Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 03/26/2019, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 03/26/2019.

Drawings
5.    Applicant’s drawings filed on 03/26/2019 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 03/26/2019 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.     Examiner request Applicant review relevant prior art under the conclusion of this office action.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


9.	Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 

Step one: Are the claims at issue directed to a statutory category? 
Yes. The claims recites a series of steps i.e., generate a profile token based on a data profile of a data provider (DP) node, receive a transaction request from a service provider (SP) node to access data from the DP node over a blockchain, acquire consent of the SP node based on the profile token, generate a consent token based the consent of the SP node, and allow access to data of the DP node by the SP node based on a verification of the consent token.

Step 2A – Prong 1: Is a Judicial Exception recited? 
Yes. The claim recites the limitation of generate a profile token based on a data profile of a data provider (DP) node, receive a transaction request from a service provider (SP) node to access data from the DP node over a blockchain, acquire consent of the SP node based on the profile token, and generate a consent token based the consent of the SP node. This limitation, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “processor and a memory on which are stored machine readable instructions that when executed by the processor,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “by the processor” language, the claim encompasses a user (data provider node) simply observes a data profile in order to create profile record. When the user receives a transaction request from someone who provides a service to access data from the user, the user simply thinks about how to create a consent form based on the profile record. Thus, the claim recites a mental process. 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. The limitation of allow access to data of the DP node by the SP node based on a verification of the consent token. As drafted, the limitations are a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “by a processor,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “by a processor” language, the allowing access step in the context of this claim 

Step 2A – Prong 2: Are the claims integrated into a practical application recited?
No. The claim recites five elements: generate a profile token based on a data profile of a data provider (DP) node, receive a transaction request from a service provider (SP) node to access data from the DP node over a blockchain, acquire consent of the SP node based on the profile token, generate a consent token based the consent of the SP node, and allow access to data of the DP node by the SP node based on a verification of the consent token. The generating, receiving, generating, providing and allowing steps are recited at a high level of generality (i.e., as a general means of generating data, request data, generating more data, acquiring consent for data and allowing access based on consent in the series of steps), and amounts to mere data gathering, which is a form of insignificant extra-solution activity. The processor that performs the generating, requesting, generating, acquiring, and allowing steps are also recited at a high level of generality, and merely automates the generating, requesting, generating, acquiring, and allowing steps. Each of the additional limitations is no more than mere instructions to apply the exception using a generic computer component (processor).
The combination of these additional elements is no more than mere instructions to apply the exception using a generic computer component (processor). Accordingly, even in combination, these additional elements do not integrate the abstract idea into a 

Step 2b: Does the claims provide an inventive concept?
No. As discussed with respect to Step 2A Prong Two, the additional elements in the claim amount to no more than mere instructions to apply the exception using a generic computer component. The same analysis applies here in 2B, i.e., mere instructions to apply an exception on a generic computer cannot integrate a judicial exception into a practical application at Step 2A or provide an inventive concept in Step 2B.
Under the 2019 PEG, a conclusion that an additional element is insignificant extra-solution activity in Step 2A should be re-evaluated in Step 2B. Here, the generating, requesting, generating, acquiring, and allowing steps were considered to be extra-solution activity in Step 2A, and thus it is re-evaluated in Step 2B to determine if it is more than what is well-understood, routine, conventional activity in the field. The background of the example does not provide any indication that the processor is anything other than a generic, off-the-shelf computer component, and the Symantec, TLI, and OIP Techs. court decisions cited in MPEP 2106.05(d)(II) indicate that mere collection or receipt of data over a network is a well‐understood, routine, and conventional function when it is claimed in a merely generic manner (as it is here). Accordingly, a conclusion that the collecting step is well-understood, routine, conventional activity is supported under Berkheimer Option 2.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

10.	Claims 1-3, 5-10, 12-17, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20190087892 hereinafter Pinski in view of U.S. Publication No. US 20190028277 hereinafter Jayachandran.

As per claim 1, Pinski discloses:
A system (Para 0008 “Aspects of the present disclosure include a method for maintaining bank account verification through an external system coupled to a bank system via a network.”),
comprising: a processor of a data management node (para 0010 “Aspects of the present disclosure can further include a system for maintaining bank account verification, which can involve an external system coupled to a bank system via a network, the external system including a processor.”) 
a memory on which are stored machine readable instructions that when executed by the processor (para 0079 and 0080), cause the processor to: 
Figs. 2-8, para 0042 “The consumer banking U/I 110 is configured to accept information related to the opening of the account which are expected to be provided by the consumer. The information can involve consumer personal information, evidence which certifies the identity of the consumer and authenticity of the provided personal information, or optional items related to the agreement for opening an account or any combination of the above. The consumer U/I 110 can be implemented as an automated teller machine (ATM), a terminal machine in a bank, a web service provided to the consumer devices by the bank, or any other method in accordance with the desired implementation. An example of the consumer banking U/I 110 as a web page is shown in FIG. 2. If the consumer banking U/I 110 is implemented as webpages or as any other subsystem that interacts with the consumer device, the consumer banking U/I 110 may collect the digital fingerprint of the consumer device, which can involve some information that can be utilized to identify the device and/or the device state.”); 
receive a transaction request from a service provider (SP) node to access data from the DP node over a blockchain (para 0057 “FIG. 9(b) illustrates an example of recording a transaction in a blockchain, in accordance with an example implementation. The transaction can be directed to a creation of a new account as described in FIG. 9(a) as shown at the flow at 903, and for any subsequent transaction therein. At 910, the flow begins by determining a corresponding blockchain for the transaction to be posted.); 
para 0057 “The transaction can be directed to a creation of a new account as described in FIG. 9(a) as shown at the flow at 903, and for any subsequent transaction therein. At 910, the flow begins by determining a corresponding blockchain for the transaction to be posted. At 911, the transaction is recorded at the consent record node DB 150 of the bank system and then a communication is submitted to the consent record node DB 240 through the network according to any desired blockchain implementation at 912. At 913, once validation is received from the third party system, the transaction is validated by the consent record node DB 240 and recorded in the blockchain. The transaction may include the consent information as described herein.”); 
and allow access to data of the DP node by the SP node based on a verification of the consent (para 0055, 0067 and 0068);.  

Pinski does not disclose:
generate a consent token based the consent of the SP node allow and access to data based on a verification of a consent token

Jayachandran discloses:
generate a consent token based the consent of the SP node allow and access to data based on a verification of a consent token (para 0035 “In operation, the original provider 340 may setup a user profile 311 prior to any access attempts by third parties. The third party may request access to a a proof of ownership of a credential, which may include a certificate or other credential item. Apart from identifying the requested fields, the request also includes an alternative transactional identity and the proof of owning that identity. The request may be forwarded to the customer device for verification and confirmation 314 and possibly an acceptance 316. The signed consent 318 may be sent as a message to the third party platform 310. The third party 310 may attempt to access the user profile/account information with the granted consent 319. The signed consent 321 may be verified by the blockchain 330. The original provider 340 may be notified 323 of the new access consent granted to the third party. The original provider may be responsible for submitting the targeted release 324 of an encryption key to the third party. The targeted release implies that the only party with access to the encryption key is the known third party attempting to obtain such access rights. Targeted release/disclosure may provide that the key can be accessed only by the authorized third party. This can be performed by encrypting the data with the public key of a transaction certificate used in the signed consent, and sharing it on blockchain.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for maintaining bank account verification of Pinski to include the generate a consent token based the consent of the SP node allow and access to data based on a verification of a consent token, as taught by Jayachandran.


As per claim 2, Pinski in view of Jayachandran discloses:
The system of claim 1, wherein the instructions further cause the processor to maintain a verifiable record of consent for the SP node to access the data from the DP node (Pinski para 0055, 0057, 0067, and 0068).  

As per claim 3, Pinski in view of Jayachandran discloses:
The system of claim 2, wherein the instructions further cause the processor to execute the requested transaction if the verifiable record of the consent exists on the blockchain (Pinski para 0057-0059,).  .  

	As per claim 5, Pinski in view of Jayachandran discloses:
The system of claim 2, wherein the instructions further cause the processor to revoke the verifiable record of the consent on the blockchain, (Pinski para 0056 “Otherwise (N), the flow proceeds to 906 wherein the consent record is deleted or invalidated, and then proceeds to 907 to send an error message.”) and Jayachandran para 0023 “Signed consent and ACL-based access and revocation may include a blockchain using a signed message representing customer's consent to authorize a provider for read/write access to The motivation would have been to provide Consent revocation signed by a customer while not explicitly identifying identities.)
wherein identities of consented parties are not discoverable from the verifiable record of the consent (Jayachandran para 0005 “wherein an exchange of the user profile between the blockchain members is performed without revealing blockchain member identities of the authorized member of the blockchain and the another authorized member of the blockchain to any of the blockchain members.” Para 0022 and 0023 “The identities of transaction owners are only visible to authorized entities, such as auditors. For other nodes, the identity of transaction owners is hidden in an anonymity set (e.g. set of all users) and transactions from the same user cannot be linked with each other. This type of configuration is ensured through transactional identities such as transaction certificates. The customer profile stored on blockchain is encrypted. A provider having authorization, adds/updates a customer record to the blockchain after encryption using a newly generated symmetric key. A request to access the profile can thus be seen as a request to the blockchain for the decryption key. For anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile decryption key is itself encrypted in such a way that only other authorized providers on the blockchain network will be able to decrypt the key.” The motivation would have been to permits a user/consumer/customer to share his/her data/resources hosted by a first provider or original provider with another provider without the providers learning each other's identity).  

	As per claim 6, Pinski in view of Jayachandran discloses:
The system of claim 1, wherein the instructions further cause the processor to allow access to the data of the DP node by the SP node (Pinski para 0056-0059), 
wherein an identity of the DP node is not discoverable (Jayachandran para 0005 “wherein an exchange of the user profile between the blockchain members is performed without revealing blockchain member identities of the authorized member of the blockchain and the another authorized member of the blockchain to any of the blockchain members.” Para 0022 and 0023 “The identities of transaction owners are only visible to authorized entities, such as auditors. For other nodes, the identity of transaction owners is hidden in an anonymity set (e.g. set of all users) and transactions from the same user cannot be linked with each other. This type of configuration is ensured through transactional identities such as transaction certificates. The customer profile stored on blockchain is encrypted. A provider having authorization, adds/updates a customer record to the blockchain after encryption using a newly generated symmetric key. A request to access the profile can thus be seen as a request to the blockchain for the decryption key. For anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile The motivation would have been to permits a user/consumer/customer to share his/her data/resources hosted by a first provider or original provider with another provider without the providers learning each other's identity).  

	As per claim 7, Pinski in view of Jayachandran discloses:
The system of claim 1, wherein the instructions further cause the processor to verify the consent token in a distributed manner based on consensus protocols (Jayachandran para 0021 “Permissioned blockchains support confidentiality in a limited way. This is usually to restrict access of users running light nodes, which simply submit transactions, rather than full nodes that execute the smart contract and consensus algorithm.” Para 0022 “Each contract is associated with a state which is agreed upon through distributed consensus and replicated across several participants.” The motivation would have been to utilized verify a consent token using a distributed consensus protocol in order to securely validate members identifies and request).  

As per claim 8, the implementation of the system of claim 1 will execute the method of claim 8. The claim is analyzed with respect to claim 1. 

As per claim 9, the claim is analyzed with respect to claim 2.

As per claim 10, the claim is analyzed with respect to claim 3.

As per claim 12, the claim is analyzed with respect to claim 5.

As per claim 13, the claim is analyzed with respect to claim 6.

As per claim 14, the claim is analyzed with respect to claim 7.

As per claim 15, the implementation of the system of claim 1 will execute the non-transitory computer readable medium (Pinski para 0009) of claim 15. The claim is analyzed with respect to claim 1. 

As per claim 16, the claim is analyzed with respect to claim 2.

As per claim 17, the claim is analyzed with respect to claim 3.

As per claim 19, the claim is analyzed with respect to claim 5.
As per claim 20, the claim is analyzed with respect to claim 6.

11.	Claims 4, 11, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Pinski in view of Jayachandran, and further in view of U.S. Patent No. 8,843,997 hereinafter Hare.

As per claim 4, Pinski in view of Jayachandran discloses:
The system of claim 3, wherein the verifiable record of the consent is based on a proof (Jayachandran para 0035 and 0057, The motivation would have been to properly provide proof for access for a record validation process).  

	Pinski in view of Jayachandran does not disclose:
consent is based on a zero-knowledge proof

	Hare discloses:
consent is based on a zero-knowledge proof (Col. 24 Lines 8-17 “For example, a zero-knowledge medical information access control audit service could be configured so that audit records are stored at a neutral service. Each audit record would include "in-the-clear" meta-data and cryptographic hashes describing the context of the access, and one-time-pad opaque tokens that can be resolved via a zero-knowledge token service to the identity of the clinician and the patient, and the context of what information was accessed, how the clinician was authenticated, the form of consent relied upon, etc.” Col. 48 Lines 3-39 “For example, a zero-knowledge audit locator service designed to facilitate privacy enforcement might include one-way hashes of patient identifiers as the search criteria, and a combination of non-identifying metadata and zero-knowledge tokens that resolve to the clinician who accessed their data, how the clinician was authenticated were authenticated at the time, what content accessed, the 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for maintaining bank account verification of Pinski in view of Jayachandran to include consent is based on a zero-knowledge proof, as taught by Hare.


As per claim 11, the claim is analyzed with respect to claim 4.

As per claim 18, the claim is analyzed with respect to claim 4.

Conclusion
12.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A. 	U.S. Publication No. 20070192178 discloses on paragraph 0046 “Preferably each group of a plurality of groups of Providers maintains in each of said tokens profile data relating to said respective group and of a user of said respective token, wherein a first of said groups of Providers can establish a business relationship with a second of said groups for the purpose of sharing the whole or parts of said profile data relating to said second Group, and ask a particular user at one of said user interaction devices of said first Group, during a transaction or activity, for permission to use said profile data for making an offer relevant to said respective user according to business rules encoded in said user interaction device, wherein user interaction device is provided with a token acceptor device for reading from and writing to said tokens and said user of said respective token can indicate consent by entering a password or PIN, which is used by said user interaction device to access said profile data.”

B.	U.S. Publication No. 20190238316 discloses on paragraph 0174 “According to a particular embodiment, a new user registration (e.g., for instance the creation of a user profile with a website, etc.) within the main construction blockchain 743 resulting in the creation of a new user specific community sidechain 756. Initially, the new user registration is the only participating node for the user specific community sidechain 756 as only that particular user by default will have access to private and protected data. However, the new user registration node 755 may consent 751 to another node, with the consent being written into the construction blockchain 743 (e.g., being written into the fork block 742 by way of example), thus resulting in the community sidechain 756 having how having both the new user registration 755 and also another participating node to whom consent was granted. As shown here, participating node 750B previously was part of the construction blockchain 743 with no access to the sidechain, however, upon the grant of consent for the new user registration node, the participating node 750B is then joined into the user specific community sidechain 756, through which access to private or protected data associated with the new user registration node 755 may be shared. All nodes having consent to enter the user specific community sidechain 756 will be given access to the private and protected information of the new user registration node 755. If the same user requires different access to be given to different participating nodes, then the user would require a separate new user registration node to be created. For example, if a user creates a profile with a website such as Home Depot or Lowe's within the construction blockchain 743 and elects to share information, for instance with a carpet installer, then consent 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192.  The examiner can normally be reached on Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  






/GARY S GRACIA/Primary Examiner, Art Unit 2491