Remarks
Claims 1-5, 8, 11-13, and 16-20 are pending.  

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/17/2020 has been entered.
 
Response to Arguments
Applicant's arguments filed 12/17/2020 have been fully considered but they are not persuasive.
Applicant alleges that neither Eronen nor Kilian-Kehr disclose a portion of the comparing limitation of claim 1.  Applicant then cites the specification, “submits that Eronen fails to disclose or suggest these features”, explains Applicant’s understanding of a portion of Eronen, and alleges “this fails to disclose or suggest the specific techniques recited in the claims, in which ‘similarity data’ is determined to determine 
Eronen meets the claimed comparing limitation in Eronen’s disclosure of determining if the result meets some condition, such as including all 1’s, matches either of v1 or v2, matches 1 of 2 different Bloom filters, matches a MWLAN RAND or a MGSM RAND, verification of multiple hash codes, checking multiple pointers, etc., as examples.  
Applicant then alleges “At a more general level, it is clear that Eronen fails to disclose or suggest the recited features, at least because the procedures of Eronen would fail to reject last cryptographic nonces that would be prevented from being used by the recited features.  In the recited features, a threshold indicates a minimum number of elements that should be different in order for a last cryptographic nonce to be different enough from the reference cryptographic nonces, and that threshold is greater than or equal to two.”  Applicant then provides an example with 4 elements.  Applicant then alleges “In contrast, in Eronen, if any single bit position generated by the hash functions is not present in the vector for a new value, the new value will be determined by the Bloom filter to have not been seen before, and will be deemed acceptable.”  In certain embodiments of Eronen, a single vector may be compared to a single Bloom filter.  However, in other portions of Eronen, Eronen is clear that the input data must be 
Applicant then appears to summarize Applicant’s above arguments with no reference to any different claim language.  It has been shown above that Eronen discloses the comparing limitation of claim 1.  Therefore, no further response is necessary.  

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-5, 8, 11-13, and 16-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 8, 11-13, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Eronen (U.S. Patent Application Publication 2005/0149734) in view of Kilian-Kehr (U.S. Patent Application Publication 2005/0268096).  
Regarding Claim 1,

(a) receiving, by the device, a last cryptographic nonce intended for determining a securing cryptogram from the electronic operation (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 40, 41, and associated figures; receiving a RAND, for example);
(b) determining, by the device, a last similarity data that indicates a number of elements in the last cryptographic nonce that are different from corresponding elements of a reference cryptographic nonce by performing actions including (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 29, 31, 32, 34, 35, 41, and associated figures; comparing current RAND to previous RANDs stored in a Bloom Filter, for example):
For each reference cryptographic nonce, determining an intermediate similarity data by comparing first elements located at positions in the last cryptographic nonce to second elements located at corresponding positions in the reference cryptographic nonce to determine a number of first elements that are different from corresponding second elements (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 29, 31, 32, 34, 35, 41, and associated figures; comparing current RAND to previous RANDs stored in a Bloom Filter, for example); and

(c) storing, by the device, the last similarity data in the memory (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 29, 31, 32, 34, 35, 41, and associated figures; storing result of the Bloom Filter, for example);
(d) checking if the last similarity data satisfies a predefined condition by performing actions including (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 29, 31, 32, 34, 35, 41, and associated figures; determining if the result meets some condition, such as including all 1’s, matches either of v1 or v2, matches 1 of 2 different Bloom filters, matches a MWLAN RAND or a MGSM RAND, verification of multiple hash codes, checking multiple pointers, etc., as examples):
Comparing a lesser of the last similarity data and a preceding global similarity data to a threshold that indicates a minimum number of elements in the last cryptographic nonce to be different for indicating a random nature of the last cryptographic nonce, wherein the minimum number of elements to be different is 
(e) in response to determining that the last similarity data does not satisfy the predefined condition, using the last cryptographic nonce and a key to determine the securing cryptogram for the electronic operation (Exemplary Citations: for example, Abstract; Paragraphs 6, 18, 21, 24-27, 29, 31, 32, 34, 35, 41, and associated figures; RAND challenge response, for example); and
(f) in response to determining that the last similarity data does satisfy the predefined condition, taking a countermeasure to prevent the last cryptographic nonce from being used to determine the security cryptogram (Exemplary Citations: for example, Abstract, Paragraphs 36-41 and associated figures; countermeasure, such as stopping communication, for example);
But does not explicitly disclose that the device is a chip card.  
Kilian-Kehr, however, discloses that the device is a chip card that determines securing cryptograms for electronic operations (Exemplary Citations: for example, Abstract; Paragraphs 20, 23-25, 37, 40, 50-54, and 
Regarding Claim 13,
Claim 13 is a system claim that corresponds to method claim 1 and is rejected for the same reasons.  
Regarding Claim 2,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses storing the last cryptographic nonce in the memory (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 32, 34, 35, 41, and associated figures; storing each nonce as it comes, for example).  
Regarding Claim 3,
Eronen as modified by Kilian-Kehr discloses the method of claim 2, in addition, Eronen discloses that at least one of the reference cryptographic nonces is a cryptographic nonce received during an electronic operation prior to the electronic operation (Exemplary Citations: 
Regarding Claim 4,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses that at least one of the reference cryptographic nonces is fixed (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 32, 34, 35, 41, and associated figures; all bits initialized to 0, for example).  
Regarding Claim 5,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses sending information to a verification entity (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 32, 34, 35, 41, and associated figures); and
Kilian-Kehr discloses sending information to a verification entity (Exemplary Citations: for example, Abstract; Paragraphs 20, 23-25, 37, 40, 50-54, and associated figures).  
Regarding Claim 8,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses that an element is a byte, a nibble, or a bit (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 32, 34, 35, 41, and associated figures).  
Regarding Claim 11,

Regarding Claim 12,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses sending the securing cryptogram to a verification entity (Exemplary Citations: for example, Abstract; Paragraphs 18, 21, 24-27, 32, 34, 35, 41, and associated figures); and
Kilian-Kehr discloses sending the securing cryptogram to a verification entity (Exemplary Citations: for example, Abstract; Paragraphs 20, 23-25, 37, 40, 50-54, and associated figures).  
Regarding Claim 16,
Eronen as modified by Kilian-Kehr discloses the method of claim 1, in addition, Eronen discloses that the countermeasure includes that the electronic operation has to be carried out online (Exemplary Citations: for example, Abstract, Paragraphs 36-41 and associated figures; initiate a new authentication event with the network, for example).  

Claims 17, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Eronen in view of Kilian-Kehr and Zarakas (U.S. Patent Application Publication 2016/0306977).  
Regarding Claim 17,

Zarakas, however, discloses that the countermeasure includes that a currently executed application, relative to the electronic operation, is blocked, in such a way that only a specific command can unblock the currently executed application (Exemplary Citations: for example, Abstract, Paragraphs 14-17, 43-45, 84, 92, 122-126, 135, 138, 139, 143, 146-149, and associated figures; program’s checksum fails validation, performing action, such as deactivating card, and requiring new account data to be placed on card prior to use thereof again, for example).  It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the validation techniques of Zarakas into the replay prevention system of Eronen as modified by Kilian-Kehr in order to allow the system to erase data on a card when a possibly fraudulent activity is detected, to provide additional countermeasures, to allow for a card to be updated, to ensure that updates to firmware and software complete properly, and/or to increase security in the system.  
Regarding Claim 19,

Zarakas, however, discloses that the countermeasure includes to block the chip card reversibly or irreversibly (Exemplary Citations: for example, Abstract, Paragraphs 14-17, 43-45, 84, 92, 122-126, 135, 138, 139, 143, 146-149, and associated figures; deactivate card, hold card, erase data, etc., as examples).  It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the validation techniques of Zarakas into the replay prevention system of Eronen as modified by Kilian-Kehr in order to allow the system to erase data on a card when a possibly fraudulent activity is detected, to provide additional countermeasures, to allow for a card to be updated, to ensure that updates to firmware and software complete properly, and/or to increase security in the system.  
Regarding Claim 20,
Eronen as modified by Kilian-Kehr does not explicitly disclose that the countermeasure includes to erase the memory of the chip card.  
Zarakas, however, discloses that the countermeasure includes to erase the memory of the chip card (Exemplary Citations: for example, Abstract, Paragraphs 14-17, 43-45, 84, 92, 122-126, 135, 138, 139, 143, 146-149, and associated figures; erase, zero, etc., as examples).  It would .  

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Eronen in view of Kilian-Kehr and Goyet (U.S. Patent Application Publication 2010/0060415).
Regarding Claim 18,
Eronen as modified by Kilian-Kehr does not explicitly disclose that the countermeasure includes that all contactless operations between a reader and the chip card become prohibited, only electronic operations with contact remaining authorized.  
Goyet, however, discloses that the countermeasure includes that all contactless operations between a reader and the chip card become prohibited, only electronic operations with contact remaining authorized (Exemplary Citations: for example, Paragraphs 73-85 and associated figures; setting bit to 0, disallowing contactless, but still allowing contact, for example).  It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jeffrey D Popham whose telephone number is (571)272-7215.  The examiner can normally be reached on Monday through Friday 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 




/Jeffrey D. Popham/Primary Examiner, Art Unit 2432