DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

                                                             Double Patenting
2.   The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 

Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
3. Claims 1-18 of this instant application are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-18 of the US patent no. 10,313,327; and claims 1,3-9,12-18 of the US Patent no. 11, 281,762. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the current application encompass the same subject matter as of the patent application claims, but with obvious wording variations.  For example, the invention teaches a method for facilitating account login, specifically, receiving, from a terminal device, a request to log into a second account associated with a second server, wherein the request includes a first identifier associated with the first account and a second identifier associated with the second server; generating account information to be transmitted to the second server based on the first identifier; and transmitting the account information to the second server based on the second identifier; wherein the transmission of the account information enables the second account to be automatically logged into at the second server. Therefore, this is a non-statutory double patenting rejection.

                                Claim Rejections - 35 USC §103
4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

5.    Claims 1-6, 8, 10-15 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Shukla (US Pub.No.2015/0149766) in view of Balfanz (US Pat.No.9, 325,696).

6. Regarding claims 1 and 10 Shukla teaches a method and a server for facilitating account login, wherein the method is implemented by a first server [element.306 in fig.3] that is associated with a first account [element.302 is the first application account in fig.3] and an app installed on a terminal device, the method comprising: receiving, from a terminal device, a request, generated by a browser associated with the app, to log into a second account [element.304 is the second application account in fig.3] associated with a second server [element.308 in fig.3], wherein the request includes a first identifier associated with the first account (Figs. 1,3 and Para:0031-0036 teaches the app1 302 will prompt the user of the electronic device 104 to provide the login credentials like user id and password [first identifier herein] for accessing the app1 302. Upon login into app1 302, the app1 302 will then transmit the generated device public and private key along with the authentication information to the SSO server 102. A SAML token 316 will be generated by the SSO server 102. The SAML token 316 is transmitted to the app server1 306. The app server1 306 will create an application session for the user of the electronic device 104. The app server1 306 will transmit the SAML token 316 to the app1 302. The app1 302 will store the SAML token 316 in the secured storage of the memory unit of the electronic device 104. 
When the user wants to access the app2 304, the app2 004 will check for the SAML token. The app2 304 will retrieve the SAML token 316 from the electronic device 104. The app2 304 then transmit the SAML token 316 to the app server2 308. The electronic device then accesses the second mobile application using the SAML token via an application session created by the second application server (thus user will logon to the second application account, app2 304 using the SAML token. Further, the electronic device can access the app1 302 based on the validation of user id and password);

generating account information to be transmitted to the second server based on the first identifier (Para:0032-0036 teaches the app1 302 will prompt the user of the electronic device 104 to provide the login credentials like user id and password [first identifier herein] for accessing the app1 302. Upon login into app1 302, the app1 302 will then transmit the generated device public and private key along with the authentication information to the SSO server 102. A SAML token 316 will be generated by the SSO server 102. When the user wants to access the app2 304, the app2 304 will check for the SAML token 316 in the secured storage of the memory unit of the electronic device 104. The app2 304 will then transmit the SAML token 316 to the app server2 308 (thus user will logon to the second application account, app 2 304 using the SAML token);

Shukla teaches all the above claimed limitations, but does not expressly teach a second identifier associated with the second server; and transmitting the account information to the second server based on the second identifier; wherein the transmission of the account information enables the second server to determine second account based on an association between the first account and the second account;  wherein the transmission of the account information enables the second account to be automatically logged into at the second server.

Balfanz teaches a second identifier associated with the second server; and transmitting the account information to the second server based on the second identifier; wherein the transmission of the account information enables the second server to determine second account based on an association between the first account and the second account;  wherein the transmission of the account information enables the second account to be automatically logged into at the second server (Fig.5 and Col.7, lines.26-67; Col.8, lines.1-22 teaches selecting credentials [which is the second identifier] for the participating server 504.  The user 501 will login to the web browser 502, which causes the account manager 503 sends the credential to the authentication server 505, which authenticates and sends the token to the account manager 503; the participating server 504 is automatically authenticated using the received token). 

Therefore, to would have been obvious to one of the ordinary skill in the art before the effective filing date of the invention was filed to modify Shukla to include a second identifier associated with the second server; and transmitting the account information to the second server based on the second identifier, wherein the transmission of the account information enables the second account to be automatically logged into at the second server as taught by Balfanz, since such a setup will result in automatic login to second application account without user input.

7.    Regarding claims 2 and 11 Shukla teaches the method and the server, wherein the request is generated when the first account is logged into via the app (Para: 0019-0021 teaches the user of the electronic device request for accessing a second mobile application, when the first mobile application account is logged in).

8.    Regarding claims 3 and 12 Shukla teaches the method and the server, further comprising authenticating the second server before transmitting the first identifier to the second server, wherein the authenticating of second server comprises: generating a token (Para:0019-0021 teaches generating a SAML token);

transmitting the token to the second server (Para:0021 teaches when the electronic device request for accessing a second mobile application installed on the electronic device, the second mobile application may check for the availability of the SAML token on the secured storage of the electronic device. Since, the SAML token is available; the electronic device may sign the SAML token with a device signature using the device private key. After the signing, the electronic device may transmit the SAML token to a second application server);

receiving a signature associated with the token from the second server; and determining the validity of the signature (Para: 0021 and Para: 0023 teaches the system will receive the authentication token from a second application server associated with a second mobile application installed on the electronic device. The authentication token received from the second application server may be signed with a device signature using a device private key. The system may authorize the first authentication token by verifying the device signature and the server signature on the authentication token using the device public key and a server public key respectively. Further, the system may transmit, after the authorization, the authentication token to the electronic device via the second application server. The system may enable the electronic device to access the second mobile application using the authentication token authorized. The server signature and the device signature will be a "digital signature" or an "electronic signature" that will ensure authenticity or validity of the authentication token);

and wherein the second server is authenticated if the signature is determined to be valid
 (Para: 0021 and Para:0023 teaches the authentication token received from the second application server is signed with a device signature using a device private key, as such the signature is determined to be valid based on the device private key).

9.    Regarding claims 4 and 13 Shukla teaches the method and the server, wherein transmitting the token to the second server comprises transmitting the token to the app installed on the terminal device, and the app transmitting the token to the second server (Para: 0031-0035 teaches the app1 302 may prompt the user of the electronic device 104 to provide the login credentials like user id and password for accessing the app1 302. Upon login into app1 302, the app1 302 will then transmit the generated device public and private key along with the authentication information to the SSO server 102. A SAML token 316 may be generated by the SSO server 102. When the user wants to access the app2 304, the app2 304 will check for the SAML token 316 in the secured storage of the memory unit of the electronic device 104. The app2 304 may then transmit the SAML token 316 to the appServer2 308).

10.    Regarding claims 5 and 14 Balfanz teaches the method and the server, wherein the second server is associated with a first key [login token] (Col.6, lines.46-47 teaches the web server 302 decodes the login token and check its validity); wherein the signature is generated with a second key [signature bits] (Col.6, lines.22-24 teaches signature code include cryptographic signature bits); and wherein the signature is determined to be valid if the second key matches the first key (Col.6, lines. 31 -58 teaches web server 302 may confirm that the digital signature contained in the "auth=[signature]" bits, verify that an expiration time encoded in the same bits has not expired (for example, by comparing the expiration time against a current server time or by requesting confirmation that the login token remains valid from authentication server 312, decode the user identity. Upon successful verification of the login token, the server may log in the user).

11.    Regarding claims 6 and 15 Shukla teaches the method and the server, wherein the account information transmitted to the second server includes the first identifier; wherein the transmission of the first identifier enables the second server to determine the second account based on a first association between the first identifier and the second account (Para: 0031-0035 teaches the app1 302 may prompt the user of the electronic device 104 to provide the login credentials like user id and password for accessing the app1 302 user account. Upon login into app1 302 user account, the app1 302 will then transmit the generated device public and private key along with the authentication information to the SSO server 102. A SAML token 316 may be generated by the SSO server 102. When the user wants to access the app2 304 account, the app2 304 will check for the SAML token 316. The app2 304 may then transmit the SAML token 316 to the appServer2, and thus login to the second application account).
12.    Regarding claims 8 and 17 and Shukla teaches the method and the server, wherein the transmission of the first identifier causes the second server to create the second account based on a determination that the first association does not exist when the first identifier is transmitted (Para: 0031-0035 teaches the app1 302 may prompt the user of the electronic device 104 to provide the login credentials like user id and password for accessing the app1 302 user account. Upon login into app1 302 user account, the app1 302 will then transmit the generated device public and private key along with the authentication information to the SSO server 102. A SAML token 316 may be generated by the SSO server 102. When the user wants to access the app2 304 account, the app2 304 will check for the SAML token 316. The app2 304 may then transmit the SAML token 316 to the appServer2, and therefore login to the second application account. Thus, transmission of the first identifier [username and password] causes the second server to create the second application account).

13.    Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Shukla (US Pub.No.2015/0149766) in view of Balfanz (US Pat.No.9,325,696) as applied to claims 6 and 15 above and further in view of Yin (US Pub.No.2014/0013109).

14. Regarding claims 7 and 16 Shukla and Balfanz teaches all the above claimed limitations, but does not expressly teach the method and the server, wherein the first association is associated with a fourth identifier; wherein the fourth identifier is associated with an app installed on the terminal device.

Yin teaches the method and the server wherein the first association is associated with a fourth identifier; wherein the fourth identifier is associated with an app installed on the terminal device (Para: 0020-0023 and Para: 0036 teaches the fourth identifier can be the IME number, (ICCID) number, and/or some other identifier which is associated with the app installed on the terminal device).

Therefore, to would have been obvious to one of the ordinary skills in the art before the effective filing date of the invention was filed to modify Shukla and Balfanz to include a fourth identifier that is associated with an app installed on the terminal device as taught by Yin, since such a setup will result in acquiring more identifier thereby preventing unauthorized or un-trusted devices from accessing the application server.

15.    Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Shukla (US Pub.No.2015/0149766) in view of Balfanz (US Pat.No.9,325,696) as applied to claims 1 and 10 above and further in view of VanBlon (US Pub.No.2014/0208407).

 16.    Regarding claims 9,18 Shukla and Balfanz teaches all the above claimed limitations, but does not expressly teach the method and the server, wherein the account information transmitted to the second server includes a third identifier associated with the second account; wherein the account information is generated based on an association between the first identifier and the third identifier.

VanBlon teaches the method and the server, wherein the account information transmitted to the second server includes a third identifier associated with the second account; wherein the account information is generated based on an association between the first identifier and the third identifier (Para:0029-0030 teaches obtains a token after the user logs into the client side app [first app server], the application passes the token and the destination URL to a remote server to log the user into the remote server [second app server], Para: 0034-0038 teaches an IP address of the requestor, which is the third identifier herein).
Therefore, to would have been obvious to one of the ordinary skills in the art before the effective filing date of the invention was filed to modify Shukla and Balfanz to include the second server includes a third identifier associated with the second account as taught by VanBlon, since such a setup will result in automatic login to the second application account sing SSO.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri : 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431