein voice sources denoted as belonging to unauthorized users are stored by the coercion security system for at least one of future identification and addition to the voice biometric library. (para. 49- After the voice characteristics 604 are generated, an identification of the unauthorized user 192 is determined based on the voice characteristics 604. According to one implementation, the transmitter 410 sends the voice characteristics 604 to the above-mentioned authorities to assist the authorities in identifying the unauthorized user 192. According to another implementation, the processor 106 accesses one or more voice databases and compares the voice characteristics 604 to voices in the databases. If a match is determined, the processor 106 determines the identity of the unauthorized user 192, and the transmitter 410 sends information associated with the identity to the appropriate authorities)

	Regarding claim 14, Chhabra discloses in the method of claim 9, wherein the at least one security command comprises at least one of power down the secure end-user device, allow the secure end-user device to remain powered and track its location, request identity validation of an unauthorized user from the authorized user, limit the functions that are executable by the secure end-user device, and notify a designated person or agency. (para. 54- in which the computing device 102 performs a security operation. The computing device 102 may perform any appropriate security operation in response to the detected likely coercion. In some embodiments, in block 322 the computing device 102 may allow access to false, but plausible data instead of allowing access to real user data. That is, the computing device 102 may allow access to false data that is configured to appear to be accurate data. For example, instead of allowing access to a user document, the computing device 102 may allow access to a different document (e.g., a document including publicly-available information, non-sensitive information, nonsense information, etc.). As another example, instead of allowing access to a user's bank account or other financial account, the computing device 102 may allow access to a false account that includes a relatively small balance amount. By presenting false but plausible information, the user's data may be protected and a malicious attacker may not suspect that a security operation has been performed. In some embodiments, in block 324 the computing device 102 may generate a security event such as an alarm, an alert, a log event, or other notification of the potential security breach. The computing device 102 may generate a silent or remote alarm to protect user safety. After performing the security operation, the method 300 loops back to block 302 to perform additional authentication)

Regarding claims 15-20, they merely recite a computer program that when executed, performs the functional steps of method claims 9-14, and thus, rejected for the same rationale. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM A CORUM JR whose telephone number is (303)297-4234.  The examiner can normally be reached on Mon. - Fri. 8 AM - 5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/WILLIAM A CORUM JR/Examiner, Art Unit 2433                

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433