Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Jason Gardner (Reg. No: 58,180) on 09/06/2022. 

CLAIMS
The application has been amended as follows: 

1. 	(Currently Amended) A computer server comprising: 
a processing unit including one or more processors;
a computer-readable memory storing thereon computer-executable instructions that are executable by the processing unit to cause the computer server to: 
receive location data from a mobile client device, the location data comprising a set of geographic coordinates of the mobile client device;
compare the location data to one or more predefined secure location definitions associated with the mobile client device by:
comparing the set of geographic coordinates of the mobile client device to a set of boundaries of a predefined geofence associated with the mobile client device, wherein the one or more predefined secure location definitions comprise the set of boundaries that indicate one or more locations that are private or trusted for the mobile client device, wherein the set of boundaries of the predefined geofence are definable as an updated secure location via user input that indicates that the predefined geofence is secure within a first particular distance from the set of geographic coordinates of the mobile client device; and
comparing the location data to the one or more predefined secure location definitions by comparing an identifier of a wireless access point to a predefined list of secure wireless access points associated with the mobile client device, wherein the identifier of the wireless access point is definable as an updated secure wireless access point via user input that indicates that a location corresponding to the wireless access point within a second particular distance is secure;
receive a request from the mobile client device to access one or more network resources or services provided by the computer server; 
in response to the request from the mobile client device:
determine a first time associated with the location data received from the mobile client device;
determine a second time associated with the request from the mobile client device;
compare a difference between the second time and the first time to a location recency threshold, wherein the location recency threshold is a duration of time;
in response to the computer server determining the difference between the second time and the first time is greater than the location recency threshold, request new location data from the mobile client device;
determine, using a result of comparing the location data or the new location data and the one or more predefined secure location definitions associated with the mobile client device, an authentication process from among a plurality of authentication processes for providing the mobile client device with access to the network resources or services;
execute the authentication process for providing the mobile client device with access to the network resources or services;
execute, based on not matching the location data to at least one predefined location definitions associated with the mobile client device, an additional authentication process, and successfully authenticate the mobile client device, prior to providing access to requested network resources or services;
in response to successfully authenticating the mobile client device, provide the mobile client device with access to the network resources or services; and
in response to unsuccessfully authenticating the mobile client device, deny access to the mobile client device to the network resources or services.

2-3. 	(Canceled)

4. 	(Original) The computer server of claim 1, wherein the instructions that are executable by the processing unit to cause the computer server to execute the authentication process comprise instructions that are executable to: 
allow, based on matching the location data to at least one predefined location definitions associated with the mobile client device, the mobile client device to access requested network resources or services and avoid additional authentication processes for the mobile client device.  

5-6. 	(Canceled)

7.	(Original) The computer server of claim 1, wherein the computer server is configured to receive the request from the mobile client device to access one or more network resources or services provided by receiving the request from a mobile application installed on the mobile client device.

8.	(Original) The computer server of claim 1, wherein the computer server is configured to provide recommendations or suggestions to a user of the mobile client device that certain locations be designated as predefined secure locations, and wherein the computer server is configured to receive one or more predefined secure location definitions from a user of the mobile client device.

9.	(Currently Amended) A method comprising:
receiving location data from a mobile client device, the location data comprising a set of geographic coordinates of the mobile client device; 
comparing the location data to one or more predefined secure location definitions associated with the mobile client device by:
comparing the set of geographic coordinates of the mobile client device to a set of boundaries of a predefined geofence associated with the mobile client device, wherein the one or more predefined secure location definitions comprise the set of boundaries that indicate one or more locations that are private or trusted for the mobile client device, wherein the set of boundaries of the predefined geofence are defined as an updated secure location via user input that indicates that the predefined geofence is secure within a first particular distance from the set of geographic coordinates of the mobile client device; and
comparing the location data to the one or more predefined secure location definitions by comparing an identifier of a wireless access point to a predefined list of secure wireless access points associated with the mobile client device, wherein the identifier of the wireless access point is defined as an updated secure wireless access point via user input that indicates that a location corresponding to the wireless access point within a second particular distance is secure;
receiving a request from the mobile client device to access one or more network resources or services provided by a computer server; 
in response to receiving the request from the mobile client device:
determining a first time associated with the location data received from the mobile client device;
determining a second time associated with the request from the mobile client device;
comparing a difference between the second time and the first time to a location recency threshold, wherein the location recency threshold is a duration of time;
in response to the computer server determining the difference between the second time and the first time is greater than the location recency threshold, requesting new location data from the mobile client device;
selecting, using a result of comparing the location data or the new location data and the one or more predefined secure location definitions associated with the mobile client device, an authentication process from among a plurality of authentication processes for providing the mobile client device with access to the network resources or services;
executing the authentication process for providing the mobile client device with access to the network resources or services;
executing, based on not matching the location data to at least one predefined location definitions associated with the mobile client device, an additional authentication process, and successfully authenticating the mobile client device, prior to providing access to requested network resources or services;
providing, in response to successfully authenticating the mobile client device, the mobile client device with access to the network resources or services; and
denying, in response to unsuccessfully authenticating the mobile client device, access to the mobile client device to the network resources or services.  

10-11.	(Canceled)

12.	(Original) The method of claim 9, further comprising:
allowing, based on matching the location data to at least one predefined location definitions associated with the mobile client device, the mobile client device to access requested network resources or services and avoid additional authentication processes for the mobile client device.

13-14.	(Canceled)

15.	(Currently Amended) A non-transitory computer-readable medium comprising instructions that are executable by a processing device for causing the processing device to perform operations comprising:
receive location data from a mobile client device, the location data comprising a set of geographic coordinates of the mobile client device; 
compare the location data to one or more predefined secure location definitions associated with the mobile client device by:
comparing the set of geographic coordinates of the mobile client device to a set of boundaries of a predefined geofence associated with the mobile client device, wherein the one or more predefined secure location definitions comprise the set of boundaries that indicate one or more locations that are private or trusted for the mobile client device, wherein the set of boundaries of the predefined geofence are definable as an updated secure location via user input that indicates that the predefined geofence is secure within a first particular distance from the set of geographic coordinates of the mobile client device; and
comparing the location data to the one or more predefined secure location definitions by comparing an identifier of a wireless access point to a predefined list of secure wireless access points associated with the mobile client device, wherein the identifier of the wireless access point is definable as an updated secure wireless access point via user input that indicates that a location corresponding to the wireless access point within a second particular distance is secure;   
receive a request from the mobile client device to access one or more network resources or services provided by a computer server; 
in response to the request from the mobile client device:
determine a first time associated with the location data received from the mobile client device;
determine a second time associated with the request from the mobile client device;
compare a difference between the second time and the first time to a location recency threshold, wherein the location recency threshold is a duration of time;
in response to the computer server determining the difference between the second time and the first time is greater than the location recency threshold, request new location data from the mobile client device;
determine, using a result of comparing the location data or the new location data and the one or more predefined secure location definitions associated with the mobile client device, an authentication process for providing the mobile client device with access to the network resources or services;
execute the authentication process for providing the mobile client device with access to the network resources or services;
execute, based on not matching the location data to at least one predefined location definitions associated with the mobile client device, an additional authentication process, and successfully authenticate the mobile client device, prior to providing access to requested network resources or services;
in response to successfully authenticating the mobile client device, provide the mobile client device with access to the network resources or services; and
in response to unsuccessfully authenticating the mobile client device, deny access to the mobile client device to the network resources or services. 

16-17.	(Canceled)

18.	(Original) The non-transitory computer-readable medium of claim 15, wherein the instructions that are executable by the processing device to cause the processing device to execute the authentication process comprise instructions that are executable to: 
allow, based on matching the location data to at least one predefined location definitions associated with the mobile client device, the mobile client device to access requested network resources or services and avoid additional authentication processes for the mobile client device.  

19-20.	(Canceled)

21.	(Previously Presented) The computer server of claim 1, wherein the operation of comparing the location data to one or more predefined secure location definitions includes determining that the mobile client device is not within the one or more locations that are private or trusted for the mobile client device, and wherein the instructions are further executable to:
in response to determining that the mobile client device is at a first location that is not within the one or more locations that are private or trusted for the mobile client device, and in response to successfully authenticating the mobile client device:
providing a recommendation to a user of the mobile client device for storing the first location as a private or trusted location for the mobile client device;
receiving confirmation from the user of the mobile client device indicating that the first location is the private or trusted location for the mobile client device; and
receiving data that includes a set of boundaries of the first location for use in providing access in response to future access requests from the mobile client device.




Examiner’s Statement of Reasons for Allowance
Claims 1, 4, 7-9, 12, 15, 18 and 21 (renumbered as claims 1-9) are allowed. 
The present invention is directed to: a computer server that includes a processing unit and a computer-readable memory that may store computer-executable instructions that are executable by the processing unit to cause the computer server to perform various operations. The computer server may receive location data from a mobile client device and may compare the location data to predefined secure location definitions, which may be trusted or private locations. The computer server may receive a request from the mobile client device to access network resources or services, and the computer server may determine, using a result of comparing the location data and the one or more predefined secure location definitions, an authentication process for providing the mobile client device with access to the network resources or services. The computer server may execute the authentication process and may provide the mobile client device with access to the network resources or services.
The closest prior art, as previously recited, are Hughes et al (“Hughes,” US 20160073261), Lyman et al (“Lyman,” US 20180103025) in view of Sanqunetti et al (“Sanqunetti,” US 20040193368) and further in view of Thompson et al (“Thompson,” US 20190109840). 
Hughes is directed to: systems and methods for controlling the authentication or authorization of a mobile device user for enabling access to the resources or functionality associated with an application or service executable at the user's mobile device. The user or user's mobile device may be automatically authenticated or authorized to access application or system resources at the device when the current geographic location of the user's mobile device is determined to be within a preauthorized zone, e.g., based on a predetermined geo-fence corresponding to the preauthorized zone. A security level or amount of authorization credentials required to authorize a user for data access may be varied according any of a plurality of security levels, when the current or last known geographic location of the user's mobile device is determined to be outside the preauthorized zone.
Lyman is directed to: a device may collect environmental information surrounding the device. Based on the collected environmental information, the device may automatically identify a potentially secured location that has lower security risk. When a potentially secured location is identified, the device may prompt the user to setup a security profile having reduced security requirement for the secured location. The device may store and associate the security profile with the secured location. The device may activate the security profile with reduced security requirement when the device is in the secured area. Further, the security profile may require that certain features of the device be disabled when the device is in the secured location.
Sanqunetti is directed to: a location of a vehicle is monitored using a predefined geo-fencing boundary within a coordinate system. An angle between a selected straight edge of the boundary and an axis of the coordinate system is determined, and the boundary is rotated by the angle such that the selected straight edge of the rotated boundary is parallel to the axis of the coordinate system. Subsequently, a set of coordinates associated with a particular location of a monitored device are identified and rotated by the previously determined angle. The rotated set of coordinates is then compared to the rotated boundary to determine a location of the monitored device with respect to the selected boundary. This information can be used to determine whether the vehicle remains within the predefined geo-fencing boundary.
Thompson is directed to: user authentication techniques based on geographical locations associated with a client device are provided. An example method for authentication of the client device includes receiving an authentication request from the client device. The method may include establishing current geographical location of the client device. The method may further include establishing a trusted tolerance geographical area associated with the client device. After establishing the trusted tolerance geographical area, the method may proceed with determining whether the current geographical location of the client device is within the trusted tolerance geographical area. The method may further include authenticating the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area.
For example, none of the prior art teaches or suggests the steps of independent claims 1, 9 and 15: compare the location data to one or more predefined secure location definitions associated with the mobile client device by: comparing the set of geographic coordinates of the mobile client device to a set of boundaries of a predefined geofence associated with the mobile client device, wherein the one or more predefined secure location definitions comprise the set of boundaries that indicate one or more locations that are private or trusted for the mobile client device, wherein the set of boundaries of the predefined geofence are definable as an updated secure location via user input that indicates that the predefined geofence is secure within a first particular distance from the set of geographic coordinates of the mobile client device; and comparing the location data to the one or more predefined secure location definitions by comparing an identifier of a wireless access point to a predefined list of secure wireless access points associated with the mobile client device, wherein the identifier of the wireless access point is definable as an updated secure wireless access point via user input that indicates that a location corresponding to the wireless access point within a second particular distance is secure; receive a request from the mobile client device to access one or more network resources or services provided by the computer server;  in response to the request from the mobile client device: determine a first time associated with the location data received from the mobile client device; determine a second time associated with the request from the mobile client device; compare a difference between the second time and the first time to a location recency threshold, wherein the location recency threshold is a duration of time; in response to the computer server determining the difference between the second time and the first time is greater than the location recency threshold, request new location data from the mobile client device; determine, using a result of comparing the location data or the new location data and the one or more predefined secure location definitions associated with the mobile client device, an authentication process from among a plurality of authentication processes for providing the mobile client device with access to the network resources or services; execute the authentication process for providing the mobile client device with access to the network resources or services; execute, based on not matching the location data to at least one predefined location definitions associated with the mobile client device, an additional authentication process, and successfully authenticate the mobile client device, prior to providing access to requested network resources or services.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.




Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAMES J WILCOX/Examiner, Art Unit 2439        


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439