Acknowledgements
This communication is in response to applicant’s response filed on 03/15/2021.
Claims 1, 12, and 20 have been amended. Claims 8, 14-15, 17-19, and 23-25 have been cancelled. Claims 26-28 have been added.
Claims 1-7, 9-13, 16, 20-22, and 26-28 are pending and have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Regarding applicant’s arguments:
Regarding applicant’s arguments under Claim Rejections - 35 USC § 103 that the combination of Khi (US 20170286717) in view of Smith (US 20170316390) does not teach storage of individually encrypted components of multiple identifiers of an individual which can subsequently be accessed in unencrypted form by another party (e.g., merchant) for identity verification, examiner respectfully argues that applicant’s arguments are moot in light of the new grounds of rejection necessitated by the amendments to claim 1. Applicant makes similar arguments for independent claims 12 and 26, and examiner respectfully argues applicant’s arguments are moot for the same reasons listed above for claim 1. 


Priority
Acknowledgment is made of applicant's claim for priority based on PCT Application No. PCT/GB2017/052237 filed on 08/01/2017. Acknowledgment is made of applicant's claim for foreign priority based on Great Britain Application No. GB1613233.4 filed on 08/01/2016.

Claim Objections
Claim 9 is objected to because of the following informalities:  
Claim 9, line 1, states claim 9 depends from now cancelled claim 8. Examiner is examining the claim as if it depends from claim 1.
Appropriate correction is required.

Claim Interpretation 112(f)
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in 

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. 
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: 
the data access interface being arranged to provide remote access to each of the individually encrypted components in encrypted form in claim 1; This element is interpreted under 112(f) as application programming interfaces, APIs (Page 12, lines 15-16).
the data protection system being arranged to provide selective access to each individual component 10in unencrypted form upon the authentication system authenticating the user for the respective component in claim 1; the data protection system is arranged to record changes to the encrypted components in the ledger in claim 5; the data protection system is arranged to record in the ledger data on transactions in claim 6; This element is interpreted under 112(f) as a server (Page 14, lines 5-12).
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. Therefore, by choosing to use a means-plus-function limitation and invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant limits that claim limitation to the disclosed structure, i.e., implementation by hardware or the combination of hardware and software, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function 

Examiner Note: Claim Interpretation
In claims 1 and 26 the newly added limitations “the data protection system further comprising a user interface executable by a user device, the user interface being arranged to receive authentication by the user for a transaction and to communicate authentication to the authentication system; and the user interface being independent of the merchant or service provider system” are not given patentable weight. In addition, the claim 9 limitation “wherein the user device includes a biometric reader configured to receive biometric authentication by a user” is not given patentable weight.
Since the user device in the above cited limitations neither (1) describe specific structure of the claimed system (i.e., data protection system) nor (2) describe any function(s) performed by any component of the system, the limitations will not limit the scope of the claim.

Claim Rejections - 35 USC § 102(a)(2)
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 9, 11-13, 16, 26-28 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Andrade (US 20170279801).

Regarding Claims 1, 12, and 26, Andrade teaches a data protection system including a data repository, a data access interface and an authentication system (Paragraphs 0039-0041 and 0010 teach server(s) (i.e., data protection system) may include a plurality of hardware, software, and/or firmware components operating together to provide the functionality attributed herein including electronic storage, which may comprise non-transitory storage media that electronically stores information; the server(s) may be configured to execute machine-readable instructions that may include one or more of an individual identifier component 108, a verification address assignment component 110, an address recordation component 112, a user interface component 114, a verification request component 116, an information extraction component 118, an identity verification component; processor(s) may be configured to execute machine-readable instruction components 108, 110, 112, 114, 116, 118, 120, and/or other machine-readable instruction components), the data repository storing user data for a user, the user data comprising a plurality of individually encrypted components (Paragraph 0040 teaches the the data access interface being arranged to provide remote access to each of the individually encrypted components in encrypted form (Paragraphs 0026-0027 teach the machine-readable instructions may be executable to perform block chain-based multifactor personal identity verification using the verification addresses; the verification request component may be configured to receive one or more identifiers in connection with one or more requests to verify an identity of one or more individuals), the data protection system being arranged to receive a request for user data for the user from a merchant or service provider system, the data protection system further comprising a user interface executable by a user device, the user interface being arranged to receive authentication by the user for a transaction and to communicate authentication to the authentication system (Paragraphs 0027 and 0029 teach the first identifier may be received in connection with a request to verify an identity of the first individual; requests for identity verification may be provided in connection with and/or related to financial transactions, information exchanges, and/or other interactions and may  the authentication system being arranged to provide selective access to each individual component in unencrypted form for the components needed for the transaction upon the authentication system authenticating the user for the respective component, the user interface being independent of the merchant or service provider system (Paragraph 0050-0052 and 0055 teach at an operation 302, one or more identifiers may be received in connection with one or more requests to verify an identity of one or more individuals; a first identifier may be received in connection with a request to verify an identity of a first individual; at an operation 304, biometric data associated with the one or more individuals may be extracted from corresponding verification addresses on a block chain; the first verification address may include a first public key and a first private key; at an operation 306, the identity of the one or more individuals may be verified upon, or in response to, receiving matching biometric data and private keys; the personal identity of the first individual may be verified upon, or in response to, receipt of (1) biometric data matching the first biometric data and (2) a private key matching the first private key; some implementations may ensure a person has a record at , wherein the data protection system is configured to establish an out-of-band communication with the user interface for authentication that is separate to communication with the merchant or service provider system (Paragraphs 0024 and 0027 teach the user interface component 114 may be configured to provide an interface for presentation to individuals via associated computing platforms; the verification request component 116 may be configured to receive one or more identifiers in connection with one or more requests to verify an identity of one or more individuals; requests may be received from other individuals and/or other third parties (i.e., separate communication interfaces for user interface and merchant/service provider system)).
Regarding Claim 12, Andrade teaches a computer implemented method for controlling access to data (Paragraph 0048 teaches FIG. 3 teaches a method for performing block chain-based multifactor personal identity verification using verification addresses).
Regarding Claim 26, Andrade teaches the data protection system being configured to receive attestation of one of the components from a further party and record said attestation for the component in the data repository (Paragraph 0015 and 0020 teach the individual may be required to provide evidence of the individual's identity; such evidence may include evidence provided by a third party (i.e., attestation from a further party); the address recordation the authentication system being arranged to provide selective access to each individual component in unencrypted form, said selective access including access to the respective recorded attestation if the data repository includes attestation for the component (Paragraph 0015, 0052, and 0055 teach the personal identity of the first individual may be verified upon, or in response to, receipt of (1) biometric data matching the first biometric data and (2) a private key matching the first private key; some implementations may ensure a person has a record at Company and get very basic personal information such as Full Name, DOB, Gender, and/or other basic information; some implementations may ensure a person has a record at Company and get all personal data (i.e., recipient given access to individual components in unencrypted form; the received information was previously attested to by third party (i.e., third party may be the government and the attestation involved government issued identification)).

Regarding Claim 9, Andrade teaches all the limitations of claim 1 above; and Andrade further teaches wherein the user device includes a biometric reader configured to receive biometric authentication by a user, the data protection system being arranged to authenticate the user in dependence on the biometric authentication (Paragraphs 0023 and 0031 teach the first computing platform (i.e., user device) may include an input device configured to capture and/or record a physiological characteristic and/or behavioral characteristic of the first individual; the identity verification component 120 may be configured to 

Regarding Claim 11, Andrade teaches all the limitations of claim 1 above; and Andrade further teaches wherein the data protection system is configured to provide selective access to each individual component in encrypted form upon the authentication system authenticating the user for the respective component (Paragraph 0055 teaches there may be multiple levels for how it is possible to check verification; for example, some implementations may ensure a person has a record at “Company” but no personal data is provided (i.e., data is maintained in encrypted form but still verified by the server)).

Regarding Claim 13, Andrade teaches all the limitations of claim 12 above; and Andrade further teaches wherein each individually encrypted component comprises a block in the blockchain (Paragraphs 0053 and 0020 teach personal data is stored on the block chain in an encrypted way; the address recordation component 112 may be configured to record identifiers and biometric data associated with the individuals at corresponding verification addresses at a first verification address; recording information at a given verification address includes recording a hash or other encrypted representation of the information; different biometric data may be recorded at multiple verification addresses assigned to a single given individual; in addition to the first identifier and the first biometric data associated with the first individual being recorded at the first verification address, 

Regarding Claim 16, Andrade teaches all the limitations of claim 13 above; and Andrade further teaches wherein the data protection system is arranged to record changes to the encrypted components in the ledger (Paragraphs 0053 and 0024 teach if some of the data is changed, a new record may be created for that person in the block chain; that is, all changes are added as new records as the old record will always be stored on the block chain; the user interface component may be configured to allow a given individual to add or delete verification addresses assigned to the given individual so long as at least one verification address is assigned to the given individual).

Regarding Claim 27, Andrade teaches all the limitations of claim 26 above; and Andrade further teaches wherein the attestation comprises a cryptographic signature on the component by the further party attesting to the component, the cryptographic signature being verifiable by the merchant or service provider system, the cryptographic signature includes a value attestation up to which the component may be relied upon in a transaction (Paragraphs 0053-0054 and 0017 teach exemplary implementations may facilitate access to personal data; access controls may be granted on public/private key pairs levels and an example of an access level may include one or more of Super Admin (full access to block chain); Super Admin may be the attesting party; the data stored may include or relate to one or more of a passport, 

Regarding Claim 28, Andrade teaches all the limitations of claim 26 above; and Andrade further teaches wherein the data protection system is configured to provide shared access to the user and the further party whereby both the user and the further party manage access to, and content of, one of the components in the data repository (Paragraphs 0024 and 0054 teach the user interface component 114 may be configured to provide an interface for presentation to individuals via associated computing platforms; the interface may be configured to allow a given individual to add or delete verification addresses assigned to the given individual so long as at least one verification address is assigned to the given individual; access controls may be grated on public/private key pairs levels; an examples of access levels may include one or more of Super Admin (full access to block chain), Authorities-country level (full read-only access), Authorities-state/local level (limited read-only access), Police and other services including Emergency (access to certain personal data by Finger Print/Eye retina of that person only), Participating Merchants (limited access), and/or other access levels).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 2-7 are rejected under 35 U.S.C. 103 as being unpatentable over Andrade (US 20170279801) in view of Khi (US 20170286717).

Regarding Claim 2, Andrade teaches all the limitations of claim 1 above; however Andrade does not explicitly teach wherein each of the individually encrypted components is encrypted by a zero knowledge protocol.
Khi from same or similar field of endeavor teaches wherein each of the individually encrypted components is encrypted by a zero knowledge protocol (Paragraphs 0073-0074 teach the authorization process is a zero-knowledge proof, based on strong elliptic curve cryptography, and a challenge-
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrade to incorporate the teachings of Khi for each of the individually encrypted components to be encrypted by a zero knowledge protocol.
There is motivation to combine Khi into Andrade because the base invention is improved in the difficulty of a) not storing any of the raw data b) not storing any cryptographic data in its raw, original form (which can also be decrypted or hacked and reconstructed for meaning and potential maluse c) system works with hashed and, in some embodiments split cryptographic data, which even in the case of being hacked, would be impossible to restore back to its initial form of raw data, or cryptographic data—which is data defense through mathematics. Therefore, when the cryptographic data is not stored in any original non-partitioned form in the preferred embodiment, the system is protected from well-known attacks on hashes, such as through brute-force, rainbow attacks, and so on (Khi Paragraph 0067).

Regarding Claim 3, the combination of Andrade and Khi teaches all the limitations of claim 2 above; however the combination does not explicitly teach wherein the zero knowledge protocol comprises a blockchain.
Khi further teaches wherein the zero knowledge protocol comprises a blockchain (Paragraphs 0021 and 0052 teach the personal identity management system is suitable for use with any type of storage, such as a distributed ledger (e.g., Blockchain); the system is suitable for use with a wide range of ledgers, such as any immutable distributed ledger, including, for example, a public Blockchain (e.g., Bitcoin® Blockchain, Ethereum® Blockchain, etc.) and/or a private Blockchain and/or the like; in some embodiments, the ledger comprises a combination of public and/or private Blockchains).
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Andrade and Khi to incorporate the further teachings of Khi for the zero knowledge protocol to comprise a blockchain.
There is motivation to further combine Khi into the combination of Andrade and Khi for the same reasons listed above for claim 2.

Regarding Claim 4, the combination of Andrade and Khi teaches all the limitations of claim 3 above; and Andrade further teaches wherein the blockchain includes a distributed ledger verifying the encrypted components (Paragraphs 0011, 0015, and 0019-0020 teach machine-readable instructions may be executable to establish verification addresses on a block chain; generally speaking, a block chain is a transaction database shared by some or all 

Regarding Claim 5, the combination of Andrade and Khi teaches all the limitations of claim 4 above; and Andrade further teaches wherein the data protection system is arranged to record changes to the encrypted components in the ledger (Paragraphs 0053 and 0024 teach if some of the data is changed, a new record may be created for that person in the block chain; that is, all changes are added as new records as the old record will always be stored on the block chain; the user interface component may be configured to allow a given individual to add or delete verification addresses assigned to the given individual so long as at least one verification address is assigned to the given individual).

Regarding Claim 6, the combination of Andrade and Khi teaches all the limitations of claim 3 above; and Andrade further teaches wherein the data protection system is arranged to record in the ledger data on transactions that use one or more of the encrypted components (Paragraphs 0013 and 

Regarding Claim 7, the combination of Andrade and Khi teaches all the limitations of claim 3 above; and Andrade further teaches wherein each individually encrypted component comprises a block in the blockchain (Paragraphs 0053 and 0020 teach personal data is stored on the block chain in an encrypted way; the address recordation component 112 may be configured to record identifiers and biometric data associated with the individuals at corresponding verification addresses at a first verification address; recording information at a given verification address includes recording a hash or other encrypted representation of the information; different biometric data may be recorded at multiple verification addresses assigned to a single given individual; in addition to the first identifier and the first biometric data associated with the first individual being recorded at the first verification address, the first identifier and second biometric data associated with the first individual may be recorded at a second verification address).

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Andrade (US 20170279801) in view of Khi (US 20170286717) in further view of Kurian (US 20170230375).

Regarding Claim 10, the combination of Andrade and Khi teaches all the limitations of claim 9 above; however the combination does not explicitly teach wherein the data protection system has a plurality of classes of component types and/or transaction types, at least one of said classes requiring a plurality 10of authentications to provide access to the components.
Kurian from same or similar field of endeavor teaches wherein the data protection system has a plurality of classes of component types and/or transaction types, at least one of said classes requiring a plurality 10of authentications to provide access to the components (Paragraphs 0081-0082 and 0084 teach a continuum of authentication may be used to quantify (or dictate) the levels of authentication; likewise, a continuum of functions permitted may be used to quantify (or dictate) the number or context in which functions are permitted; a continuum of authentication 600A is illustrated according to embodiments of the invention; on the left-hand side of the continuum, a “zero authentication” requires no authentication credentials; on the right-hand side of the continuum, a “hard authentication” requires full authentication credentials; this means that it requires the strictest combination of credentials; in between the two extremes, “a soft authentication” requires minimal credentials, moderate credentials or most credentials for various points along the continuum; the continuum generally represents the number of credentials required and/or the 
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Andrade and Khi to incorporate the teachings of Kurian for the data protection system has a plurality of classes of component types and/or transaction types, at least one of said classes requiring a plurality 10of authentications to provide access to the components.
There is motivation to combine Kurian into the combination of Andrade and Khi because the base invention is improved because the present invention provides improved security and privacy for events by providing a private block chain (or portions thereof), authentication credentials, limits for the private and public block .

Claims 20-21 are rejected under 35 U.S.C. 103 as being unpatentable over Andrade (US 20170279801) in view of Kurian (US 20170230375).

Regarding Claim 20, Andrade teaches all the limitations of claim 12 above; however the combination does not explicitly teach further comprising requiring increased authentication for at least selected types of individually encrypted components.
Kurian from same or similar field of endeavor teaches further comprising requiring increased authentication for at least selected types of individually encrypted components (Paragraphs 0081-0082 teach a continuum 
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrade to incorporate the teachings of Kurian to require increased authentication for at least selected types of individually encrypted components.
There is motivation to combine Kurian into Andrade because the base invention is improved because the present invention provides improved security and privacy for events by providing a private block chain (or portions thereof), authentication credentials, limits for the private and public block chains, and the use of private portions and public portions of block chains for different event information. These features and the other features discussed herein, give more control over the events that occur on blocks chains in order to regulate the use of the block chains. The present invention allows the one or more entities that control 

Regarding Claim 21, the combination of Andrade and Kurian teaches all the limitations of claim 20 above; however the combination does not explicitly teach wherein the increased authentication comprises requiring multiple different authentications by the user.
Kurian further teaches wherein the increased authentication comprises requiring multiple different authentications by the user (Paragraphs 0079-0080, 0084, and 0086 teach numerous types and levels of user authentication exist; for example, a user may authenticate his or her identity using a unique alias such as a username and/or password; further, in some situations, challenge questions, familiar pictures and/or phrases, biometrics, key fob-based alphanumeric codes and/or collocation, authentication of another application such as a similar application or an “overarching” application, and/or the like may be used as types of identity authentication; the different types of authentication may provide differing degrees of confidence regarding the authentication using such types; for example, 
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the 
There is motivation to further combine Kurian into the combination of Andrade and Kurian because of the same reasons listed above for claim 20.

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Andrade (US 20170279801) in view of Kurian (US 20170230375) in further view of Smith (US 20170316390).

Regarding Claim 22, the combination of Andrade and Kurian teaches all the limitations of claim 20 above; however the combination does not explicitly teach wherein the increased authentication comprises requiring 20shared authentication by the user and another party.
Smith from same or similar field of endeavor teaches wherein the increased authentication comprises requiring 20shared authentication by the user and another party (Paragraphs 0138, 0143, and 0182 teach an attestation address is the address at which the transaction can be found on the distributed ledger; an attestation address may be a multisig attestation address, which in one implementation is a result of the public attest key being signed with the attestor's public key and the public keys of all cosigners according to an M of N multisig redeem script cryptographic signing protocol; the attestor may, as part of the attestation protocol, with or without the cooperation of a third-party cosigner, create an attestation transaction on a centralized or distributed ledger representing 
It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Andrade and Kurian to incorporate the teachings of Smith for the increased authentication to comprise requiring 20shared authentication by the user and another party.
There is motivation to combine Smith into the combination of Andrade and Kurian because in this case, the attestation transaction may only be revoked (i.e. the funds at this attestation address may only be spent) with a multisig transaction where M of N keys are provided. In this way, it is not possible for a single party to revoke the attestation (Smith Paragraph 0182).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Soon-Shiong et al. (US 20160105402) teaches a system and method for homomorphic encryption in a healthcare network environment is provided and includes receiving digital data over the healthcare network at a data custodian server in a plurality of formats from various data sources, encrypting the data according to a homomorphic encryption scheme, receiving a query at the data custodian server from a data consumer device concerning a portion of the encrypted data, initiating a secure homomorphic work session between the data custodian server and the data consumer device, generating a homomorphic work space associated with the homomorphic work session, compiling, by the data custodian server, a results set satisfying the query, loading the results set into the homomorphic work space, and building an application programming interface (API) compatible with the results set, the API facilitating encrypted analysis on the results set in the homomorphic work space.
Davies (US 20200186355) teaches A method of recording a data transaction comprising, at a device associated with a first entity, determining first seed data, generating a record of a first transaction between the first entity and a second entity, determining second seed data by combining at least the first seed data and the record of the first data transaction, generating a first hash by hashing the second seed data, the first hash comprising a history of data transactions involving the first entity and storing the first hash against the record of the first data transaction in a memory.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137.  The examiner can normally be reached on 7:30 am - 5:00 pm CST (M-F).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492.  The fax 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/C.P.J./Examiner, Art Unit 3685

/JAY HUANG/Primary Examiner, Art Unit 3685