DETAILED ACTION

Notice of Pre-AIA  or AIA  Status

The present application, filed on or after December 13, 2013, is being examined under the first inventor to file provisions of the AIA .


Examiner’s Amendment

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given by Mr. Andrew M. Waxman during a communication on November 9, 2020. 

The claims have been amended as follows: 

Claim 1.	(Previously Presented)  A method for authenticating an item via an authentication processing device at a checking center, the method comprising:
storing, by the authentication processing device, production batch information corresponding to the item in a database of the checking center;

retrieving, by the authentication processing device, a salt file from a first computer readable medium based on the salt file identifier;
decrypting, by the authentication processing device, a secret key for the salt file with a private key; 
sending, by the authentication processing device, the secret key to the code generator computer system;
receiving, by the authentication processing device, a digitally signed item identifier (SUPI) of the item from a remote device over the network;
receiving, by the authentication processing device, a random salt index alpha of the item from the code generator computer system over the network;
deobfuscating the SUPI by the authentication processing device; 
extracting, by the authentication processing device, an item identifier (UPI) and a first noise code from the deobfuscated SUPI;
identifying, by the authentication processing device, production batch information for the extracted UPI in the database;
generating, by the authentication processing device, a second noise code from (i) the identified production batch information, (ii) the salt file, and (iii) the random salt index alpha; 
determining, by the authentication processing device, that the first noise code matches the second noise code;

sending, by the authentication processing device, the authentication result to the remote device over the network.

Claim 2.	(Previously Presented)  The method according to claim 1, further comprising:
receiving, by the authentication processing device, a plurality of queries for the SUPI from one or more remote devices;
counting, by the authentication processing device, a number of queries among the plurality of queries; 
comparing, by the authentication processing device, the number of queries to a threshold; and
generating, by the authentication processing device, a notification of possible cloning in response to the number of queries exceeding the threshold.

Claim 3.	(Previously Presented)  The method according to claim 1, further comprising:
tracking, by the authentication processing device, the production batch information for the item during shipping based on at least the authentication result. 


receiving, by the authentication processing device, a plurality of queries related to the SUPI from one or more remote devices; and
determining, by the authentication processing device, whether the SUPI has been cloned by counting a number of queries among the plurality of queries in relation to the SUPI and comparing the number of queries to a threshold.

Claim 5. 	(Previously Presented)  The method according to claim 1, further comprising: 
transmitting, by the authentication processing device, additional item information related to the SUPI to the remote device over the network.

Claim 6.	(Currently Amended)  The method according to claim 5, further comprising:
determining, by the authentication processing device, whether the SUPI has a likelihood of being cloned by counting a number of queries received in relation to the SUPI by 

Claim 7.	(Canceled)





Claim 22. 	(Currently Amended)  A non-transitory computer-readable storage medium storing computer-readable instructions that, when executed by at least one processor at an authentication processing device at a checking center, cause the at least one processor 
storing
receiving, 
retrieving
decrypting
sending
receivingdigitally signed item identifier (SUPI) of the item from a remote device over the network;
receiving
deobfuscating the SUPI
an item identifier (UPI) and a first noise code from the deobfuscated SUPI;
identifying
generating
determining
generating
	sending

Claim 23. 	(Currently Amended)  The non-transitory computer-readable storage medium according to claim 22, wherein the method further comprises:
receiving
counting
comparing


Claim 24. 	(Currently Amended)  The non-transitory computer-readable storage medium according to claim 22, wherein the method further comprises:
tracking
Claim 25.	(Currently Amended)  The non-transitory computer-readable storage medium according to claim 24, wherein the method further comprises:
receiving
determining

Claim 26.	(Currently Amended)  The non-transitory computer-readable storage medium according to claim 22, wherein the method further comprises: 
transmitting

Claim 27.	(Currently Amended)  The non-transitory computer-readable storage medium according to claim 26, wherein the method further comprises:


Claim 28.	(Currently Amended)  An authentication processing device comprising: 
at least one processor; 
a memory storing computer-executable instructions that, when executed by the at least one processor, cause the[[; and]] at least one processor perform the operations of : 
storing production batch information corresponding to an item in a database of a checking center,
receiving, over a network, a salt file identifier from a code generator computer system,
retrieving a salt file from a first computer readable medium based on the salt file identifier,
decrypting a secret key for the salt file with a private key,
[[send ]]sending the secret key to the code generator computer system,
receiving, from a remote device over the network, a digitally signed item identifier (SUPI) of the item;
receiving a random salt index alpha of the item from the code generator computer system over the network,
deobfuscating the SUPI, 
extracting an item identifier (UPI) and a first noise code from the deobfuscated SUPI,
identifying production batch information for the extracted UPI in the database,
generating a second noise code from (i) the identified production batch information, (ii) the salt file, and (iii) the random salt index alpha,
determining that the first noise code matches the second noise code,
generating an authentication result by verifying that the item is authentic based on the SUPI, and
	[[send]]sending the authentication result to the remote device over the network.

Claim 29.	(Currently Amended)  The authentication processing device according to claim 28, wherein the memory storesexecutable instructions that, when executed by the at least one processor, [[to ]]cause the at least one processor  perform the operations of:
receiving a plurality of queries for the SUPI from one or more remote devices;
counting a number of queries among the plurality of queries; 
comparing, by the authentication processing device, the number of queries to a threshold; and
generating a notification of possible cloning in response to the number of queries exceeding the threshold.

Claim 30.	(Currently Amended)  The authentication processing device according to claim 28, wherein the memory stores executable instructions that, when executed by the at least one processor, [[to ]]cause the at least one processor to perform the operation of ing the production batch information for the item during shipping based on at least the authentication result. 

Claim 31.	(Currently Amended)  The authentication processing device according to claim 30, wherein the memory stores executablethat, when executed by the at least one processor, [[to ]]cause the at least one processor  perform the operations of: 
receiving a plurality of queries related to the SUPI from one or more remote devices; and
determining whether the SUPI has been cloned by counting a number of queries among the plurality of queries in relation to the SUPI and comparing the number of queries to a threshold.

Claim 32.	(Currently Amended)  The authentication processing device according to claim 28, wherein the memory storesexecutable instructions that, when executed by the at least one processor,[[ to]] cause the at least one processor perform the operation of:  transmitting additional item information related to the SUPI to the remote device over the network.

Claim 33.	(Currently Amended)  The authentication processing device according to claim 32, wherein the memory stores executable instructions that, when executed by the at least one processor, [[to ]]cause the at least one processor perform the operation of: determining whether the SUPI has a likelihood of being cloned by counting a number of queries received in relation to the SUPI by non-privileged users.

Reasons for Allowance

Claims 1-6 and 22-33 are allowed.
The following is an examiner’s statement of reasons for allowance: 
Claims 1, 22 and 28 are directed to verifying authenticity of a particular item or good at a checking center. Doljack (US 6,442,276 B1) discloses a method for authenticating an item via an authentication processing device at a checking center, the method comprising: storing, by the authentication processing device, production batch information corresponding to the item in a database of the checking center (Col. 5 line 55-Col. 6 line 10, Col. 6 lines 18-61, Col. 6 lines 18-61, Col. 8 lines 30-58, Col. 9 lines 2-5), receiving, by the authentication processing device over a network, a salt file identifier from a code generator computer system, retrieving, by the authentication processing device, a salt file from a first computer readable medium based on the salt file identifier (Col. 5 line 55-Col. 6 line 10, Col. 6 lines 18-61, Col. 6 lines 18-61, Col. 8 lines 30-58, Col. 9 lines 2-5), receiving, by the authentication processing device, a SUPI of the item from a remote device over the network (Fig. 3-4; Col. 5 lines 26-50, Col. 5 line 55-Col. 6 line 10, Col. 6 lines 18-61, Col. 8 lines 30-58, Col. 9 lines 2-5), extracting, by the authentication processing device, a UPI and a first noise code from the deobfuscated SUPI (Col. 5 line 55-Col. 6 line 10, Col. 6 lines 18-61, Col. 6 lines 18-61, Col. 8 lines 30-58, Col. 9 lines 2-5), determining, by the authentication processing device, that the first noise code matches the second noise code (Col. 6 lines 27-61), generating, by the authentication processing device, an authentication result by verifying that the  item is authentic based on the SUPI (Col. 6 lines 27-61) and sending, by the authentication processing device, the authentication result to the remote device over the network (Col. 6 lines 27-61).
Additionally, Rabin et al. (US 7,991,995 B2) discloses generating, by the authentication processing device, a second noise code from (i) the identified production batch information, (ii) the salt file, and (iii) the random salt index alpha (Col. 3 lines 9-42, Col. 7 lines 24-40).
Lastly, Durst Jr. et al (US 2001/0011276 A1) discloses deobfuscating the SUPI by the authentication processing device (¶0058, ¶0059, ¶0060, ¶0076, ¶0077). 




However, the prior art does not teach nor fairly suggest neither singly nor in combination:
decrypting, by the authentication processing device, a secret key for the salt file with a private key; 
sending, by the authentication processing device, the secret key to the code generator computer system;
receiving, by the authentication processing device, a random salt index alpha of the item from the code generator computer system over the network;
identifying, by the authentication processing device, production batch information for the extracted UPI in the database;



Any comments considered necessary by the Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”




Conclusion
                                                                                                                                                   
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZEHRA RAZA whose telephone number is (571)272-8128.  The examiner can normally be reached on 10AM-6:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on (571) 272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 








/ZEHRA RAZA/Examiner, Art Unit 3685  

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685