DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on 02/17/2021.
Status of claims in the instant application:
Claims 1-5, 7-8, 10-14, 16-19, 22-25 and 27-36 are pending.
Claims 6, 9, 15, 20-21 and 26 are canceled.
Claims 1, 7, 8, 13, 14, 16, 19, 22, 28 and 31 have been amended.
Claims 33-36 have been newly added.
Information Disclosure Statement
Information disclosure statement (IDS) submitted on 02/17/2021 has been considered and signed copies of the forms are attached to this office action.
Response to Arguments
Applicant’s arguments, page [8] of the remarks filed on 02/17/2021, regarding objection to claims 13 and 28 have been considered in view of the amended claims and they are persuasive. Therefore, the claim objections are withdrawn.
Applicant’s arguments, page [8] of the remarks filed on 02/17/2021, regarding non-statutory double patenting have been considered in view of the amended claims and they are persuasive. Therefore, the non-statutory double patenting rejections are withdrawn.
Applicant’s various arguments, see Applicant’s remarks filed on 02/17/2021, regarding various rejections of claims 1-5, 7-8, 10-14, 16-19, 22-25 and 27-30 under 35 USC § 103 have been considered but are moot, because Applicant’s claim 
Applicant states, see pages [9-10] of applicant’s remarks filed on 02/17/2021, regarding rejections of claims 1-5, 7-8, 10-14 and newly added claims 33-34:
“Applicant maintains each of the arguments in its response submitted September 2, 2020. However, Claim 1 is amended in order to expedite examination of the application. Neither Saylor nor Paquin, alone or in combination, teach or suggest Applicant's claimed combination of features. For example, Applicant cannot find where either Saylor or Paquin teach or suggest "authorizing a subset of the credential data to be sent to a device of a relying party ... [and] transmitting the subset of credential data directly from a device of the holder to the device of the relying party using NFC or Bluetooth communication," as recited in Applicant's Claim 1.
Accordingly, Claim 1 is patentable over the cited references. Claims 2-5, 7, 8, and 10-14 and new Claims 33 and 34 are also patentable over the cited references for the same reasons as Claim 1, by virtue of their dependency thereon, and for the additional limitations recited therein.”
In response, Examiner notes that Applicant’s arguments submitted on September 2, 2020 were addressed in the office action mailed on 11/17/2020. Applicant has not made any specific arguments regarding Examiner’s response in the office action mailed on 11/17/2020. Thus, the Applicant is referred to the office action mailed on 11/17/2020 for arguments that may still apply to the current set of amended claims being examined.

Examiner also notes that Applicant's arguments do not comply with 37 CFR 1.111(c) because they do not clearly point out the patentable novelty which he or she thinks the claims present in view of the state of the art disclosed by the references cited or the objections made. Further, they do not show how the amendments avoid such references or objections.
Applicant arguments, see pages [9-10] of applicant’s remarks filed on 02/17/2021, regarding newly added claims 33-36 have been considered, and the Applicant is directed to Examiner’s response below in the rejections of these newly added claims that have been met with new prior arts.
Applicant arguments, see pages [11] of applicant’s remarks filed on 02/17/2021, regarding rejections of claims 31 and 32 are moot in view of Applicant’s claim amendments that have been met with newly cited prior art[s].
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and further in view of Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”).
Regarding Claim 1. Saylor discloses A method of providing a virtualized credential of a holder (Saylor: Abstract), comprising:
for a given credential having credential data, authorizing a subset of the credential data to be sent to a device of a relying party that is different from the holder (Saylor; FIG. 3, 10, 11;  Col [17],  Lines [14-29]; Col [7], Lines [42-61]; Col [10], Lines [31-45]; Col [15],  Lines [56-67]; Col [21], Lines [15-31]: … The user interface 1100 includes an information definition area 1116 that receives user (holder) input defining which information about the user should transpond with the selected credentials. The information definition area 1116 includes multiple checkboxes that allow a user to select which information should transpond with the selected credentials. The user may select to transpond the credential alone with no information by selecting none of the checkboxes, may select to transpond the credential with all information by selecting all of the checkboxes, or may select to transpond the credential with any subset of information (subset of the credential data) by selecting any subset of the checkboxes. As shown, the information definition area 1116 has received user input indicating that the user's name, email address, and professional profile should transpond with the selected credentials, but that the user's address, phone number, and personal profile should not … the other users (relying party) identified in the interactive map 110 also may operate the credential management application on their mobile devices (relying party device) and perceive the location of the first user in association with an indication that the first user is a Virginia Tech Alumnus. In the example shown in FIG. 1 …The system 200 determines availability data based on the selection of one or more credentials to make available, the user (holder)  permissions (authorizing) that define users (relying party) to which the credentials are to be made available, the user permissions that define users to which the credentials are to be made available, the destination data that defines one or more locations where the credentials are to be made available, the location data that defines one or more locations of the first user from which the credentials are to be made available, the timing data that defines times at which the credentials are to be made available, the personalization data that defines information about the first user that is to be made available with the credentials, and/or the one or more triggering conditions that define events that trigger availability of the credentials (1016) … The system 200 provides, to at least a second user (relying party), information about at least one credential (a given credential) held by the first user (holder) in association with an indication of the location of the mobile computing device associated with the first user (350). For instance, the system 200 determines at least one user to which a credential of the first user has been made available and sends the determined credential (or information about the determined credential) to the at least one user … The system 200 may make all of the credentials of the first user available or any subset of the credentials of the first user available …; Examiner’s Note/Interpretation: the cited portions of Saylor disclose that a user can have multiple credentials, and the user can authorize to send some of the information related to a credential to a second user that can be viewed at the device interface (i.e. display) of the second user device) …), wherein the subset of the credential data selected from the credential data depends on at least one of: a role of the relying party, selection by the holder (Saylor; FIG. 1, 3, 10-12; Col [15],  Lines [56-60]; Col [16],  Lines [30-40]; Col [17],  Lines [14-29]; Col [18],  Lines [4-5]: … The user interface 1100 further includes a user definition area 1106, a transpond to definition area 1108 … The user interface 1100 includes an information definition area 1116 that receives user input defining which information about the user should transpond with the selected credentials. The information definition area 1116 includes multiple checkboxes that allow a user to select which information should transpond with the selected credentials (selection by the holder). The user may select to transpond the credential alone with no information by selecting none of the checkboxes, may select to transpond the credential with all information by selecting all of the checkboxes, or may select to transpond the credential with any subset of information by selecting any subset of the checkboxes …), and contextual data of the relying party (Saylor; Col [16],  Lines [30-50]; Col [18], Lines [4-5]: … The user interface 1100 further includes a user definition area 1106, a transpond to definition area 1108 …  The transpond to definition area 1108 receives user input defining locations (contextual data) to which the selected credentials will transpond when they are set to transpond. As shown, the transpond to definition area 1108 has received user input defining that the selected credentials should transpond to locations that are designated as the Georgia Tech Campus or locations that are designated as a Microstrategy Office …);
transmitting the subset of credential data directly from a device of the holder to the device of the relying party [using NFC or Bluetooth communication] (Saylor, Col. [6, 9], Lines[20-30, 37-45]: … the user may selectively choose which qualifications the user (holder) wants to broadcast to other users (relying party) at any given time/location … The network 206 may provide direct or indirect communication links between the server 208, the electronic devices 204(a)-204(n) (holder and relying party devices), and the computing systems 210(a)-210(n). Examples of the network 206 include the Internet, the World Wide Web, wide area networks (WANs), local area networks (LANs) including wireless LANs (WLANs), analog or digital wired and wireless telephone networks, radio, television, cable, satellite, and/or any other delivery mechanisms for carrying data …);
However, Saylor does not explicitly teach, “presenting at least a portion of the received subset of the credential data to a verification service for verification of at least a portion of the [subset of the] credential data”
Paquin from same or similar field of endeavor teaches:
“presenting at least a portion of the received [subset of the] credential data to a verification service for verification of the at least a portion of the [subset of the] credential data (Paquin, Para [0035, 0028, 0026, 0044], FIG. 2, 4: … At block 204, the credential may be presented to a relying party. The credential can be presented to the relying party by any one of the user or the credential agent … At block 206, the presented credential is verified. The verification affirms that the credential is valid and was provided by the identity provider. In embodiments, the relying party may verify the credential by contacting the identity provider to ensure the credential was provided by the identity provider … online casino (relying party) can accept credentials online that have been provided by a user (holder) in order to allow access to the online casino's services, if the casino could verify the online credentials. In this scenario, the online casino is willing to pay an identity provider to verify the user's credentials. The risk in allowing access to the casino's services is offloaded to the identity provider (verification service), who does not know anything regarding how the credential is used as a result of using minimal disclosure credentials. Further, the credential can be suited for its particular purpose, such that the credential will only provide proof of the user being at least twenty-one years of age. In this scenario, the credential will not provide exact age, date of birth, gender, or any other attributes of the user … In order to confirm that a user is over twenty-one, an online casino would need to access a verified credential that can provide a particular attribute of the user, namely, proof of the user being over twenty-one … The credential 406 may be presented to the relying party 412 by the user 404. The relying party 412 may present the credential 406 and a payment 414 to the identity provider 402. Upon receipt of the credential 406 and the payment 414, the identity provider 402 may verify the credential 406 and send a verification 416 to the relying party 412 …)”, (Saylor already discloses sending the subset of a credential data); and
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Paquin into the  Saylor, because it teaches that “minimal disclosure technologies can be used to prevent the relying party 412 from colluding with the identity provider 402 to determine other attributes of the user 404, including the identity of the user. As a result, the manner in which the user 404 has used his credentials remains private (Paquin: Para [0044])”.
However, the combination of Saylor-Paquin does not explicitly teach, but Ehrensvard from same or similar field of endeavor teaches, “transmitting … using NFC or Bluetooth communication (Ehrensvard, Abstract, Para [0058, 0066, 0189-0193], FIG. 1-2: … The present embodiments disclose an OTP generation device, comprising an NFC/RFID tag-mode interface, said device being used in an identification- and authentication transaction process between a device holder and a service (relying party) over the Internet. The device further comprises components for it to be used with a standardized NFC protocol … In one embodiment, shown in FIG. 2, a cellular phone 200 (relying party) equipped with an NFC reader interface is used. The cellular phone is further capable of reading NDEF tags from a OTP generating device 100 (holder device) and has the ability to automatically invoke a pre-defined application when a NFC tag has been successfully read. An example of such a cellular phone is the Google Nexus S … In an example embodiment the OTP generating device 100 is used with a smartphone 200 using the Android operative system is used to communicate with the service server 300 … The OTP generating device 100 is a YubiKey NEO from Yubico Inc. The YubiKey NEO emits NDEF Type 2 tags … The two major modes of operation for the YubiKey NEO with Android smartphones are Out of the box--The NFC tag emitted by default will bring up the phones browser and access an URL containing the OTP. This URL might be a direct access URL for a specific service or a service provider/relying party in an identity federation …).”
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ehrensvard into the combined teachings of Saylor-Paquin, because it teaches that the “enhanced functionality allows the OTP generation device to be used in a normal setting, without NFC as well as providing the ability to be quickly and conveniently scanned by for example an NFC enabled cellular telephone. In that case, the user will be automatically connected, identified and authenticated in one simple step (Ehrensvard: Para [0061])”.
Saylor further teaches:
“displaying at least some of the subset of the credential data on a screen of the device of the relying party (Saylor; FIG. 1, 14-15; Col [7], Lines [42-67]; Col [8], Lines [1-17]: … the other users identified in the interactive map 110 also may operate the credential management application on their mobile devices and perceive the location of the first user in association with an indication that the first user is a Virginia Tech Alumnus. In the example shown in FIG. 1, another user has perceived the location of the first user and the indication that the first user is a Virginia Tech Alumnus and has sent a message 135 to the first user inviting the first user to join the relatively large group. The message 135 is displayed on the interactive map 110 in association with the other user that sent the message 135. In this regard, the first user is able to view the message, determine the location of the other user that sent the message, and confirm that the message is from a Virginia Tech Alumnus. The first user may respond to the message 135 using the text box 140 and the send control 150. Accordingly, the first user is able to perceive other users that have credentials in which the first user is interested and that are located in an area in which the first user is interested and connect with those users through the credential management application … the mobile device only is able to identify and display those users that have chosen to make the credentials of Virginia Tech Alumnus or Virginia Driver's License available to other users (e.g., transponded the credentials of Virginia Tech Alumnus or Virginia Driver's License). In these implementations, users may choose whether or not to make credential information available with location information and may select a subset of credentials that they hold to make available to other users. In addition, users may set conditions that define when the credentials are available and/or to which users the credentials are available. For instance, in the example shown in FIG. 1, users may set the credential of Virginia Tech Alumnus to be available only to other users that hold the credential of Virginia Tech Alumnus and that are located within a one mile radius of the stadium. In this regard, the credential of Virginia Tech Alumnus would not be available to users that are outside of a one-mile radius of the stadium and would not be available to users that are within a one-mile radius of the stadium, but that are not Virginia Tech Alumni. As described in more detail below, a server system may manage the credential data for the different users and communicate with the mobile devices to assist in performing the operations discussed with respect to FIG. 1 …).”
Regarding Claim 2. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, Saylor further teaches, “wherein the contextual data is at least one of: a privacy level setting, distance between the relying party and the holder (Saylor; FIG. 1; col [6], Lines [49-67]; Col [7], Lines [1]: … shown in FIG. 1, the first user has selected to view credentials of other users that are located within a one mile radius of the stadium where the football game is being played … based on the first user placing the geographic limit on the credentials displayed, the mobile device identifies types of credentials that are available within the geographic area of interest and presents a list of the identified types of credentials. In this example, the mobile device enables the first user to select, from the list, one or more credentials of interest. As shown in FIG. 1, the first user selected a first credential of Virginia Tech Alumni and a second credential of users that have a Virginia Driver's License, while leaving other available credential types unselected …), and geolocation of the relying party.”
Regarding Claim 3. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, Saylor further teaches, “wherein the role of the relying party is provided by the relying party (Saylor; FIG. 1; col [8], Lines [18-27]: … the first user and other users described with respect to FIG. 1 may have confidence in the credential information provided because the credentials have been verified with the authorities that granted the credentials. For example, for each credential shown as Virginia Tech Alumnus, Virginia Tech has verified that the user shown holding that credential is in fact an alumnus of Virginia Tech. Also, for each credential shown as Virginia Driver's License, the Virginia government has verified that the user shown holding that credential is in fact a licensed driver in Virginia …).”
Regarding Claim 4. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 3, Saylor further teaches, “wherein role information provided by the relying party is provided in a verifiable format (Saylor; FIG. 1; col [8], Lines [18-27]: … the first user and other users described with respect to FIG. 1 may have confidence in the credential information provided because the credentials have been verified with the authorities that granted the credentials. For example, for each credential shown as Virginia Tech Alumnus, Virginia Tech has verified that the user shown holding that credential is in fact an alumnus of Virginia Tech. Also, for each credential shown as Virginia Driver's License, the Virginia government has verified that the user shown holding that credential is in fact a licensed driver in Virginia …).”
Regarding Claim 5. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 4, Saylor further teaches, “wherein the role information is one of: digitally signed or securely derived and determined by a mutual authentication algorithm between the relying party and the holder (Saylor; Col [14], Lines [28-54]; Col [22], [50-56]: … The system 200 receives user permissions that define users to whom the credentials are to be made available (1004). For example, the system 200 receives user permissions that restrict the set of other users that are able to access the credentials. In this example, the system 200 may receive user permissions that make credentials available to all other users, user permissions that limit availability of the credentials to a subset of known users defined by the credential holder, or user permissions that limit availability of the credentials to a subset of users that also hold the same credentials. The system pseu200 may enable a user to define any type of user permissions that restrict availability of the user's credentials to those other users to whom the user has chosen to make the user's credentials available. The system 200 may define the user permissions as applying to multiple credentials of the user (e.g., all of the credentials of the user) or may define the user permissions on a per credential basis such that each credential has a different set of user permissions …).”
Regarding Claim 16. This claim contains all the same or similar limitations as claim 1, and hence similarly rejected as claim 1.
**** Note: Saylor also discloses the computer-readable medium containing software that performs the recited functions (Saylor: Col [5], Lines [10-35]).
Regarding Claim 17. This claim contains all the same or similar limitations as claim 2, and hence similarly rejected as claim 2.
Regarding Claim 18. This claim contains all the same or similar limitations as claim 3, and hence similarly rejected as claim 3.
Regarding Claim 19. The combination of Saylor-Paquin-Ehrensvard discloses the non-transitory computer-readable medium, according to claim 18, Saylor further teaches, “wherein:
role information provided by the relying party is provided in a verifiable format (Saylor; FIG. 1; col [8], Lines [18-27]: … the first user and other users described with respect to FIG. 1 may have confidence in the credential information provided because the credentials have been verified with the authorities that granted the credentials. For example, for each credential shown as Virginia Tech Alumnus, Virginia Tech has verified that the user shown holding that credential is in fact an alumnus of Virginia Tech. Also, for each credential shown as Virginia Driver's License, the Virginia government has verified that the user shown holding that credential is in fact a licensed driver in Virginia …): and
the role information is one of: digitally signed or securely derived and determined by a mutual authentication algorithm between the relying party and the holder (Saylor; Col [14], Lines [28-54]; Col [22], [50-56]: … The system 200 receives user permissions that define users to whom the credentials are to be made available (1004). For example, the system 200 receives user permissions that restrict the set of other users that are able to access the credentials. In this example, the system 200 may receive user permissions that make credentials available to all other users, user permissions that limit availability of the credentials to a subset of known users defined by the credential holder, or user permissions that limit availability of the credentials to a subset of users that also hold the same credentials. The system pseu200 may enable a user to define any type of user permissions that restrict availability of the user's credentials to those other users to whom the user has chosen to make the user's credentials available. The system 200 may define the user permissions as applying to multiple credentials of the user (e.g., all of the credentials of the user) or may define the user permissions on a per credential basis such that each credential has a different set of user permissions …
Claims 7-8 and 22-24 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”), as applied to claim 1 above, and further in view of Pub. No.: US 2014/0351589 A1 to Chenna (hereinafter “Chenna”).
Regarding Claim 7. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, but it does not explicitly teach, “wherein the subset of the credential data includes a cryptogram generated as a function of cryptographic information associated with a device of the holder.”
Chenna from same or similar field of endeavor teaches:
“wherein the subset of the credential data presented to the verification service includes a cryptogram generated as a function of cryptographic information associated with a device of the holder (Chenna, FIG. 4, Para [0019, 0038-0039]: … embodiments use PKI techniques for encrypting a nonce generated on the server which is sent to the user encoded as barcode graphic, such as a QR code. Since the nonce is encrypted with the user's public key it can only be decrypted using the corresponding private key, which is installed on the user's mobile device. Doing so allows the private key to be stored in a secure key store of the mobile device, while accessed generally from anywhere. Once the nonce is decrypted, it is displayed on the mobile screen and used as a OTP for second factor authentication … the relying application 405 may pass the OTP value received from the client to the identity provider 404 and receive back an authentication status. Lastly, at 450 the relying application 403 grants (or denies) access to the requesting client based on the authentication status …).”
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chenna into the combined teachings of Saylor-Paquin-Ehrensvard because it discloses that “nonce is a clear text string and can be configured to any length as required by security needs and the application needs. This approach eliminates the need for a shared secret, but retains the ease of use of an OTP solution. Further, this approach eliminates some issues in PKI deployment as the mobile device maintains the lifecycle of a user's certificate, eliminating the need for an application developer to address numerous combinations of certificate stores, operating systems, device drivers, and browsers, but retains the strong security aspects (Chenna: Para [0019]).”
Regarding Claim 8. The combination of Saylor-Paquin-Ehrensvard-Chenna discloses the method, according to claim 7, Chenna further teaches, “wherein the cryptographic information includes a cryptographic key stored on the device of the holder (Chenna, FIG. 4, Para [0019, 0038-0039]: … embodiments use PKI techniques for encrypting a nonce generated on the server which is sent to the user encoded as barcode graphic, such as a QR code. Since the nonce is encrypted with the user's public key it can only be decrypted using the corresponding private key, which is installed on the user's mobile device. Doing so allows the private key to be stored in a secure key store of the mobile device, while accessed generally from anywhere. Once the nonce is decrypted, it is displayed on the mobile screen and used as a OTP for second factor authentication); and
the cryptogram includes a variable component corresponding to at least one of: time, a counter or a randomly generated nonce (Chenna, FIG. 4, Para [0019, 0038-0039]: … embodiments use PKI techniques for encrypting a nonce generated on the server which is sent to the user encoded as barcode graphic, such as a QR code. Since the nonce is encrypted with the user's public key it can only be decrypted using the corresponding private key, which is installed on the user's mobile device. Doing so allows the private key to be stored in a secure key store of the mobile device, while accessed generally from anywhere. Once the nonce is decrypted, it is displayed on the mobile screen and used as a OTP for second factor authentication).”
The motivation to further combine Chenna remains same as claim 7.
Regarding Claim 22. This claim contains all the same or similar limitations as claim 7, and hence similarly rejected as claim 7.
Regarding Claim 23. This claim contains all the same or similar limitations as claim 8, and hence similarly rejected as claim 8.
Regarding Claim 24. This claim contains all the same or similar limitations as claim 8, and hence similarly rejected as claim 8.
Claims 10-11 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”), as applied to claim 1 Patent No.: US 8,584,224 B1 to Pei et al. (hereinafter “Pei”).
Regarding Claim 10. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, but it does not explicitly teach, “wherein the received subset of the credential data is presented to a verification service via a URL of the verification service.”
Pei from same or similar field of endeavor teaches:
“wherein the received subset of the credential data is presented to a verification service via a URL of the verification service (Pei; FIG. 1; Column [2, 3], Lines [25-67, 1-16]: … an authentication system is shown in FIG. 1. In step 1, a user accesses a Relying Party Web Application (1). A Web Application can be a website, a SaaS site, a SSL VPN gateway or any network-based, software-based service. The Web Application can be configured to invoke JavaScript that can detect the browser plug-in (2). The user identifier can be collected by the web application before or after the plug-in call to get the ticket (2) This user identifier in the request to the service can be the same login user identifier to the relying party or an alias of the login identifier that a user registers at the service when the device credential is activated. The browser plug-in receives a request from the browser for a ticket (3.1) and detects the customer's domain name xyz.com (3.2). The browser plug-in can make a service call to an authentication service (4). The service call can include inputs such as the customer's domain name (xyz.com in FIG. 1); a random or pseudo-random challenge value; the user identifier provided by the user; and a signature generated by the plug-in. The random challenge can be a nonce to prevent replay attacks. The service can also include other inputs, such as a public key certificate identifier. The authentication service can validate the inputs by checking to ensure that the submitted domain name is registered as one of the Relying Party domain names (5). For example, the service can determine if the input domain name is on a list of registered domain names stored at the authentication service. The service also verifies the signature (5). The service can also verify that the user has registered the device for its account (5) if a user identifier is supplied in the request. The service can also verify that the authentication service URL in the signed request is its service URL, mitigating man-in-the-middle attack where a hacker application directs the plug-in to connect to itself and steal the ticket (5). If the domain name is registered, the service URL matches, and the signature is valid, the service can generate and return a ticket … Upon receiving the ticket from the authentication service, the plug-in can pass the ticket to the browser (7). The browser can treat the ticket as a password and pass it along to the Relying Party Web Application along with a user identifier (8). The Relying Party then can pass the user identifier and the ticket to the authentication service enterprise gateway using the Radius protocol (9). Although an authentication service enterprise gateway is show in FIG. 1, any suitable server or gateway can be used. For example, the gateway can be an existing customer authentication server … The authentication service can be a service available on the web that can be accessed using the HTTP protocol, or any network-available service that uses any other suitable protocol …)”.
Pei into the combined teachings of Saylor-Paquin-Ehrensvard, because it teaches that “The service can also verify that the authentication service URL in the signed request is its service URL, mitigating man-in-the-middle attack where a hacker application directs the plug-in to connect to itself and steal the ticket (Pei: Column [2], Lines [53-58])”.
Regarding Claim 11. The combination of Saylor-Paquin-Ehrensvard-Pei discloses the method, according to claim 10, Pei further discloses, “wherein the URL is provided by the holder to the relying party and is digitally signed (Pei; FIG. 1; Column [2, 3], Lines [25-67, 1-16]: … an authentication system is shown in FIG. 1. In step 1, a user accesses a Relying Party Web Application (1). A Web Application can be a website, a SaaS site, a SSL VPN gateway or any network-based, software-based service. The Web Application can be configured to invoke JavaScript that can detect the browser plug-in (2). The user identifier can be collected by the web application before or after the plug-in call to get the ticket (2) This user identifier in the request to the service can be the same login user identifier to the relying party or an alias of the login identifier that a user registers at the service when the device credential is activated. The browser plug-in receives a request from the browser for a ticket (3.1) and detects the customer's domain name xyz.com (3.2). The browser plug-in can make a service call to an authentication service (4). The service call can include inputs such as the customer's domain name (xyz.com in FIG. 1); a random or pseudo-random challenge value; the user identifier provided by the user; and a signature generated by the plug-in. The random challenge can be a nonce to prevent replay attacks. The service can also include other inputs, such as a public key certificate identifier. The authentication service can validate the inputs by checking to ensure that the submitted domain name is registered as one of the Relying Party domain names (5). For example, the service can determine if the input domain name is on a list of registered domain names stored at the authentication service. The service also verifies the signature (5). The service can also verify that the user has registered the device for its account (5) if a user identifier is supplied in the request. The service can also verify that the authentication service URL in the signed request is its service URL, mitigating man-in-the-middle attack where a hacker application directs the plug-in to connect to itself and steal the ticket (5). If the domain name is registered, the service URL matches, and the signature is valid, the service can generate and return a ticket … Upon receiving the ticket from the authentication service, the plug-in can pass the ticket to the browser (7). The browser can treat the ticket as a password and pass it along to the Relying Party Web Application along with a user identifier (8). The Relying Party then can pass the user identifier and the ticket to the authentication service enterprise gateway using the Radius protocol (9). Although an authentication service enterprise gateway is show in FIG. 1, any suitable server or gateway can be used. For example, the gateway can be an existing customer authentication server … The authentication service can be a service available on the web that can be accessed using the HTTP protocol, or any network-available service that uses any other suitable protocol …).”
Pei remains same as in claim 10.
Regarding Claim 25. This claim contains all the same or similar limitations as claim 10, and hence similarly rejected as claim 10.
Claims 12-13 and 27-28 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”), as applied to claim 1 above, as applied to claim 1 above, and further in view of Patent. No.: US 8,893,293 B1 to Schmoyer (hereinafter “Schmoyer”).
Regarding Claim 12. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, but it does not explicitly teach, “wherein the verification service redirects the device of the relying party to another server for the verification.”
Schmoyer from same or similar field of endeavor teaches:
“wherein the verification service redirects the device of the relying party to another server for the verification (Schmoyer, Fig. 7, Column [13], Lines [38-50]: ... as shown in FIG. 7. User's agent, for example browser 702, accesses through 704 to RESTful service 706, named REST WS-1 in the figure. An authorization filter, or equivalent, at the RESTful service uses a mechanism, such as a browser redirect at 712, to direct the user's agent at 708 to Relying Party 710. Redirection allows the user to select their choice of OpenID provider that serves as the authenticating component …).”
Schmoyer into the teachings of Saylor-Paquin-Ehrensvard, because it teaches that “Redirection allows the user to select their choice of OpenID provider that serves as the authenticating component (Schmoyer: Column [13], Lines [44-46]).”
Regarding Claim 13. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, but it does not explicitly teach, “wherein an intermediary service determines the verification service from a number of possible verification services.”
Schmoyer from same or similar field of endeavor teaches:
“wherein an intermediary service determines the verification service from a number of possible verification services (Schmoyer, Fig. 7, Column [13], Lines [38-50]: ... as shown in FIG. 7. User's agent, for example browser 702, accesses through 704 to RESTful service 706, named REST WS-1 in the figure. An authorization filter, or equivalent, at the RESTful service uses a mechanism, such as a browser redirect at 712, to direct the user's agent at 708 to Relying Party 710. Redirection allows the user to select their choice of OpenID provider that serves as the authenticating component …).”
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Schmoyer into the teachings of Saylor-Paquin-Ehrensvard, because it teaches that “Redirection allows the user to select their choice of OpenID provider that serves as the authenticating component (Schmoyer: Column [13], Lines [44-46]).”
Regarding Claim 27. This claim contains all the same or similar limitations as claim 12, and hence similarly rejected as claim 12.
Regarding Claim 28. This claim contains all the same or similar limitations as claim 13, and hence similarly rejected as claim 13.
Claims 14 and 29-30 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”), as applied to claim 1 above, and further in view of Pub. No.: 2015/0332029 to COXE (hereinafter “COXE”).
Regarding Claim 14. The combination of Saylor-Paquin-Ehrensvard discloses the method, according to claim 1, but it does not explicitly teach “wherein an issuing authority that issued the virtualized credential filters information about the holder that is released to the relying party.”
COXE from same or similar field of endeavor teaches:
“wherein an issuing authority that issued the virtualized credential filters information about the holder that is released to the relying party (COXE, Para [0153]: … When an RP (relying party) service is registered on the AXN, they can designate customer attributes required (to authorize customer access to their RP service) from outside of the credential scheme in addition to attributes that may be readily available from the IdP (identity provider) as part of the Authentication Assertion … The list of which attributes and the frequency with which these attributes are verified are defined in the RP service registration process. Multiple AP (attribute provider) sources can be used to verify customer attributes depending upon the requirements. The AXN attribute verification process can leverage: 1) customer-asserted attributes, and 2) prefill a filtered list of the attributes received from the IdP in conjunction with the credential Authentication Assertion …); and
the information is filtered according to filtering rules stored by one of: the issuing authority or the holder (COXE, Para [0117]: … Add attributes in the attribute request form note over axn:determine contracted AP according to AXN rules …).”
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of COXE into the teachings of Saylor-Paquin-Ehrensvard, because it teaches that the “process of separating the transmission of the Authentication Assertion and the customer data using a second asynchronous session increases the security and reduces the impact of a "man in the middle" attack (COXE: Para [0150]).”
Regarding Claim 29. This claim contains all the same or similar limitations as claim 14, and hence similarly rejected as claim 14.
Regarding Claim 30. This claim contains all the same or similar limitations as claim 14, and hence similarly rejected as claim 14.
Claim 31-32 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”).
Regarding Claim 31. Saylor discloses A method of providing a virtualized credential of a holder (Saylor: Abstract), comprising:
AMENDMENT AND RESPONSE UNDER 37 C.F.R. § 1.111Page 6Application Number: 15/259,372Dkt: 5483.152US1Filing Date: September 8, 2016Title: VIRTUAL CREDENTIALS AND LICENSESreceiving a request for credential data associated with a given credential, (Saylor; Col [19, 20], Lines [35-67, 1-5]; FIG. 12: … The data structure 1200 includes a fifth record 1228 that defines how a fifth credential for the user (holder) transponds to other users (relying party) … the fifth credential has a trigger condition set that indicates that the fifth credential transponds from Private Places only when another user (relying party) requests the credential and provides an appropriate password. Accordingly, the fifth credential generally transponds when the user is located in a Public Place, but requires a password condition to be met when the user is located in a Private Place. For example, the user may provide the password defined by the trigger condition to a subset of the other users listed in the coworkers group. In this example, when the user is located in a Private Place, the fifth credential does not transpond to the coworkers group, but members of the coworkers group are allowed to enter a password to override the transpond from location restriction. In this example, when a member in the coworkers group requests the credential when the user is located in a Private Place, the member is prompted for a password and the location of the user is only provided if the member enters the password defined by the trigger condition …), [the request being generated in response to an interaction between a device of the holder and the device of a relying party different from the holder];
authorizing a subset of the credential data to be displayed, wherein the subset of the credential data selected from the credential data depends on an ad hoc selection by the holder via the device of the holder (Saylor; Col [17], Lines[14-29]; Col [22, 23], Lines [30-67, 1-20]; FIG. 11, 14: … The user interface 1100 includes an information definition area 1116 that receives user input defining which information about the user should transpond with the selected credentials. The information definition area 1116 includes multiple checkboxes that allow a user to select which information should transpond with the selected credentials. The user may select to transpond the credential alone with no information by selecting none of the checkboxes, may select to transpond the credential with all information by selecting all of the checkboxes, or may select to transpond the credential with any subset of information by selecting any subset of the checkboxes  … FIG. 14 illustrates an example user interface 1400 for receiving user input that defines credentials that a user desires to view … The user interface 1400 includes a credential type selection area 1410 that receives user input defining which credentials a user would like to view … The user interface 1400 also includes a location area 1420 that receives user input defining how the user desires to filter credentials available to the user based on location of the available credentials … The user interface 1400 further includes a trigger event area 1430 that receives user input of a trigger the user has provided to enable viewing of credentials where the holder of the credential requires a trigger event to occur before making the credential available. In this example, some users attending the conference have set a trigger condition that the credentials of the users are only available to other users that provide the conference password. Accordingly, because the user desires to view such credentials, the user has entered the conference password in the trigger event area 1430. Entry of the conference password in the trigger event area 1430 triggers transponding, to the user, of credentials that require the conference password and that would not transpond to the user prior to entry of the password … The set of credentials may include all of the credentials the user desires to view or any subset of credentials that the user desires to view …), [the ad hoc selection by the holder applicable to only the request for credential data associated with the interaction between the device of the holder and the device of the relying party]; and

displaying the subset of the credential data on a screen of at least one of the device of the holder or the device of the relying party (Saylor; FIG. 4, 5, 11; Col [12], Lines [37-67]: … FIG. 4 illustrates an example user interface 400 that shows a list of credentials held by a particular user. In this example, the user interface 400 shows a user's wallet that provides the user with access to numerous different credentials of the user. The user may select any one of the user's credentials from the user's wallet in order to access that credential on the user's mobile device … FIG. 5 illustrates an example user interface 500 that displays a selected credential … the user interface 500 includes personal information 530 of the user that holds the credential and an identifier 540 that identifies the credential held by the user and that may enable validation of the credential by other users. As shown, the identifier 540 may be a QR code. The user interface 500 further includes a button 550 that causes additional information about the credential to be displayed and also causes a button to be presented that enables credential transponding to be activated. For instance, when the user selects the button 550, the user's mobile device displays the interface illustrated in FIG. 6 …).
However, Saylor does not explicitly teach, but Ehrensvard from same or similar field of endeavor teaches:
Ehrensvard, Abstract, Para [0208]: … The OTP device (holder device) comprises an NFC/RFID, Near Field Communication/Radio Frequency Identification, interface. The method comprises the steps of: upon the OTP generating device being inserted into the RF field, generating a new OTP code; formatting the OTP code into a static message; responding to interrogation requests from an RFID/NFC reader (relying party device); and responding to read requests from the RFID/NFC reader with the OTP code being part of a message as if it were a static message … When placed in proximity with an NFC interrogator, the device harvest energy from the electromagnetic field to power the device electronics and the LCD display. A text or graphic bitmap identifying a transaction to be approved is transferred over the NFC interface and is then displayed on the LCD screen in full without formatting or interpretation …; Examiner: the OTP generation device (holder device) and NFC reader (relying party device) interacts before a request is made …);
the ad hoc selection by the holder applicable to only the request for credential data associated with the interaction between the device of the holder and the device of the relying party (Ehrensvard, Para [0006-0011, 0210]: … The static message may be unique at each time of invocation. Unique is here to be interpreted as new every time of invocation … The method may further comprise the steps, prior to the step of generating a new OTP code, of: receiving user input comprising a PIN; receiving user input comprising a challenge, such as "amount to pay"; and the step, after the step of generating a new OTP code, of: presenting the generated OTP code on a display of the OTP generating device The method may further comprise the steps of: receiving identification data identifying a transaction to be approved; receiving user input indicating approval of the transaction; processing the identification through a one-way compression algorithm resulting in a token; and digitally signing the result of the one-way compression, resulting in a signed token …; Examiner: each request/invocation results in new OTP from the holder device, and hence the credential data sent is unique for each request ); Saylor already discloses the subset of the credential data”
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ehrensvard into the combined teachings of Saylor-Paquin, because it teaches that the “enhanced functionality allows the OTP generation device to be used in a normal setting, without NFC as well as providing the ability to be quickly and conveniently scanned by for example an NFC enabled cellular telephone. In that case, the user will be automatically connected, identified and authenticated in one simple step (Ehrensvard: Para [0061])”.
Regarding Claim 32. The combination of Saylor-Ehrensvard discloses the method of claim 31, Saylor further discloses, “wherein the subset of the credential data is sent to the device of the relying party and displayed on the screen of the device of the relying party (Saylor; FIG. 11-12, 14-15; Col [17], Lines [55-67]; Col [18], Lines [8-12]; Col [5], Lines [57-62]; Col [23], Lines [38-16]: FIG. 12 illustrates an example data structure 1200 that stores availability data that indicates how credential data of a user is to be made available to the other users … The data structure 1200 includes a first column 1202 for a credential identifier that uniquely identifies the credential and a second column 1204 that indicates whether or not the credential is set to transpond … A seventh column 1214 defines information that transponds with the credential … FIG. 14 is a diagram illustrating an example user interface for receiving user input that defines credentials that a user desires to view … FIG. 15 is a diagram illustrating an example of a user interface for providing credential information in association with location information … The map area 1510 is displayed as an area that corresponds to the Convention Center because the user indicated in the location area 1420 that the user only desires to view credentials of users that are located within the Convention Center. The map area 1510 displays locations of the credentials of users located within the Convention Center that are available to the user and that meet the filtering criteria specified by the user in the user interface 1400 …)
The motivation for combining different embodiments of Saylor remains same as in claim 31.
Claims 33-36 are rejected under 35 U.S.C. 103 as being unpatentable over Patent. No.: US 9160727 B1 to Saylor et al. (hereinafter “Saylor”) in view of Pub. No.: 2013/0073460 to Paquin et al. (hereinafter “Paquin”) and Pub. No.: US 2014/0357187 A1 to Ehrensvard (hereinafter “Ehrensvard”), as applied to claim 1 above, as applied to claim 1 above, and further in view of Pub. No.: US 2010/0250364 A1 to Song et al. (hereinafter “Song”).
Regarding Claim 33. The combination of Saylor-Paquin-Ehrensvard discloses the method of claim 1, however, is does not explicitly teach, but Song from the same or similar field of endeavor teaches, “further comprising:
in response to presenting the at least a portion of the received subset of the credential data to the verification service for verification, receiving a verified version of the subset of the credential data from the verification service at the relying party device (Song, Para [0172-0181, 0079-0080]: … the flowchart of FIG. 2 in combination with the system diagram of FIG. 1, which together illustrate an exemplary process in which a consumer can register with the computer system of the PPAITPN … the consumer 100 further inputs into the computer system of the PPAITPN 500 some partial data shown on his official identification document (e.g., last four digits of the driver license number or passport number … the consumer 100 uploads his photo into the computer system of the PPAITPN 500 … When a presumed consumer (e.g., a "customer") conducts a transaction with a retail store 300 based on the identity of the consumer 100, the retail store 300 can ask the consumer to provide an identification document … The retail store 300 (relying party) enters (block 3001), for example, the last six digits of the credit card number and the last four digits (subset of the credential data) of the driver license number into the computer system of the PPAITPN 500 (verification service) through the Internet 600. The computer system of the PPAITPN 500 searches its database (block 3002) and display the names of all the possible matches (a verified version) through the Internet 600 based on the information entered by the retail store 300. The retail store 300 selects the correct name based on the name shown on the driver's license of the consumer. Based on the selected name, the photo of the consumer 100 which is stored in the database of the computer system of PPAITPN 500 is displayed through the Internet 600 (block 3003) … The retail store 300 compares the photo of the consumer 100 with the appearance of the presumed consumer (decision block 3004) …);
wherein displaying at least some of the subset of the credential data on the screen of the device of the relying party comprises displaying at least some of the verified version of the subset of credential data from the verification service (Song, Para [0172-0181, 0079-0080]: … the flowchart of FIG. 2 in combination with the system diagram of FIG. 1, which together illustrate an exemplary process in which a consumer can register with the computer system of the PPAITPN … the consumer 100 further inputs into the computer system of the PPAITPN 500 some partial data shown on his official identification document (e.g., last four digits of the driver license number or passport number … the consumer 100 uploads his photo into the computer system of the PPAITPN 500 … When a presumed consumer (e.g., a "customer") conducts a transaction with a retail store 300 based on the identity of the consumer 100, the retail store 300 can ask the consumer to provide an identification document … The retail store 300 (relying party) enters (block 3001), for example, the last six digits of the credit card number and the last four digits (subset of the credential data) of the driver license number into the computer system of the PPAITPN 500 (verification service) through the Internet 600. The computer system of the PPAITPN 500 searches its database (block 3002) and display the names of all the possible matches (a verified version) through the Internet 600 based on the information entered by the retail store 300. The retail store 300 selects the correct name based on the name shown on the driver's license of the consumer. Based on the selected name, the photo of the consumer 100 which is stored in the database of the computer system of PPAITPN 500 is displayed through the Internet 600 (block 3003) … The retail store 300 compares the photo of the consumer 100 with the appearance of the presumed consumer (decision block 3004) …); Examiner: Saylor already discloses sending a subset of the credential data as in claim 1.”
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Song into the teachings of Saylor-Paquin-Ehrensvard, because it teaches that “when a presumed consumer tries to conduct a transaction with individuals, financial institutions or merchants based on the stolen identity of the consumer, personal information of the consumer, such as a photo, challenge question, etc. can be provided to the individuals, financial institutions or the merchants through the network. The individuals, financial institutions and merchants can then verify whether the presumed consumer (e.g., a subject person) corresponds to the personal information of the true consumer provided by the computer system and thus reject the transaction if the result is negative, i.e., if the subject person is a potential fraudster (Song: Para [0021]).”
Regarding Claim 34. The combination of Saylor-Paquin-Ehrensvard discloses the method of claim 1, however, is does not explicitly teach, but Song from same or similar field of endeavor teaches: “further comprising:
Song, [0172-0181, 0079-0080]: … the flowchart of FIG. 2 in combination with the system diagram of FIG. 1, which together illustrate an exemplary process in which a consumer can register with the computer system of the PPAITPN … the consumer 100 further inputs into the computer system of the PPAITPN 500 some partial data shown on his official identification document (e.g., last four digits of the driver license number or passport number … the consumer 100 uploads his photo into the computer system of the PPAITPN 500 … When a presumed consumer (e.g., a "customer") conducts a transaction with a retail store 300 based on the identity of the consumer 100, the retail store 300 can ask the consumer to provide an identification document … The retail store 300 (relying party) enters (block 3001), for example, the last six digits of the credit card number and the last four digits (subset of the credential data) of the driver license number into the computer system of the PPAITPN 500 (verification service) through the Internet 600. The computer system of the PPAITPN 500 searches its database (block 3002) and display the names of all the possible matches (a verified version) through the Internet 600 based on the information entered by the retail store 300. The retail store 300 selects the correct name based on the name shown on the driver's license of the consumer (holder). Based on the selected name, the photo of the consumer 100 which is stored in the database of the computer system of PPAITPN 500 is displayed through the Internet 600 (block 3003) … The retail store 300 compares the photo of the consumer 100 with the appearance of the presumed consumer (decision block 3004)…);
wherein displaying at least some of the subset of the credential data on the screen of the device of the relying party comprises displaying the image of the holder received from the verification service (Song, Para [0172-0181, 0079-0080]: … the flowchart of FIG. 2 in combination with the system diagram of FIG. 1, which together illustrate an exemplary process in which a consumer can register with the computer system of the PPAITPN … the consumer 100 further inputs into the computer system of the PPAITPN 500 some partial data shown on his official identification document (e.g., last four digits of the driver license number or passport number … the consumer 100 uploads his photo into the computer system of the PPAITPN 500 … When a presumed consumer (e.g., a "customer") conducts a transaction with a retail store 300 based on the identity of the consumer 100, the retail store 300 can ask the consumer to provide an identification document … The retail store 300 (relying party) enters (block 3001), for example, the last six digits of the credit card number and the last four digits (subset of the credential data) of the driver license number into the computer system of the PPAITPN 500 (verification service) through the Internet 600. The computer system of the PPAITPN 500 searches its database (block 3002) and display the names of all the possible matches (a verified version) through the Internet 600 based on the information entered by the retail store 300. The retail store 300 selects the correct name based on the name shown on the driver's license of the consumer (holder). Based on the selected name, the photo of the consumer 100 which is stored in the database of the computer system of PPAITPN 500 is displayed through the Internet 600 (block 3003) … The retail store 300 compares the photo of the consumer 100 with the appearance of the presumed consumer (decision block 3004)…); Examiner: Saylor already discloses sending a subset of the credential data as in claim 1.”
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Song into the teachings of Saylor-Paquin-Ehrensvard, because it teaches that “when a presumed consumer tries to conduct a transaction with individuals, financial institutions or merchants based on the stolen identity of the consumer, personal information of the consumer, such as a photo, challenge question, etc. can be provided to the individuals, financial institutions or the merchants through the network. The individuals, financial institutions and merchants can then verify whether the presumed consumer (e.g., a subject person) corresponds to the personal information of the true consumer provided by the computer system and thus reject the transaction if the result is negative, i.e., if the subject person is a potential fraudster (Song: Para [0021]).”
Regarding Claim 35. This claim all the same or similar limitations as in claim 33, hence similarly rejected as claim 33.
Regarding Claim 36
Pertinent Prior Arts: The following prior arts made of record but not relied upon for rejection of claims in the current office action are considered pertinent to Applicant’s disclosure. The attached PTO-892 contains additional prior arts of relevance.
USPGPUB: 20160094540 (CAMENISCH et al.): Methods and apparatus are provided for authenticating user computers in distributed single sign-on systems. A user computer is connectable via a network to a plurality of verifier servers and a plurality n of authentication servers. Through communication with authentication servers, the user computer can generate a cryptographic token for authenticating the user computer to a selected verifier server under a username identifying the user computer to that verifier server. A second preferred embodiment of the SSO process will now be described with reference to FIGS. 7 and 8a to 8c. In this embodiment, the cryptographic mechanism used for token generation and verification is based on privacy-preserving attribute-based credentials (Privacy-ABCs, or "PABCs" hereinafter). PABCs. At a high level, a PABC system allows users to obtain credentials on lists of attributes certified by credential issuers. The users can then use these credentials to derive so-called presentation tokens that selectively reveal partial information about the credential attributes and can be verified by a verifying party using the credential issuer's public key. The presentation tokens have the privacy features that they do not expose any information about the credentials or credential attributes beyond what was explicitly revealed by the token, and they are untraceable in that an issuer cannot trace a presentation token back to the issuance of the credential from which it was derived. Credentials and presentation tokens. A credential is a certified list of attribute values, and is issued to a user by a credential issuer. The user can derive a 
USPGPUB: 20100325441 (Laurie et al.): Systems and methods are disclosed for privacy-preserving flexible user-selected anonymous and pseudonymous access at a relying party (RP), mediated by an identity provider (IdP). Anonymous access is unlinkable to any previous or future accesses of the user at the RP. Pseudonymous access allows the user to associate the access to a pseudonym previously registered at the RP. A pseudonym system is disclosed. The pseudonym system allows a large number of different and unlinkable pseudonyms to be generated using only a small number of secrets held by the user. The pseudonym system can generate tokens capable of including rich semantics in both a fixed format and a free format. The tokens can be used in obtaining from the IdP, confirmation of access privilege and/or of selective partial disclosure of user characteristics required for access at the RPs. The pseudonym system and associated protocols also support user-enabled linkability between pseudonyms.
NPL: Efficient Selective Disclosure on Smart Cards Using Idemix (Vullers et al.): This discloses an efficient implementation for selective disclosure of attribute-based credentials on smart cards. In this context we concentrate on the implementation of this core feature of IBM’s Identity Mixer (Idemix) technology. Using the MULTOS platform we are the first to provide this feature on a smart card. We compare Idemix with Microsoft’s U-Prove technology, as the latter also offers selective disclosure of attributes and has been implemented on a smart card. Unique identiﬁers are used to identify entities during authentication and/or authorisation, but actually in most use cases identiﬁcation is not necessary. For instance, when you want to buy liquor, a merchant only needs to verify that you are of a certain age. The same holds when boarding a train; the system only needs to know whether or not you are allowed to do so, and there is no direct need for the system to know exactly who you are. A more privacy-friendly approach is possible by using attribute-based credentials. Instead of providing lots of identity information to the service provider, the user can now just provide the required attributes, such that the service can be accessed without the user revealing his identity. The Identity Mixer (Idemix) technology [7, 8, 9] developed by IBM Research to implement attribute-based credentials. This system allows the user to receive a signed list of attributes from a trusted party which can then be used to convince a service provider. A core feature of this technology, selective disclosure, enables a user to control which attributes from this list get revealed to the service provider. A user may have several credentials, each asserting some collection of attributes. When requesting a service from a service provider, the user is required to authenticate using one (or more) of his/her credentials. In the veriﬁcation process the user can choose to only provide certain credentials; also, given a speciﬁc credential, the user may choose to reveal only a subset of attributes in the credential. By doing this, authentication becomes more privacy friendly. This latter process is called selective disclosure, involving a veriﬁcation protocol in which only a subset of the credential attributes is revealed to the veriﬁer while the other attributes are only proved to be present in the credential. This allows a user to reveal only the 
USPGPUB: 2007/0250704 A1 (Hallam-Baker): This discloses a privacy enhanced identity scheme that may use public and private key cryptography to selectively distribute attributes of a token holder to a relying party. A challenge message [Rnonce, RID], where Rnonce is a reader nonce and RID is a reader identifier. Methods may also include, responsive to the challenge message, sending a response message including at least an encrypted private token identifier TID and a session key k. In response to a challenge from a reader. The token sends a message that includes token identifier that is un-linkable to other identifiers sent from the same token.
The present invention generally relates to a privacy enhanced identity scheme. More specifically, the present invention relates to a privacy enhanced identity scheme using public and private key cryptography to selectively distribute attributes of a token holder to a relying party.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHABUB S AHMED whose telephone number is (571)272-0364.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MAHABUB S AHMED/Examiner, Art Unit 2434


/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434