DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/13/21 has been entered.

Claims 1-6, 8-20 are pending.  Claim 7 has been cancelled.  Claims 1-6, 8-9, 18-20 have been amended. 

Response to Amendment

Applicant’s amendments to claims 1-6, 8-9, 18-20 have been considered and are accepted.  The Examiner finds that applicant's amendments do have support in applicant's as-filed disclosure.

Response to Arguments

Applicant’s arguments filed 10/13/2021 have been fully considered but they are not persuasive.
In light of applicant’s arguments the rejection under 35 USC § 101  is withdrawn.
Applicant’s arguments regarding the rejections of the claims under the prior art have been fully considered.  However, those arguments are rendered moot in light of the new grounds of rejection outlined below, which were necessitated by the applicant's amendment.
	Applicant asserts that the applied prior art of Robertson fails to teach two distinct comparing steps/actions.  The Examiner respectfully disagrees as outlined below.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 8-11, 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Robertson et al. (US Pub. 20180096547 A1) and further in view of Corroy et al. (US Pub. 20110227856 A1). 

Regarding claim 1 (currently amended), Roberston discloses a computer-implemented method for user bioelectrical authentication (abstract), the computer-implemented method comprising: 
receiving, via a token reader, a bioelectrical configuration signature of a user in physical contact with a hardware token during user authentication process (para. 41- a subject 100 using a mobile device 102 comprising electrodes 104a, 104b for detecting personal electrical signals conducted through the body of the subject 100. In the illustrated example, the mobile device 102 is the target authentication device. The mobile device 102 comprises electrodes 104a, 104b integrated into the housing for detecting electrical signals coupled from the subject 100 to the electrodes 104a, 104b. The term personal electrical signal is used to indicate that a signal is intimately associated with the subject 100 such that it can be used to confirm the identity of the subject 100 for purposes of authentication. Personal electrical signals include, without limitation, physiological signals associated with the subject, transbody conductive signals generated by an ingestible event marker system 106, transbody conductive signals generated by a body-associated device 112, e.g., an adhesive patch that is applied on the body of the subject 100; note- unique electrical signal = bioelectrical configuration signature of a user) to permit a secure transaction by the user (para. 102- a check-out terminal, which authenticates against the bank account of the subject 100 and allows the subject 100 to pay for transactions); and 
utilizing the bioelectrical configuration signature of the user as part of the low range radio frequency user authentication process to authenticate the user to perform the secure transaction; (para. 48- The electrodes 104a, 104b are configured to be in physical contact with the subject 100 (FIG. 1) to electrically couple the unique electrical signals to and from the authentication subsystem 306. When the subject 100 physically contacts at least one of the electrodes 104a, 104b the authentication subsystem 306 can receive or transmit a unique electrical current signal for authenticating the identity of the subject 100 and, once authenticated, providing access to the mobile device 102. Also, when the authentication subsystem 306 detects physiological signals associated with the subject 100, the authentication subsystem 306 builds a database, which over time provides an average of the physiological signals associated with the subject 100. Authentication occurs only when the detected physiological signals match the running average physiological signals stored in the database.). 
receiving a token reader output containing a digital signal of the hardware token and the bioelectrical configuration signature of the user (Fig. 8, para. 101-The electrically conductive signal 614 is conducted through the body 617 of the subject 100 to the authentication receiver module 601 of the target authentication device 602. Electrodes 618a, 618b detect the electrically conductive signal 614 from the body 617 and are coupled to a decoder 619 though an I/O interface circuit 620; para. 48-);
reading an identifier of the hardware token from the digital signal (para. 100- the body-associated device 112 comprises a transmission device 603 that is configured, or programmed, with a secret code 606 that is stored in memory 608, such as a password or a private key for more sophisticated authentication mechanisms); 
comparing the identifier with a stored identifier corresponding to the hardware token (para. 101- The decoder 619 decodes the electrically conductive signal 614. The decoded code 622 is then compared by compare module 624 to established criteria 626; first compare step); and 
determining whether the identifier is authenticated based on comparing the identifier with the stored identifier; (para. 101- When the code 622 matches the established criteria 626)
retrieving a stored bioelectrical configuration signature corresponding to the user of the hardware token from a database of bioelectrical configuration signatures as part of the low range radio frequency user authentication process (para. 48- when the authentication subsystem 306 detects physiological signals associated with the subject 100, the authentication subsystem 306 builds a database, which over time provides an average of the physiological signals associated with the subject 100); 
comparing the received bioelectrical configuration signature with the stored bioelectrical configuration signature retrieved from the database (para. 101- compare module 624 provides the results to the processor 628, which determines whether the electrical signal matches the predetermined criteria to authenticate the identity of the user based on the an electrical signal.; determining whether the electrical signals match is a second compare step.); and 
determining whether a match exists between the received bioelectrical configuration signature and the stored bioelectrical configuration signature. (para. 101- compare module 624 provides the results to the processor 628, which determines whether the electrical signal matches the predetermined criteria to authenticate the identity of the user based on the an electrical signal.; determining whether the electrical signals match is a second compare step.; para. 48- Authentication occurs only when the detected physiological signals match the running average physiological signals stored in the database.)
Robertson does not specifically teach using a low range radio frequency.  However, this concept of using a low range radio frequency in through body transmissions is well known and used in the art as evidenced by Corroy (see para. 2) and therefore, one skilled in the art would have found it obvious to utilize it in Robertson as a simple alternative to achieve the desirable effect of having a low-cost, low-power implementation of a body area network.  

Regarding claim 2 (currently amended), the combination of Robertson and Corroy discloses in the computer-implemented method of claim 1 wherein the hardware token is a physical object held in a hand of the user that emits a low range radio frequency from one (1) to (30) centimeters: (para. 41- any object in physical contact with the subject for example watch, bracelet, necklace, ring, etc. and/or transbody conductive signals generated by an implanted body-associated device 113 that is located within the body of the subject 100; para. 102- a car that knows the subject 100 is the one holding the steering wheel and starts only for the subject 100; Fig. 1; Corroy- para. 15- as long as the tag stays on or close to the user's body, the authentication is valid and the user can be identified correctly in the system)

Regarding claim 3 (currently amended), Robertson discloses in the computer-implemented method of claim 1 further comprising: responsive to determining that a match does exist between the received bioelectrical configuration signature and the stored bioelectrical configuration signature, authenticating the user to perform the secure transaction. (para. 48- The electrodes 104a, 104b are configured to be in physical contact with the subject 100 (FIG. 1) to electrically couple the unique electrical signals to and from the authentication subsystem 306. When the subject 100 physically contacts at least one of the electrodes 104a, 104b the authentication subsystem 306 can receive or transmit a unique electrical current signal for authenticating the identity of the subject 100 and, once authenticated, providing access to the mobile device 102. Also, when the authentication subsystem 306 detects physiological signals associated with the subject 100, the authentication subsystem 306 builds a database, which over time provides an average of the physiological signals associated with the subject 100. Authentication occurs only when the detected physiological signals match the running average physiological signals stored in the database.)

Regarding claim 4 (currently amended), Corroy discloses in the computer-implemented method of claim 1 further comprising: responsive to determining that a match does not exist between the received bioelectrical configuration signature and the stored bioelectrical configuration signature, performing a set of mitigation action steps. (para. 62)

Regarding claim 5 (currently amended), Corroy discloses in the computer-implemented method of claim 1, wherein the database of bioelectrical configuration signatures contains user-related data corresponding to a plurality of different users and each user is associated with a particular hardware token, unique bioelectrical configuration signatures corresponding to each respective user, and a hardware token identifier corresponding to each unique bioelectrical configuration signature of each respective user. (para. 22, 56, - authentication information or user identifications of a plurality of users can be stored at the identification apparatus to enable secure use of the identification apparatus by a plurality of users)

Regarding claim 6 (currently amended), Robertson discloses in the computer-implemented method of claim 1 further comprising: responsive to receiving the token reader output from the token reader, separating the digital signal of the hardware token from the bioelectrical configuration signature of the user. (para. 101- Electrodes 618a, 618b detect the electrically conductive signal 614 from the body 617 and are coupled to a decoder 619 though an I/O interface circuit 620. The decoder 619 decodes the electrically conductive signal 614. The decoded code 622 is then compared by compare module 624 to established criteria 626. When the code 622 matches the established criteria 626, compare module 624 provides the results to the processor 628, which determines whether the electrical signal matches the predetermined criteria to authenticate the identity of the user based on the an electrical signal)

Regarding claim 8 (currently amended), Robertson discloses in the computer-implemented method of claim 1 further comprising: responsive to determining that the identifier is not authenticated based on comparing the identifier with the stored identifier, preventing the user from performing the secure transaction. (para. 101- The electrically conductive signal 614 is conducted through the body 617 of the subject 100 to the authentication receiver module 601 of the target authentication device 602. Electrodes 618a, 618b detect the electrically conductive signal 614 from the body 617 and are coupled to a decoder 619 though an I/O interface circuit 620. The decoder 619 decodes the electrically conductive signal 614. The decoded code 622 is then compared by compare module 624 to established criteria 626. When the code 622 matches the established criteria 626, compare module 624 provides the results to the processor 628, which determines whether the electrical signal matches the predetermined criteria to authenticate the identity of the user based on the an electrical signal, If a match occurs, the processor 629 unlocks the target authentication device 602 and enables access by the subject 100.)

Regarding claim 9 (currently amended), Robertson discloses in the computer-implemented method of claim 1 further comprising: responsive to determining that the identifier is authenticated based on comparing the identifier with the stored identifier, merging the identifier of the hardware token with an extracted set of feature values from the bioelectrical configuration signature corresponding to the user. (para. 100-101, 105- A profile of physiologic activity, based on parameters like heart rate, activity patterns, GSR, body temperature, circadian rhythms, and so forth may be generated on the body-associated device 112. This signature could be hashed with the authentication code 606 and transmitted to the target authentication device 602)

Regarding claim 10, Robertson discloses in the computer-implemented method of claim 1 further comprising: reading the bioelectrical configuration signature of the user; extracting a set of feature values from the bioelectrical configuration signature of the user; and comparing the set of feature values with a stored set of feature values corresponding to the user. (para. 41, 48- Personal electrical signals include, without limitation, physiological signals associated with the subject, transbody conductive signals generated by an ingestible event marker system 106, transbody conductive signals generated by a body-associated device 112, e.g., an adhesive patch that is applied on the body of the subject 100, any object in physical contact with the subject for example watch, bracelet, necklace, ring, etc. and/or transbody conductive signals generated by an implanted body-associated device 113 that is located within the body of the subject 100. Physiological signals include, without limitation, skin impedance, electro cardiogram signals, conductively transmitted current signal, position of wearer, temperature, heart rate, perspiration rate, humidity, altitude/pressure, global positioning system (GPS), proximity, bacteria levels, glucose level, chemical markers, blood oxygen levels, among other physiological and physical parameters. Transbody conductive signals include, without limitation, electrical currents that are transmitted through the body of a subject, where the body acts as the conduction medium)

Regarding claim 11, Robertson discloses in the computer-implemented method of claim 10 further comprising: determining whether a features values match is less than a first defined threshold percentage based on comparing the set of feature values with the stored set of feature values corresponding to the user; and responsive to determining that the features values match is less than the first defined threshold percentage based on the comparing of the set of feature values with the stored set of feature values, preventing the user from performing the secure transaction. (para. 11- A processor determines whether the electrical signal matches a predetermined criterion to authenticate the identity of the user based on the electrical signal.; para. 105- The target authentication device 602 would then compare the biometric signature to a baseline database to confirm the subject 100. In one aspect, the biometric signature is derived from the at least one physiological signal and the biometric signature is compared to a user-associated signature. The user associated-signature may be derived from biometric data stored in a memory over time to generate a baseline biometric signature, wherein the authentication module device compares the biometric signature to the baseline biometric signature to authenticate the identity of the user.)

Regarding claim 14, Robertson discloses in the computer-implemented method of claim 1, wherein the user presents a first portion of a body of the user to the token reader while a second portion of the body of the user is in physical contact with the hardware token, the hardware token in physical contact with the second portion of the body is beyond a range of the token reader to read digital data contained within the hardware token directly during the low range radio frequency user authentication process. (Fig. 1 and associated paras.)

Regarding claim 15, Robertson discloses in the computer-implemented method of claim 14, wherein the body of the user transmits and uniquely transforms a signal of the digital data from the hardware token as it travels through the body to form the bioelectrical configuration signature of the user. (para. 40, 42-The body associated device and the event indicator system are configured to generate a unique electrical current signal that is detectable by a detection subsystem. In addition, the detection subsystem may be configured to detect various physiological parameters associated with a living subject)

Regarding claim 16, Corroy discloses in the computer-implemented method of claim 1, wherein the low range radio frequency user authentication process is selected from a group consisting of near field communication and radio frequency identification. (para. 2, 5)

Regarding claim 17, Robertson discloses in the computer-implemented method of claim 1, wherein the hardware token is selected from a group consisting of a smart phone, a smart card, and a security fob. (para. 41- e.g., an adhesive patch that is applied on the body of the subject 100, any object in physical contact with the subject for example watch, bracelet, necklace, ring, etc)

Claims 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Robertson and Corroy and further in view of Wolf et al. (US Pub. 20200169566 A1). 

Regarding claims 12, Robertson does not specifically teach the computer-implemented method of claim 11 further comprising: determining whether the features values match is between the first defined threshold percentage and a second defined threshold percentage based on comparing the set of feature values with the stored set of feature values corresponding to the user; and responsive to determining that the features values match is between the first defined threshold percentage and the second defined threshold percentage based on the comparing of the set of feature values with the stored set of feature values, permitting the user to perform the secure transaction with restriction and triggering a security alert. However, this concept of having different levels of matching for measured features and stored features to require more or less security/restrictions is well known and used in the art as evidenced by Wolf (see para. 30, 39, 53, 56 as outlined above in ) and therefore, one skilled in the art would have found it obvious to utilize it in Robertson as a simple alternative to achieve this desirable effect.  

Regarding claim 13, Wolf discloses in the computer-implemented method of claim 12 further comprising: determining whether the features values match is greater than the second defined threshold percentage based on the comparing of the set of feature values with the stored set of feature values corresponding to the user (para. 7- detect that the confidence value associated with the identity of the user has met or exceeded a second threshold; authorize a second set of actions based on the confidence value meeting or exceeding the second threshold); and responsive to determining that the features values match is greater than the second defined threshold percentage based on the comparing of the set of feature values with the stored set of feature values, permitting the user to perform the secure transaction without restriction. (para. 30- the system may prompt the user to provide additional authentication, such as by fingerprint, voice, PIN, password, and the like. Upon receiving said additional authentication, the confidence value may increase to meet or exceed a second threshold, after which the number of available actions (e.g. accessing sensitive data or transferring a large amount of resources) to the user increases; para. 39- The virtual ambassador 210 may then prompt the user with a visual and/or auditory cue to provide additional authentication credentials, such as a voice command, a biometric retinal or fingerprint scan, a PIN, a password, a token on a smart device, and the like. By providing one or more of said types of authentication credentials, the confidence value may be increased to or above a second threshold, at which point the system authorizes the user 170 to make the account withdrawal)

Regarding claim 18, it is rejected as applied to claim 1 because a corresponding system would have been necessitated to carry forth the method steps of claim 1.  The applied prior art also discloses the corresponding architecture.  

Regarding claims 19-20, they merely recite a computer program that when executed, performs the functional steps of method claims 1-2, and thus, rejected for the same rationale.

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM A CORUM JR whose telephone number is (303)297-4234. The examiner can normally be reached Mon. - Fri. 8 AM - 5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/WILLIAM A CORUM JR/Examiner, Art Unit 2433                                                                                                                                                                                                        

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433