Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority 
	This application claims the benefit of and priority to U.S. Provisional Patent Application Ser. No. 62/111,879, filed Feb. 4, 2015, which is incorporated by reference in its entirety for all purposes.
DETAILED ACTION
	This office action is in response to an amendment application received on 06/09/2021. In the amendment, applicant has amended independent claims 1 and 12. Claims 8 and 13-16 remain cancelled. Claims 2-7, 9-12 and 17-22 remain original. No new claim has been added and no further claim has been cancelled. 
	For this office action, claims 1-7, 9-12 and 17-22 have been received for consideration and have been received for consideration. 
Response to Arguments
	Examiner would like to point out that applicant has not separately presented the arguments for 112 and 103 rejection such as for 112(a) and 103 therefore it is confusing to understand from the remarks as to which argument belong to which particular rejection.
Claims Rejection under 35 U.S.C. § 112(a)
	In the submitted remarks, applicant has not actually presented any remarks regarding claims rejection under 35 U.S.C. § 112(a). Examiner would like to mention that claim amendments to independent claims have not overcome the 112(a) rejection and therefore for 
With regarding to amended limitation “a” in independent claims 1 and 12, the instant disclosure and applicant’s remarks are still silent as to which entity is providing an electronic access control system because electronic access control system cannot provide for itself to perform the recited method steps. 
Furthermore, independent claims 1 and 12 recite “providing the wireless receiver in the vicinity of an access terminal …” in the “b” limitation. Instant disclosure is silent with respect to have support for this limitation as to how can an electronic access control system provide the wireless receiver in the vicinity of an access terminal. Applicant’s remarks on page # 1 that “applicant respectfully submits that the claim language doesn’t say that electronic access control system provides the wireless receiver. The wireless receiver can be a separate physical component from the electronic control access system” does not make sense and supports examiner’s 112(a) rejection that how can an electronic access control system provide the wireless receiver when the wireless receiver is a separate component. 
Furthermore, independent claim 1 and 12 recite in limitation c. “upon an authorized user approaching the access terminal and possessing an electronic device having a wireless transmitter …”. Instant disclosure does not elaborate as to how the electronic access control system is detecting if the “an authorized user” is approaching the access terminal and possessing an electronic device having a wireless transmitter which is transmitting or transferring a first authentication signal. 
1 and 12 recite “allowing …” steps in the f. and g. limitations. Instant disclosure fails to disclose any flowchart or algorithm which describes how the electronic access control system is configured to perform the “allowing” steps.
Examiner has reviewed limitations of independent claims “f.” and “j.” and notices that applicant does not have support for these and overall limitations in the specification. 
Examiner would like to mention that these are method claims and are written from the point of “an electronic access control device” executing the steps, however, after consulting the specification and reviewing the drawings (FIGS. 1-3) and paragraphs [0017, 0032 & 0041], examiner notices that the method start when a user approaches with his mobile device towards “an access terminal” and providing his/her authentication credentials to the access terminal by utilizing the wireless transmitter of the mobile device, makes contact or comes into close enough proximity with a wireless receiver of the access terminal. So technically, user’s mobile device is initiating the workflow for utilizing a wireless transmitter in communication with a wireless receiver and access control system to prevent or reduce unauthorized access to restricted access computer systems. 
From above mentioned paragraphs, examiner notices that claimed “electronic access control system” is a backend system which is not in direct contact with user device (i.e. mobile device) and communicating with the access terminal / wireless transmitter whereas claims are written from the point of an electronic access control system performing these steps which is not the case as per instant disclosure.  
Based on above responses and explanation, examiner is compelled to maintain the 35 U.S.C. § 112(a) rejection. 
Claims Rejection under 35 U.S.C. § 103
	Applicant’s remarks on page # 1-2 regarding claims rejection under 35 U.S.C. § 103 have been reviewed by the examiner, however, examiner do not find them to be persuasive. With regards to applicant’s remark “With respect to step (c) in Claims 1 and 12, Applicant claims upon the user approaching the access terminal. Donaldson at paragraphs 0050-0052 describes the user approaching the "access- managed system (which is generally akin to applicant's electronic access control system). Applicant's electronic access control system does not need to be at the specific location of the user or the restricted access system as described by Donaldson”, examiner notices that applicant agrees that Donaldson’s access management system is similar to claimed electronic access control system.
	Applicant further mentions on page # 2 that “With respect to step (i) in Claim 1 and step (h) in Claim 12, Applicant respectfully disagrees that Mahaffey describes in Paragraph 0248 what Applicant is claiming. The expiration of a time period in Mahaffey is concerned with "inactivity", not that there is no signal being received”, examiner respectfully disagrees. Secondary reference of Mahaffey discloses a method in which length of time is being determined by the system by checking expiration of a time period of inactivity which is interpreted as claimed (i) limitation. In addition, Mahaffey discloses in [0249] where proximity detection module periodically checks if the key device and mobile device are connected to the same network or not which is equivalent to no signal has been received for certain time period ([0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked, checking whether the key device is connected to the same network as the mobile communication device, if the key device remains connected to the same network, not locking the mobile communication device, and if the key device is no longer connected to the same network, locking the mobile communication device; [0249] The method may further include after the step of unlocking the mobile communication device, periodically checking, by the proximity detection module, whether the key device is connected to the same network as the mobile communication device, if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device, and if the periodic check indicates that the key device is connected to the same network, not locking the mobile communication device). 
	In another implementation, Mahaffey discloses determining the proximity of key device and mobile device by determining their signal strength which equivalent claimed “determining signal strength above the authentication signal strength” ([0258] In a specific implementation, the method includes determining that the key device is near the mobile communication device when the key device and the mobile communication device are connected to the same access point; [0259] In another specific implementation, the method includes determining that the key device is near the mobile communication device when a strength of a signal from the key device is above a threshold value).
	Based on above explanation, examiner believe that amended claims are still taught by the combination of Donaldson and Mahaffey references. Therefore examiner is compelled to maintain the 103 rejection. 
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to 

Claims 1-7, 9-12 and 17-22 are rejected under 35 U.S.C. 112(a), as failing to comply with the written description requirement. The claims contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, at the time the application was filed, had possession of the claimed invention.
Independent claims 1 and 12 recite “providing …” step in the a. and b. limitations. Instant disclosure fails to disclose any flowchart or algorithm which describes how the electronic access control system is “providing” to perform the method steps of the electronic access control system.
Independent claims 1 and 12 recite “providing the wireless receiver in the vicinity of an access terminal …” in the b. limitation. Instant disclosure is silent with respect to have support for this limitation as to how can an electronic access control system provide the wireless receiver in the vicinity of an access terminal. 
Independent claim 1 and 12 recite in limitation c. “upon an authorized user approaching the access terminal and possessing an electronic device having a wireless transmitter …”. Instant disclosure does not elaborate as to how the electronic access control system is detecting if the “an authorized user” is approaching the access terminal and possessing an electronic device having a wireless transmitter. 
1 and 12 recite “allowing …” steps in the f. and g. limitations. Instant disclosure fails to disclose any flowchart or algorithm which describes how the electronic access control system is configured to perform the “allowing” steps.
Examiner has reviewed limitations of independent claims “f.” and “j.” and notices that applicant does not have support for these and overall limitations in the specification. 
Examiner would like to mention that these are method claims and are written from the point of “an electronic access control device” executing the steps, however, after consulting the specification and reviewing the drawings (FIGS. 1-3) and paragraphs [0017, 0032 & 0041], examiner notices that the method start when a user approaches with his mobile device towards “an access terminal” and providing his/her authentication credentials to the access terminal by utilizing the wireless transmitter of the mobile device, makes contact or comes into close enough proximity with a wireless receiver of the access terminal. 
From above mentioned paragraphs, examiner notices that claimed “electronic access control system” is a backend system which is not in direct contact with user device (i.e. mobile device) and communicating with the access terminal whereas claims are written from the point of an electronic access control system performing these steps which is not the case.  
The dependent claims of the independent claims included in the statement of rejection but not specifically addressed in the body of the rejection, have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, dependent claims are also rejected based on the same rationale as applied to their parent claims above.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-7, 9-12 and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Donaldson (US20110314530A1) in view of Mahaffey et al., (US20140282877A1).
Regarding claim 1, Donaldson discloses:
	A method for automatically terminating access to a restricted access computer system after being previously successfully logged onto by an authorized user, comprising the steps of (See [0066-0065], i.e. terminate or suspend users access to a network/system):
	a. providing an electronic access control system (See FIG. 2; [0036-0037] i.e. network access control manager/network access control station/access control point) to accept valid signals transmitted using a first wireless short-range signal technology received by a wireless receiver (See FIG. 2; i.e. Wireless communication element 212) for initiating a login for a restricted access computer system (See FIG. 2 and 3; [0036] with reference to FIG. 1, this would be the Bluetooth headset) includes (or is capable of interacting with separate elements that function as) a wireless communication element 204, an identification element 206 and a biometric transduction element 208 … Note that an aspect of such a personal user device is that is it likely to be carried with the user as they go about their everyday activities, including being in the vicinity of, or leaving the vicinity of a network access control manager (e.g., an access point or device); [0037] Personal user device 202 communicates with access management element 210, which includes (or is capable of interacting with separate elements that function as) a wireless communication element 212, authentication element 214, and an access control element 216. Personal user device wireless communication element 204 is capable of exchanging data with wireless communication element 212 of (or associated with) access management element 210; and [0051] The wireless communication elements of the personal user device (as depicted by element 204 of FIG. 2) and of the access management element 306 (as depicted by element 212 of FIG. 2) initiate an operation to establish a communications connection or channel (as depicted by stage 310 of the figure), typically according to the normal mechanisms or protocols of the wireless communication elements. For example, in the case where the wireless communication elements use a Bluetooth protocol, a Bluetooth connection establishment process is initiated); and
	to accept valid signals (See FIGS. 3 & 4; i.e. authenticated or authorized presence in the vicinity) transmitted using the wireless receiver for determining whether or not to automatically initiate a logout of the restricted access computer system after a successful login of the restricted access computer system has occurred (See FIGS. 3 and 4; [0021] In some embodiments, the present invention uses a combination of device identification data (such as a device identifier, MAC address, or other form of token) and user-specific biometric data (such as a physical characteristic associated with the user, or data generated as a result of an input signal being altered by a physical characteristic of a user) to identify a user and permit the user to access the network; [0065] the process of authorizing a user's access to a network/system may be initiated by detecting the user's personal user device in the proximity of an access control station or access control point for the network/system; [0066] FIG. 4 is a flowchart or flow diagram illustrating a sequence of events by which a user's access to a network/system and to the associated network resources, network services or network connected devices can be terminated when the user leaves the proximity of a network access control station or access control point. In this way the present invention may be used to improve security by automatically terminating or denying access once an authorized user is no longer in the desired proximity to an access control point for an access controlled network/system);
	b. providing the wireless receiver in the vicinity of an access terminal for the restricted access computer system, the wireless receiver in electronic communication with the electronic access control system (See FIG.2; [0043] Wireless communication element 212 that is part of (or associated with) access management element 210 operates to communicate with the personal user device wireless communication element 204);
	c. upon an authorized user approaching the access terminal and possessing an electronic device (i.e. personal user device 202) having a wireless transmitter (i.e. wireless communication element 204) transmitting or transferring a first authentication signal using the first short-range wireless signal technology by the wireless transmitter prior to the authorized user successfully logging onto the restricted access computer system (See [0050] As user 302 approaches the access-managed system (depicted as stage 307 in the figure), in some embodiments, user device 304 may attempt to connect to the access-managed network/system by interaction with access management element 306 (which in some embodiments, corresponds to element 210 of FIG. 2); [0052] As part of, or subsequent to, the connection establishment process, personal user device 304 provides identification data (stage 314) to access management element 306. This may be in response to a request for the identification data 312 provided by access management element 306); 
d. receiving the transmitted or transferred first authentication signal by the wireless receiver (See [0050] For example, user device 304 may regularly perform a Bluetooth inquiry, and initiate a connection attempt when an appropriate new access-managed system is identified, or alternatively the user may press a button to initiate the inquiry; [0051] The wireless communication elements of the personal user device (as depicted by element 204 of FIG. 2) and of the access management element 306 (as depicted by element 212 of FIG. 2) initiate an operation to establish a communications connection or channel (as depicted by stage 310 of the figure), typically according to the normal mechanisms or protocols of the wireless communication elements. For example, in the case where the wireless communication elements use a Bluetooth protocol, a Bluetooth connection establishment process is initiated);
d1. obtaining the transmitted first authentication signal by the electronic access control system from the wireless receiver (See [0051] The wireless communication elements of the personal user device (as depicted by element 204 of FIG. 2) and of the access management element 306 (as depicted by element 212 of FIG. 2) initiate an operation to establish a communications connection or channel (as depicted by stage 310 of the figure), typically according to the normal mechanisms or protocols of the wireless communication elements. For example, in the case where the wireless communication elements use a Bluetooth protocol, a Bluetooth connection establishment process is initiated);
	e. determining by the electronic access control system that the transmitted or transferred first authentication signal is valid (See [0053] At this point access management element 306 has established a (preferably secure) connection to a personal user device that has been authenticated as being a device that is entitled to access the network/system (and that may previously have been authorized to access the network/system));
	f. allowing access to the restricted access computer system to the authorized user by the electronic access control system where the first authentication signal is determined valid in step e. through an access terminal (see FIG. 2; i.e. access management element 210) in electronic communication with the restricted access computer system, the electronic access control system in electronic communication with the restricted access computer system (See [0053] At this point access management element 306 has established a (preferably secure) connection to a personal user device that has been authenticated as being a device that is entitled to access the network/system (and that may previously have been authorized to access the network/system); [0067] With reference to FIG. 4, and for purposes of example, assume that a user 402 has been provided with access to a network/system and to the associated resources, services, devices, etc. using an embodiment of the described biometric authentication process (as depicted by element 408 entitled “Connection Exists and Access Provided” in the figure));
	g. allowing by the electronic access control system to monitor for receiving signals transmitted from the wireless transmitter using the second wireless technology after a valid (See [0067] With reference to FIG. 4, and for purposes of example, assume that a user 402 has been provided with access to a network/system and to the associated resources, services, devices, etc. using an embodiment of the described biometric authentication process (as depicted by element 408 entitled “Connection Exists and Access Provided” in the figure));  
	h. after a successful login of the restricted access computer system has occurred and continues uninterrupted detecting by the electronic access control system when the wireless receiver fails to receive a second authentication signal transmitted with the second wireless signal technology by the wireless transmitter or when the second authentication signal falls below a preprogrammed authentication signal strength level (See [0067] In one example use case, at some later time, the user moves away from the access controlled system (such as by leaving the vicinity of their desk or computing station, as depicted by stage 410 in the figure). At some point, the wireless communication element of the personal user device 404 will no longer be in range of (or capable of effective communication with) the wireless communication element of the access management element 406 (e.g., a strength of the wireless signal may have dropped below a predetermined threshold value). At this point, the wireless connection (i.e., the communication channel or communication capability) may automatically be terminated (as depicted by stage 412 in the figure)); 
	wherein the access terminal is a separate and independent component from the wireless transmitter (See [0036] FIG. 2 is a functional block diagram illustrating the primary components of an embodiment of the present invention. A personal user device 202 (in the example described with reference to FIG. 1, this would be the Bluetooth headset) includes (or is capable of interacting with separate elements that function as) a wireless communication element 204, an identification element 206 and a biometric transduction element 208; [0037] Personal user device 202 communicates with access management element 210, which includes (or is capable of interacting with separate elements that function as) a wireless communication element 212, authentication element 214, and an access control element 216. Personal user device wireless communication element 204 is capable of exchanging data with wireless communication element 212 of (or associated with) access management element 210).
Donaldson does not disclose:
	b. wherein the first wireless signal technology is a different wireless signal technology then the second wireless technology, wherein the second wireless signal technology has a larger proximity capability than a proximity capability of the first wireless short-range signal technology; i. determining by the electronic access control system a length of time that the wireless receiver fails to receive the second authentication signal or signal strength for the second authentication signal above the authentication signal strength threshold level from the wireless transmitter from step (g); and j. automatically terminating further access to the restricted access system through the access terminal by the electronic access control system where the length of time determined in step (h) exceeds a preprogrammed length of time.
However, Mahaffey discloses:
	b. wherein the first wireless signal technology (see [0197] i.e. a first proximity technology such as NFC) is a different wireless signal technology then the second wireless see [0197] i.e. a second proximity technology such as BLUETOOTH), wherein the second wireless signal technology has a larger proximity capability than a proximity capability of the first wireless short-range signal technology (See [0197] According to an embodiment, any combination of the proximity techniques described above can be used to determine the presence of the key device 210. For example, a combined NFC/BLUETOOTH technique can be used. In this case, a target device may require both a BLUETOOTH connection and an NFC connection to the key device to log a user into that device. NFC range has physical limitations while BLUETOOTH has higher throughput so it can engage in larger data exchanges; [0198] Alternatively or in addition, a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed, but can use BLUETOOTH to maintain the persistent proximity detection because it does not require that the key device be kept in very close proximity);
	i. determining by the electronic access control system a length of time that the wireless receiver fails to receive the second authentication signal or signal strength for the second authentication signal above the authentication signal strength threshold level from the wireless transmitter from step (g) (See [0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked, checking whether the key device is connected to the same network as the mobile communication device, if the key device remains connected to the same network, not locking the mobile communication device, and if the key device is no longer connected to the same network, locking the mobile communication device; [0249] The method may further include after the step of unlocking the mobile communication device, periodically checking, by the proximity detection module, whether the key device is connected to the same network as the mobile communication device, if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device, and if the periodic check indicates that the key device is connected to the same network, not locking the mobile communication device); and
	j. automatically terminating further access to the restricted access system by the electronic access control system through the access terminal where the length of time determined in step (h) exceeds a preprogrammed length of time (See [0247] The method may further include detecting, by the proximity detection module, that the key device is no longer connected to the same network as the mobile communication device, and in response to the key device no longer being connected to the same network, locking, by the behavior modification module, the mobile communication device; [0248] if the key device is no longer connected to the same network, locking the mobile communication device).
	It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the method and system of Donaldson and utilize two separate wireless mediums as proximity measurements to authenticate and terminate user sessions on a computer system, as disclosed by Mahaffey. 
	The motivation to have two separate wireless protocols is to control and regulate physical access to sensitive locations and sensitive systems using short range and long range wireless technologies. 
Regarding claim 2, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 further comprising the steps of physically inputting one more login credentials to the an access control system via the access terminal by the authorized user after the first authentication signal has been transmitted or transferred in step (c) and determining that the inputted login credentials are valid by the electronic access control system prior to step (f) (Donaldson: [0045] (1) Initiate an authentication operation in association with the personal user device biometric transduction element 208, for example by providing input data (e.g., an input signal or activation code) to be used as part of the biometric transduction (and hence user identification) process; [0055] In some embodiments of the present invention, in order to securely determine that a user of a device is a person authorized to access a network, system, services, devices, data, etc., access management element 306 initiates a biometric authentication process 318 … This may include, but is not limited to, sending an appropriate command, activation code, or data to the personal user device to initiate the authentication process, and in some cases, to provide the device with input data or a signal (320) needed to implement the authentication process).
Regarding claim 3, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 wherein said wireless transmission in step (g) is performed using Bluetooth or Wifi technology (Donaldson: [0038] The wireless communication element(s) might, for example, be an implementation of the Bluetooth wireless networking technology, the 802.11 “WiFi” standard, or another wireless technology).
Regarding claim 4, the combination of Donaldson and Mahaffey discloses:
Mahaffey: [0198] a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed).
Regarding claim 5, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 wherein said wireless transmission in step (c) is performed using NFC technology and the wireless transmission in step (g) is performed using Bluetooth technology (Mahaffey: [0198] a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed, but can use BLUETOOTH to maintain the persistent proximity detection because it does not require that the key device be kept in very close proximity).
Regarding claim 6, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 wherein said wireless transmission in step (c) is performed using NFC technology and the wireless transmission in step (g) is performed using WiFi technology (Mahaffey: [0198] a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed, but can use BLUETOOTH to maintain the persistent proximity detection because it does not require that the key device be kept in very close proximity).
Regarding claim 7, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 further comprising the steps of determining whether any key strokes have been performed at the access terminal where the authentication signal is not received by the access control system or is below a predetermined signal strength level in step (g) and a preprogrammed length of time has not been reached (Donaldson: [0067] assume that a user 402 has been provided with access to a network/system and to the associated resources, services, devices, etc. using an embodiment of the described biometric authentication process (as depicted by element 408 entitled “Connection Exists and Access Provided” in the figure). In one example use case, at some later time, the user moves away from the access controlled system (such as by leaving the vicinity of their desk or computing station, as depicted by stage 410 in the figure). At some point, the wireless communication element of the personal user device 404 will no longer be in range of (or capable of effective communication with) the wireless communication element of the access management element 406 (e.g., a strength of the wireless signal may have dropped below a predetermined threshold value)).
Regarding claim 9, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 7 further comprising the step of capturing an image or video of the person entering the key strokes at the access terminal (Donaldson: [0042] Biometric transduction element 208 associated with (e.g., part of, or capable of operation with) personal user device 202 operates to produce output data (e.g., a data string, audio signal, other form of signal, etc.) in response to detection or measurement of some bodily characteristic, movement, feature or action of the user of the personal user device, and/or in response to an input such as a data string, data sample, acoustic signal, request for user response, command, activation code, etc.).
Regarding claim 10, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 2 wherein the one or more login credentials are selected from a group comprising: username, password, fingerprint scan, retinal scan, iris scan, palm vein scan, DNA sample or other biometric data (Donaldson: [0042] Biometric transduction element 208 associated with (e.g., part of, or capable of operation with) personal user device 202 operates to produce output data (e.g., a data string, audio signal, other form of signal, etc.) in response to detection or measurement of some bodily characteristic, movement, feature or action of the user of the personal user device, and/or in response to an input such as a data string, data sample, acoustic signal, request for user response, command, activation code, etc.).
Regarding claim 11, the combination of Donaldson and Mahaffey discloses:
The method for automatically terminating access of claim 1 wherein the restricted access computer system is a rewards tracking system.
With respect to claims 11 and 20, examiner would like to note that claiming this type of subject matter falls under the category of “nonfunctional descriptive material” as it only describes the type of the system, while it is not used to perform any of the recited method steps. Therefore, it has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. (In re Gulack, 217 USPQ 401 (Fed. Cir. 
Regarding claim 12, Donaldson discloses:
A method for automatically permitting access to a restricted access computer system to an authorized user through an access terminal associated with the restricted access computer system and subsequently automatically terminating access to the restricted access computer system, comprising the steps of (See [0049] FIG. 3 is a flowchart or flow diagram illustrating a sequence of events by which a user can obtain access to a network, network services, or network connected devices):
a. configuring an electronic access control system to accept a first wireless authentication or identification signal sent using NFC technology from a wireless transmitter associated with an authorized user for initiating a login for a restricted access computer system (See [0051] The wireless communication elements of the personal user device (as depicted by element 204 of FIG. 2) and of the access management element 306 (as depicted by element 212 of FIG. 2) initiate an operation to establish a communications connection or channel (as depicted by stage 310 of the figure), typically according to the normal mechanisms or protocols of the wireless communication elements. For example, in the case where the wireless communication elements use a Bluetooth protocol, a Bluetooth connection establishment process is initiated); and
configuring the electronic access control system for determining whether or not to automatically initiate a logout of the restricted access computer system after a successful login of the restricted access computer system has occurred (See [0065] the process of authorizing a user's access to a network/system may be initiated by detecting the user's personal user device in the proximity of an access control station or access control point for the network/system … This use of the invention may provide increased security in situations in which a user is likely to leave a work station or other means of accessing the network/system, and it is desired to prevent another user from accessing the network/system without first undergoing the appropriate authentication process; [0066] FIG. 4 is a flowchart or flow diagram illustrating a sequence of events by which a user's access to a network/system and to the associated network resources, network services or network connected devices can be terminated when the user leaves the proximity of a network access control station or access control point. In this way the present invention may be used to improve security by automatically terminating or denying access once an authorized user is no longer in the desired proximity to an access control point for an access controlled network/system),
b. providing a wireless receiver in the vicinity of an access terminal for the restricted access computer system, the wireless receiver in electronic communication with the electronic access control system (See FIG.2; [0043] Access management element 210 operates to authorize the user and user device to access networks, systems, services, resources, data, devices, etc. Wireless communication element 212 that is part of (or associated with) access management element 210 operates to communicate with the personal user device wireless communication element 204);
c. upon an authorized user approaching the access terminal and possessing an electronic device (i.e. personal user device 202) having a wireless transmitter (i.e. wireless communication element 204) transmitting or transferring a first authentication signal using the See [0050] As user 302 approaches the access-managed system (depicted as stage 307 in the figure), in some embodiments, user device 304 may attempt to connect to the access-managed network/system by interaction with access management element 306 (which in some embodiments, corresponds to element 210 of FIG. 2); [0052] As part of, or subsequent to, the connection establishment process, personal user device 304 provides identification data (stage 314) to access management element 306. This may be in response to a request for the identification data 312 provided by access management element 306);
d. confirming that the first authentication or identification signal is valid by the electronic access control system based on information previously stored in an electronic database or electronic file which is in communication with the electronic access control system (See [0053] At this point access management element 306 has established a (preferably secure) connection to a personal user device that has been authenticated as being a device that is entitled to access the network/system (and that may previously have been authorized to access the network/system));
e. permitting access to a restricted access computer system for the authorized user through an access terminal in electronic communication with the restricted access computer system based on a valid determination made by the electronic access control system in step (d) (See [0053] At this point access management element 306 has established a (preferably secure) connection to a personal user device that has been authenticated as being a device that is entitled to access the network/system (and that may previously have been authorized to access the network/system));
f. allowing by the electronic access control system to monitor for receiving signals transmitted from wireless transmitter using the second wireless technology after a valid signal transmitted from the first authentication signal was determined received by the electronic access control system and access to the restricted access computer system in step e. by the electronic access control system has occurred (See [0067] With reference to FIG. 4, and for purposes of example, assume that a user 402 has been provided with access to a network/system and to the associated resources, services, devices, etc. using an embodiment of the described biometric authentication process (as depicted by element 408 entitled “Connection Exists and Access Provided” in the figure));
g. after a successful login of the restricted access computer system has occurred and continues uninterrupted detecting by the electronic access control system when the wireless receiver fails to receive a WiFi or Bluetooth based technology authentication or identification signal from the wireless transmitter or when the WiFi or Bluetooth based technology authentication or identification signal received falls below a preprogrammed authentication signal strength level (See [0067] In one example use case, at some later time, the user moves away from the access controlled system (such as by leaving the vicinity of their desk or computing station, as depicted by stage 410 in the figure). At some point, the wireless communication element of the personal user device 404 will no longer be in range of (or capable of effective communication with) the wireless communication element of the access management element 406 (e.g., a strength of the wireless signal may have dropped below a predetermined threshold value). At this point, the wireless connection (i.e., the communication channel or communication capability) may automatically be terminated (as depicted by stage 412 in the figure));
wherein the access terminal is a separate and independent component from the wireless transmitter (See [0036] FIG. 2 is a functional block diagram illustrating the primary components of an embodiment of the present invention. A personal user device 202 (in the example described with reference to FIG. 1, this would be the Bluetooth headset) includes (or is capable of interacting with separate elements that function as) a wireless communication element 204).
Donaldson does not disclose:
	wherein the first wireless signal technology is a different wireless signal technology then the second wireless technology, wherein the second wireless signal technology has a larger proximity capability than a proximity capability of the first wireless short-range signal technology; using the NFC technology and transmitting a signal using the Bluetooth or WiFi wireless signal technology; h. determining by the electronic access control system a length of time that the wireless receiver fails to receive a WiFi or Bluetooth based technology authentication or identification signal or a WiFi or Bluetooth based technology authentication or identification signal strength above the authentication signal strength threshold level from the wireless transmitter from step (f); and i. automatically terminating further access to the 
However, Mahaffey discloses:
wherein the first wireless signal technology is a different wireless signal technology then the second wireless technology, wherein the second wireless signal technology has a larger proximity capability than a proximity capability of the first wireless short-range signal technology (See [0197] According to an embodiment, any combination of the proximity techniques described above can be used to determine the presence of the key device 210. For example, a combined NFC/BLUETOOTH technique can be used. In this case, a target device may require both a BLUETOOTH connection and an NFC connection to the key device to log a user into that device. NFC range has physical limitations while BLUETOOTH has higher throughput so it can engage in larger data exchanges; [0198] Alternatively or in addition, a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed, but can use BLUETOOTH to maintain the persistent proximity detection because it does not require that the key device be kept in very close proximity);
using the NFC technology and transmitting a signal using the Bluetooth or WiFi wireless signal technology (See [0076] In block 302, the target device 200 detects the presence of another device, which can be any of the client devices 140 a-140 e illustrated in FIG. 1 or a dedicated device. As indicated above, the presence of the other device can be detected via BLUETOOTH or NFC, or other means; [0197] According to an embodiment, any combination of the proximity techniques described above can be used to determine the presence of the key device 210. For example, a combined NFC/BLUETOOTH technique can be used. In this case, a target device may require both a BLUETOOTH connection and an NFC connection to the key device to log a user into that device. NFC range has physical limitations while BLUETOOTH has higher throughput so it can engage in larger data exchanges; [0198] Alternatively or in addition, a first proximity technology can be used to detect the presence of the key device and a second proximity technology can be used to detect the absence of the key device. For example, a target device can use NFC to determine proximity to the key device to log a user in because of the short range physical proximity needed, but can use BLUETOOTH to maintain the persistent proximity detection because it does not require that the key device be kept in very close proximity); 
h. determining by the electronic access control system a length of time that the wireless receiver fails to receive a WiFi or Bluetooth based technology authentication or identification signal or a WiFi or Bluetooth based technology authentication or identification signal strength above the authentication signal strength threshold level from the wireless transmitter from step (f) (See [0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked, checking whether the key device is connected to the same network as the mobile communication device, if the key device remains connected to the same network, not locking the mobile communication device, and if the key device is no longer connected to the same network, locking the mobile communication device; [0249] The method may further include after the step of unlocking the mobile communication device, periodically checking, by the proximity detection module, whether the key device is connected to the same network as the mobile communication device, if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device, and if the periodic check indicates that the key device is connected to the same network, not locking the mobile communication device); and
i. automatically terminating further access to the restricted access system by the electronic access control system through the access terminal where the length of time determined in step (g) exceeds a preprogrammed length of time (See [0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked … if the key device is no longer connected to the same network, locking the mobile communication device; [0249] if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the method and system of Donaldson and utilize two separate wireless protocols to authenticate and terminate user session on a computer system, as disclosed by Mahaffey. 
The motivation to have two separate wireless protocols is to control and regulate physical access to sensitive locations and systems using short range and long range wireless technologies.
Regarding claim 17, the combination of Donaldson and Mahaffey discloses:
(Donaldson: [0011] the present invention is directed to a method of providing a user with access to an access-controlled element, comprising providing identification data for a device in the possession of the user to an access manager for the access-controlled element, in response to providing the identification data, the device receiving input data for a biometric authentication process to authenticate the user based on a biometric characteristic of the user, generating output data in response to the input data, the output data generated by a biometric transducer included in the device, and providing the output data to the access manager).
Regarding claim 18, the combination of Donaldson and Mahaffey discloses:
The method for automatically permitting access of claim 12 wherein the step of automatically terminating access comprises (i) electronically sending a signal/command by the active control access system to the restricted access control system to initiate a logout or (ii) electronically executing a script on the restricted access computer system to perform a logout action (Donaldson: [0066] FIG. 4 is a flowchart or flow diagram illustrating a sequence of events by which a user's access to a network/system and to the associated network resources, network services or network connected devices can be terminated when the user leaves the proximity of a network access control station or access control point. In this way the present invention may be used to improve security by automatically terminating or denying access once an authorized user is no longer in the desired proximity to an access control point for an access controlled network/system. Such a situation may arise, for example, when a user leaves the vicinity of a work station or exits an office, room, region, or building).
Regarding claim 19, the combination of Donaldson and Mahaffey discloses:
The method for automatically permitting access of claim 12 wherein the restricted access system is a first of at least two restricted access systems that are networked together and wherein the step of automatically terminating access comprises electronically initiating a login event on a second restricted access system to terminate the session on the first restricted access system by way of network security protocols that only allow a single sign-in at a time on the networked computers at least two restricted access systems (Donaldson: [0066] As an example of such a use of the present invention, FIG. 4 is a flowchart or flow diagram illustrating a sequence of events by which a user's access to a network/system and to the associated network resources, network services or network connected devices can be terminated when the user leaves the proximity of a network access control station or access control point. In this way the present invention may be used to improve security by automatically terminating or denying access once an authorized user is no longer in the desired proximity to an access control point for an access controlled network/system. Such a situation may arise, for example, when a user leaves the vicinity of a work station or exits an office, room, region, or building).
Regarding claim 21, the combination of Donaldson and Mahaffey discloses:
Mahaffey: [0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked, checking whether the key device is connected to the same network as the mobile communication device, if the key device remains connected to the same network, not locking the mobile communication device, and if the key device is no longer connected to the same network, locking the mobile communication device; [0249] The method may further include after the step of unlocking the mobile communication device, periodically checking, by the proximity detection module, whether the key device is connected to the same network as the mobile communication device, if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device, and if the periodic check indicates that the key device is connected to the same network, not locking the mobile communication device).
Regarding claim 22, the combination of Donaldson and Mahaffey discloses:
The method for automatically permitting access of claim 12 wherein a signal strength of the second authorization signal received by the wireless receiver corresponds to a distance between the wireless transmitter and the access terminal at a time of transmission of the second authorization signal ([0248] The method may further include upon expiration of a time period of inactivity after which the mobile communication device will be locked, checking whether the key device is connected to the same network as the mobile communication device, if the key device remains connected to the same network, not locking the mobile communication device, and if the key device is no longer connected to the same network, locking the mobile communication device; [0249] The method may further include after the step of unlocking the mobile communication device, periodically checking, by the proximity detection module, whether the key device is connected to the same network as the mobile communication device, if a periodic check indicates that the key device is not connected to the same network as the mobile communication device, locking the target device, and if the periodic check indicates that the key device is connected to the same network, not locking the mobile communication device).



Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018.  The examiner can normally be reached on 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffery L. Nickerson can be reached on 469-295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SYED A ZAIDI/Primary Examiner, Art Unit 2432