DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Applicant’s amendment filed 26 February 2021 amends claims 1, 14, and 17. Applicant’s amendment has been fully considered and entered.
Response to Arguments
Applicant argues, “Applicant has amended claim 14 to correct that issue. Accordingly Applicant respectfully requests withdrawal of the rejection.” This argument has been fully considered and is persuasive. The previous §112(b) rejection of claims 14-16 have been withdrawn. 
Applicant argues, “In particular, no prior art reference discloses that the secure storage device concludes that the user is authorized to initiate a particular command to be executed at the second device, and, in response to this conclusion, creates a data block representing the command and signs it with the private key.” This argument has been fully considered and is persuasive in view of the above argument in combination with the amended claim limitations that specify that the claimed authorization is performed based upon user privileges. Therefore, the 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Rader, U.S. Publication No. 2010/0197383. Referring to claim 17, Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]), user mobile devices (Figure 16, element 1670 & [0239] & [0361]: mobile device reads on the claimed first device), and gaming machines (Figure 16, element 1621 & [0361]). The mobile devices include smart cards ([0073]) such that the smart cards have memory ([0072]: memory reads on claimed storage device), are operable to communicate ([0072]: communication functionality reads on the claimed communication interface), and one or more processors ([0072]), which meets the limitation of a secure storage device of a first device, the secure storage device comprising a storage unit, a communication interface, and a processor coupled to the storage unit and the communication interface. The smart cards storing public/private key pairs for communication with the STM ([0043]: private key associated with the smart card is not known to other devices, i.e., stored internally), which meets the limitation of store a private key of a key pair for asymmetric encryption in the secure storage device. A request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]: credit update reads on the claimed command executable by the second device and the update specific value reads on the claimed data related to the command) such that the amount of credit transferred is determined by the smart card ([0157]-[0158]), which meets the limitation of at least one of receive or generate at least one data related to a command executable by a second device. The transferring of the credit between the game machine and the smart card requires the user to verify knowledge of a PIN stored in the smart card ([0143]), which meets the limitation of determine that the data related to the command executable by the second device corresponds to at least one user credential stored in the secure storage device, and thus conclude that the at least one user credential indicates that a user associated with the at least one user credential is authorized to cause the at least one command to be executed by the second device. When it is determined that the correct PIN is entered ([0143]) and that the request to transfer credit satisfies one or more permissions and/or rules, the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]: the information being transmitted using a secure communication session involves transmission that includes the updated credit value information as a packet payload and the payload would read on the claimed data block), which meets the limitation of in response to concluding that the at least one user credential indicates that the user associated with the at least one user credential is authorized to cause the at least one command to be executed by the second device, generate in the secure storage device a data block that represents the command executable by the second device.
Rader discloses that the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]). Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]: encryption of token using a private key is equivalent to claimed signing the data block because digital signatures are created by encrypting using a private key), which meets the limitation of sign the data block with the secure storage device using the private key stored in the secure storage device. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Claims 1, 3, 4, 11, 13, 15, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Rader, U.S. Publication No. 2010/0197383, Tone, U.S. Publication No. 2007/0265094. Referring to claim 1, Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]: gateway is independent of gaming machines and is capable of communicating with the gaming machines and mobile devices to the extent that they are all connected to the same gaming network), user mobile devices (Figure 16, element 1670 & [0239] & [0361]: mobile device reads on the claimed first device), and gaming machines (Figure 16, element 1621 & [0361]: gaming machines read on the claimed second device), which meets the limitation of providing a gateway at least one of integrated into the second device or provided independent thereof, the gateway configured to communicate with the first device over an electronic communication channel, wherein the first device comprises a client device. The gaming machine includes a smart card ([0053]: STM/smart card would read on the claimed protected device), which meets the limitation the second device comprises a protected device. The mobile devices include smart cards such as a SIM card ([0073]: smart card would read on the secure storage device) for storing public/private key pairs for communication with the STM ([0043]: private key associated with the smart card is not known to other devices, i.e., stored internally & [0116]: smart card and STM exchange public keys & [0106]: communication between STM and smart card performed using public key cryptosystem & [0060]-[0062]: smart card is implemented as portable device such as user mobile [0239]), which meets the limitation of providing a secure storage device for the first device, providing a key pair of asymmetric cryptography having a private key and a public key, storing the private key of the key pair used for the asymmetric encryption in the secure storage device. Mobile device receives a transfer request from STM such that an application on the smart card performs permissions verification to see if the STM request satisfies stored permissions and/or rules ([0121]-[0123]: transfer request would read on the claimed command executable by the second device because the transfer is being performed at the gaming machine which reads on the claimed second device & [0145]: request results in credit value being updated at the gaming machine) wherein the verification procedure additionally requires a user to verify knowledge of a PIN that is stored on the smart card ([0143]: PIN would read on the claimed user credentials stored in the secure storage device), which meets the limitation of providing user privileges relating to at least one command executable by the second device and storing user credentials in the secure storage, wherein the user credentials further comprise privileges data and indicate that a user associated with the user privileges is authorized to cause the at least one command to be executed by the second device. The transfer request can include a request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]: updated credit value based on increase/decrease would read on the claimed data related to the command), which meets the limitation of generating at least one data related to the at least one command executable by the second device. The transferring of the credit between the game machine and the smart card requires the user to verify knowledge of a PIN stored in the smart card ([0143]), which meets the limitation of determining that the data related to the command executable by the second device corresponds to at least one user credential stored in the secure storage device, and thus concluding that the at least one user credential indicates that the user associated with the at least one user credential is authorized to cause the at least one command to be executed by the second device. When it is determined that the correct PIN is entered ([0143]) and that the request to transfer credit satisfies one or more permissions and/or rules, the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]: the information being transmitted using a secure communication session involves the creation of a data packet for transmission that includes the updated credit value information as a packet payload and the payload would read on the claimed data block), which meets the limitation of in response to concluding that the at least one user credential indicates that the user associated with the at least one user credential is authorized to cause the at least one command to be executed by the second device, generating in the secure storage device a data block that represents the command executable by the second device, generating at least one data packet from the data block [signed with the private key], transmitting the at least one data packet to the [gateway] via the electronic communication channel. 
Rader discloses that the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]). Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]: encryption of token using a private key is equivalent to claimed signing the data block because digital signatures are created by encrypting using a private key), which meets the limitation of signing the data block with the secure storage device using the private key stored in the secure storage device. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]), but Rader does not specify that the gateway receives the updated credit value information that is communicated from the smart card to the gaming machine. Tone discloses a gaming network wherein communication between user terminals and gaming machines is forwarded through a gateway (Figure 12: user device 14C communicates with game terminal 14E through the gateway 58 & [0125]), which meets the limitation of transmitting the at least one data packet to the gateway via the electronic communication channel. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value transmission to have been communicated by the mobile device to the gateway such that the gateway of Rader forwards the transmission to the gaming machines in order to allow for the gaming network to include gaming machines that utilize different protocols supplied by different companies in a manner that does not require casino operators to upgrade all software running on the machines as suggested by Tone ([0125] & [0127]).
Referring to claim 3, Rader discloses that the transfer request can include a request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]: updating the credit value based on increase/decrease would read on the claimed command executable the second device), which meets the limitation of wherein the data block derived from the data related to the command executable by the second device comprises a command executable by the second device.
Referring to claim 4, Rader discloses that the transfer request can include a request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]: the update credit value based on increase/decrease would read on the claimed command code), which meets the limitation of wherein the data block derived from the data related to the command executable by the second device comprises at least one of a command code. 
Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]), but Rader does not specify that the gateway receives the updated credit value information that is communicated from the smart card to the gaming machine. Tone discloses a gaming network wherein communication between user terminals and gaming machines is forwarded through a gateway (Figure 12: user device 14C communicates with game terminal 14E through the gateway 58 & [0125]), which meets the limitation of the command executable by the second device is also forwarded to the gateway in at least one of the data packet containing [the signed data block]. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value transmission to have been communicated by the mobile device to the gateway such that the gateway of Rader forwards the transmission to the gaming machines in order to allow for the gaming network to include gaming machines that utilize different protocols supplied by different companies in a manner that does not require casino operators to upgrade all software running on the machines as suggested by Tone ([0125] & [0127]).
Rader discloses that the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]). Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]: encryption of token using a private key is equivalent to claimed signing the data block because digital signatures are created by encrypting using a private key), which meets the limitation of forwarded to the gateway in at least one of the data packet containing the signed data block. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Referring to claim 11, Rader discloses that the mobile devices include smart cards such as a SIM card ([0073]), which meets the limitation of wherein the secure storage device provided for the first device is at least a removable card of the first device.
Referring to claim 13, Rader discloses that the private key is stored in the smart card ([0043]), which meets the limitation of wherein the private key stored in the secure storage device provided for the first device is the private key of the gateway used by all users. Examiner notes that the limitation “is the private key of the gateway used by all users” represents an intended use limitation. A recitation of the intended use of the claimed invention must result in a structural difference between the claimed invention and the prior art in order to patentably distinguish the claimed invention from the prior art.  If the prior art structure is capable of performing the intended use, then it meets the claim. In the instant case, the claim merely requires the private key to be stored in the storage device, which is clearly shown by Rader ([0043]). Additionally, the private key in the smart card of Rader is clearly capable of being utilized by all users of the smart card, and would therefore meet the limitation as claimed.
Referring to claims 15, 16, Rader discloses that the transfer request can include a request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]: credit update reads on the claimed command executable by the second device and the update specific value reads on the claimed data related to the command) such that the amount of credit transferred is determined by the smart card ([0157]-[0158]), which meets the limitation of wherein the at least one data related to the command executable by the second device is generated in the client device, wherein the at least one data related to the command executable by the second device is generated in the secure storage device provided for the client device.
Claims 2, 7, 8, 14 are rejected under 35 U.S.C. 103 as being unpatentable over Rader, U.S. Publication No. 2010/0197383, Tone, U.S. Publication No. 2007/0265094, and further in view of Huang, U.S. Publication No. 2005/0036616. Referring to claim 2, Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]), but Rader does not specify that the gateway receives the updated credit value information that is communicated from the smart card to the gaming machine. Tone discloses a gaming network wherein communication between user terminals and gaming machines is forwarded through a gateway (Figure 12: user device 14C communicates with game terminal 14E through the gateway 58 & [0125]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value transmission to have been communicated by the mobile device to the gateway such that the gateway of Rader forwards the transmission to the gaming machines in order to allow for the gaming network to include gaming machines that utilize different protocols supplied by different companies in a manner that does not require casino operators to upgrade all software running on the machines as suggested by Tone ([0125] & [0127]).
Rader, as modified in view of Tone above, does not specify that the gateway verifies the digital signatures of the received communications prior to forwarding them to their destination (i.e., gaming apparatus). Huang discloses a secure routing protocol wherein source nodes digitally sign a packet information such that an every intermediary node and the destination node verifies the digital signature ([0058]-[0059]), which meets the limitation of checking with the gateway the at least one data packet by verifying the integrity of the signed data block using the public key. The intermediary node will only forward the packet if the verification checks pass, and drops the packet of the verification checks fail ([0067]: gaming device will not receive the communication to perform the credit update if the check fails. Therefore, gateway effectively authorizes the credit update by forwarding valid packets onto the gaming apparatus), which meets the limitation of in response to verifying the integrity of the data block, authorizing the second device to execute the command corresponding to the user privilege. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the gateway of Rader to have performed digital signature verification on received communications in order to ensure the received packets are valid as suggested by Huang ([0059]).
Referring to claim 7, Rader, as modified in view of Tone above, does not specify that the gateway verifies the digital signatures of the received communications prior to forwarding them to their destination (i.e., gaming apparatus). Huang discloses a secure routing protocol wherein source nodes digitally sign a packet information, that includes a destination address, such that an every intermediary node and the destination node verifies the digital signature ([0058]-[0059]). The intermediary node can utilize the destination address ([0058]) in the received packet in order to rebroadcast the packet such that packet arrives at the destination corresponding with the destination address ([0055] & [0067]), which meets the limitation of wherein during the checking of the at least one data packet, the second device to which the command is directed is determined by the gateway. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the gateway of Rader to have performed digital signature verification on received communications in order to ensure the received packets are valid as suggested by Huang ([0059]).
Referring to claim 8, Rader, as modified in view of Tone above, does not specify that the gateway verifies the digital signatures of the received communications prior to forwarding them to their destination (i.e., gaming apparatus). Huang discloses a secure routing protocol wherein source nodes digitally sign a packet information such that an every intermediary node and the destination node verifies the digital signature ([0058]-[0059]). Huang discloses that the intermediary nodes also verify the source node information in the packets ([0065]), which meets the limitation of wherein checking the data packet, in addition to verifying the integrity of the signed data block, also includes examining other content identifier elements of the data block. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the gateway of Rader to have performed digital signature verification on received communications in order to ensure the received packets are valid as suggested by Huang ([0059]).
Referring to claim 14, Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]: gateway is independent of gaming machines and is capable of communicating with the gaming machines and mobile devices to the extent that they are all connected to the same gaming network), user mobile devices (Figure 16, element 1670 & [0239] & [0361]: mobile device reads on the claimed first device), and gaming machines (Figure 16, element 1621 & [0361]: gaming machines read on the claimed second device), which meets the limitation of a gateway comprising [a processor, a data storage and a communication unit], wherein the gateway is configured to communicate with a first device over an electronic communication channel, wherein the gateway is at least one of integrated into the second device or provided independent thereof. The gaming machine includes a smart card ([0053]: STM/smart card would read on the claimed protected device), which meets the limitation a second device comprises a protected device. The mobile devices include smart cards such as a SIM card ([0073]: smart card would read on the secure storage device) for storing public/private key pairs for communication with the STM ([0043]: private key associated with the smart card is not known to other devices, i.e., stored internally & [0116]: smart card and STM exchange public keys & [0106]: communication between STM and smart card performed using public key cryptosystem & [0060]-[0062]: smart card is implemented as portable device such as user mobile [0239]), which meets the limitation of wherein the first device comprises a client device with a secure storage device, a key pair of asymmetric cryptography having a private key and a public key. Mobile device receives a transfer request from STM such that an application on the smart card performs permissions verification to see if the STM request satisfies stored permissions and/or rules ([0121]-[0123]: transfer request would read on the claimed command executable by the second device because the transfer is being performed at the gaming machine which reads on the claimed second device & [0145]: request results in credit value being updated at the gaming machine) wherein the verification procedure additionally requires a user to verify knowledge of a PIN that is stored on the smart card ([0143]: PIN would read on the claimed user credentials stored in the secure storage device). The transfer request can include a request to transfer credit from the smart card to the gaming machine such that a credit value stored on the smart card is decreased or a request to transfer credit from the gaming machine to the smart card such that the credit value stored on the smart card is increased ([0144]). The transferring of the credit between the game machine and the smart card requires the user to verify knowledge of a PIN stored in the smart card ([0143]), which meets the limitation of determining correspondence of at least one user credential stored in the secure storage device to data related to the command executable by the second device indicates that a user is associated with the at least one user credential  is authorized to cause the at least one command to be executed by the second device. When it is determined that the correct PIN is entered ([0143]) and that the request to transfer credit satisfies one or more permissions and/or rules, the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]: the information being transmitted using a secure communication session involves the creation of a data packet for transmission that includes the updated credit value information as a packet payload and the payload would read on the claimed data block), which meets the limitation of the at least one data packet comprising at least one data block representing a command executable by the second device, the at least one data block being generated by the secure storage device of the first device in response to the secure storage device concluding that correspondence of the at least one user credential stored in secure storage device to the data related to the command executable by the second device indicates that a user associated with the at least one user credential is authorized to cause the command to be executed by the second device. 
Rader discloses that the updated credit value information is communicated from the smart card to the gaming machine using a secure communication session ([0123] & [0145]). Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]: encryption of token using a private key is equivalent to claimed signing the data block because digital signatures are created by encrypting using a private key), which meets the limitation of the at least one data block signed with a private key of a key pair of asymmetric cryptography comprising the private key and a public key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Rader discloses a server-based gaming network that includes a gateway (Figure 16, element 1650 & [0358]), but Rader does not specify that the gateway receives the updated credit value information that is communicated from the smart card to the gaming machine. Tone discloses a gaming network wherein communication between user terminals and gaming machines is forwarded through a gateway (Figure 12: user device 14C communicates with game terminal 14E through the gateway 58 & [0125]), which meets the limitation of wherein the gateway is configured to receive, via the electronic communication channel form the first device, at least one data packet comprising at least one data block. The gateway stores software that is executed and allows for communication with other devices in the system ([0125]: execution of the software implies a processor and communication with other devices shows the use of a communication unit), which meets the limitation of a gateway comprising a processor, a data storage, and a communication unit. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value transmission to have been communicated by the mobile device to a gateway, such as the gateway utilized in Tone, such that the gateway of Rader forwards the transmission to the gaming machines in order to allow for the gaming network to include gaming machines that utilize different protocols supplied by different companies in a manner that does not require casino operators to upgrade all software running on the machines as suggested by Tone ([0125] & [0127]).
Rader, as modified in view of Tone above, does not specify that the gateway verifies the digital signatures of the received communications prior to forwarding them to their destination (i.e., gaming apparatus). Huang discloses a secure routing protocol wherein source nodes digitally sign a packet information such that an every intermediary node and the destination node verifies the digital signature ([0058]-[0059]), which meets the limitation of wherein the gateway configured to check the at least one data packet by verifying the integrity of the signed data block using the public key. The intermediary node will only forward the packet if the verification checks pass, and drops the packet of the verification checks fail ([0067]: gaming device will not receive the communication to perform the credit update if the check fails. Therefore, gateway effectively authorizes the credit update by forwarding valid packets onto the gaming apparatus), which meets the limitation of authorize the second device to execute the command corresponding to a user privilege relating to the command in response to verifying the integrity of the data block. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the gateway of Rader to have performed digital signature verification on received communications in order to ensure the received packets are valid as suggested by Huang ([0059]).
Claims 9, 10 are rejected under 35 U.S.C. 103 as being unpatentable over Rader, U.S. Publication No. 2010/0197383, Tone, U.S. Publication No. 2007/0265094, in view of Huang, U.S. Publication No. 2005/0036616, and further in view of Vaughan, U.S. Publication No. 2006/0080257. Referring to claim 9, Rader, as modified in view of Tone and Huang above, does not disclose the user determination based on the signature. Vaughan discloses a request message that is digitally signed with the client private key such that the digital signature is added to the header prior to transmission ([0135]). The recipient validates the signed request using the client’s public key ([0136]: validating using the public key ensure that the digital signature was created with the user’s private key which would properly determine the user as claimed because only the user would have the private key), which meets the limitation of wherein the user is determined based on the signature of the data block during the checking of the at least one data packet. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the digital signatures of the modified Rader to have been validated in the manner described in Vaughn in order to ensure that the request originates from purported requester and has not been altered as suggested by Vaughan ([0136]).
Referring to claim 10, Rader, as modified in view of Tone and Huang above, does not disclose the user determination based on the signature. Vaughan discloses a request message, that includes a transaction request and an identity credential ([0135]), that is digitally signed with the client private key such that the digital signature is added to the header prior to transmission ([0135]). The recipient validates the integrity of the request message ([0136]) and that the user corresponding to the included identity credential has the proper rights to perform the requested transaction ([0133]: identity credential would read on the claimed unique identifier), which meets the limitation of wherein during the checking of the at least one data packet, the user is determined on the basis of a unique identifier provided in the data block. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the digital signatures of the modified Rader to have been validated in the manner described in Vaughn in order to ensure that the communication has not been altered and that the request will not result to unauthorized access as suggested by Vaughan ([0133] & [0136]).
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Rader, U.S. Publication No. 2010/0197383, Tone, U.S. Publication No. 2007/0265094, in view of Huang, U.S. Publication No. 2005/0036616, and further in view of Fiducia, U.S. Publication No. 2010/0308110. Referring to claim 12, Rader does not specify that the secure communication session involves digitally signing the transmission between the smart card and the gaming machine that includes the updated credit value information. Rader does disclose the digitally signing of transmitted information using a private key ([0205]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the updated credit value information that is communicated from the smart card to the gaming machine using a secure communication session to have been digitally signed prior to transmission to the gamine machine in order to verify the source of the data as suggested Rader ([0205]).
Rader does disclose the digitally signing of transmitted information using a private key ([0205]). Rader does not disclose that private key can be utilized to identify a user. Fiducia discloses that the private key stored in the smart card ([0012]) is part of a PKI implementation to bind keys to the person issued the smart card ([0005]), which meets the limitation of wherein the private key stored in the secure storage device provided for the first device is assigned to the individual user. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the public/private key pairs of Rader to have been stored on the user’s smart card using the PKI embodiment described in Fiducia in order to bind the keys to the person that was issued the smart card as discussed in Fiducia ([0005]).
Allowable Subject Matter
Claims 5, 6 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805.  The examiner can normally be reached on M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 5712724063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN E LANIER/          Primary Examiner, Art Unit 2437