Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the amendment filed on 05/23/2022 In the instant amendment, claims 1, 3, 8 and 9 were amended; claim 17 was cancelled; claims 1 and 9 are independent claims. Claims 1-16 are pending in this application. THIS ACTION IS MADE FINAL. 

Response to Arguments
The drawing objection to FIG. 1 was withdrawn as per amendment filed on 11/12/2021. 
The claim interpretation under 35 U.S.C. 112(f) has been withdrawn. 
Applicant’s argument in the instant Amendment, filed on ? with respect to the limitations below, have been fully considered but they are not persuasive. 
Applicant argues that on (pages 9-10): that the cited prior art fails to explicitly disclose or suggest “does not verify the authenticity of the tickets independently at the authentication server only together and teaches that both tickets are needed so performing a check on each ticket would go against the teaching of Cheng.” 
The Examiner respectfully disagrees with the applicant. Applicant is arguing about limitations not in the claims. Applicant never mentions what authentication data is in the claims. Cheng discloses sending a ticket from the client to the authentication server [first authenticator] then validating the ticket. A second authenticator is between the authentication server and the registration server. The system then determines whether the ticket is authentic. The ticket is sent from the client and the authentication server to the application server. The authenticity of the ticket is verified at the application server [third authenticator], The ticket is then checked to see if it is authentic. The client is then granted access when the ticket is authentic (See Cheng, Figures 6A-6D, [0020]-[0024]). 
Applicant’s arguments with respect to claim(s) 1 and 9 in regard to the limitations “sending a request from a first authenticator to the remote service; receiving, at the first authenticator, a response from the remote service which comprises authentication data; verifying authenticity of the authentication data at the first authenticator; wherein when the first authenticator verifies that the authentication data is authentic,” have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) and further in view of Fu et al (“Fu,” US 20120079570). 

	Regarding claim 1, Cheng discloses a computer-implemented method for verifying authenticity of a remote service, the method comprising:
sending the authentication data from the first authenticator to a second authenticator; (Cheng, FIG 6A-6D describes sending the ticket [authentication data] from the first authenticator to a second authenticator)
verifying authenticity of the authentication data at the second authenticator; (Cheng, [0020]-[0024], Figures 6A-6D describe verifying authenticity of the authentication data at the second authenticator)
wherein when the second authenticator verifies that the authentication data is authentic; (Cheng, [0020]-[0024], Figures 6A-6D describe wherein when the second authenticator verifies that the authentication data is authentic)
outputting a first authenticity indicator from the second authenticator to the first authenticator, the first authenticity indicator indicating whether or not the second authenticator determines that the authentication data is authentic; (Cheng, 646A, FIG 6C describes outputting a first authenticity indicator from the second authenticator to the first authenticator, the first authenticity indicator indicating whether or not the second authenticator determines that the authentication data is authentic)
sending the authentication data from the first authenticator to a third authenticator; (Cheng, Figures 6A-6D, describe sending the authentication data from the client and authentication server to the application server)
verifying authenticity of the authentication data at the third authenticator; (Cheng, Figures 6A-6D; [0020]-[0024] describes verifying the authenticity of the authentication data at the application server [third authentication arrangement]). 
wherein when the third authenticator verifies that the authentication data is authentic; (Cheng, Figures 6A-6D; [0020]-[0024] describes wherein the application server [third authentication arrangement] verifies the authentication data is authentic)
outputting a second authenticity indicator from the third authenticator to the first authenticator, the second authenticity indicator indicating whether or not the third authenticator determines that the authentication data is authentic; (Cheng, 654AP, FIG 6D, describes determining whether the ticket is authentic [outputting a second authenticity indicator from the third authenticator to the first authenticator, the second authenticity indicator indicating whether or not the third authenticator determines that the authentication data is authentic]) and
determining authenticity of the response from the remote service based on at least one of the first authenticity indicator or the second authenticity indicator; (Cheng, 656, FIG 6D, grant access to client when ticket is authentic)
Cheng fails to explicitly disclose sending a request from a first authenticator to the remote service; receiving, at the first authenticator, a response from the remote service which comprises authentication data; verifying authenticity of the authentication data at the first authenticator; wherein when the first authenticator verifies that the authentication data is authentic. 
However, in an analogous art, Fu discloses sending a request from a first authenticator to the remote service; (Fu, Figures 2, 3A, 3B, 4A, [0033], [0003] and [0094] describe sending a request from a first authenticator to the remote service)
receiving, at the first authenticator, a response from the remote service which comprises authentication data; (Fu, Figures 2, 3A, 4B, 4A; [0033], [0047], [0049], describe receiving, at the first authenticator, a response from the remote service which comprises authentication data)
verifying authenticity of the authentication data at the first authenticator; (Fu, Figures 2, 3A, 4B, 4A, 5, 6;  [0094], [0003], [0027] describe verifying authenticity of the authentication data at the first authenticator)
wherein when the first authenticator verifies that the authentication data is authentic; (Fu, 503, 513, 515, FIG 5; [0027], [0094], [0081], [0085] describes wherein when the first authenticator verifies that the authentication data is authentic)
wherein when at least one of the first authenticator, the second authenticator or the third authenticator verifies that the authentication data is not authentic, (Fu, 503, 513, 515, FIG 5; [0051]-[0052], [0107], describes wherein when at least one of the first authenticator, the second authenticator or the third authenticator verifies that the authentication data is not authentic; also see [0115], [0124]-[0126])
the method comprises providing an indication that the remote service is not authentic and cannot be trusted, (Fu, 503, 513, 515, FIG 5; [0051]-[0052], [0107], describes the method comprises providing an indication that the remote service is not authentic and cannot be trusted; also see [0115], [0124]-[0126])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fu with the method/system of Cheng to include sending a request from a first authenticator to the remote service; receiving, at the first authenticator, a response from the remote service which comprises authentication data; verifying authenticity of the authentication data at the first authenticator; wherein when the first authenticator verifies that the authentication data is authentic. One would have been motivated to provide accelerated authentication and service response ([0002]). 

Regarding claim 9, claim 9 is directed to a system.
 Claim 9 is similar in scope to claim 1 and therefore rejected under similar rationale. 

Claims 2, 3, 10 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) in view of Fu et al (“Fu,” US 20120079570) and further in view of Hsu et al ("Hsu," US 20090327737). 

	Regarding claim 2, Cheng and Fu disclose the method of claim 1. 
	Cheng and Fu fail to explicitly disclose wherein the method further comprises generating the authentication data at the remote service using a private key of a private/public key pair.
	However, in an analogous art, Hsu discloses wherein the method further comprises generating the authentication data at the remote service using a private key of a private/public key pair, (Hsu, [0003], The second module retrieves the private key of the asymmetric key pair from a secure and trusted information store, such as a license information store [remote service], and uses the private key to obtain the shared secret to generate authentication data for a message sent from the second module to the first module)
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hsu with the method/system of Cheng and Fu to include wherein the method further comprises generating the authentication data at the remote service using a private key of a private/public key pair. One would have been motivated to ensure authenticity and integrity of a communication received by a first module from a second module (Hsu, [0003]). 

Regarding claim 3, Cheng and Fu disclose the method of claim 2. 
	Cheng further discloses wherein the second authenticator and the third authenticator each verify the authenticity of the authentication data (Cheng, [0020]-[0024], Figures 6A-6D describe wherein the second authenticator and the third authenticator each verify the authenticity of the authentication data)
using a public key of the private/public key pair which is obtained from one of local storage or remote storage via a communication path, (Cheng, [0022], [0109] and [0029] describe using a public key of the private/public key pair which is obtained from one of local storage or remote storage via a communication path)
wherein the communication path is a different communication path from a communication path used by the first authenticator to communicate with the remote service, (Cheng, [0029] describes wherein the communication path is a different communication path from a communication path used by the first authenticator to communicate with the remote service)

	Regarding claim 10, claim 10 is directed to a security management apparatus. Claim 10 is similar in scope to claim 2 and is therefore rejected under similar rationale.

	Regarding claim 11, claim 11 is directed to the system of claim 10. Claim 11 is similar in scope to claim 3 and is therefore rejected under similar rationale.

	
Claims 4 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) in view of Fu et al (“Fu,” US 20120079570) and further in view of Tang et al ("Tang," US 20110026716). 

	Regarding claim 4, Cheng and Fu disclose the method of claim 1. 
	Cheng and Fu discloses wherein the method further comprises: outputting a visual message indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the visual message on a screen.
	However, in analogous art, Tang discloses wherein the method further comprises: outputting a visual message indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the visual message on a screen (Tang, [0001], the present invention relates to authentication or verification of a person's identity for security purposes and more particularly to a method for on-screen authentication using a secret visual message). 
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tang with the method/system of Cheng and Fu to include wherein the method further comprises: outputting a visual message indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the visual message on a screen. One would have been motivated to authenticate or verify a person's identity for security purposes and for on-screen authentication using a secret visual message (Tang, [0001]). 

	Regarding claim 12, claim 12 is directed to the system of claim 9. Claim 12 is similar in scope to claim 4 and is therefore rejected under similar rationale.

Claims 5 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) and Fu et al (“Fu,” US 20120079570) and further in view of Hodge et al ("Hodge," US 20180218753). 

	Regarding claim 5, Cheng and Fu disclose the method of claim 1. 
	Cheng and Fu fail to explicitly disclose wherein the method further comprises:
outputting a video clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the video clip on a screen.
	However, in an analogous art, Hodge discloses wherein the method further comprises: outputting a video clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the video clip on a screen (Hodge, [0067], this screen page will provide facts to the user and the viewer regarding the integrity of the method of encryption, hashing and authentication used by the software application in conjunction with the client device used to capture the initial video clip and later verify that the video clip being presented is indeed, authentic). 
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hodge with the method/system of Cheng and Fu to include wherein the method further comprises: outputting a video clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by displaying the video clip on a screen. One would have been motivated to ensure authenticity and features to allow a user to present to others (Hodge, [0002]). 

	Regarding claim 13, claim 13 is directed to the system of claim 9. Claim 13 is similar in scope to claim 5 and is therefore rejected under similar rationale.

Claims 6 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) in view of Fu et al (“Fu,” US 20120079570) and further in view of Lu et al ("Lu," US 20150112680).  

	 Regarding claim 6, Cheng and Fu disclose the method of claim 1. 
	Cheng and Fu fail to explicitly disclose wherein the method further comprises: outputting an audio clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by outputting the audio clip via a loudspeaker.
	However, in an analogous art, Lu discloses wherein the method further comprises: outputting an audio clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by outputting the audio clip via a loudspeaker, (Lu, [0046] describes outputting an audio clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by outputting the audio clip via a loudspeaker).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lu with the method/system of Cheng and Fu to include wherein the method further comprises: outputting an audio clip indicative of at least one of the first authenticity indicator or the second authenticity indicator by outputting the audio clip via a loudspeaker. One would have been motivated to update a voiceprint feature model (Lu, [0002]). 

	Regarding claim 14, claim 14 is directed to the system of claim 9. Claim 14 is similar in scope to claim 6 and is therefore rejected under similar rationale.

Claims 7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) in view of Fu et al (“Fu,” US 20120079570) and further in view of Smith et al (“Smith,” US 20170374055). 

	Regarding claim 7, Cheng and Fu disclose the method of claim 1. 
	Cheng and Fu fail to explicitly disclose wherein the method further comprises:
	outputting an authenticity notification indicative of at least one of the first authenticity indicator or the second authenticity indicator to a decision module; and determining, at the decision module, the authenticity of the response from the remote service based on the authenticity notification.
	However, in an analogous art, Smith discloses wherein the method further comprises: outputting an authenticity notification indicative of at least one of the first authenticity indicator or the second authenticity indicator to a decision module; (Smith, [0086] & [0124] describes outputting a notification indicative of an authentication factor to a determination application)
and determining, at the decision module, the authenticity of the response from the remote service based on the authenticity notification (Smith, [0086] & [0124] describes determining whether to authenticate based on the response from the server based on the authentication factor)
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smith with the method/system of Cheng and Fu to include wherein the method further comprises: outputting an authenticity notification indicative of at least one of the first authenticity indicator or the second authenticity indicator to a decision module; and determining, at the decision module, the authenticity of the response from the remote service based on the authenticity notification. One would have been motivated to provide continuous multi-factor authentication (Smith, [0018]). 

	Regarding claim 15, claim 15 is directed to the system of claim 9. Claim 15 is similar in scope to claim 7 and is therefore rejected under similar rationale.

Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al (“Cheng,” EP 1792437) in view of Fu et al (“Fu,” US 20120079570) and further in view of Lakhani et al (“Lakhani,” US 20190207927). 

	Regarding claim 8, Cheng and Fu disclose the method of claim 1. 
	Cheng further discloses wherein the method further comprises: sending the authentication data from the first authenticator to at least one further authenticator;  (Cheng, [0056] describes sending the authentication data from the first authenticator to at least one further authenticator)
verifying authenticity of the authentication data at the at least one further authenticator; (Cheng, [0060] & [0056] describes verifying authenticity of the authentication data at the at least one further authenticator)
Cheng fails to explicitly disclose and outputting a further authenticity indicator from each further authenticator of the at least one further authenticator to the first authenticator, the further authenticity indicator indicating whether or not the further authenticator determines that the authentication data provided by the remote service is authentic.
	However, in an analogous art, Lakhani discloses and outputting a further authenticity indicator from each further authenticator of the at least one further authenticator to the first authenticator, (Lakhani, [0149] describes an additional authentication factor [further authenticity indicator]; [0006] describes plural access services)
the further authenticity indicator indicating whether or not the further authenticator determines that the authentication data provided by the remote service is authentic (Lakhani, [0149] describes using the additional authentication factor; [0084], to establish authenticity)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lakhani with the method/system of Cheng and Fu to include and outputting a further authenticity indicator from each further authenticator of the at least one further authenticator to the first authenticator, the further authenticity indicator indicating whether or not the further authenticator determines that the authentication data provided by the remote service is authentic. One would have been motivated to provide secure access to plural access services (Lakhani, [0006]). 

	Regarding claim 16, claim 16 is directed to the system of claim 9. Claim 16 is similar in scope to claim 8 and is therefore rejected under similar rationale.










	
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAMES J WILCOX/Examiner, Art Unit 2439  


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439