DETAILED ACTION
	The instant application having Application No. 17/877,047 filed 07/29/2022 is presented for examination by the Examiner.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
At least claims 1 and 19  are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 and 9  of U.S. Patent No. 11,425,566. Although the claims at issue are not identical, they are not patentably distinct from each other because the scope of the present invention is a broader version of the scope in the patent.
                 Instant Application 
                  Patent 11,425,566
Claim 1: 
     A method for performing location-based multi-factor authentication, the method comprising: 




     receiving, at a mobile device, a first set of authentication credentials provided by a user; 
  


     transmitting, by the mobile device, the first set of authentication credentials to an authentication server;
 
     verifying the first set of authentication credentials by the authentication server accessing stored credential information; 
     transmitting, by the authentication server, verified first factor authentication to the mobile device; 

     transmitting, by the mobile device, a request for second factor authentication to an authentication system;

     scanning, by the mobile device, identifier information associated with a secure device in response to instructions received by the mobile device from the authentication system; 

     sending a second set of authentication credentials from the secure device to the authentication system; 
     verifying the second set of credentials by the authentication system accessing a secure device location database; 
     transmitting, by the authentication system, verified second factor authentication to the authentication server via the mobile device; 


     granting final authentication, by the authentication server, based on the verified first factor authentication and the verified second factor authentication. 

Claim 1: 
     A computer implemented method for multifactor authentication to bind a mobile device to a secure device located at a specific physical location, the method comprising: 
     performing a first factor authentication, comprising: 

          receiving, at the mobile device, authentication credentials provided by a user, the authentication credentials comprising at least two of a user name, password, personal identification number, passcode, facial recognition, fingerprint, and voice print; 
          transmitting, with the mobile device, the authentication credentials to an authentication broker server; 
          verifying, at the authentication broker server, the authentication credentials; 
    performing, upon successful verification of the authentication credentials of the first factor authentication, a second factor authentication, the second factor authentication comprising: 
          sending, via the mobile device, a request to scan a physical user identifier previously issued to the user, the request being sent when the user is at the secure device; 
          scanning, by the mobile device, the physical user identifier at the secure device, wherein the secure device is located in the specific physical location, wherein the specific physical location is approved for the user to access protected customer data using the mobile device; 
          verifying, with a database, identification data associated with the scanned physical user identifier and the specific physical location of the secure device; 
     upon successfully verification of the scanned physical user identifier and the specific physical location of the secure device, configuring, by the authentication broker server, the mobile device to bind the user and the specific physical location of the secure device to the mobile device; 
     allowing the user to access the protected customer data using the mobile device at the specific physical location of the secure device; and 
     denying access to the mobile device when verification of the scanned physical user identifier and the specific physical location of the secure device fails.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 5, 7, 10, 12-13 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Pinski et al. (US 2015/0106900 A1-hereinafter Pinski.)
Regarding claim 1, Pinski discloses a method for performing location-based multi-factor authentication, the method comprising: 
receiving, at a mobile device, a first set of authentication credentials provided by a user (at least figures 2 & 4, [0015][0019], i.e.: user ID & password are provided/inputted by user to the mobile device); 
transmitting, by the mobile device, the first set of authentication credentials to an authentication server (at least figures 2-4, [0015][0019], the user ID & password are sent to server); 
verifying the first set of authentication credentials by the authentication server accessing stored credential information (figures 2-5, [0021][0045][0050], the user ID & password are verified against user ID & password stored); 
transmitting, by the authentication server, verified first factor authentication to the mobile device (at least [0021]-[0022], session ID (SID) is transmitted to the mobile device. The SID inherently indicates that the user ID & password have been verified); 
transmitting, by the mobile device, a request for second factor authentication to an authentication system (at least [0026], a request to authenticate an encrypted message sent by the mobile device is transmitted to a device identification server); 
scanning, by the mobile device, identifier information associated with a secure device in response to instructions received by the mobile device from the authentication system (at least [0022]-[0026], in response to instructions received, the mobile device scans/searches for geo-coordinates associated with a network device (secure device)); 
sending a second set of authentication credentials from the secure device to the authentication system (at least [0026], coordinates from the network device is sent to the device identification server); 
verifying the second set of credentials by the authentication system accessing a secure device location database (at least [0027], geo-coordinates of network device is verified against network-based location data); 
transmitting, by the authentication system, verified second factor authentication to the authentication server (at least [0028], encrypted authentication result is sent to application server. The encrypted authentication result inherently indicates at least the geo-coordinates have been verified); 
granting final authentication, by the authentication server, based on the verified first factor authentication and the verified second factor authentication (at least [0028], the application server either grants or denies based on the verifications of the username, passwords and coordinates.) 
Pinski does not explicitly disclose the transmitting, by the authentication system, verified second factor authentication to the authentication server is via the mobile device.
Pinski discloses the transmitting verified second factor authentication by the authentication system is directly to the authentication server instead of via the mobile device ([0028].) 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to use the direct method of transmitting as discloses in Pinski as opposed to the invention to save resources and at the same time speed up the process of the method.

Regarding claim 5, Pinski discloses the method of claim 1. Pinski also discloses the first set of authentication credential includes a user name and a password (at least [0015], user ID & password),

Regarding claim 7, Pinski discloses the method of claim 1. Pinski also discloses the second set of authentication credentials includes the identifier information and location information of the secure device (at least [0022][0026][0047], i.e.: base station and location.)

Regarding claim 10, Pinski discloses the method of claim 1. Pinski also discloses the secure location database includes location information of the secure device (at least [0047], location of network component, i.e.: base station or cell tower.)

Regarding claim 12, Pinski disclose the method of claim 1. 
Pinski does not explicitly disclose when the first set of authentication credentials cannot be verified by the authentication server, the first factor authentication terminates and the request for the second factor authentication is not transmitted.
However, it is obvious that when the first set of authentication credentials cannot be verified by the authentication server, the first factor authentication terminates and the request for the second factor authentication is not transmitted, because as discloses in [0021] if the user ID, password and device ID are not validated, then a session ID (SID) would not be generated, and if the SID is not generated, then the mobile device would not obtain geo-coordinates of a network device location to transmit as a second factor authentication.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to explicitly discloses that when the first set of authentication credentials cannot be verified by the authentication server, the first factor authentication terminates and the request for the second factor authentication is not transmitted to enhance the security level of the method and at the same time save valuable network resources.

Regarding claim 13, Pinski discloses the method of claim 12. 
Pinski does not explicitly disclose when the second set of authentication credentials cannot be verified by the authentication system, the second factor authentication terminates and the final authentication is not granted.
However, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to terminate the second factor authentication and the final authentication is not granted when the second set of authentication credentials cannot be verified because as discloses in at least [0028], Pinski discloses after both the first and second factor authentication are validated, then result of the authentication is used to determine whether a confirm or deny to an access request should be sent.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to explicitly discloses that when the second set of authentication credentials cannot be verified by the authentication system, the second factor authentication terminates and the final authentication is not granted to enhance the security level of the method.

	Claim 19 is rejected for the same rationale as claim 1 above.

Claims 2-4, 6, 8-9, 11, 16-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Pinski and in view of Brown et al. (U.S Patent 10,754,600 B1-hereinafter Brown.)
Regarding claim 2, Pinski discloses the method of claim 1.  Pinski also discloses sending, by the authentication server, the granted final authentication to allow the mobile device login access (at least [0015][0028], i.e: mobile device is granted access to account.)
Pinski does not explicitly disclose, the granted final authentication to a management server that sends commands to the mobile device granting access to the user to access the secure device.
However, Brown discloses a grant final authentication to management server that sends a command to grant access to a user to access a secure device (at least column 8, lines 1-15, i.e: component that transmits information to allow user to access storage compartment of printer.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Brown into the method of Pinski to enhance the security level of the method.

Regarding claim 3, Pinski discloses the method of claim 2. Pinski also discloses wherein the secure device is located at a physically-secure location (at least Pinski-[0025],  i.e.: base station; Brown-at least figure 3; abstract, printer at a secure location within an organization.)

Regarding claim 4, Pinski discloses the method of claim 1.
Pinski does not explicitly disclose the secure device is a Multi-Function-Device (MFD).
However, Donald discloses a device that is both a mobile printing apparatus and a delivery apparatus (at least column 4, lines 53-63.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Donald into the method of Pinski to allow the method to be carried out using different types of network devices.

Regarding claim 6, Pinski discloses the method of claim 1. Pinski also discloses  the first set of authentication credentials includes a user name (at least [0015], user ID.)
Pinski does not explicitly disclose the first set of authentication credentials includes biometric information associated with the user. 
However, Brown discloses authentication credentials includes biometric information associated with a user (at least column 8, lines 1-8, facial recognition or other biometrics.)
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Brown into the method Pinski to allow different data to be used as authentication information.

Regarding claim 8, Pinski discloses the method of claim 1. Pinski does not explicitly disclose the secure device includes a user-interactive terminal.
However, Brown discloses a secure device includes a user-interactive terminal (at least column 5, lines 11-24, i.e.: touchscreen input.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the device in Pinski to include the device in Brown into the method to allow the method to be carried out using different network devices.

Regarding claim 9, Pinski and Brown disclose the method of claim 8. Brown also inherently discloses the user-interactive terminal includes a proximity sensor (at least column 8, lines 28-39, sensor that assists device steer around obstacles.)

Regarding claim 11, Pinski and Brown disclose the method of claim 6. Brown also discloses the biometric information includes facial recognition (at least column 8, lines 1-8, facial recognition or other biometrics.)
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Brown into the method Pinski to allow different data to be used as authentication information.
Regarding claim 16, Pinski discloses the method of claim 1. Pinski does not explicitly disclose the secure device is a printer.
However, Brown discloses a secure device is a printer (at least column 4, lines 53-63, printing apparatus.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the device of Brown into the method Pinski to allow different types of device to carry out the method.

Regarding claim 17, Pinski discloses the method of claim 1. Pinski does not explicitly disclose the secure device is a vehicle.
However, Brown discloses a secure device is a vehicle (at least column 4, lines 53-63, a printing apparatus that transports printed documents.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the device of Brown into the method Pinski to allow different types of device to carry out the method.

Claim 20 is rejected for the same rationale as claim 2 above.

Claims 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Pinski and in view of Balinsky et al. (U.S 2017/0046525 A1-hereinafter Balinsky.)
Regarding claim 14, Pinski discloses the method of claim 1. 
Pinski does not explicitly disclose the granted final authentication is limited to a predetermined time period.
However, Balinsky discloses a grant is limited to a predetermined time period ([0016], restricted access, i.e.: during office hours only.)
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Balinsky into the method Pinski to enhance the security level of the method.

Regarding claim 15, Pinski discloses the method of claim 1.  
Pinski does not explicitly disclose the granted final authentication is limited to the user being within a predetermined area after the user accesses the secure device.
However, Balinsky discloses a grant is limited to a user being within a predetermined area after the user accesses a secure device (at least [0016], i.e.: user is in the vicinity of the imaging device at particular date/time.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Balinsky into the method Pinski to enhance the security level of the method.

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Pinski, Brown and further in view of Balinsky et al. (U.S 2017/0046525 A1-hereinafter Balinsky.)
Regarding claim 18, Pinski discloses the method of claim 17.
Pinski does not explicitly disclose the mobile device is an electronic tablet assigned to the user by an owner of the vehicle.
However, Balinsky discloses a mobile device is an electronic tablet assigned to a user by an admin of a secure device ([0006], computing device is assigned as an authorized device to make request to imaging device.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Balinsky into the method of Pinski to ensure only authorized devices can be used to send requests.
	Pinski and Balinsky do not disclose the secure device is a vehicle device.
However, Brown discloses a secure device is a vehicle device (at least column 4, lines 53-63, a printing apparatus that transports printed documents.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the device of Brown into the method Pinski and Balinsky to allow different types of device to carry out the method.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PHY ANH T VU/           Primary Examiner, Art Unit 2438