DETAILED ACTION
1. 	This is in response to RCE filed on May 11th, 2021. Claims 1-20 are pending. Claims 1, 8, 15 are independent.  Each independent claim is amended. 
Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
3.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/11/2021 has been entered.
					Response to Arguments
4.	Applicant’s arguments filed on May 11th, 2021 with respect to all the independent claims 1, 8 and 15 have been fully considered and are persuasive.  The 35 U.S.C. 103 prior art rejection set forth in the previous office action has been withdrawn. 

Allowable Subject Matter
5.	Claims 1-20 are allowed. 
6.	The following is an examiner’s statements of reasons for allowance:
7. 	 The following references/prior arts disclose some of the general subject matter/claim limitations recited in independent claims 1, 8 and 15 before the claims were amended.
As per independent claims 1, 8 and 15, Boukai, prior art of the record, discloses a method comprising: 
Receiving, a first request for access to specified data residing on a client device [See figure 3, step 420 and paragraph 0055, STEP 420: Application 100 inquires user 10 to extract the callees having international phone numbers from the address book of user 10”. The application 100 requests or inquire a client device/user’s mobile phone shown on figure 1, ref. 10 for accessing the international phone numbers that corresponds to the specified data that resides in side the client device/user’s mobile phone shown on figure 1, ref. 10].; 
in response to the request for access to the specified data, displaying a user interface notification of the  request for access [See at least figures 3, steps 420, 425 and 430 and paragraph 0056-0057, that indicates the fact that the user’s mobile phone displays a user interface notification as shown on figure 3, 420 requesting to access the international phone numbers where the users of the mobile phone could either denies the request 425 or accepts and agrees to the request as shown on figure 420 OK, that allows application 100 to extract the callees having international phone numbers from the address book residing on the user’s mobile phone number. In particular the following has been disclosed on paragraphs 0056-0057, STEP 425: If user 10 denies the request, exit. STEP 430: If user 10 agrees, application 100 extracts the callees having international phone numbers from the address book]; 
receiving a user indication of the type, content, or level of data to be shared [See figure 3, ref. 420 OK and paragraph 0057. The user as shown on figure 4, ref. 420 by choosing OK would indicate the type or the content of data which is international numbers to be shared. The user by selecting OK indicates the type and or the content of the data to be shared which is the international numbers residing in its phone book. This international numbers also meets the level of the data to be shared. Because the user okays sharing only the international numbers out of all the other phone numbers residing on the mobile phone. See also paragraph 0061 that indicates the other type, content or level of data that can be shared…”It is further within provision of the present invention to provide a method and system to allow all Internet-enabled mobile service users (2.4 billion currently) to utilize certain mobile applications which contain everything the end-user needs in order to use and operate a set of services including, but not limited to, opening an account, inviting/receiving, and sending mobile applications, making mobile payments (via credit card, calling card PIN or prepaid card code & transfer money), checking costs and balances, setting various options, and the like.]. 
; receiving at to perform a data-pull of specific data residing on the client device [As shown on figure 3, 440 once the server 200 receives the list of the international phone number, the server as shown on figure 3, 450 invites the new users on the list to install application 100 and if the new user agrees to install the application as shown on figure 3, step 460, YES, then, the new user would be receiving a second request at a user-configurable API data endpoint to perform a data-pull of specific data residing on the client device as shown on figure 3, ref. 420. See figure 3, step 420 and paragraph 0055, STEP 420: Application 100 inquires the new user 10 to extract the callees having international phone numbers from the address book of the new user 10. The application 100 requests or inquire a client device/user’s mobile phone shown on figure 1, ref. 10 for accessing or performing a data-pull of the international phone numbers that corresponds to the specified data that resides in side the client device/user’s mobile phone shown on figure 1, ref. 50 a-c].; 
receiving a user confirmation that the specific data conforms to the user indication of the type, content, or level of information to be shared and [[See figure 3, ref. 420 OK and paragraph 0057. The user as shown on figure 4, ref. 420 by choosing OK indicates the type or the content of data which is international numbers to be shared. The user by selecting OK indicates the type and or the content of the data to be shared which is the international numbers residing in its phone book. This international numbers also meets the level of the data to be shared. Because the users okays sharing only the international numbers out of all the other phone numbers residing on the mobile phone. See also paragraph 0061 that indicates the other type, content or level of data that can be shared…”It is further within provision of the present invention to provide a method and system to allow all Internet-enabled mobile service users (2.4 billion currently) to utilize certain mobile applications which contain everything the end-user needs in order to use and operate a set of services including, but not limited to, opening an account, inviting/receiving, and sending mobile applications, making mobile payments (via credit card, calling card PIN or prepaid card code & transfer money), checking costs and balances, setting various options, and the like.]; in response to receiving the user confirmation that the specific data conforms [See figure 3, ref. 420 OK], transmitting the requested specified data [See figure 3, ref. 440 and paragraph 0058, application 100 transmits the extracted list to server 200] 

As it shown above, Boukai, discloses all the limitation recited in the claim.  However even if for the sake of argument, if it is assumed that it does not explicitly disclose the limitation, “user-configurable API data endpoints”  or the following underlined claim limitation: “receiving user-configurable API data endpoint to perform a data-pull of specific data residing on the client device”
Dagorn, the other prior art of the record, at least on paragraph 0060 discloses this limitation:
"In the case where the Web browser 12 is Internet Explorer, the software interface 31 is implemented in COM (Component Object Model) object form and declared as a .Browser Helper Object.. In this way, it is launched automatically by the Internet Explorer browser. When the browser is started up, the interface 31 instantiates an object of the class named .IWebBrowser2. representing an interface with the Web browser 12 and used to parse and process the Web pages loaded by the latter. For each Web page, the interface 31 searches for a form of type comprising an   element of .text. type followed by a single   element of .password. type. If the Web page corresponds to these criteria, the software interface 31 interrogates the means 210 of managing the card 21 to ascertain if the address corresponding to the Web page being processed is referenced. If it is, the interface 31 asks the management means 210 to return to it the authentication data corresponding to said Web page, which are then automatically injected into the Web page after prompting the user for a PIN code, normally the PIN code of the mobile terminal or even a PIN code dedicated to the authentication application. Otherwise, the user is prompted to enter his identifiers and passwords, which are then captured by the software interface 31 and sent to the management means 210 accompanied by the address of the website. Then, these three data elements are stored in the card 21 in a file protected by PIN code. Depending on the implementations, particularly according to the choice of communication interface 32, the PIN code may be requested on the mobile terminal 20 or on the computer 11."]

The combination of Boukai and Dagorn doesn’t explicitly disclose the following  underlined claim limitation:
at a client device, a first request for access to specified data residing on the client device; in response to the first request for access to the specified data, displaying a user interface notification of the first request for access; receiving a user indication of a type, content, or level of data to be shared; receiving at a user-configurable API data endpoint on the client device, a second request to perform a data-pull of specific data residing on the client device;” but Ward discloses the above underlined claim limitation. 
In particular Ward, the other prior art of the record discloses:
“receiving, at a client device, a first request for access to specified data residing on the client device [See for instance paragraph 0070  and figure 2A, ref. 201 where the device is requested by the App at installation for access to specified data residing on the client device, “certain App, at installation, asks for multiple permissions including: access to call history, read/write permission to contacts, read/write permission to external storage, permission to manage your account credentials, permission to record audio, permission to read test messages, permission to place a phone call, permission for location, permission for camera”];
in response to the first request for access to the specified data, displaying a user interface notification of the first request for access [See paragraph 0079, See figure 2A, ref. 204, The program executes at step 203, providing access security to personal information and device-based services. At some time during execution, a controlled event occurs, the program then uses the UI 105 to notify the user at step 204 and provide event logs at step 205]
receiving a user indication of a type, content, or level of data to be shared [See at least paragraphs 0056, 0079 and figure 2A, ref. 206; how the users set a type, content or level of data to be shared. “The user responds to the notification at step 206 and selects an action (e.g. always block this application from the camera during working hours and never notify). The program executes, at step 203, by writing the user selection, at step 205, and the resulting access control to the log file at step 205. The program executes, at step 203, and updates the profile and rules databases, at step 207, with the user selected actions” [0079] and “application access may be limited by area (geophysical, arbitrary polygon, geopolitical/legal boundary), it may be limited by time-of-day, it may be limited by the identity of the requesting application, it may be limited by source of request or type (periodic/scheduled/triggered/immediate)) of request” [0056]]
receiving at a user-configurable API data endpoint on the client device, a second request to perform a data-pull of specific data residing on the client device; [See for instance paragraph 0073, where the user sets a default setting or rule for a particular app at the installation to be blocked from accessing data residing on the device. However subsequent attempt/second request by the app could be notified to the user and the user could override the default rule so that access by the app is allowed.
“An App has been blocked from access using the default, denied, or spoofed access. The app will be blocked from access for each and every subsequent attempt unless overridden by the user. Once the access has been allowed, a rule will be written, prompting the user duration of the access grant. If not a permanent election, the system 100 will query the user each time the App requests access in the future.”]


Furthermore, with respect to independent claims 1, 8 and 15 a new updated search revealed the following prior arts that generally describes the general subject matter recited in the claims. 

A. 	US Patent No.  9,225,675 B2 to Patiejunas discloses an application programming interface for a data storage service provides a convenient mechanism for clients of the  separate API call specifying the job identifier may be made and a response providing information related to the job may result. Various API calls may be used to store data, retrieve data, obtain an inventory of stored data, and to obtain other information relating to stored data.

B. 	US Publication No. 2013/0212653 A1 to Hoghaug discloses systems and methods for implementing password-free authentication are described herein. A request to access a network resource is received at a server, from a client device. The request is verified, and an authentication reservation is created for the device, with the authentication reservation allowing the device to access the network resource. Later, when an attempt to access the network resource is received, the attempt is granted access to the network resource in response to matching information contained in the attempt with information stored in the authentication reservation.

C.	US Publication No. 2007/0043953 A1 to Jung discloses method and apparatus is provided for managing private data, such as a phone book, in a multi-function product (MFP) used by multiple users. The method involves receiving user information and performing user authentication, and reading data stored in a user area allocated to the authenticated user in a storage unit divided into a number of user areas. Accordingly, when private data is managed in an MFP used by multiple users, by dividing a storage unit in which data is stored into a number of user areas, allocating the divided user areas to users, and allowing a user to access only a user area allocated to the user through an authentication process, the private data can be fully prevented from being accessed by other users, and it will be unlikely for a user to be confused because of other user data.


D.  	See also the other cited prior arts.

However, as it is persuasively argued by the applicant’s representative, the above prior arts of record including the rest of the cited prior arts either taken alone or in combination neither anticipates nor renders obvious the claimed subject matter of the instant application that is taken as a whole recited in the amended independent claims 1, 8 and 15.
For this reason, the specific claim limitations recited in the amended independent claims 1, 8 and 15 taken as whole are allowed.

8.	The dependent claims 2-7, 9-14 and 16-20 which are dependent on the above independent claims 1, 8 and 15 being further limiting to the independent claim, definite and enabled by the specification are also allowed.

9.	Any comments Applicants considers necessary must be submitted no later than the payment of the Issue Fee and to avoid processing delays, should preferable accompany the Issue Fees. Such submission should be clearly labeled "Comments on Statement of Reasons for Allowance". In event of any post-allowance papers (e.g. IDS, 312 amendment, petition, etc.), Applicant is exhorted to mail papers to the Production Control branch in Publications or faxed to post-

Conclusion

10.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806.  The examiner can normally be reached on M-F 8am-10pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shaw Yin Chen can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.	
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/SAMSON B LEMMA/Primary Examiner, Art Unit 2498