DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/23/2020 has been entered.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20, 22 are pending.  Claim 21 is cancelled.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 22 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Tang et al (PGPUB 2014/0337234).
Claim 22:
Tang teaches a method for unlocking a second device with a first device (paragraph 26-28, computer system used to implement terminal 102 or mobile device 104; computer system includes memory storing code to be executed by the processor; paragraph 106, “instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions”), the method comprising: 
based on a first communication between the first device and the second device, establishing a trust relationship between the first device and the second device (paragraph 24, terminal 102 and mobile device 104 mutually authenticate one another to facilitate secure communication; paragraph 58-59, authentication request includes information specifying chain of trust back to mutual trusted root certificate; identification information used to validate public keys; paragraph 87, 96, during first authentication, mobile/target devices store received certificates in certificate repository for use in subsequent authentications to facilitate faster processing during future use, in which case a first authentication can be seen as a first communication session during which the certificate repositories of the respective devices are populated with received certificates); 
after establishing the trust relationship, receiving a request to establish a communication session between the first device and the second device (paragraph 103, initially, mobile device receives instruction to initiate a transaction, e.g. launches an application or actuates a button; in response, mobile device sends authentication request; paragraph 106, service mobile device can be configured to transmit instruction to unlock target device; paragraph 102-103, during authentication, payment terminal/mobile device check certificate repository for whether corresponding certificates are available, i.e. authentication or “first communication session” has previously been completed, and certificates are now being used for second communication session); 
(paragraph 103, initially, mobile device receives instruction to initiate a transaction, e.g. launches an application or actuates a button; in response, mobile device sends authentication request; paragraph 106, service mobile device can be configured to transmit instruction to unlock target device; paragraph 102-103, during authentication, payment terminal/mobile device check certificate repository for whether corresponding certificates are available, i.e. authentication or “first communication session” has previously been completed, and certificates are now being used for second communication session); and 
in response to receiving the request and in accordance with a determination that one or more criteria are satisfied, unlocking the second device (paragraph 72, 76, mobile device sends authentication request to terminal 102; paragraph 106, instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions; if the service mobile device is authenticated by the payment terminal, i.e. “one or more criteria are satisfied”, the payment terminal can respond to the service request by controlling an actuator to open or unlock the service door, etc.; accordingly, service personnel can be authenticated to prevent unauthorized access or unauthorized field service or troubleshooting operations, thereby providing improved security as compared with a traditional mechanical key model).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 

Claims 1, 4-6, 8, 10, 13-15, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Tang, and further in view of Schrecker (PGPUB 2013/0268766).

Regarding Claim 10:
Tang teaches a non-transitory computer-readable storage medium of a first device capable of unlocking a second device, the storage medium storing instructions which, when executed by a processor perform a method comprising (paragraph 26-28, computer system used to implement terminal 102 or mobile device 104; computer system includes memory storing code to be executed by the processor; paragraph 106, “instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions”): 
during a first communication session, establishing a trusted relationship between the first device and the second device (paragraph 24, terminal 102 and mobile device 104 mutually authenticate one another to facilitate secure communication; paragraph 58-59, authentication request includes information specifying chain of trust back to mutual trusted root certificate; identification information used to validate public keys; paragraph 48-50, certificate repository of target device pre-loaded (i.e. “first communication session”) with L1, L2, and L3 certificates of chain of trust of target device, as well as L1, L2, L3 certificates of mobile-side device; paragraph 64, mobile device similarly pre-loaded with certificates of target device and mobile-side device; paragraph 87, 96, alternatively, during first authentication, mobile/target device store received certificates in certificate repository for use in subsequent authentications to facilitate faster processing during future use, in which case a first authentication can be seen as a first communication session during which the certificate repositories of the respective devices are populated); 
during a second communication session, after the first communication session:
receiving, at the first device, a user input corresponding to a request to unlock the second device (paragraph 103, initially, mobile device receives instruction to initiate a transaction, e.g. launches an application or actuates a button; in response, mobile device sends authentication request; paragraph 106, service mobile device can be configured to transmit instruction to unlock target device; paragraph 102-103, during authentication, payment terminal/mobile device check certificate repository for whether corresponding certificates are available, i.e. authentication or “first communication session” has previously been completed, and certificates are now being used for second communication session);
in response to receiving the user input, generating, at the first device, a short-term key (paragraph 76, random number generated by mobile device and encrypted by mobile device’s private key); 
transmitting the short-term key to the second device (paragraph 72, 76, mobile device sends authentication request to terminal 102; authentication request includes random number R1); 
receiving, from the second device, an encrypting key generated by the second device using the short-term key (paragraph 80, after R1 is decrypted, session key generation module of terminal 102 generates session key S1 to be used in carrying out transaction; session key generation module can generate random number R2 and create session key S1 based on combination of R1 and R2; paragraph 84, session key generation module encrypts session key S1 with mobile device public key; paragraph 88-89, 93, after generating session key S1, terminal 102 transmits authentication response to mobile device including session key S1); 
(paragraph 99, session key S1 used to encrypt and decrypt user data transmitted between mobile device and terminal 102, e.g. encrypted primary account number, expiration date, and security code); and 
transmitting the encrypted unlocking key from the first device to the second device (paragraph 99, session key S1 used to encrypt user data transmitted between mobile device and terminal 102, e.g. encrypted primary account number, expiration date, and security code (i.e. “unlocking keys”)).
While Tang teaches transmitting an encrypted instruction to the second device to unlock the second device (paragraph 106, “instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions”), it is unclear that the instruction comprises an “unlocking key”.  Therefore, Tang cannot be seen as explicitly teaching transmitting the encrypted unlocking key to the second device to unlock the second device; and
during the first communication session, establishing a trusted relationship between the first device and the second device, including generating an unlocking key.
However, Schrecker teaches the concept of, during a first communication session, establishing a trusted relationship between a first device and a second device, including generating an unlocking key (paragraph 74, authentication and each re-authentication can be based on authentication data originating from a wireless token device (e.g., 505); wireless token device can send a series of different authentication data expected by the persistent session server 530 during the session; series of authentication data can be pre-negotiated by the wireless token device 505 in connection with a registration, or pairing (i.e. “first communication session”), of the wireless token device with the persistent session server 530; each authentication data package sent by the wireless token device for use in a persistent computing session can be numbered, time-stamped, or otherwise tagged (i.e. “generated”) according to a protocol established between the wireless token device 505 and persistent session server 530 (e.g., during a pairing of the wireless token device 505 with the persistent session server 530) and the tag can be encrypted so that only the persistent session server can read and authenticate the tags (and remaining authentication data) in the clear; tagged authentication data as agreed upon between persistent session server and wireless token device can be seen as “unlocking key”); and
transmitting the encrypted unlocking key to the second device to unlock the second device (abstract, first computing device detected as collocated with wireless token device; connection established and authentication data (i.e. unlocking key) is sent to the first computing device to authenticate token device at first computing device; authentication of token device permits data accessible through first computing device to be made available to holder of token device; paragraph 74, wireless token device sends series of authentication data expected by server during session; authentication data pre-negotiated by wireless token device in connection with a registration, or pairing, of the wireless token device with the server; each authentication data package sent by wireless token device tagged according to protocol established between wireless token device and session server; tag encrypted so that only server can read and authenticate the tags; paragraph 14, authentication data encrypted and sent from wireless token device; paragraph 66-67, authentication data unlocks use of cooperating computing device; wireless token device connects to nearby computing device (connection can be seen as second communication session), and sends authentication data to computing device to authenticate to persistent computing session).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the trusted pairing teachings of Schrecker with the encryption key exchange teachings of Tang, in order to allow an unlocking device to establish and prove a preexisting trusted relationship to a locked device using pre-shared data and cryptographic techniques as a function 

Regarding Claim 13:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  In addition, Tang teaches wherein establishing the trusted relationship further includes receiving, at the first device, a first long-term key from the second device (paragraph 91, terminal-side public key received at mobile device as part of authentication response).

Regarding Claim 14:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  In addition, Tang teaches wherein establishing the trusted relationship further includes generating a second long-term key at the first device (paragraph 76, random number R1 generated by mobile device 104 and encrypted by the mobile device’s private key; NOTE: encrypted random number can be seen as the second long-term key, as there is no function described or associated with the long-term key in the context of the claim).

Regarding Claim 15:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  In addition, Tang teaches wherein the unlocking key is generated from a first long-term key and a second long-term key (paragraph 99, session key S1 used to encrypt data transmitted from mobile device to terminal 102, e.g. primary account number (i.e. first long-term key) and credit card security code (i.e. second long-term key)).

Regarding Claim 17:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  In addition, Tang teaches wherein the method further comprising creating a session using a first long-term key and a second long-term key, wherein the short-term key is generated from the session (paragraph 80, session key created using R1 (i.e. short-term key generated by mobile device for authentication request) and R2 (i.e. first long-term key); paragraph 82, session creation includes generating checksum of session key S1 by calculating hash of session key (i.e. second long-term key)).

Regarding Claims 1, 4-6, 8:
These are the method claims corresponding to the non-transitory computer-readable storage medium of claims 10, 13-15, 17 respectively, and are therefore rejected for corresponding reasons.

Regarding Claim 19:
Tang teaches a first device capable of unlocking a second device, the first device comprising (paragraph 26-28, computer system used to implement terminal 102 or mobile device 104; computer system includes memory storing code to be executed by the processor; paragraph 106, “instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions”): 
(paragraph 26-28, computer system used to implement terminal 102 or mobile device 104; computer system includes memory storing code to be executed by the processor);
memory (paragraph 26-28, as above); and
one or more instructions, wherein the one or more instructions are stored in the memory and configured to be executed by the one or more processors, the one or more instructions including instructions for (paragraph 26-28, as above):
during a first communication session, establishing a trusted relationship between the first device and the second device (paragraph 24, terminal 102 and mobile device 104 mutually authenticate one another to facilitate secure communication; paragraph 58-59, authentication request includes information specifying chain of trust back to mutual trusted root certificate; identification information used to validate public keys; paragraph 48-50, certificate repository of target device pre-loaded (i.e. “first communication session”) with L1, L2, and L3 certificates of chain of trust of target device, as well as L1, L2, L3 certificates of mobile-side device; paragraph 64, mobile device similarly pre-loaded with certificates of target device and mobile-side device; paragraph 87, 96, alternatively, during first authentication, mobile/target device store received certificates in certificate repository for use in subsequent authentications to facilitate faster processing during future use, in which case a first authentication can be seen as a first communication session during which the certificate repositories of the respective devices are populated);
during a second communication session, after the first communication session:
receiving a user input corresponding to a request to unlock the second device (paragraph 103, initially, mobile device receives instruction to initiate a transaction, e.g. launches an application or actuates a button; in response, mobile device sends authentication request; paragraph 106, service mobile device can be configured to transmit instruction to unlock target device; paragraph 102-103, during authentication, payment terminal/mobile device check certificate repository for whether corresponding certificates are available, i.e. authentication or “first communication session” has previously been completed, and certificates are now being used for second communication session);
in response to receiving the user input, generating, at the first device, a short-term key (paragraph 76, random number R1 generated by mobile device and encrypted by mobile device’s private key); 
transmitting the short-term key to the second device (paragraph 72, 76, mobile device sends authentication request to terminal 102; authentication request includes random number R1);
receiving, from the second device, an encrypting key generated by the second device using the short-term key (paragraph 80, after R1 is decrypted, session key generation module of terminal 102 generates session key S1 to be used in carrying out transaction; session key generation module can generate random number R2 and create session key S1 based on combination of R1 and R2; paragraph 84, session key generation module encrypts session key S1 with mobile device public key; paragraph 88-89, 93, after generating session key S1, terminal 102 transmits authentication response to mobile device including session key S1); 
encrypting the unlocking key with the encrypting key (paragraph 99, session key S1 used to encrypt and decrypt user data transmitted between mobile device and terminal 102, e.g. encrypted primary account number, expiration date, and security code); and 
transmitting the encrypted unlocking key to the second device (paragraph 99, session key S1 used to encrypt user data transmitted between mobile device and terminal 102, e.g. encrypted primary account number, expiration date, and security code (i.e. “unlocking keys”)).
While Tang teaches transmitting an encrypted instruction to the second device to unlock the second device (paragraph 106, “instead of transmitting payment or loyalty information upon completion of the mutual authentication process, the service mobile device can be configured to transmit an instruction to open or unlock a service door, perform a diagnostic test, or perform other service-related functions”), it is unclear that the instruction comprises an “unlocking key”.  Therefore, Tang cannot be seen as explicitly teaching transmitting the encrypted unlocking key to the second device to unlock the second device; and
during the pairing phase, establishing a trusted relationship, including generating an unlocking key.
However, Schrecker teaches the concept of, during a pairing phase, establishing a trusted relationship between a first device and a second device, including generating an unlocking key (paragraph 74, authentication and each re-authentication can be based on authentication data originating from a wireless token device (e.g., 505); wireless token device can send a series of different authentication data expected by the persistent session server 530 during the session; series of authentication data can be pre-negotiated by the wireless token device 505 in connection with a registration, or pairing (i.e. “first communication session”), of the wireless token device with the persistent session server 530; each authentication data package sent by the wireless token device for use in a persistent computing session can be numbered, time-stamped, or otherwise tagged (i.e. “generated”) according to a protocol established between the wireless token device 505 and persistent session server 530 (e.g., during a pairing of the wireless token device 505 with the persistent session server 530) and the tag can be encrypted so that only the persistent session server can read and authenticate the tags (and remaining authentication data) in the clear; tagged authentication data as agreed upon between persistent session server and wireless token device can be seen as “unlocking key”); and
transmitting the encrypted unlocking key to the second device to unlock the second device (abstract, first computing device detected as collocated with wireless token device; connection established and authentication data (i.e. unlocking key) is sent to the first computing device to authenticate token device at first computing device; authentication of token device permits data accessible through first computing device to be made available to holder of token device; paragraph 74, wireless token device sends series of authentication data expected by server during session; authentication data pre-negotiated by wireless token device in connection with a registration, or pairing, of the wireless token device with the server; each authentication data package sent by wireless token device tagged according to protocol established between wireless token device and session server; tag encrypted so that only server can read and authenticate the tags; paragraph 14, authentication data encrypted and sent from wireless token device; paragraph 66-67, authentication data unlocks use of cooperating computing device; wireless token device connects to nearby computing device (connection can be seen as second communication session), and sends authentication data to computing device to authenticate to persistent computing session).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the trusted pairing teachings of Schrecker with the encryption key exchange teachings of Tang, in order to allow an unlocking device to establish and prove a preexisting trusted relationship to a locked device using pre-shared data and cryptographic techniques as a function of agreed upon protocols, thereby avoiding granting access to malicious or unknown devices, improving compatibility standards between paired devices through use of a pairing protocol, and improving the security environment by preventing replay attacks through use of timestamps, numbering of authentication data, or tagging.

Regarding Claim 21:
Tang in view of Schrecker teaches the method of claim 1.  In addition, Tang teaches wherein the pairing phase includes establishing a communication session between the first device and second device different from the communication session for unlocking the second device using the first device (paragraph 87, 96, during first authentication, mobile/target device store received certificates in certificate repository for use in subsequent authentications to facilitate faster processing during future use, in which case a first authentication can be seen as a first pairing during which the certificate repositories of the respective devices are populated; paragraph 102-103, during authentication, payment terminal/mobile device check certificate repository for whether corresponding certificates are available, i.e. authentication or “pairing” has previously been completed).

Claims 2-3, 9, 11-12, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Tang in view of Schrecker, and further in view of Hird et al (PGPUB 2015/0019442).

Regarding Claim 11:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  
Neither Tang nor Schrecker explicitly teaches wherein the short-term key is unique for each session.
However, Hird teaches the concept wherein a short-term key is unique for each session (paragraph 63, 76-77, session key generated using master key and unique value of Application Transaction Counter; user terminal uses session key to conduct transaction with terminal).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the unique session key teachings of Hird with the device unlocking teachings of Tang in view of Schrecker, in order to limit the amount of damage caused in the event that a key is obtained by a malicious agent, and prevent the use of said key for future access.

Claim 12:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.  
Neither Tang nor Schrecker explicitly teaches wherein the encrypting key is unique for each session.
However, Hird teaches the concept wherein an encrypting key is unique for each session (paragraph 63, 76-77, session key generated using master key and unique value of Application Transaction Counter; user terminal uses session key to conduct transaction with terminal).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the unique session key teachings of Hird with the device unlocking teachings of Tang in view of Schrecker, in order to limit the amount of damage caused in the event that a key is obtained by a malicious agent, and prevent the use of said key for future access.

Regarding Claim 18:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.
Neither Tang nor Schrecker explicitly teaches the method further comprising, after unlocking the second device, deleting one or more of the short-term key and the encrypting key.
However, Hird teaches the concept of a method comprising, after unlocking a second device, deleting one or more of a short-term key and an encrypting key (paragraph 67, upon completion of transaction, session key is deleted from user terminal).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the key deletion teachings of Hird with the device unlocking teachings 

Regarding Claims 2-3, 9:
These are the method claims corresponding to the non-transitory computer-readable storage medium of claims 11-12, 18 respectively, and are therefore rejected for corresponding reasons.

Claims 7, 16, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Tang in view of Schrecker, and further in view of Astrand et al (PGPUB 2016/0286587).

Regarding Claim 16:
Tang in view of Schrecker teaches the non-transitory computer-readable storage medium of claim 10.
Neither Tang nor Schrecker explicitly teaches wherein the unlocking key is received at the first device from the second device.
However, Astrand teaches wherein an unlocking key is received at a first device from a second device (paragraph 53-56, 60, cellular telephone provides key to wristlet device; wristlet subsequently sends key to cellular telephone to unlock it).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the receiving an unlocking key teachings of Astrand with the device unlocking teachings of Tang in view of Schrecker, in order for the secure second device to control the authentication data within the security and usability parameters which are required by the second device, thereby allowing the second device to ensure that only approved devices receive the unlocking key, and that the key will necessarily be compatible with the requirements of the second device.

Regarding Claim 20:
Tang in view of Schrecker teaches the method of claim 1.  Neither Tang nor Schrecker explicitly teaches wherein generating the unlocking key includes generating the unlocking key at the second device, the method further comprising:
during the first communication session, transmitting the unlocking key from the second device to the first device.
However, Astrand teaches wherein generating an unlocking key includes generating the unlocking key at a second device (paragraph 53-56, 60, cellular telephone generates unique key to be shared between cellular telephone and wristlet), the method further comprising:
during the first communication session, transmitting the unlocking key from the second device to the first device (paragraph 53-56, 60, once generated, cellular telephone stores key in memory and sends key to wristlet (i.e. “first communication session”); wristlet stores key in memory; paragraph 60, once paired, each time the user wants to unlock cellular telephone, wristlet sends key to cellular telephone responsive to request for key).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the receiving an unlocking key teachings of Astrand with the device unlocking teachings of Tang in view of Schrecker, in order for the secure second device to control the authentication data within the security and usability parameters which are required by the second device, thereby allowing the second device to ensure that only approved devices receive the unlocking key, and that the key will necessarily be compatible with the requirements of the second device.

Regarding Claim 7:
.

Response to Arguments
Applicant's arguments filed 12/13/2020 have been fully considered but they are not persuasive.

Regarding the rejection of claims under 35 USC 103:
Applicant’s arguments: However, Tang discloses that the L3 certificate is used for authentication between the mobile device and the payment terminal and is not an unlocking key that is transmitted from the first device to the second device to unlock the second device. See id. at paragraph [0059] and [0098]- [0099]. Tang discloses that a session key that is generated after authentication is used to encrypt communications between the mobile device and the payment terminal. Tang further discloses that using the disclosed authentication process, a service device can be configured to transmit an instruction to unlock or open a service door. See id. at paragraph [0106]. However, Tang fails to disclose whether the instruction that is transmitted was generated during a first communication session between the first device and the second device. Therefore, the disclosed instruction cannot be mapped to the claimed unlocking key. For at least these reasons, Tang fails to disclose "during a first communication session, establishing a trusted relationship between the first device and the second device, including generating an unlocking key; during a second communication session, after the first communication session: receiving, at the first device, a user input corresponding to a request to unlock the second device; in response to receiving the user input, generating, at the first device, a short-term key; transmitting the short-term key from the first device to the second device; receiving, from the second device, an encrypting key generated by the second device using the short-term key; encrypting 

Examiner’s response: However, Tang does teach transmitting an “unlocking key” as part of a second communication session, e.g. encrypted primary account number, expiration date, and security code (paragraph 99), which can each be seen as an encrypted “unlocking key” which performs an unlocking function, e.g. unlocking access to a user’s account.  The element missing from Tang is the teaching wherein the unlocking key is generated during a first communication session wherein trust is established, and is later used to unlock the second device; while Tang teaches such a session (e.g. paragraph 87, 96, transmitting certificates which are stored in the receiving device for use in subsequent authentication sessions), Tang does not teach that the unlocking key is generated during the first session, nor was Tang recited as teaching this element.

Applicant’s arguments: Schrecker discloses a method of pre-negotiating authentication data between a wireless token device and a cooperating computing device. See Schrecker at paragraph [0074]. After authentication, a user is able to unlock use of a, for example, a laptop computer. See id. at paragraph [0075]. The Office Action relies on Schrecker to teach the concept of generating an unlocking key during a pairing phase. See Office Action at page 5. However, the pre-negotiated authentication data is not disclosed as the key that unlocks the second device. At best, the pre-negotiated authentication data allows a device to authenticate a user without requiring a full authentication process. Nowhere does Schrecker disclose that an unlocking key, itself, is generated during a first communication session, separate from the communication session for unlocking the second device. Furthermore, the pre-negotiated authentication data in Schrecker is similar to the mobile-side certificates that are pre-authenticated and used for authentication in Tang. Therefore, a combination of 

Examiner’s response: Examiner disagrees.  Tang teaches transmitting encrypted information to a receiving device which serves as an “unlocking key” (e.g. paragraph 99), but does not explicitly recite how or when the information is generated.  Schrecker teaches a pairing phase during which pre-negotiated authentication data is agreed upon, such as an encrypted data tag (paragraph 74); the pairing phase can be seen as a first communication session.  Contrary to Applicant’s assertion that the authentication data of Schrecker does not correspond to an “unlocking key”, Schrecker explicitly teaches that “authentication data of the wireless token device 405 serv[es] to unlock use of the cooperating computing device 415” (paragraph 66).  Therefore, the encrypted data tag and authentication data can be seen as an “unlocking key” generated during the first (pairing) communication session, and is used in a second session, e.g. for connection to a nearby computing device (e.g. paragraph 67) to unlock use of 

	Applicant’s arguments with regard to independent claims 10 and 19 are similar to those regarding claim 1 and are therefore responded to in a similar way.
	Applicant further argues that the dependent claims are allowable due to depending on an allowable independent claim.  However, as shown above, the independent claims are not allowable.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814.  The examiner can normally be reached on 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available 






/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        


/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491