DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Applicant’s amendment filed 21 May 2021 amends claims 1, 3, 5, 13, and 14. Claims 2 and 4 are cancelled. Applicant’s amendment has been fully considered and entered.
Response to Arguments
Applicant argues, “Rush teaches a customer using their identity verification token to generate a signature but does not disclose using a second computing device to verify an access request of a first computing device as claimed.” This argument has been fully considered and is persuasive. Therefore, the rejection has been withdrawn.  However, upon further consideration, a new grounds of rejection is made in view of Hubert, U.S. Publication No. 2013/0124422.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:

2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 3, 5-16 are rejected under 35 U.S.C. 103 as being unpatentable over Hubert, U.S. Publication No. 2013/0124422, in view of Lavender, U.S. Publication No. 2017/0272253, and further in view of Kempf, U.S. Publication No. 2019/0058709. Referring to claims 1, 10-13, Hubert discloses a transaction authorization system wherein a transaction is initiated at a primary client system such that the transaction is sent from the primary client system to a transaction server ([0038]: primary client system reads on the claimed first computing device and transaction server reads on the claimed secure resource) and the forwarded to a secondary client system that is associated with the user of the primary client system ([0040]-[0041]: secondary client system reads on the claimed second computing device) in a manner that includes a nonce in the request ([0065] & [0069]), which meets the limitation of receiving an authentication challenge at a second computing device from the secure resource in response to the access request by the first computing device, [the authentication challenge having hardware identification information of the first computing device]. The secondary client system includes a processor (Figure 15, 1510), an output device such as a display (Figure 15, 1570 & [0115]), and a memory storing instructions (Figure 15, 1540 & [0113]), which meets the limitation of the second computing device comprises a processor, a display, and a memory storing instructions, the instructions being executable by the processor. An authorization request is output on the display of the .
Hubert does not specify that the transaction request and authentication response includes a hardware identifier for the primary client system. Lavender discloses a transaction system wherein a user device transmits a transaction request that includes an identifier for the user device ([0112]) such that the transaction response includes the same device identifier ([0119]: confirmation response can include information identifying the sender, which is the same sender from paragraph [0112], and identifying information can include device identifiers [0119]), which meets the limitation of the authentication challenge having hardware identification information of the first computing device, the authentication response message comprising the authentication challenge, including the hardware identification information of the first computing device.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction requests and authentication responses of Hubert to have included a hardware identifier for the primary client system in order to provide risk-based transaction validation as suggested by Lavender ([0120]-[0126]). 
Hubert does not disclose that the transaction server utilizes an attestation contract stored and executing on a distributed transaction-based state machine. Kempf discloses a smart contract system wherein servers utilize Ethereum Virtual Machine technology to implement the smart contract scheme ([0039] & [0043]: suitable consensus protocol reads on the claimed execution results of the attestation contract are reached by consensus amongst the nodes), which meets the limitation of an attestation contract stored and executed on the distributed transaction-based state machine, the attestation contract having a public key associated with the private key and the attestation contract verifying that the signed authentication response message was signed with the private key to provide an attested authentication message, wherein the distributed transaction-based state machine is a state machine operating on blockchain network, wherein the distributed transaction-based state machine has multiple nodes and execution results of the attestation contract are reached by consensus amongst the nodes, wherein the state machine is the Ethereum Virtual Machine operation on the Ethereum blockchain network. Transaction data is stored on a blockchain ([0040]), which meets the limitation of wherein the attested authentication response message in stored immutably on the distributed transaction-based state machine. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction servers of Hubert to have implemented smart contract systems using Ethereum Virtual Machines in the manner described in Kempf in order to allow for the transaction authorization system of Hubert to run on any platform in a manner that reduces transactional costs as suggested by Kempf ([0042]).
Referring to claim 3, Hubert discloses that an authorization request is output on the display of the secondary client system ([0041] & [0070]) such that the user of the secondary client system inputs a response to the authorization request ([0042] & [0070]) wherein the response to the authorization request can include an accept or reject indication ([0070] & [0072]) along with user input PIN information ([0087]), which meets the limitation of further comprising receiving consent at the second computing device, wherein the consent can be provided by authentication on the second computing device using personal identification number (PIN) entry.
Referring to claim 5, Hubert discloses that the transaction request is for secure online account access ([0089]) such that the account includes address information for secondary client system ([0040]-[0041] & [0069]), which meets the limitation of wherein the access request is for account data stored at the secure resource, the account data associates the second computing devices and an address for the attestation contract on the distributed transaction-based state machine. Examiner notes that the claim limitation specifying “the account data associates the second computing device and an address for the attestation contract on the distributed transaction-based state machine” does not receive patentable weight because the claimed “account data” is never functionally utilized in the claims. Therefore, the account data would represent non-functional descriptive material that does not receive patentable weight (See MPEP 2111.05).
Referring to claims 6, 16, Hubert discloses that during enrollment, the client systems generated public and private cryptographic key pairs ([0052]), which meets the limitation of further comprising first generating the private key and public key associated with the private key. The response, which was digitally signed using a private key at the secondary client system ([0046] & [0072]), is then transmitted to the transaction server system such that the transaction server checks the authenticity of the received response ([0042]-[0043]) by validating the digital signature using the public key of the secondary client ([0046] & [0074]), which meets the limitation of generating the attestation [contract] to include the public key and a method of verifying the authentication response message is digitally signed with the private key.
Hubert does not disclose that the transaction server utilizes an attestation contract stored and executing on a distributed transaction-based state machine. Kempf discloses a smart contract system wherein servers utilize Ethereum Virtual Machine technology to implement the smart contract scheme ([0039] & [0043]), which meets the limitation of deploying the attestation contract to the distributed transaction-based state machine. Kempf discloses that the smart contract system servers are configured with public keys from a public/private key pair ([0053]), which meets the limitation of generating the attestation contract to include the public key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction servers of Hubert to have implemented smart contract systems using Ethereum Virtual Machines in the manner described in Kempf in order to allow for the transaction authorization system of Hubert to run on any platform in a manner that reduces transactional costs as suggested by Kempf ([0042]).
Referring to claim 7, Hubert does not disclose that the transaction server utilizes an attestation contract stored and executing on a distributed transaction-based state machine. Kempf discloses that the smart contract system servers are configured with public keys from a public/private key pair ([0053]). The public keys can be included in public key certificate provided by a certificate authority ([0053]: server public keys being configured by receiving public key certificates from a certificate authority shows a method of adding public keys), which meets the limitation of wherein generating the attestation contract further comprises providing a method of adding public keys associated with one or more computing devices authorized to access the secure resource. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction servers of Hubert to have implemented smart contract systems using Ethereum Virtual Machines in the manner described in Kempf in order to allow for the transaction authorization system of Hubert to run on any platform in a manner that reduces transactional costs as suggested by Kempf ([0042]).
Referring to claim 8, Hubert disclose that the response, which was digitally signed using a private key at the secondary client system ([0046] & [0072]), is then transmitted to the transaction server system such that the transaction server checks the authenticity of the received response ([0042]-[0043]) by validating the digital signature using the public key of the secondary client ([0046] & [0074]), which meets the limitation of wherein the attested authentication response message [is stored on a distributed ledger of a blockchain].
Hubert does not disclose that the transaction server utilizes an attestation contract stored and executing on a distributed transaction-based state machine. Kempf discloses a smart contract system wherein servers utilize Ethereum Virtual Machine technology to implement the smart contract scheme ([0039] & [0043]) such that validated data is stored as new blocks in a ledger ([0048]), which meets the limitation of wherein the attested authentication response message is stored on a distributed ledger of a blockchain. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction servers of Hubert to have implemented smart contract systems using Ethereum Virtual Machines in the manner described in Kempf in order to allow for the transaction authorization system of Hubert to run on any platform in a manner that reduces transactional costs as suggested by Kempf ([0042]).
Referring to claim 9, Hubert disclose that the response, which was digitally signed using a private key at the secondary client system ([0046] & [0072]), is then transmitted to the transaction server system such that the transaction server checks the authenticity of the received response ([0042]-[0043]) by validating the digital signature using the public key of the secondary client ([0046] & [0074]).
Hubert does not disclose that the transaction server utilizes an attestation contract stored and executing on a distributed transaction-based state machine. Kempf discloses a smart contract system wherein servers utilize Ethereum Virtual Machine technology to implement the smart contract scheme ([0039] & [0043]) such that validated data is stored as new blocks in a ledger ([0048]). The ledger data can be read from the ledger and utilized for transaction processing ([0039] & [0045]-[0046]: available credit information stored on the ledger and queried to authorize resource/service utilization), which meets the limitation of wherein the attested authentication response message is observed by the secure resource by any one of querying the attestation contract and observing the attested authentication message stored on the distributed ledger. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the transaction servers of Hubert to have implemented smart contract systems using Ethereum Virtual Machines in the manner described in Kempf in order to allow for the transaction authorization system of Hubert to run on any platform in a manner that reduces transactional costs as suggested by Kempf ([0042]).
Referring to claims 14, 15, Hubert discloses that the secondary client system includes an input device (Figure 15, 1560) such as a keyboard or touchscreen ([0114]) that allows for the user of the secondary client system to enter PIN information ([0087]), which meets the limitation of wherein the second computing device further comprises an input device, and the memory further comprises instructions to obtain consent by obtaining authentication by the input device, wherein the input device obtains a personal identification (PIN) entry. 
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805.  The examiner can normally be reached on M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 5712724063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN E LANIER/          Primary Examiner, Art Unit 2437