DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Objections
Claims 11-12 are objected to because of the following informalities:
In Claim 11, Line 1, “The method of Claim 11, wherein the security key…” should read “The method of Claim 10, wherein the security key…”
In Claim 12, Line 1, “The method of Claim 12, wherein providing the security key…” should read “The method of claim 11, wherein providing the security key…”

Appropriate correction is required.



Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.




Claims 10-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.



	Claims 11-14 are rejected under 35 U.S.C. 101 as being dependent upon the rejected base claim.

	Claim 15 recites “An apparatus, comprising: a scanner to…a security engine to…a document engine to…”. The “scanner; security engine; and document engine” appears to be software per se. The claimed apparatus (software) does not define any structural and/or functional interrelationships between hardware components, which permit the system’s functionality to be realized. Software by itself is not capable of causing functional change in the computer (transform underlying claimed subject matter to a different state or thing), nor manufacture, nor composition of matter (i.e. tangible) and is therefore deemed non-statutory.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-11 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Krawczyk et al. (U.S. PGPub. 2015/0089615), hereinafter Krawczyk, in view of Macciola et al. (U.S. PGPub. 2015/0324640), hereinafter Macciola.

	Regarding claim 1, Krawczyk teaches A non-transitory machine-readable storage medium having stored thereon machine-readable instructions executable to cause a processor to (Krawczyk, Paragraph [0024], see “Authentication end points 102 may include any combination of software and hardware enabling a user to present a physical document for authentication, including a network interfaces, memories, processing units, computer readable medium drives…”):
	receive an authentication credential from a user (Krawczyk, Paragraph [0012], see “a document authentication service is disclosed that enables users or authorized parties to submit information regarding a physical document (e.g., a photograph or scan of the document) to the document authentication service for enrollment. The document authentication service may process the received information to generate a security token representative of the physical document”, where “received information” is being read as comprising an authentication credential from a user”);
	generate a security key associated with a physical document selected for an image capture operation (Krawczyk, Paragraph [0015], see “A security token may  be generated based on any set or combination of information within the physical document, including both information presented by the document (e.g., text, photographs, or digital encodings represented by the document) and characteristics of the document not intended to convey information (e.g., size, shape, color, condition, or anomalies within all or a portion of the document)”);
	
	provide the captured image file of the physical document upon determining that the request comprises the security key (Krawczyk, Paragraph [0031], see “the authentication server 114 can generate a security token of the document, as described above. The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120..the authentication end point 102 may be notified that the physical document presented for authentication is the same document that was previously enrolled into the document authentication system 110…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”, where “The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120” is being read as the request comprising the security key and where “the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document” is being read as providing the captured image file of the physical document”).
	Krawczyk does not disclose the following limitation(s) as taught by Macciola: receive a request for a captured image file of the physical document.
	(Macciola, FIG. 8, see “802” and “804”) (Macciola, Paragraph [0187], see “Method 800 therefore also includes operation 804, in which an image of a document is captured using the mobile device, and in response to receiving the request”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising receiving a request for a captured image file of the physical document. This allows for better security management by associating each captured image file of the physical document with a security key, and upon receiving a request for a captured image file of the physical document, providing the captured image file if the user/requester is authenticated (Macciola, FIG. 8 and Paragraph [0187]). 

	Regarding claim 2, Krawczyk as modified by Macciola teaches The medium of claim 1, wherein the security key is generated according to the authentication credential from the user (Krawczyk, Paragraph [0017], see “Because each security token is unique, possession of the document reflects that the user is the same entity that previously enrolled with the document authentication service…the user may be granted security rights associated with the previously enrolled document…the document authentication service may compare a generated security token to a single previously generated security token, such as a previous security token generated for the user requesting authentication”, wherein the security key is generated according to the credential from the user) (Krawczyk, Paragraph [0018], see “Generation of a security token by the document authentication service is not wholly…dependent on information presented by the document (e.g., name, date of birth, identification number, address, gender, country of issuance, etc.)”, which implies that the security key can be generated according to the authentication credential from the user).

	Regarding claim 3, Krawczyk as modified by Macciola teaches The medium of claim 1, wherein the security key is generated according to a characteristic of the physical document (Krawczyk, Paragraph [0018], see “a security token may be generated based at least in part on characteristics inherent to a physical document that are practically or actually unable to be forged, such as manufacturing defects or wear patterns”).

The medium of claim 1, wherein the security key is generated according to a characteristic of the image capture operation (Krawczyk, Paragraph [0054], see “a user may present an image in conjunction with additional information, such as a data capture of magnetic or radio-frequency information encoded within a document”, where “data capture of magnetic or radio-frequency information encoded within a document” is being read as comprising a characteristic of the image capture operation, which can be used to generate the security key).

	Regarding claim 5, Krawczyk as modified by Macciola teaches The medium of claim 1, wherein the authentication credential is received from a mobile device of the user (Krawczyk, Claim 8, see “The system of claim 1 further comprising an authentication endpoint from which the authentication request is received, wherein the authentication endpoint comprises at least one of a mobile phone, a tablet computing device, a personal computing device…”).

	Regarding claim 6, Krawczyk as modified by Macciola teaches The medium of Claim 1, wherein the security key may be generated for use by a specific client device associated with the user (Krawczyk, Paragraph [0014], see “Authentication end points may include any location at which a user desires or is required to be authenticated, including but not limited to a user computing device, a point of sale, a baking terminal…”).

	Regarding claim 7, Krawczyk as modified by Macciola teaches The medium of claim 5, wherein the authentication credential received from the mobile device comprises at least one of the following: a device identifier, a user identifier, a password, and a user selected credential (Krawczyk, Paragraph [0038], see “the authentication endpoint 102 may transmit an indication of an asserted identifier of the document or of the user. Examples of such identifiers include, but are not limited to, a user name or identifier, a document enrollment identifier, an account identifier, or an organizational identifier”).

	Regarding claim 8, Krawczyk does not teach the following limitation(s) as taught by Macciola: The medium of claim 1, wherein the request for the captured image file comprises a request to perform the image capture operation on the physical document.
	(Macciola, FIG. 8, see “802” and “804”) (Macciola, Paragraph [0187], see “Method 800 therefore also includes operation 804, in which an image of a document is captured using the mobile device, and in response to receiving the request”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, disclosed of Krawczyk, by implementing techniques for determining document validity, comprising receiving a request for a captured image file of the physical document, disclosed of Macciola. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising receiving a request for a captured image file of the physical document. This allows for better security management by associating each captured image file of the physical document with a security key, and upon receiving a request for a captured image file of the physical document, providing the captured image file if the user/requester is authenticated (Macciola, FIG. 8 and Paragraph [0187]). 

	Regarding claim 9, Krawczyk as modified by Macciola teaches The medium of claim 1, wherein the instructions to receive the request for the captured image file comprises instructions to notify the user of an unauthorized attempt to request the captured image file upon determining that the request does not comprise the security key (Krawczyk, Paragraph [0061], see “In the instance that verification of the newly generated token fails at block 508, the routine 500 continues to block 514, wherein an authentication failure is recorded…block 514 may include transmission of an indication of authentication failure to an authentication end point 102”, where “authentication end point 102” is being read as the user, which is notified of an unauthorized attempt to request the captured image file upon determining that the request does not comprise the correct security key).
	
	Regarding claim 10, Krawczyk teaches A method comprising:
	selecting a physical document for an image capture (Krawczyk, Paragraph [0014], see “Each authentication end point may be configured with a scanner, imager, or other device capable of capturing required information of the physical document and transmitting such information to the document authentication service…a user may interact with the authentication end point in order to capture any necessary information from the physical document. This information may then be transmitted to the document authentication service for enrollment or authentication”);
	generating a security key associated with the physical document (Krawczyk, Paragraph [0015], see “A security token may  be generated based on any set or combination of information within the physical document, including both information presented by the document (e.g., text, photographs, or digital encodings represented by the document) and characteristics of the document not intended to convey information (e.g., size, shape, color, condition, or anomalies within all or a portion of the document)”);
	providing the security key to a user associated with the physical document (Krawczyk, Paragraph [0031], see “If such a corresponding security token exists, the authentication server 114 may indicate successful authentication to the authentication end point 102 (e.g., via the user interaction server 112)…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”);
	
	providing the image capture of the physical document upon a determination that the request comprises the security key (Krawczyk, Paragraph [0031], see “the authentication server 114 can generate a security token of the document, as described above. The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120..the authentication end point 102 may be notified that the physical document presented for authentication is the same document that was previously enrolled into the document authentication system 110…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”, where “The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120” is being read as the request comprising the security key and where “the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document” is being read as providing the captured image file of the physical document”).
	Krawczyk does not teach the following limitation(s) as taught by Macciola: receiving a request for the image capture of the physical document.
	(Macciola, FIG. 8, see “802” and “804”) (Macciola, Paragraph [0187], see “Method 800 therefore also includes operation 804, in which an image of a document is captured using the mobile device, and in response to receiving the request”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, disclosed of Krawczyk, by implementing techniques for determining document validity, comprising receiving a request for a captured image file of the physical document, disclosed of Macciola. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising receiving a request for a captured image file of the physical document. This allows for better security management by associating each captured image file of the physical document with a security key, and upon receiving a request for a captured image file of the physical document, providing the captured image file if the user/requester is authenticated (Macciola, FIG. 8 and Paragraph [0187]). 

	Regarding claim 11, Krawczyk as modified by Macciola teaches The method of Claim 11, wherein the security key is provided to a mobile device associated with the user (Krawczyk, Paragraph [0031], see “If such a corresponding security token exists, the authentication server 114 may indicate successful authentication to the authentication end point 102 (e.g., via the user interaction server 112)…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”, where “authentication end point 102” is being read as a mobile device associated with the user). 


	Regarding claim 14, Krawczyk as modified by Macciola teaches The method of Claim 11, wherein the security key is generated according to at least one of the following: a characteristic of the physical document and a characteristic of the image capture (Krawczyk, Paragraph [0018], see “a security token may be generated based at least in part on characteristics inherent to a physical document that are practically or actually unable to be forged, such as manufacturing defects or wear patterns”).

	Regarding claim 15, Krawczyk teaches An apparatus, comprising:
	a scanner to:
		receive a physical document (Krawzcyk, Paragraph [0014], see “Each authentication end point may be configured with a scanner, imager, or other device capable of capturing required information of the physical document and transmitting such information to the document authentication service”), and
		capture an image file associated with the physical document (Krawzcyk, Paragraph [0014], see “Each authentication end point may be configured with a scanner, imager, or other device capable of capturing required information of the physical document and transmitting such information to the document authentication service”); 
	a security engine to:
		generate a security key associated with the physical document according to an authentication credential associated with a user (Krawczyk, Paragraph [0017], see “Because each security token is unique, possession of the document reflects that the user is the same entity that previously enrolled with the document authentication service…the user may be granted security rights associated with the previously enrolled document…the document authentication service may compare a generated security token to a single previously generated security token, such as a previous security token generated for the user requesting authentication”, wherein the security key is generated according to the credential from the user) (Krawczyk, Paragraph [0018], see “Generation of a security token by the document authentication service is not wholly…dependent on information presented by the document (e.g., name, date of birth, identification number, address, gender, country of issuance, etc.)”, which implies that the security key can be generated according to the authentication credential from the user), and
		provide the security key to a user associated with the physical document (Krawczyk, Paragraph [0031], see “If such a corresponding security token exists, the authentication server 114 may indicate successful authentication to the authentication end point 102 (e.g., via the user interaction server 112)…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”); and
	
		
		provide the captured image file document upon a determination that the request comprises the security key associated with the physical document (Krawczyk, Paragraph [0031], see “the authentication server 114 can generate a security token of the document, as described above. The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120..the authentication end point 102 may be notified that the physical document presented for authentication is the same document that was previously enrolled into the document authentication system 110…the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document, a document identification number, a user associated with the document, or a photograph of such a user”, where “The authentication server 114 may then determine whether a corresponding security token exists within the security token data store 120” is being read as the request comprising the security key and where “the authentication server 114 may further transmit information regarding the security token or the corresponding physical document, such as a picture of the initially enrolled document” is being read as providing the captured image file of the physical document”).
	Krawczyk does not teach the following limitation(s) as taught by Macciola: a document engine to:
	receive a request for the captured image file.
	(Macciola, FIG. 8, see “802” and “804”) (Macciola, Paragraph [0187], see “Method 800 therefore also includes operation 804, in which an image of a document is captured using the mobile device, and in response to receiving the request”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, disclosed of Krawczyk, by implementing techniques for determining document validity, comprising receiving a request for a captured image file of the physical document, disclosed of Macciola. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising receiving a request for a captured image file of the physical document. This allows for better security management by associating each captured image file of the physical document with a security key, and upon receiving a request for a captured image file of the physical document, providing the captured image file if the user/requester is authenticated (Macciola, FIG. 8 and Paragraph [0187]). 


Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Krawczyk, in view of Macciola, in further view of Shastri et al. (U.S. PGPub. 2017/0118025), hereinafter Shastri. 

	Regarding claim 12, Krawczyk as modified by Macciola does not teach the following limitation(s) as taught by Shastri: The method of Claim 12, wherein providing the security key to the mobile device associated with the user further comprises verifying that the mobile device associated with the user is associated with a trusted whitelist table of a plurality of mobile devices.
	(Shastri, Paragraph [0010], see “With the rise in use of mobile devices, techniques disclosed herein enable use of a mobile device as a point of trust for multi-factor authentication”) (Shastri, Paragraph [0104], see “a device presenting GUI 900 to be registered as a trusted device and device 950 to be used as a mobile authenticator for registration of the device…The GUI may provide an interactive element 954 for requesting to capture security data from the GUI 900. Interactive element 906 in GUI 900 may be interactive to enable a user to specify whether the device/location is to be registered as a trusted device/location”, where “capture security data” is analogous to providing the security key upon verifying that the device is a registered trusted device).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, disclosed of Krawczyk and techniques disclosed of Macciola, by implementing techniques for password-less authentication for access management, comprising verifying that the mobile device associated with the user is associated with a trusted whitelist table of a plurality of mobile devices, disclosed of Shastri.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising verifying that the mobile device associated with the user is associated with a trusted whitelist table of a plurality of mobile devices. This allows for better security management by verifying that the mobile device associated with the user is a trusted device before providing the security key to it (Shastri, Paragraph [0104]). 


Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Krawczyk, in view of Macciola, in further view of Zhang et al. (U.S. PGPub. 2019/0349340), hereinafter Zhang.

	Regarding claim 13, Krawczyk as modified by Macciola does not teach the following limitation(s) as taught by Zhang: The method of Claim 11, wherein the request is received from a second device associated with the user, wherein the second device is configured to retrieve the security key from the mobile device.
	(Zhang, Paragraph [0005], see “where when the first device is a terminal device, the second device is an access network node or a user plane node, or when the first device is an access network node or a user plane node, the second device is a terminal device”) (Zhang, Paragraph [0380], see “when the second device is the user plane node, the obtaining module 920 is configured to request the at least one key form the first network element”, where the “first network element” comprises a mobile device and the “obtaining module 920” is associated with the second device).
 Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for document authentication, disclosed of Krawczyk and techniques disclosed of Macciola, by implementing techniques for security implementation, comprising the second device being configured to retrieve the security key from the mobile device, disclosed of Zhang.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for document security keys, comprising the second device being configured to retrieve the security key from the mobile device. This allows for a more user-friendly interface by allowing any trusted device of the user to retrieve the security key from the mobile device, as long as they are present on a whitelist table / trusted device associated with the user (Zhang, Paragraph [0380]). 



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/RODMAN ALEXANDER MAHMOUDI/Examiner, Art Unit 2433                                                                                                                                                                                                        

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433