12489416 (P.T.A.B. Jan. 23, 2018)

Ex Parte Lindsay

Patent Trial and Appeal BoardJan 23, 2018

12489416 (P.T.A.B. Jan. 23, 2018)

United States Patent and Trademark Office UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O.Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 12/489,416 06/22/2009 Jeffrey Dean Lindsay JL-4 1609 66125 7590 01/25/2018 JEFFREY DEAN LINDSAY 20 DIANE LANE APPLETON, WI54915 EXAMINER CHEUNG, CALVIN K ART UNIT PAPER NUMBER 3668 NOTIFICATION DATE DELIVERY MODE 01/25/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): jeff @ magicinnovation.com jeff@jefflindsay.com ldsfaq @ gmail. com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JEFFREY DEAN LINDSAY Appeal 2016-0048611 Application 12/489,4162 Technology Center 3600 Before MICHAEL W. KIM, NINA L. MEDLOCK, and BRADLEY B. BAYAT, Administrative Patent Judges. MEDLOCK, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellant appeals under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1—12 and 21—29. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 Our decision references Appellant’s Appeal Brief (“App. Br.,” filed November 5, 2015) and Reply Brief (“Reply Br.,” filed April 8, 2016), and the Examiner’s Answer (“Ans.,” mailed February 9, 2016) and Final Office Action (“Final Act.,” mailed July 13, 2015). 2 Appellant identifies the inventor, Jeffrey Dean Lindsay, as the real party in interest. App. Br. 3. Appeal 2016-004861 Application 12/489,416 CLAIMED INVENTION Appellant’s claimed invention “pertains to security systems that restrict access to an account or other asset.” (Spec. 12). Claim 1, reproduced below, is the sole independent claim and representative of the claimed subject matter: 1. A security management system providing controlled access to a secure electronic account accessible via an electronic account access interface in communication with an account server, the security management system comprising: a computerized administrative interface having security rules for governing account access via the electronic account access interface, the security rules being stored in a memory in communication with a processor operably associated with the account server, wherein the computerized administrative interface is programmed to receive commands from an authorized user to customize the security rules to provide different levels of account access responsive to entry via the electronic account access interface of user credentials, the user credentials comprising a user ID and either a primary password or a secondary password selected from one or more secondary passwords, wherein the computerized administrative interface provides selections in the security rules for both a primary password and one or more secondary passwords, and wherein the computerized administrative interface provides a selection for a covert cue method to serve as a component of a primary password. REJECTION Claims 1—12 and 21—29 are rejected under 35 U.S.C. § 101 as directed to non-statutory subject matter. 2 Appeal 2016-004861 Application 12/489,416 ANALYSIS Under 35 U.S.C. § 101, an invention is patent-eligible if it claims a “new and useful process, machine, manufacture, or composition of matter.” 35 U.S.C. § 101. The Supreme Court, however, has long interpreted § 101 to include an implicit exception: “[l]aws of nature, natural phenomena, and abstract ideas” are not patentable. See, e.g., Alice Corp. Pty. Ltd. v. CLS Banklnt’l, 134 S. Ct. 2347, 2354 (2014). The Supreme Court, in Alice, reiterated the two-step framework previously set forth in Mayo Collaborative Services v. Prometheus Laboratories, Inc., 566 U.S. 66 (2012), “for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent-eligible applications of those concepts.” Alice Corp., 134 S. Ct. at 2355. The first step in that analysis is to “determine whether the claims at issue are directed to one of those patent-ineligible concepts.” Id. If the claims are not directed to a patent-ineligible concept, e.g., an abstract idea, the inquiry ends. Otherwise, the inquiry proceeds to the second step where the elements of the claims are considered “individually and ‘as an ordered combination”’ to determine whether there are additional elements that “‘transform the nature of the claim’ into a patent-eligible application.” Id. (quoting Mayo, 566 U.S. at 78). The Court acknowledged in Mayo, that “all inventions at some level embody, use, reflect, rest upon, or apply laws of nature, natural phenomena, or abstract ideas.” Mayo, 566 U.S. at 71. Therefore, the Federal Circuit has instructed that claims are to be considered in their entirety to determine “whether their character as a whole is directed to excluded subject matter.” McRO, Inc. v. Bandai Namco Games Am., Inc., 837 F.3d 1299, 1312 3 Appeal 2016-004861 Application 12/489,416 (Fed. Cir. 2016) (quoting Internet Patents Corp. v. Active Network, Inc., 790 F.3d 1343, 1346 (Fed. Cir. 2015)). In rejecting the pending claims under § 101, the Examiner finds that the claims are directed to “the abstract idea of a graphical user interface (GUI) displaying some selections/menu options for an administrator to go in and set up some desired security rules”; and that the additional elements or combination of elements in the claims, other than the abstract idea, amounts to “no more than: (i) mere instructions to implement the idea on a general computer, and/or (ii) recitation of generic computer structure that serves to perform generic computer functions that are well-understood, routine, and conventional activities previously known to the pertinent industry” (Final Act. 3—4). The Examiner reasons that the claims involve nothing more than a GUI for a user to input commands into a computer, and opines that the invention has merely taken the abstract idea of placing security measures to control access to sensitive information “and embellished it with steps of providing security measures (i.e., rules) that are customized to provide different levels of account access” {id. at 2—3). Appellant argues, inter alia, that even if the claims are directed to an abstract idea, the claims include features, i.e., the use of covert cue methods, which amount to “significantly more” than the abstract idea. In this regard, Appellant argues that the claims recite improvements to another technology or technical field, i.e., the fields of password security and password management by “a novel application of covert cue methods” (see App. Br. 27—28). Appellant, thus, maintains that the incorporation of covert cue methods allows for added security features that can “withstand the observation of an onlooker observing the entry of a primary password due to 4 Appeal 2016-004861 Application 12/489,416 the difficulty in even recognizing that ‘something more’ than an ordinary password has been entered” {id. at 28). The Specification describes the difficulties that even security conscious users face in safeguarding and protecting their passwords and other personal information {see, e.g., Spec. H 3—5), and also details the inadequacies associated with prior techniques aimed at increasing the security of password-accessible systems and reducing the risk of identity theft {id. at H 6—16). The Specification, thus, describes that the claimed invention is directed to improving the security of password-protected assets by allowing the asset owner, either directly or through an administrator, to establish customized security rules to provide different levels of account access, e.g., from full access to merely feigned access, responsive to entry of user credentials comprising either a primary password or a secondary password {see, e.g., id. at H 17—18, 20-21, 88—89). Either the primary password or the secondary password may include a covert component, i.e., a hidden action, taken during login, account access, account use, or during some other phase of accessing or attempting to access an asset, that covertly conveys information relative to user credentials such that an observer is unlikely to recognize that such information has been conveyed {see, e.g., id. at 11 87, 91, 113-123; Figs. 4 and 5). Putting aside whether the Examiner erred in finding that the claims are directed to an abstract idea, we are persuaded that even if the claims are directed to an abstract idea, the Examiner has not adequately explained why the claims fail to recite limitations that are “significantly more” than the abstract idea itself. For example, the Examiner does not explain why, in view the express claim language read in light of the above-referenced 5 Appeal 2016-004861 Application 12/489,416 portions of the Specification, the claimed invention would not be considered an improvement in the fields of password security and password management. Instead, the Examiner summarily concludes, without any further analysis, that the limitations beyond the abstract idea are “mere instructions to implement the idea on a general computer, and/or (ii) recitation of generic computer structure that serves to perform generic computer functions that are well-understood, routine, and conventional activities previously known to the pertinent industry” (Final Act. 3—4). We are persuaded that such cursory reasoning is inadequate to sustain the rejection, when the above-referenced portions of the record are considered as whole. In view of the foregoing, we do not sustain the Examiner’s rejection of claims 1—12 and 21—29 under 35 U.S.C. § 101. DECISION The Examiner’s rejection of claims 1—12 and 21—29 under 35 U.S.C. § 101 is reversed. REVERSED 6