Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/08/2022 has been entered.


Response to Arguments
In response to communication filed on 09/08/2022, applicant amends claims 1, 11, 19, 21, and 22.  The following claims, 1-2, 4-12, 14-22 are presented for examination.   

Applicant’s arguments, pages 10-13, filed 09/08/2022, with respect to the rejection of claims 1-2, 5-12, 14-22 under 35 USC 103 have been fully considered but they are moot in view of new ground of rejections.  

Upon further consideration, a new ground of rejection of claims 1-2, 4-12, 14-22 is set forth below.  



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 5-12, and 14-22 are rejected under 35 U.S.C. 103 as being unpatentable over Androsov et al. (US2017/0142118 A1, publish date 05/18/2017) in view of Du et al. (US2015/0242605 A1, publish date 08/27/2015).

Claims 1, 11, 19:
With respect to claims 1, 11, 19, Androsov et al. discloses a system/method/non-transitory computer-readable medium with computer-executable instructions stored thereon that are executed by an electronic processor to perform a method of/for utilizing behavioral features to authenticate a user entering login credentials (the server further effects storing of a characteristic of a previous activity of the registered user, and calculating the value of probability that the probable registered user is the registered user is additionally performed by comparing a characteristic of a current activity of the probable registered user with the characteristic of the previous activity of the registered user stored on the server, 0010) (previous activity of the user include the registered user’s behavior, 0011)(provide the server 102 with the ability to receive from the electronic device 112 the identification credentials of the registered user 120 entered registered user 120, 0044) (Figures 1 and 2), the system/method comprising 
an electronic processor, the electronic processor configured to 
receive a request to access a user account, the request including biometric data (provide the server 102 with the ability to receive from the electronic device 112 the identification credentials of the registered user 120 entered registered user 120, 0044) (entry of identification credentials, Figure 2, 202) and behavioral features (previous activity of the user include the registered user’s behavior, 0011); 
determine whether the biometric data is limited biometric data that without additional information is insufficient to authenticate the user entering login credentials to the user account (at least one parameter that is different from the registered user's complete identification credentials comprises at least one of information contained in an auto-fill file of a web browser, 0008, 0016) (the server 102 with the ability to receive from the electronic device 112 parameters other than the complete identification credentials of the registered user 120. The server can obtain parameters that differ from the complete identification credentials of the registered user 120 as well as other information, in particular, by obtaining the information contained in the auto-fill file of the web browser 116, which is stored with the permission of the registered user 120. For example, auto-fill forms can store logins (without passwords) to various web-services used by the registered user 120, 0051) (information contained in an auto-fill file of the web browser, including the incomplete identification credentials of the registered user 120 (e.g., a login), but does not obtain the complete identification credentials of the registered user 120. 0100) (Figure 2, 204), obtain parameter that is different from complete identification credentials);
responsive to determining that the biometric data is the limited biometrics data that without additional information is insufficient to authenticate the user entering the login credentials to the user account, compare the behavioral features included in the request to behavioral features included in a user behavior profile associated with the user account (The server 102 can also compare the current activity of the probable registered user with the characteristics of the previous activity of the registered user 120, stored on the server 102. if during the first step, to identify the probable registered user, the server 102 used the password of the registered user 120 stored by the web browser 116 or a cookie file, then, at the second stage, the server 102 may compare the behavioral characteristics of the registered user 120, stored on server 102, with the behavioral characteristics of the probable registered user at the moment. the server 102 may compare the time period, Such actions of the first probable registered user do not correspond to the behavioral patterns of the registered user 120. There can be various reasons for this difference in behavior, the server 102 can calculate the value of probability that the probable registered user is or is not the registered user 120, 0110), 
the behavioral features included in the user behavior profile include behavioral features associated with one or more previous requests to access the user account (the server further effects storing of a characteristic of a previous activity of the registered user, 0010) (characteristic of previous activity, pattern of behavior, 0011) (identify the characteristic features of the behavior of the registered user 120 (characteristics of the previous activity of the registered user 120), 0062).


Du et al. teaches The PV request 1100 may include a request for authentication and additional data (e.g., authentication credentials, authentication methods, authentication data requests, etc.), (0079) (Figures 2, 4, 11), a request for other authentication information, based upon one or more of biometric sensor information, non-biometric sensor data, user data input, or time.  Receive biometric sensor information from biometric sensors (e.g. hard biometrics and/or soft biometrics), non-biometric sensor data from non-biometric sensors (e.g. non-biometrics), user data input, or other authentication information, which matches, fulfills, satisfies or is consistent with or otherwise incorporates predefined security/privacy preference settings, (0039).  Trust level function block 230 may be configured to analyze the persistency over time of selected user behaviors or contexts and other authentication information, trust level function block 230 may identify and/or analyze behavior consistencies or behavior patterns, Examples of behavior consistencies, (0049), with changes in location or behavior of the user, 0079); based on the comparison, generate one or more scores including at least one selected from the group comprising a recency score, a frequency score, a novelty score, and a temporality score (a trust coefficient (TC) may be a level of trust based upon a data input, 0042) (all of which may be collected and processed to perform strong authentication via a trust coefficient for continuous authentication, 0066) (authentication strengths may be mapped into a format that represents level strengths of high, medium, low, or zero (no authentication capability) [e.g., Ah, Am, Al and An].  Trust levels may be mapped into a format representing high, medium, low or zero (non-trusted level) [e.g., Sh, Sm, Sl and Sn], 0092); 
for each of the one or more scores, 
compare the score to a predetermined threshold; and based on the comparison of the score to the predetermined threshold, adjust a match value (each of these inputs may be given an authentication strength and/or score by authentication strength function block 220 that are used in preparing one or more trust coefficient values by trust coefficient calculation function block 240, authenticating entity 250 may determine whether mobile device 100 has generated a trust coefficient that is greater than the risk coefficient such that the authenticating entity 250 may authenticate the mobile device 100 for the particular function to be performed, 0042) (utilizing a continuous authentication system, authentication may be continuously and actively performed, and biometrical information may be adaptively updated and changed, graph 614, based upon this continuous updating for continuous authentication (e.g. first a fingerprint scan, next a facial scan from a camera, next a GPS update, etc.), access control can reach 100% and access will be authenticated, 0067); and 
compare the match value to one or more predetermined thresholds to determine whether the behavioral features included in the request to access the user account authenticates the user, does not authenticate the user, or is inconclusive (the predefined security/privacy preference settings may include required authentication strengths for biometric sensor information and/or non-biometric sensor data in order to determine whether they are to be utilized or not to be utilized, implement an authentication strength function to determine the authentication strength for a requested, 0040) (a trust coefficient calculation function to determine the trust coefficient based upon the authentication strength of the received input data, Trust coefficient calculation function block 240 may be configured to continuously or quasi-continuously, or discreetly and on demand, output a trust coefficient to authenticating entity 250 in order to provide continuous, quasi-continuous or discrete authentication, 0051) (utilizing a continuous authentication system, authentication may be continuously and actively performed, and biometrical information may be adaptively updated and changed, 0067).

Androsov et al. and Du et al. are analogous art because they are from the same field of endeavor of user behavior authentication.

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Du et al. in Androsov et al. for based on the comparison, generate one or more scores including at least one selected from the group comprising a recency score, a frequency score, a novelty score, and a temporality score; 
for each of the one or more scores, compare the score to a predetermined threshold; and based on the comparison of the score to the predetermined threshold, adjust a match value; and compare the match value to one or more predetermined thresholds to determine whether the behavioral features included in the request to access the user account authenticates the user, does not authenticate the user, or is inconclusive as claimed for purposes of improving web services with protected passwords/incomplete identification credentials contained in auto-fills (0005, 0051)

Claims 2, 12, 20:
With respect to claims 2, 12, 20, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the behavioral features include at least one selected from the group comprising a geolocation, an IP address, a UDID, a DID, a device fingerprint, a web browser, a user agent, an email domain, an ISP, an operating system version, and a time stamp (such as user data inputs (e.g., username, password, etc.), non-biometric sensor inputs (e.g., GPS location, acceleration, orientation, etc.), biometric sensor inputs (e.g., fingerprint scan from a fingerprint sensor, facial or iris scan from a camera, voiceprint, etc.), 0042) (the TV may include a wide variety of different types of indicia of user identification/authentication.  Examples of these may include session ID, user name, password, date stamp, time stamp, 0084) (Figures 2, 4 and 8).

Claims 5, 14:
With respect to claims 5, 14, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate the frequency score based on whether one or more of the behavioral features included in the request are, based on behavioral features included in the user behavior profile, frequently associated with requests to access the user account (the PV request 1100 matches, incorporates, or satisfies predefined user security/privacy preferences, The authenticating entity 250 may then submit a new negotiated TV request 1110 that matches or satisfies the request of the mobile device 100, 0080) (a trust coefficient (TC) may be a level of trust based upon a data input, 0042) (all of which may be collected and processed to perform strong authentication via a trust coefficient for continuous authentication, 0066) (authentication strengths may be mapped into a format that represents level strengths of high, medium, low, or zero (no authentication capability) [e.g., Ah, Am, Al and An].  Trust levels may be mapped into a format representing high, medium, low or zero (non-trusted level) [e.g., Sh, Sm, Sl and Sn], 0092).

Claims 6, 15:
With respect to claims 6, 15, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate the novelty score based on whether one or more of the behavioral features included in the request do not match a behavioral feature included in the user behavior profile (if the PV request 1100 does not match or otherwise not satisfy the predefined user security/privacy preferences, the local trust broker may transmit a PV response 1105 to the authenticating entity 250 including predefined user security/privacy preferences having types of user-approved sensor data, biometric sensor information, user data input and/or authentication information.  The authenticating entity 250 may then submit a new negotiated TV request 1110 that matches or satisfies the request of the mobile device 100, 0080).

Claims 7, 16:
With respect to claims 7, 16, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate the recency score based on whether one or more of the behavioral features included in the request match a behavioral feature included in the user behavior profile and associated with one or more most previous requests to access the user account (authentication strengths may be mapped into a format that represents level strengths of high, medium, low, or zero (no authentication capability) [e.g., Ah, Am, Al and An].  Trust levels may be mapped into a format representing high, medium, low or zero (non-trusted level) [e.g., Sh, Sm, Sl and Sn], 0092).

Claims 8, 17:
With respect to claims 8, 17, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate a first temporality score based on whether a time and a date associated with the request is similar to a date and a time that one or more most previous requests are associated with (Trust coefficient calculation function, to receive the first metric of authentication strength from authentication strength function block 220, a second metric of trust level from trust level function block 230, preference settings from preference setting function block 210, as well as time/date input, to determine the trust coefficient, 0051) (continuous authentication, generating or conveying conventional authenticators, times/dates, 0075) (the TV may include a wide variety of different types of indicia of user identification/authentication.  Examples of these may include session ID, user name, password, date stamp, time stamp, 0084).

Claims 9, 18:
With respect to claims 9, 18, the combination of Androsov et al. and Du et al. discloses the limitations of claims 1, 11, 19, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate a second temporality score based on whether time elapsed between a time associated with the request and a most previous request to access the user account is within one standard deviation of an average time elapsed between previously received consecutive requests to access the user account (utilizing a continuous authentication, authentication may be continuously and actively performed, and biometrical information may be adaptively updated and changed, based upon this continuous updating for continuous authentication (e.g. first a fingerprint scan, next a facial scan from a camera, next a GPS update, etc.), 0067, Figure 6).

Claim 10:
With respect to claim 10, the combination of Androsov et al. and Du et al. discloses the limitations of claim 1, as addressed.

Du et al. discloses wherein the electronic processor is configured to generate a velocity score based on whether at least a predetermined number of requests to access the user account associated with the same behavioral feature are received during a predetermined time period (utilizing a continuous authentication, authentication may be continuously and actively performed, and biometrical information may be adaptively updated and changed, based upon this continuous updating for continuous authentication (e.g. first a fingerprint scan, next a facial scan from a camera, next a GPS update, etc.), 0067, Figure 6).

Claims 21, 22:
With respect to claims 21, 22, the combination of Du et al. and Androsov et al. discloses the limitations of claims 1, 11, as addressed.

Androsov et al. teaches wherein the electronic processor is further configured to determine that the biometric data is the limited biometric data that without additional information is insufficient to authenticate the user entering the login credentials to the user account by determining that the biometric data is based on one selected from a group consisting of: 
autofill input data, copy and paste input data, input data from a nefarious actor, and personal identification number (PIN) input data (at least one parameter that is different from the registered user's complete identification credentials comprises at least one of information contained in an auto-fill file of a web browser, 0008, 0016) (the server 102 with the ability to receive from the electronic device 112 parameters other than the complete identification credentials of the registered user 120. The server can obtain parameters that differ from the complete identification credentials of the registered user 120 as well as other information, in particular, by obtaining the information contained in the auto-fill file of the web browser 116, which is stored with the permission of the registered user 120. For example, auto-fill forms can store logins (without passwords) to various web-services used by the registered user 120, 0051) (information contained in an auto-fill file of the web browser, including the incomplete identification credentials of the registered user 120 (e.g., a login), but does not obtain the complete identification credentials of the registered user 120. 0100) (Figure 2, 204), obtain parameter that is different from complete identification credentials);


Claims 4 are rejected under 35 U.S.C. 103 as being unpatentable over Androsov et al. (US2017/0142118 A1, publish date 05/18/2017) in view of Du et al. (US2015/0242605 A1, publish date 08/27/2015) further in view of Paeschke et al. (EP 3385875 A1, 10/10/2018).  (on Applicant’s IDS filed 02/09/2021).

Claim 4:
With respect to claim 4, the combination of Androsov et al. and Du et al. discloses the limitations of claim 1, as addressed.

Androsov et al. discloses biometric data (provide the server 102 with the ability to receive from the electronic device 112 the identification credentials of the registered user 120 entered registered user 120, 0044) (entry of identification credentials, Figure 2, 202) and behavioral features (previous activity of the user include the registered user’s behavior, 0011).

Du et al. discloses behavioral features (Figures 4 and 8). 

Paeschke et al. teaches wherein the electronic processor is configured to determine a reason that there is insufficient biometric data to authenticate the user; and depending on the reason for the insufficient amount of biometric data, determine which behavioral features to analyze to determine the one or more scores and determine one or more predetermined thresholds to compare the one or more scores, match value, or both to (If user could not be authenticated, not enough biometric features were recorded by the camera, the door is locked and further the user enter the word and acquires data of a fine motor movement of the user, fine motor movement data are also used to generate a classification result 600, 0174) (if authentication fails, optional touchscreen offices the user a second option, uses the user’s fine motor movements as basis for authentication, 0175).

Androsov et al., Du et al. and Paeschke et al. are analogous art because they are from the same field of endeavor of user behavior authentication.

It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to use Paeschke et al. in Androsov et al. and Du et al. for wherein the electronic processor is configured to determine a reason that there is insufficient biometric data to authenticate the user; and depending on the reason for the insufficient amount of biometric data, determine which behavioral features to analyze to determine the one or more scores and determine one or more predetermined thresholds to compare the one or more scores, match value, or both to as claimed for purpose of enhancing the Continuous authentication system of Du et al. by increasing the security of behavior-based authentication (see Paeschke et al. 0036, 0057)


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Helai Salehi whose telephone number is 571-270-7468.  The examiner can normally be reached on Monday - Friday from 9 am to 5 pm., every other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeff Pwu, can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/HELAI SALEHI/
Examiner, Art Unit 2433

/JEFFREY C PWU/           Supervisory Patent Examiner, Art Unit 2433