DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-4 and 18-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Rene et al. (WO 2016/077121 A1).
Regarding claims 1, 18 and 20, Rene discloses a method and corresponding system and computer product, the method comprising: 
	receiving, via a messaging application implemented by one or more processors of a user device, a request to recover access to an account of a user of the messaging application (i.e., If it becomes necessary to recover an account, the account holder issues a request for account recovery to authentication server 206, [0034]; In 432, password application 212a of client device 202a creates an account recovery request message and sends the account recovery request message to password application REST API 214 of authentication server 206, [0055]); 
	accessing a first object corresponding to a first key (i.e., the Account Recovery Establishment Screen displays a GUI from including one or more of the following items: E-mail form field; image representation of the CAPTCHA challenge; CAPTCHA answer form field; a password field to input a provisional Master Password, [0053]; In 426, password application 212a derives an Ephemeral Key Encryption Key (EphKEK) (PBKDF2 w/ EphKEKSalt, Master Password), [0054]); 
	receiving, from a first friend of the user on the messaging application, a second object corresponding to a first portion of a second key (i.e., The procedures of 502-532 are repeated for one or more of the remaining ARPTFs of user A using their respective password applications in which password REST API 214 receives one or more shared ARK-Px pieces from each ARPTF, Fig. 5; [0061]; the ARK secret is split into a predetermined number m pieces, and each piece is securely shared with an ARP Trusted Friend (ARPTF), [0032]); 
	receiving, from a second friend of the user on the messaging application, a third object corresponding to a second portion of the second key (i.e., The procedures of 502-532 are repeated for one or more of the remaining ARPTFs of user A using their respective password applications in which password REST API 214 receives one or more shared ARK-Px pieces from each ARPTF, Fig. 5; [0061]; the ARK secret is split into a predetermined number m pieces, and each piece is securely shared with an ARP Trusted Friend (ARPTF), [0032]); 
	deriving the second key based on the second and third objects (i.e., the received recovery tokens are decrypted and assembled to rebuild the ARK. The ARK is used to decrypt the ARB to perform the recovery process, [0035]); and 
	recovering access to the account of the user based on the first key and the second key (i.e., During the recovery process, procedures are taken to regenerate all required seeds, keys, new pieces, and new fresh key material and re-encryption to promote the provisional master key into the new master key, thereby allowing the user to login in via the new master key and regain control  of the user’s account and resources, [0035]; When enough shared ARK-Px pieces are received by password REST API 214, password REST API 214 updates the status of the account recovery request to a "consensus reached" in 534, [0061]; In 608, first password application 212a sends an indication of the current ARR status = “consensus reached” to user A. In 610, user A proceeds with account recovery. In 612, first password application 212a derives an ephemeral key encryption key (EphKEK) using the Provisional Master Password and a randomly generated salt, [0063]).
Regarding claims 2 and 19, Rene further discloses that the request to recover access comprises a request to recover login credentials for the user on the messaging application ([0030], [0036]).
Regarding claim 3, Rene further discloses allowing the user to change login credentials for the account on the messaging application to recover access to the account ([0066]).
Regarding claim 4, Rene further discloses receiving input from the user to enable a social-based account access recovery feature ([0053]); in response to receiving the input, generating the first key ([0054]); and generating the first object corresponding to the first key ([0054]).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over Rene as applied to claim 1 above.
Regarding claims 8-9, Rene discloses utilizing bar codes for the second and third objects ([0033]). Rene does not disclose utilizing bar code for the first object; however, utilizing bar codes is just one of different ways to encode information, and it is a matter of design choice. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to also utilize a bar code for the first object with a reasonable expectation of success. Accordingly, the first object would be accessed the same way the second and third objects are.
Allowable Subject Matter
Claims 5-7 and 10-17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MINH DINH whose telephone number is (571)272-3802. The examiner can normally be reached Mon-Fri: 9 AM - 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on 469-295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MINH DINH/Primary Examiner, Art Unit 2432