DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following is a Final Office action in response to communications received 08/26/2022. 

Response to Amendment
Claims 1-4, 8-10 and 15-17 have been amended. 
Examiner’s objections regarding the specification are withdrawn in light of the applicant’s amendments to paragraph [0019] of the specification.
Examiner’s objections regarding claim 15 are withdrawn in light of the applicant’s amendments to the claim. 
Examiner’s rejection of claim 8 under 35 U.S.C 101 is withdrawn in light of the applicant’s amendments to the claim.
Examiner’s rejections of claim 1, 8 and 15 under 35 U.S.C 112(a) and 35 U.S.C 112(b) are withdrawn in light of the applicant’s amendments to the claims.
Applicant’s arguments with respect to claims 1, 8 and 15 regarding the new limitations: “in the determined protected mode, populating, by one or more processors, the computing device with a passcode screen in response to the pattern of keys being pressed”, “capturing, by one or more processors, biometric information of a secondary user of the computing device using a biometric sensor of the computing device; analyzing, by one or more processors, the biometric information of the secondary user of the computing device by comparing the biometric information to a plurality of user profiles within the database; determining, by one or more processors, whether the secondary user authorized to have access to the computing device in response to the comparing”, and “populating, by one or more processors, the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device”, have been considered but are moot in view of the new ground of rejection presented in the current office action.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-6, 8-13 and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over prior art of record US 20200125704 to Chavez et al (hereinafter Chavez), US 20120235790 to Zhao et al (hereinafter Zhao) and US 20120015629 to Olsen et al (hereinafter Olsen).
As per claim 1, Chavez teaches:
A computer-implemented method, the method comprising: 
receiving, by one or more processors, one or more policy decisions from a primary user (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user); 
capturing, by one or more processors, biometric information of a secondary user of the computing device using a biometric sensor of the computing device (Chavez: [0079]: the activity monitoring instructions 240 may be configured to …, receive biometric information from the user, request the user to input an access code or password, etc. [0082] The biometric recording instructions 256, when executed by the processor 204, may enable the communication device 104, 108 to actively or passively monitor various biometrics inputs of a user of the device.); 
analyzing, by one or more processors, the biometric information of the secondary user of the computing device by comparing the biometric information to a plurality of user profiles within the database (Chavez: [0082]: In some embodiments, the biometric recording instructions 256 may passively capture voice inputs from the user, again as part of determining whether the user is a primary user or borrowing user. The combination of biometric recorded data and behavioral recorded data may be provided to a locally-executed set of AI instructions, in the form of the AI module 260, to determine whether a current user of the device 104, 108 is a primary user or a borrowing user. [0090] The biometric data fields 304, 308 may contain any type of biometric data for known and enrolled users of the device 104, 108. In other embodiments, one or more enrolled users may correspond to known and trusted borrowing users of the device 104, 108. [0103]: The method 500 continues by receiving biometric features of the borrowing user (step 508) and then generating a borrowing user biometric data or template based on the received features (step 512). [0104]: The method 500 continues by storing the borrowing user data or templates within the data structure 300 (step 516). Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520).; 
determining, by one or more processors, whether the secondary user authorized to have access to the computing device in response to the comparing (Chavez: [0104]: Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520)). [0105] In some embodiments, the primary user may be required to input additional permissions or authentication inputs (e.g., a borrowing-permitted input) to indicate that the borrowing user is allowed to borrow the device (step 524). If no further primary user inputs are required, then the borrowing user may simply be allowed to borrow the device. [0120]-[0121]: This may result in the compliance instructions 264 determining whether or not further use of the device is allowed by someone other than the primary user (step 916). In some embodiments, the compliance instructions 264 may determine that further use is allowed, but only so long as that further use is in alignment with compliance instructions 264 or other borrowing policies defined by the primary user); 
monitoring, by one or more processors, activity associated with one or more applications by the secondary user authorized to have access to the computing device (Chavez: [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy. [0068]: In some embodiments, the second borrowing user 120c may not be able to access certain types of content (e.g., particular content servers 116 or web addresses) using a browser of the user device 104 even though the second borrowing user 120c has the ability to access the browser of the user device 104 (monitoring second borrowing user’s activity associated with the browser application). [0079]: The activity monitoring instructions 240 may also receive usage information associated with an application 232 or O/S 224 (e.g., particular commands received at the application 232 or O/S 224 or usage statistics associated with operation of a particular application 232 or O/S 224). As a non-limiting example, the activity monitoring instructions 240 may be configured to determine whether a particular user is actively using particular applications, determine that certain functions are being performed within an application, determine that certain features (e.g., text features, calling features, social media features, etc.) are being utilized by an application, and so on. Also, [0112], [0106], [0122]); 
detecting, by one or more processors, the activity being unauthorized activity by the secondary user authorized to have access to the computing device (Chavez:[0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device (detecting unauthorized activity). [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device); and 
in response to detecting the unauthorized activity by the secondary user authorized to have access to the computing device, activating, by one or more processors, the determined protected mode on the computing device (Chavez: [0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device. [0122]: If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device) 
Chavez does not teach: monitoring, by one or more processors, a computing device to identify a pattern of keys pressed on the computing device by the primary user; determining, by one or more processors, a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user;  activating, by one or more processors, the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, populating, by one or more processors, the computing device with a passcode screen in response to the pattern of keys being pressed; and populating, by one or more processors, the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device. However, Winkler teaches:
monitoring, by one or more processors, a computing device to identify a pattern of keys pressed on the computing device by the primary user; determining, by one or more processors, a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user;  activating, by one or more processors, the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, populating, by one or more processors, the computing device with a passcode screen in response to the pattern of keys being pressed; (Zhao: [0002] Many mobile devices have a lock mode. Generally, the device is programmed to enter the lock mode when a user presses a specific button or a series of buttons or when it has been idle for a certain period of time. When a user desires to use a device that is locked, the user will typically be required to drag a slide bar, press a specific button or a series of buttons (e.g., to enter a password) to unlock the device. Populating the mobile device with a password screen when the mobile device is in the lock mode was well known to one of ordinary skill in the art before the effective filing date of the claimed invention)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Zhao in the invention of Chavez to include the above limitations. The motivation to do so would be to prevent an unauthorized person from using the device (Zhao: [0002]). 
Chavez in view of Zhao does not teach: populating, by one or more processors, the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device. However, Olsen teaches:
populating, by one or more processors, the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device (Olsen: [0002] Current mobile computing devices typically provide an unlock screen or user interface that receives manual user input to unlock the devices. For example, a user may enter a password or manually trace a graphical pattern on a touchscreen of a mobile computing device to unlock that device).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Olsen in the invention of Chavez in view of Zhao to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 8, Chavez teaches:
 A computer program product, the computer program product comprising: one or more computer-readable storage media and program instructions stored on the one or more computer-readable storage media, the program instructions comprising: 
program instructions to receive one or more policy decisions from a primary user (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user); 
program instructions to capture biometric information of a secondary user of the computing device using a biometric sensor of the computing device (Chavez: [0079]: the activity monitoring instructions 240 may be configured to …, receive biometric information from the user, request the user to input an access code or password, etc. [0082] The biometric recording instructions 256, when executed by the processor 204, may enable the communication device 104, 108 to actively or passively monitor various biometrics inputs of a user of the device.); 
program instructions to analyze the biometric information of the secondary user of the computing device by comparing the biometric information to a plurality of user profiles within the database (Chavez: [0082]: In some embodiments, the biometric recording instructions 256 may passively capture voice inputs from the user, again as part of determining whether the user is a primary user or borrowing user. The combination of biometric recorded data and behavioral recorded data may be provided to a locally-executed set of AI instructions, in the form of the AI module 260, to determine whether a current user of the device 104, 108 is a primary user or a borrowing user. [0090] The biometric data fields 304, 308 may contain any type of biometric data for known and enrolled users of the device 104, 108. In other embodiments, one or more enrolled users may correspond to known and trusted borrowing users of the device 104, 108. [0103]: The method 500 continues by receiving biometric features of the borrowing user (step 508) and then generating a borrowing user biometric data or template based on the received features (step 512). [0104]: The method 500 continues by storing the borrowing user data or templates within the data structure 300 (step 516). Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520));  
program instructions to determine whether the secondary user is authorized to have access to the computing device in response to a comparison between the biometric information to the plurality of user profiles within the database (Chavez: [0104]: Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520)). [0105] In some embodiments, the primary user may be required to input additional permissions or authentication inputs (e.g., a borrowing-permitted input) to indicate that the borrowing user is allowed to borrow the device (step 524). If no further primary user inputs are required, then the borrowing user may simply be allowed to borrow the device. [0120]-[0121]: This may result in the compliance instructions 264 determining whether or not further use of the device is allowed by someone other than the primary user (step 916). In some embodiments, the compliance instructions 264 may determine that further use is allowed, but only so long as that further use is in alignment with compliance instructions 264 or other borrowing policies defined by the primary user); 
program instructions to monitor activity associated with one or more applications by the secondary user authorized to have access to the computing device (Chavez: [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy. [0068]: In some embodiments, the second borrowing user 120c may not be able to access certain types of content (e.g., particular content servers 116 or web addresses) using a browser of the user device 104 even though the second borrowing user 120c has the ability to access the browser of the user device 104 (monitoring second borrowing user’s activity associated with the browser application). [0079]: The activity monitoring instructions 240 may also receive usage information associated with an application 232 or O/S 224 (e.g., particular commands received at the application 232 or O/S 224 or usage statistics associated with operation of a particular application 232 or O/S 224). As a non-limiting example, the activity monitoring instructions 240 may be configured to determine whether a particular user is actively using particular applications, determine that certain functions are being performed within an application, determine that certain features (e.g., text features, calling features, social media features, etc.) are being utilized by an application, and so on. Also, [0112], [0106], [0122]); 
program instructions to detect the activity being unauthorized activity by the secondary user authorized to have access to the computing device (Chavez:[0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device (detecting unauthorized activity). [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device); 
in response to detecting the unauthorized activity by the secondary user authorized to have access to  the computing device, program instructions to activate the determined protected mode on the computing device (Chavez: [0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device. [0122]: If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device), wherein the unauthorized activity comprises navigating away from application software on another screen of the computing device (Chavez: [0106]: In one embodiment, such input to grant permission to allow borrowing user to utilize the device, may be time bound or event bound, that is, the primary user allows the borrowing user to utilize the device for a limited amount of time or until a preconfigured event occurs such as the borrowing user trying to access an application the borrowing user is not supposed to do (navigating away from allowed application software)).
Chavez does not teach: program instructions to monitor a computing device to identify a pattern of keys pressed on the computing device by the primary user; program instructions to determine a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user; program instructions to activate the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, program instructions to populate the computing device with a passcode screen in response to the pattern of keys being pressed; and populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device; and program instructions to display a denial message in response to an incorrect passcode being input to the second passcode screen. However, Zhao teaches:
program instructions to monitor a computing device to identify a pattern of keys pressed on the computing device by the primary user; program instructions to determine a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user; program instructions to activate the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, program instructions to populate the computing device with a passcode screen in response to the pattern of keys being pressed (Zhao: [0002] Many mobile devices have a lock mode. Generally, the device is programmed to enter the lock mode when a user presses a specific button or a series of buttons or when it has been idle for a certain period of time. When a user desires to use a device that is locked, the user will typically be required to drag a slide bar, press a specific button or a series of buttons (e.g., to enter a password) to unlock the device. Populating the mobile device with a password screen when the mobile device is in the lock mode was well known to one of ordinary skill in the art before the effective filing date of the claimed invention).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Zhao in the invention of Chavez to include the above limitations. The motivation to do so would be to prevent an unauthorized person from using the device (Zhao: [0002]).
Chavez in view of Zhao does not teach: populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device; and program instructions to display a denial message in response to an incorrect passcode being input to the second passcode screen. However, Zhao teaches:
populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device; and program instructions to display a denial message in response to an incorrect passcode being input to the second passcode screen (Olsen: [0002]: Current mobile computing devices typically provide an unlock screen or user interface that receives manual user input to unlock the devices. For example, a user may enter a password or manually trace a graphical pattern on a touchscreen of a mobile computing device to unlock that device. Only individuals with access to a password may be able to unlock a locked device. Displaying an “Incorrect Password” message that denies access unless a correct password is entered was well known to one of ordinary skill in the art before the effective filing date of the claimed invention).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Olsen in the invention of Chavez in view of Zhao to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 15, Chavez teaches:
A computer system, the computer system comprising: one or more computer processors; one or more computer readable storage medium; and program instructions stored on the computer readable storage medium for execution by at least one of the one or more processors, the program instructions comprising: 
program instructions to receive one or more policy decisions from a primary user (Chavez:[0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user); 
program instructions to capture biometric information of a secondary user of the computing device using a biometric sensor of the computing device (Chavez: [0079]: the activity monitoring instructions 240 may be configured to …, receive biometric information from the user, request the user to input an access code or password, etc. [0082] The biometric recording instructions 256, when executed by the processor 204, may enable the communication device 104, 108 to actively or passively monitor various biometrics inputs of a user of the device.);  
program instructions to analyze the biometric information of the secondary user of the computing device by comparing the biometric information to a plurality of user profiles within the database (Chavez: [0082]: In some embodiments, the biometric recording instructions 256 may passively capture voice inputs from the user, again as part of determining whether the user is a primary user or borrowing user. The combination of biometric recorded data and behavioral recorded data may be provided to a locally-executed set of AI instructions, in the form of the AI module 260, to determine whether a current user of the device 104, 108 is a primary user or a borrowing user. [0090] The biometric data fields 304, 308 may contain any type of biometric data for known and enrolled users of the device 104, 108. In other embodiments, one or more enrolled users may correspond to known and trusted borrowing users of the device 104, 108. [0103]: The method 500 continues by receiving biometric features of the borrowing user (step 508) and then generating a borrowing user biometric data or template based on the received features (step 512). [0104]: The method 500 continues by storing the borrowing user data or templates within the data structure 300 (step 516). Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520)); 
program instructions to determine whether the secondary user is authorized to have access to the computing device in response to a comparison between the biometric information to the plurality of user profiles within the database (Chavez: [0104]: Thereafter, the device usage may be conditioned upon the borrowing user successfully authenticating themselves with the device (step 520)). [0105] In some embodiments, the primary user may be required to input additional permissions or authentication inputs (e.g., a borrowing-permitted input) to indicate that the borrowing user is allowed to borrow the device (step 524). If no further primary user inputs are required, then the borrowing user may simply be allowed to borrow the device. [0120]-[0121]: This may result in the compliance instructions 264 determining whether or not further use of the device is allowed by someone other than the primary user (step 916). In some embodiments, the compliance instructions 264 may determine that further use is allowed, but only so long as that further use is in alignment with compliance instructions 264 or other borrowing policies defined by the primary user); 
program instructions to monitor activity associated with one or more applications by the secondary user authorized to have access to the computing device (Chavez: [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy. [0068]: In some embodiments, the second borrowing user 120c may not be able to access certain types of content (e.g., particular content servers 116 or web addresses) using a browser of the user device 104 even though the second borrowing user 120c has the ability to access the browser of the user device 104 (monitoring second borrowing user’s activity associated with the browser application). [0079]: The activity monitoring instructions 240 may also receive usage information associated with an application 232 or O/S 224 (e.g., particular commands received at the application 232 or O/S 224 or usage statistics associated with operation of a particular application 232 or O/S 224). As a non-limiting example, the activity monitoring instructions 240 may be configured to determine whether a particular user is actively using particular applications, determine that certain functions are being performed within an application, determine that certain features (e.g., text features, calling features, social media features, etc.) are being utilized by an application, and so on. Also, [0112], [0106], [0122]); 
program instructions to detect the activity being unauthorized activity by the secondary user authorized to have access to the computing device (Chavez:[0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device (detecting unauthorized activity). [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device); and 
in response to detecting the unauthorized activity by the secondary user authorized to have access to the computing device, program instructions to activate the determined protected mode on the computing device (Chavez: [0081]: In some embodiments, such a notification may also be sent to an application host to terminate an application connection and ensure an application is no longer accessible since the binding is broken, such as the case when a borrowing user may be accessing the primary user's mobile banking application on the device. [0122]: If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device); and 
wherein the determined protected mode allows the secondary user access to predetermined application software specified by the primary user within the database of the computing device (Chavez: [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application). [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, i.e., the borrowing user is allowed to access certain applications based on primary user’s policies). Also, [0106], [0081]).
Chavez does not teach: program instructions to monitor a computing device to identify a pattern of keys pressed on the computing device by the primary user; program instructions to determine a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user; program instructions to activate the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, populate the computing device with a passcode screen in response to the pattern of keys being pressed; populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device. However, Zhao teaches:
program instructions to monitor a computing device to identify a pattern of keys pressed on the computing device by the primary user; program instructions to determine a protected mode within a database which corresponds with the pattern of keys on the computing device by the primary user; program instructions to activate the protected mode on the computing device determined by the pattern of keys pressed; in the determined protected mode, populate the computing device with a passcode screen in response to the pattern of keys being pressed (Zhao: [0002] Many mobile devices have a lock mode. Generally, the device is programmed to enter the lock mode when a user presses a specific button or a series of buttons or when it has been idle for a certain period of time. When a user desires to use a device that is locked, the user will typically be required to drag a slide bar, press a specific button or a series of buttons (e.g., to enter a password) to unlock the device. Populating the mobile device with a password screen when the mobile device is in the lock mode was well known to one of ordinary skill in the art before the effective filing date of the claimed invention);
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Zhao in the invention of Chavez to include the above limitations. The motivation to do so would be to prevent an unauthorized person from using the device (Zhao: [0002]).
Chavez in view of Zhao does not teach: populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device. However, Olsen teaches:
populate the computing device with a second passcode screen to deactivate the determined protected mode and unlock the computing device (Olsen: [0002] Current mobile computing devices typically provide an unlock screen or user interface that receives manual user input to unlock the devices. For example, a user may enter a password or manually trace a graphical pattern on a touchscreen of a mobile computing device to unlock that device).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Olsen in the invention of Chavez in view of Zhao to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 2, Chavez in view of Zhao and Olsen teaches:
The computer-implemented method of claim 1, the method further comprising: receiving, by the one or more processors, the one or more policy decisions from the primary user (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user); 
analyzing, by the one or more processors, the one or more policy decisions from the primary user (Chavez: [0021]: The policy compliance instructions may be configured to load all of the policies configured by the primary user and possibly other policies provided by a borrowing user. When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies); and 
storing, by the one or more processors, (i) the one or more policy decisions (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user) and (ii) one or more identified data requests on the database (Chavez: [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse. [0024]: In some embodiments, the activity monitoring instructions may be configured to record inappropriate activity of the borrowing user in its local database), wherein the unauthorized activity comprises navigating away from application software on another screen of the computing device (Chavez: [0017]: Additionally, the owner could configure a policy where access to social networking applications such as Facebook, Twitter, WhatsApp, etc. would be prevented when the communication device is being used by a borrowing user or some other non-primary user. [0106]: In one embodiment, such input to grant permission to allow borrowing user to utilize the device, may be time bound or event bound, that is, the primary user allows the borrowing user to utilize the device for a limited amount of time or until a preconfigured event occurs such as the borrowing user trying to access an application the borrowing user is not supposed to do (navigating away from allowed application software).  

As per claims 3 and 16, Chavez in view of Zhao and Olsen teaches:
The computer-implemented method of claim 1, the method further comprising: receiving, by the one or more processors, one or more data request from the primary user (Chavez: [0075]: A user may be considered to be utilizing the device 104, 108 when the O/S 224 is operational/functional and/or when one or more applications 232 are being actively executed by the processor 204 and/or when the user is interacting with the device through user interface 220 either by physical touch or voice commands. Active execution of an O/S 224 and/or application 232 may result in certain types of data being rendered via the user interface 220 and/or transmitted via the communications interface 212. [0077]: Reference to the user permissions 236 may be done at each instance of the primary user 120a inputting an instruction to the device 104, 108 or at least instance of the primary user 120a attempting to access a new application or function of the device 104, 108); 
analyzing, by the one or more processors, the one or more data requests from the primary user (Chavez: [0077]: The device functionality may be controlled with the O/S 224 referencing whether or not a primary user 120a is currently bound to the device 104, 108 and then referencing the associated primary user permissions 236 for the primary user 120a. Reference to the user permissions 236 may be done at each instance of the primary user 120a inputting an instruction to the device 104, 108 or at least instance of the primary user 120a attempting to access a new application or function of the device 104, 108); 
determining, by the one or more processors, that the one or more data requests match the one or more policy decisions stored on the database (Chavez: [0077]: In some embodiments, the primary user permissions 236 correspond to a set of rules, policies or parameters that are applied to utilization of the device 104, 108 when a binding exists between the primary user 120a and the device 104 (e.g., as shown in FIG. 1B). In some embodiments, the primary user 120a may be enabled to fully access all functions, applications, and hardware of the device 104, 108. [0110]: the primary user is allowed to access functionality and features of the device 104 based on the primary user permissions 236 (step 620)); and 
displaying, by the one or more processors, a denial message in response to an incorrect passcode being input to the second passcode screen (Olsen: [0002]: For example, a user may enter a password or manually trace a graphical pattern on a touchscreen of a mobile computing device to unlock that device. Only individuals with access to a password may be able to unlock a locked device. Displaying an “Incorrect Password” message that denies access unless a correct password is entered was well known to one of ordinary skill in the art before the effective filing date of the claimed invention).  

As per claim 4, Chavez in view of Zhao and Olsen teaches:
The computer-implemented method of claim 3, the method further comprising: in response to determining that the one or more data requests match the one or more policy decisions stored on the database, identifying, by the one or more processors, a threshold level of security based on (i) the one or more data requests and (ii) the one or more policy decisions (Chavez: [0077]: In some embodiments, the primary user permissions 236 correspond to a set of rules, policies or parameters that are applied to utilization of the device 104, 108 when a binding exists between the primary user 120a and the device 104 (e.g., as shown in FIG. 1B). In some embodiments, the primary user 120a may be enabled to fully access all functions, applications, and hardware of the device 104, 108. [0110]: the primary user is allowed to access functionality and features of the device 104 based on the primary user permissions 236 (step 620). [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy, whether or not the primary user is to be notified of the violation. [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application) (protected mode)); 
determining, by the one or more processors, to activate protected mode on a computing device (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device); and 
generating, by the one or more processors, one or more policy responses associated with the one or more data requests that match the one or more policy decisions stored on the database, and includes, but is not limited to, a command to activate protected mode associated with threshold level of security (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device (activating protected mode). [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies. [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, and/or notify the primary user of the violations (step 928)), 
wherein the determined protected mode allows the secondary user access to predetermined application software specified by the primary user within the database of the computing device (Chavez: [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application). [0106], [0081]. [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, i.e., the borrowing user is allowed to access certain applications based on primary user’s policies)).  

As per claims 5, 12 and 18, Chavez in view of Zhao and Olsen teaches:
The computer-implemented method of claim 4, the method further comprising: communicating, by the one or more processors, the one or more policy responses; activating, by the one or more processors, protected mode on the computing device associated with a threshold level of security (Chavez: [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application) (protected mode). [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device (activating protected mode)); 
monitoring, by the one or more processors, user activity on the computing device (Chavez: [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies); 
identifying, by the one or more processors, unauthorized user activity on the computing device; and executing, by the one or more processors, a lock screen function on the computing device in response to identifying the unauthorized user activity (Chavez: [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, and/or notify the primary user of the violations (step 928)).  

As per claims 6, 13 and 19, Chavez in view of Zhao and Olsen teaches:
The computer-implemented method of claim 5, the method further comprising: populating, by the one or more processors, the computing device with a login prompt; receiving, by the one or more processors, one or more login attempts; analyzing, by the one or more processors, the one or more login attempts; authorizing, by the one or more processors, a user associated with a correct login attempt; and deactivating, by the one or more processors, the protected mode in response to authorizing a user associated with a correct login attempt (Olsen: [0002] Current mobile computing devices typically provide an unlock screen or user interface that receives manual user input to unlock the devices. For example, a user may enter a password or manually trace a graphical pattern on a touchscreen of a mobile computing device to unlock that device. Only individuals with access to a password may be able to unlock a locked device).  

As per claim 9, Chavez in view of Zhao and Olsen teaches:
The computer program product of claim 8, the program instructions further comprising: program instructions to receive the one or more policy decisions from the primary user (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user); program instructions to analyze the one or more policy decisions from the primary user (Chavez: [0021]: The policy compliance instructions may be configured to load all of the policies configured by the primary user and possibly other policies provided by a borrowing user. When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies); and program instructions to store (i) the one or more policy decisions (Chavez: [0093] The primary permissions field 332 may be used to store information related to device use permissions created by the primary user and/or that are to be imposed on the primary user. In some embodiments, the primary permissions field 332 may be used to store permissions defined by a primary user for application to a borrowing user) and (ii) one or more identified data requests on the database (Chavez: [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse. [0024]: In some embodiments, the activity monitoring instructions may be configured to record inappropriate activity of the borrowing user in its local database), wherein the determined protected mode allows the secondary user access to predetermined application software specified by the primary user within the database of the computing device (Chavez: [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application). [0106], [0081]. [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, i.e., the borrowing user is allowed to access certain applications based on primary user’s policies)).

As per claim 10, Chavez in view of Zhao and Olsen teaches:
The computer program product of claim 8, the program instructions further comprising: program instructions receive one or more data request from the primary user(Chavez: [0075]: A user may be considered to be utilizing the device 104, 108 when the O/S 224 is operational/functional and/or when one or more applications 232 are being actively executed by the processor 204 and/or when the user is interacting with the device through user interface 220 either by physical touch or voice commands. Active execution of an O/S 224 and/or application 232 may result in certain types of data being rendered via the user interface 220 and/or transmitted via the communications interface 212. [0077]: Reference to the user permissions 236 may be done at each instance of the primary user 120a inputting an instruction to the device 104, 108 or at least instance of the primary user 120a attempting to access a new application or function of the device 104, 108); program instructions to analyze the one or more data requests from the primary user (Chavez: [0077]: The device functionality may be controlled with the O/S 224 referencing whether or not a primary user 120a is currently bound to the device 104, 108 and then referencing the associated primary user permissions 236 for the primary user 120a. Reference to the user permissions 236 may be done at each instance of the primary user 120a inputting an instruction to the device 104, 108 or at least instance of the primary user 120a attempting to access a new application or function of the device 104, 108); and program instructions to determine that the one or more data requests match the one or more policy decisions stored on the database (Chavez: [0077]: In some embodiments, the primary user permissions 236 correspond to a set of rules, policies or parameters that are applied to utilization of the device 104, 108 when a binding exists between the primary user 120a and the device 104 (e.g., as shown in FIG. 1B). In some embodiments, the primary user 120a may be enabled to fully access all functions, applications, and hardware of the device 104, 108. [0110]: the primary user is allowed to access functionality and features of the device 104 based on the primary user permissions 236 (step 620)).

As per claim 11, Chavez in view of Zhao and Olsen teaches:
The computer program product of claim 10, the program instructions further comprising: in response to determining that the one or more data requests match the one or more policy decisions stored on the database, program instructions to identify a threshold level of security based on (i) the one or more data requests and (ii) the one or more policy decisions (Chavez: [0077]: In some embodiments, the primary user permissions 236 correspond to a set of rules, policies or parameters that are applied to utilization of the device 104, 108 when a binding exists between the primary user 120a and the device 104 (e.g., as shown in FIG. 1B). In some embodiments, the primary user 120a may be enabled to fully access all functions, applications, and hardware of the device 104, 108. [0110]: the primary user is allowed to access functionality and features of the device 104 based on the primary user permissions 236 (step 620). [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy, whether or not the primary user is to be notified of the violation. [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application) (protected mode)); program instructions to determine to activate protected mode on a computing device (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device); and program instructions to generate one or more policy responses associated with the one or more data requests that match the one or more policy decisions stored on the database, and includes, but is not limited to, a command to activate protected mode associated with threshold level of security (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device (activating protected mode). [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies. [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, and/or notify the primary user of the violations (step 928)).

As per claim 17, Chavez in view of Zhao and Olsen teaches:
The computer system of claim 16, the program instructions further comprising: in response to determining that the one or more data requests match the one or more policy decisions stored on the database, program instructions to identify a threshold level of security based on (i) the one or more data requests and (ii) the one or more policy decisions (Chavez: [0077]: In some embodiments, the primary user permissions 236 correspond to a set of rules, policies or parameters that are applied to utilization of the device 104, 108 when a binding exists between the primary user 120a and the device 104 (e.g., as shown in FIG. 1B). In some embodiments, the primary user 120a may be enabled to fully access all functions, applications, and hardware of the device 104, 108. [0110]: the primary user is allowed to access functionality and features of the device 104 based on the primary user permissions 236 (step 620). [0104]: the policy compliance instructions 264 may start monitoring the user behavior to determine if such behavior is compliant with the policies for the borrowing user and if the borrowing user violates any such policy, whether or not the primary user is to be notified of the violation. [0017]: the different types of policies may include a definition of types of applications that are made accessible to borrowing users (e.g., educational applications, music applications, child entertainment applications, etc.) and some applications that are not made accessible to borrowing users (e.g., primary user's social media applications, personal email and/or work email application) (protected mode)); program instructions to determine to activate protected mode on the computing device (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device); and program instructions to generate one or more policy responses associated with the one or more data requests that match the one or more policy decisions stored on the database, and includes, but is not limited to, a command to activate protected mode associated with threshold level of security (Chavez: [0019]: if the system determines that the user has changed from the primary user to a borrowing user, then the pairing/binding between the primary user and communication device may be broken and permissions associated with the borrowing user rather than the primary user may be referenced for functionality of the communication device (activating protected mode). [0021]: When a user first attempts to access a new website, game, or application, the policy compliance instructions may further check if any of the configured policies allow/disallow such an action and take appropriate recourse (e.g., block the access or redirect the user to another website/application), thereby preventing the borrowing user from violating the policies. [0122] The method 900 will then continue with the compliance instructions 264 determining whether the current behavior of the borrowing user is within alignment of the policies defined for the borrowing user (step 920). If the current behavior (e.g., use behaviors of the borrowing user) violate the compliance instructions 264, then the method will optionally lock the device, limit functionality of the device, and/or notify the primary user of the violations (step 928)), wherein the unauthorized activity comprises navigating away from application software on another screen of the computing device (Chavez: [0106]: In one embodiment, such input to grant permission to allow borrowing user to utilize the device, may be time bound or event bound, that is, the primary user allows the borrowing user to utilize the device for a limited amount of time or until a preconfigured event occurs such as the borrowing user trying to access an application the borrowing user is not supposed to do (navigating away from allowed application software)).

Claims 7, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Chavez in view of Zhao and Olsen as applied to claims 1, 8 and 15 above, and further in view of prior art of record US 20120215907 to Chung (hereinafter Chung).
As per claims 7, 14 and 20, Chavez in view of Zhao and Olsen does not teach: generating, by the one or more processors, a protection report that includes, but is not limited to, (i) the one or more login attempts to authorize a user and (ii) a time and date in which a user was authorized. However, Chung teaches:
the method further comprising: generating, by the one or more processors, a protection report that includes, but is not limited to, (i) the one or more login attempts to authorize a user and (ii) a time and date in which a user was authorized (Chung: [0002]: [0002] Computer and computer systems, such as servers, personal computers, web servers, mainframe computers, workstations and the like, and the software applications running on such systems typically generate log messages of the activity performed by them. For instance, the log messages may include information regarding log-in attempts, user identity, user log-in information, date and time, data accessed, data requested, applications accessed, etc. The log messages are logged (maintained and stored) in a log file which generally includes numerous log messages from the computer).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Chung in the invention of Chavez in view of Zhao and Olsen to include the above limitations. The motivation to do so would be to use the log messages for security purposes, such as identifying and preventing potential security attacks, unauthorized intrusions and security breaches. For example, a brute force attack attempting to log-in using trial and error usernames and/or passwords may be identified and blocked by managing the log messages from the targeted computer system (Chung: [0003]).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MADHURI R HERZOG whose telephone number is (571)270-3359. The examiner can normally be reached 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

MADHURI R. HERZOG
Primary Examiner
Art Unit 2438



/MADHURI R HERZOG/Primary Examiner, Art Unit 2438