DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA  In virtue of the communication filed on 01/06/2021 claims 1-20 are pending in the present application, claims 1, 13, 20 are recited in independent form wherein claims 1, 8, 10, 11, 13, 18, 19, 20 are amended. 
Claim Interpretation
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
Response to Arguments


The Applicant has amended claims 1, 13 and 20 (all the claims recited in independent form) and by virtue of dependence all claim that depend therefrom. The amendment alters to the scope of the claims and necessitates all changes in grounds of rejection found herein. Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the Applicants arguments are with respect to limitations added by amendment. The Examiner has provided the new ground of rejection to address the limitations as amended, therefore the Applicant arguments with respect to limitations added by amendment and the previous rejection are rendered moot.  In the response the Applicant asserts that the previous rejection of record “not describe access over a secure communication channel established via an operating system of a secure element to an inactive eSIM to obtain an authentication token operating system; wherein the secure element has one or more access keys and a corresponding key is shared by trusted service manager  (TSM) so that the TSM can establish a cryptographically secure channel to the secure element for installation, provisioning, and personalization of the secure element while the device having the secure element is in the possession of an end user (see d4 col. 1 liners 20-38) which when considered as whole within the teaching of d1 in view of d3 in view of d4 as a whole disclose techniques with respect to wireless communication facilitating the sharing of data between multiple user access clients (see d1 para. 0004), wherein the techniques are embodied as a device (see d1 Fig. 2) which incorporates an apparatus (see d1 Fig. 3) various processors external to secure element (i.e. processing circuitry) (see d1 Fig. 2 elements 202, 206),  including memory  (see d1 Fig. 2-3 elements 204, 314, 308, 302),  including computer-executable instructions that are configured to, when executed by the secure processor cause the device to perform actions (see d1 para. 0011); antennas (see d1 Fig. 2 para. 0055), secure element (see d1 Fig. 2 element 204); 

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 2, 4-6, 8, 9, 13-14, 16, 18, 20  are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication US-20140073375 to Li et al (hereinafter d1) in view of United States Patent Application Publication US-20160277051 to Yang (hereinafter d3) in view of United States Patent US-8385553 to Jooste et al (hereafter d4).

as to the limitation “the method comprising: by processing circuitry of the wireless device external to the secure element; sending a command to an inactive eSIM of the one or more inactive eSIMs on the secure element; obtaining from the inactive eSIM, responsive to the command, an authentication token” and “and obtaining, from the network-based server of the MNO, account information for an account associated with the inactive eSIM” d1 discloses a secure element (see d1 Fig. 2 element 204, Fig. 3)) configured to store one or more access control clients, each of the one or more access control clients containing data, wherein the secure element includes a secure processor; and a secure storage device in data communication with the secure processor wherein the storage device includes computer-executable instructions that are configured to, when executed by the secure processor: receive a request (i.e. command) to access a first data of an inactive first access control client; verify the request; access the first data of the inactive first access control client; and return (i.e. 
as to the limitations regarding obtaining from the inactive eSIM, responsive to the command, an authentication token, d1 discloses facilitating the sharing of data between multiple user access clients (see d1 para. 0004) including receive a request to access a first data of an inactive first access control client; verify the request; access the first data of the inactive first access control client; and return the first data (see d1 para. 0010), the accessing the first data includes accessing one or more device configurations, the accessing enabling configuration of a device according to at least one of the one or more configurations (i.e. tokens) (see d1 para. 0017), receiving a network request to authenticate the access control client (see d1 para. 0021) wherein data can consist of for example, user-defined data (UDD) (e.g., settings and data configured by a user such as phonebook contacts, eSIM usage preferences, etc.), operator specific data, calibration data, etc. The Advanced Subscriber Identity Toolkit provides a secondary privileged interface which enables faster access to data stored within the eSIM, without compromising the integrity of eSIM security (see d1 para. 0035), including providing a secondary interface between the eUICC and the eSIM's data, allowing the apparatus to access any of the eSIM's data regardless of which eSIM is actively being used wherein the exemplary 
as to the limitation “opening a secure communication channel to the secure element,” “authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token; and obtaining, from the network-based server of the MNO, account information for an account associated with the inactive eSIM” discloses  that which is noted above, however, d1 does not appear to explicitly disclose a secure communication channel or authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token, or authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token. Attention is directed to d3 which, in a similar field of endeavor of wireless communication, teaches methods, devices, systems and computer readable medium embodiments directed to provisioning electronic Subscriber Identity Modules (eSIMs) to embedded Universal Integrated Circuit Cards (eUICCs) (see d3 para. 0002) including establishing a secure channel (see d3 para. 0004, 0006-0007, 0030, 0031) and authenticating via MNO server (see d3 para. 0023, 0027)  which is combined with the disclosure of d1 regarding obtaining account information (see d1 para. 0072, d1 para. 0035).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the system and/or method of d1 
D1 in view of d3 fails to disclose the limitation “opening, via an operating system of the secure element, a secure communication channel to the secure element,” and “via the secure communication channel” attention is direct to d4 which discloses various techniques that are employed in mobile devices to carry out secure transactions including a "secure element" 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the system and/or method of d1 regarding facilitating the sharing of data between multiple user access clients to incorporate the details of opening, via an operating system of the secure element, a secure communication channel to the secure element as disclosed by d4.  One of ordinary skill in the art as of the effective filing date would be motivated to combine the teaching of d1, d3 and d4 to achieve any of plurality of advantages disclosed throughout d4 including at least to provided added security to the secure element such that it can remain secure even if the host CPU in the device has been compromised (see d4 col. 1 lines 20-38) as well as a plurality of benefits disclosed or evident from the disclosure of d4.  D4 is related to d1 in a similar field of endeavor (wireless communication) and one of ordinary skill in the art before the effective filing date of the claimed invention would be motivated to apply the known techniques of d4 to the implementation of d1, d3, to yield a predictable result of increased security to the device wherein both techniques were known and used as of the effective filing date. It is also noted 
Regarding claim 2, as to the limitation “the method of claim 1, wherein the processing circuitry of the wireless device external to the secure element obtains, from the network-based server of the MNO, the account information for the account associated with the inactive eSIM via a cellular wireless network associated with an active eSIM of the wireless device” d1 in view of d3 in view of d4 discloses connection via a cellular network (see d1 para. 0006).
Regarding claim 4, as to the limitation “the method of claim 1, wherein the command sent to the inactive eSIM comprises a modified authenticate command” d1 in view of d3 in view of d4 discloses altering the Authentication (i.e. modified) (see d1 para. 0050).
Regarding claim 5, as to the limitation “the method of claim 1, wherein: the secure communication channel is also used for communicating with an active eSIM on the secure element; and the command includes a unique identifier associated with the inactive eSIM to indicate to which inactive eSIM of the one or more inactive eSIMs the command is addressed” d1 in view of d3 in view of d4 discloses a secure communication channel for communication with active eSIM (see d3 para. 0006-0007, 0030-0031) including unique identifier ICCID to indicate to which inactive eSIM of the one or more inactive eSIMs the command is addressed (see d1 para. 0041, 0051).
Regarding claim 6, as to the limitation “the method of claim 5, wherein the unique identifier associated with the inactive eSIM comprises an integrated circuit card identifier 
Regarding claim 8, as to the limitation “the method of claim 1, further comprising: by the processing circuitry of the wireless device external to the secure element: sending, via the secure communication channel, a second command to the inactive eSIM to obtain an MNO-assigned unique identity associated with the inactive eSIM” d1 in view of d3 in view of d4 discloses authentication including reception of a MNO assigned unique identity (see d1 para. 0041, 0051) including a secure communication channel (see d4 col. 1 lines 20-38).
Regarding claim 9, as to the limitation “The method of claim 8, wherein the MNO-assigned unique identity comprises a mobile station international subscriber directory number (MSISDN) or an international mobile subscriber identity (IMSI)” d1 in view of d3 in view of d4 discloses acquiring IMSI (see d1 para. 0041).
Regarding claim 13, as to the limitation “An apparatus configurable for operation in a wireless device, the apparatus comprising: processing circuitry of the wireless device external to a secure element of the wireless device, the processing circuitry comprising one or more processors communicatively coupled to memory storing instructions that, when executed by the one or more processors, cause the processing circuitry to perform actions including:”d1 teaches techniques in wireless communication, and more specifically to facilitating the sharing of data between multiple user access clients (see d1 para. 0004), wherein the techniques are 
as to the limitation “sending a command to an inactive electronic subscriber identity module (eSIM) of one or more inactive eSIMs on the secure element; obtaining from the inactive eSIM, responsive to the command, an authentication token; obtaining, from the network-based server of the MNO, account information for an account associated with the inactive eSIM” d1 discloses a secure element (see d1 Fig. 2 element 204, Fig. 3)) configured to store one or more access control clients, each of the one or more access control clients containing data, wherein the secure element includes a secure processor; and a secure storage device in data communication with the secure processor wherein the storage device includes computer-executable instructions that are configured to, when executed by the secure processor: receive a request (i.e. command) to access a first data of an inactive first access control client; verify the request; access the first data of the inactive first access control client; and return (i.e. obtain) the first data (see d1 para. 0010) including an Advanced Subscriber Identity Toolkit logical entity provides a secondary interface between the eUICC and the eSIM's data, allowing the apparatus to access any of the eSIM's data regardless of which eSIM is actively being used wherein the exemplary Advanced Subscriber Identity Toolkit provides a 
as to the limitations regarding obtaining from the inactive eSIM, responsive to the command, an authentication token, d1 discloses facilitating the sharing of data between multiple user access clients (see d1 para. 0004) including receive a request to access a first data of an inactive first access control client; verify the request; access the first data of the inactive first access control client; and return the first data (see d1 para. 0010), the accessing the first data includes accessing one or more device configurations, the accessing enabling configuration of a device according to at least one of the one or more configurations (i.e. tokens) (see d1 para. 0017), receiving a network request to authenticate the access control client (see d1 para. 0021) wherein data can consist of for example, user-defined data (UDD) (e.g., settings and data configured by a user such as phonebook contacts, eSIM usage preferences, etc.), operator specific data, calibration data, etc. The Advanced Subscriber Identity Toolkit provides a secondary privileged interface which enables faster access to data stored within the eSIM, without compromising the integrity of eSIM security (see d1 para. 0035), including providing a secondary interface between the eUICC and the eSIM's data, allowing the apparatus to access any of the eSIM's data regardless of which eSIM is actively being used wherein the exemplary Advanced Subscriber Identity Toolkit provides a secondary interface which has different privileges and/or permissions from the primary eSIM accesses (see d1 para. 0053-0054) including an authentication token (see d1 para. 0039-0041); and obtaining account information (see d1 para. 0077). 

Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the system and/or method of d1 regarding facilitating the sharing of data between multiple user access clients to incorporate the details of opening a secure communication channel to the secure element,” “authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token as disclosed by d3.  One of ordinary skill in the art as of the 
D1 in view of d3 fails to disclose the limitation “opening, via an operating system of the secure element, a secure communication channel to the secure element,” and “via the secure communication channel” attention is direct to d4 which discloses various techniques that are employed in mobile devices to carry out secure transactions including a " secure element" installed on communication devices to provide a secure operation environment for authentication, and other functions; wherein the secure element generally includes its own operating environment with a tamper-proof microprocessor, memory, and operating system; wherein the secure element has one or more access keys and a corresponding key is shared by 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the system and/or method of d1 regarding facilitating the sharing of data between multiple user access clients to incorporate the details of opening, via an operating system of the secure element, a secure communication channel to the secure element as disclosed by d4.  One of ordinary skill in the art as of the effective filing date would be motivated to combine the teaching of d1, d3 and d4 to achieve any of plurality of advantages disclosed throughout d4 including at least to provided added security to the secure element such that it can remain secure even if the host CPU in the device has been compromised (see d4 col. 1 lines 20-38) as well as a plurality of benefits disclosed or evident from the disclosure of d4.  D4 is related to d1 in a similar field of endeavor (wireless communication) and one of ordinary skill in the art before the effective filing date of the claimed invention would be motivated to apply the known techniques of d4 to the implementation of d1, d3, to yield a predictable result of increased security to the device wherein both techniques were known and used as of the effective filing date. It is also noted that many of the noted sections of d4 are equally applicable to meet many of the limitations set forth above as met by d1, d3 therefore the teaching of d4 may be applied to any other limitation of the claims rejected under this section when d1 in view of d3 in view of d4 is considered as a whole and not individually.

Regarding claim 16, as to the limitation “The apparatus of claim 13, wherein: the secure communication channel is also used for communicating with an active eSIM on the secure element; and the command includes a unique identifier associated with the inactive eSIM to indicate to which inactive eSIM of the one or more inactive eSIMs the command is addressed” d1 in view of d3 in view of d4 discloses a secure communication channel for communication with active eSIM (see d3 para. 0006-0007, 0030-0031) including unique identifier ICCID to indicate to which inactive eSIM of the one or more inactive eSIMs the command is addressed (see d1 para. 0041, 0051).
Regarding claim 18, as to the limitation “The apparatus of claim 13, wherein the actions performed by the processing circuitry of the wireless device external to the secure element further comprise: sending, via the secure communication channel, a second command to the inactive eSIM to obtain an MNO-assigned unique identity associated with the inactive eSIM” d1 in view of d3 in view of d4 discloses authentication including reception of a MNO assigned unique identity (see d1 para. 0041, 0051), including a secure communication channel (see d4 col. 1 lines 20-38).

as to the limitation “sending a command to an inactive electronic subscriber identity module (eSIM) on the secure element; obtaining from the inactive eSIM, responsive to the command, an authentication token; and using the authentication token to perform one or more account management operations for the inactive eSIM in conjunction with the network-based server of the MNO” d1 discloses a secure element (see d1 Fig. 2 element 204, Fig. 3)) configured to store one or more access control clients, each of the one or more access control clients containing data, wherein the secure element includes a secure processor; and a secure storage device in data communication with the secure processor wherein the storage device includes computer-executable instructions that are configured to, when executed by the secure 
as to the limitation “opening a secure communication channel to the secure element,” “authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token; and obtaining, from the network-based server of the MNO, account information for an account associated with the inactive eSIM”d1 in discloses  that which is noted above, however, d1 does not appear to explicitly disclose a secure communication channel or authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token, or authenticating with a network-based server of a mobile network operator (MNO) associated with the inactive eSIM using the authentication token. Attention is directed to d3 which, in a similar field of endeavor of wireless communication, teaches methods, devices, systems and computer readable medium embodiments directed to provisioning electronic Subscriber Identity Modules (eSIMs) to embedded Universal Integrated Circuit Cards (eUICCs) (see d3 para. 0002) including establishing a secure channel (see d3 para. 0004, 0006-0007, 0030, 0031) and authenticating via MNO server (see d3 para. 0023, 0027)  which is combined with the disclosure of d1 regarding obtaining account information (see d1 para. 0072, d1 para. 0035).

D1 in view of d3 fails to disclose the limitation “opening, via an operating system of the secure element, a secure communication channel to the secure element,” and “via the secure 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the system and/or method of d1 regarding facilitating the sharing of data between multiple user access clients to incorporate the details of opening, via an operating system of the secure element, a secure communication channel to the secure element as disclosed by d4.  One of ordinary skill in the art as of the effective filing date would be motivated to combine the teaching of d1, d3 and d4 to achieve any of plurality of advantages disclosed throughout d4 including at least to provided added security to the secure element such that it can remain secure even if the host CPU in the device has been compromised (see d4 col. 1 lines 20-38) as well as a plurality of benefits disclosed or evident from the disclosure of d4.  D4 is related to d1 in a similar field of endeavor (wireless communication) and one of ordinary skill in the art before the effective filing date of the claimed invention would be motivated to apply the known techniques of d4 to the .
Allowable Subject Matter
Claims 3, 7, 10, 11, 12, 15, 17, 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 





The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Applicant is advised to review the noted art below in their entirety prior to presenting amendments and specifically not how any amendment distinguishes over the art noted below. 
US 20160277930 A1 to LI; Li et al. discloses a secure application 608 executes as part of a rich operating system (OS) 607 and the TEE 120. The TEE 120 can include a trusted kernel 610 in which can be stored secure credentials, e.g., keys, certificates, and the like, which can be used for mutual authentication between the TEE 120 and the eUICC 108. As with the hardware eSE 118, the software TEE 120 can establish a trusted relationship with the eUICC 108 that uses mutual authentication for secure communication similar to secure communication with a server external to the mobile device 102. The TEE 120 can process information received via secure inputs to verify human intent and/or to authenticate a user before performing one or more administrative operations for one or more eSIMs 208 on the eUICC 108. Thus, mutual authentication 614 between the TEE 120 and the eUICC 108 can be required in order to perform an eSIM operation 616 on the eUICC 108 (see para. 04049).

US 20180165673 A1 to Francis; Lishoy discloses a secure authentication module, and the second NFC-enabled device comprising a host operating system (host OS), a trusted execution environment (TEE), and a secure element (SE), the TEE and SE being configured to communicate via a secure channel, the method comprising: transmission 

US 8429409  to Wall; Jonathan et al. discloses a " secure element" installed on communication devices to provide a secure operating environment for financial transactions, transit ticketing, physical security access, and other functions. A secure element generally includes its own operating environment with a tamper-proof microprocessor, memory, and operating system. A Trusted Service Manager (TSM), among other things, installs, provisions, and personalizes the secure element. The secure element has one or more keys that are typically installed at manufacture time. A corresponding key is shared by the TSM so that the TSM can establish a cryptographically secure channel to the secure element for installation, provisioning, and personalization of the secure element while the device having the secure element is in the possession of an end user. In this way, the secure element can remain secure even if the host CPU in the device has been compromised.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NATHAN SCOTT TAYLOR whose telephone number is (571)270-3189.  The examiner can normally be reached on Mon. - Thurs. 9:00-4:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JINSONG HU can be reached on 5712723965.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/NATHAN S TAYLOR/Primary Examiner, Art Unit 2643