DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-4, 6-8, 13-18, and 20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Hayes (US Pub. No. 2019/0158487).

Regarding claim 1, Hayes shows a computing platform (e.g., the platform which includes a computing device such as computing device 150: see Fig. 1 and [0018]-[0019]), comprising: 
at least one processor (see [0019]); 
a communication interface communicatively coupled to the at least one processor (see [0021]); and 
memory storing computer-readable instructions (see [0019]) that, when executed by the at least one processor, cause the computing platform to: 
receive, via the communication interface, user information corresponding to a first user, wherein the user information comprises information determined using one or more sensor systems (e.g., biometric data received from a connected mobile device: see [0043]); 
generate, based on the received user information, a first token corresponding to the first user (e.g., generating an ID token: see [0046]), wherein generating the first token comprises assigning the token to an assignee (e.g., the user or an application: see [0036]-[0037]); 
store, in the memory, the first token, wherein the storing comprises storing the first token in a first token chain corresponding to the first user (e.g., adding the token to an identity chain: see [0047], [0050]-[0053], and [0057]), and linking the first token to a second token in a second token chain corresponding to a second user (e.g., linking the token to an activity token on an activity chain, corresponding to a counterparty to an activity of the user: see [0028], [0054], [0071], and [0078]); and 
transmit, via the communication interface and to a user token device corresponding to the first user, the first token and the second token (e.g., where the device transmits the identity token and the activity token to other devices on the network, which includes the user’s mobile device, which in turn stores the identity chain and activity chain: see [0052], [0057], [0080], and [0085]-[0086]).

Regarding claim 2, Hayes shows the limitations of claim 1 as applied above, and further shows wherein the memory stores additional computer-readable instructions that, when executed 

Regarding claim 3, Hayes shows the limitations of claim 2 as applied above, and further shows wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, from the user token device, one or more third tokens, wherein the one or more third tokens are assigned to the source (e.g., ID data assigned to the user: see [0063]); compare the one or more third tokens, with one or more fourth tokens in the first token chain and the second token chain (e.g., comparing the received identity data to previously-stored identity tokens: see [0064]); based on the comparison, determine whether the one or more third tokens correspond to the one or more fourth tokens (e.g., determining a match or not: see [0065]); generate, an authentication message (e.g., an activity token or a denial of the activity token: see [0077] and [0083]), wherein the authentication message indicates: when the one or more third tokens correspond to the one or more fourth tokens, that the user validation request is a valid request (e.g., determining that the activity is valid and issuing the identity token: see [0065]), and when the one or more third tokens do not correspond to the one or more fourth tokens, that the user validation request is an invalid request 

Regarding claim 4, Hayes shows the limitations of claim 3 as applied above, and further shows wherein the token request comprises an indication of a number of the one or more third tokens (e.g., a low or high value activity, indicating a corresponding number of required kinds of identity data: see [0061] and [0071]).

Regarding claim 6, Hayes shows the limitations of claim 2 as applied above, and further shows wherein the token request comprises an indication of a number of tokens requested from the user token device (e.g., a low or high value activity, indicating a corresponding number of required kinds of identity data: see [0061] and [0071]), wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to receive, from the user token device and based on the token request, a message, wherein the message indicates that the user token device does not have a number of tokens, assigned to the source, that is equal to the number of tokens requested from the user token device (e.g., a message with the requested biometrics, which “indicates” that the token device does not have sufficient tokens because the system determines from the message whether the mobile has supplied a sufficient number of kinds of identity data: see [0062]-[0064] and [0071]).

Regarding claim 7, Hayes shows the limitations of claim 6 as applied above, and further shows wherein the memory stores additional computer-readable instructions that, when executed 

Regarding claim 8, Hayes shows the limitations of claim 6 as applied above, and further shows wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: generate, a new token request, wherein the new token request comprises an indication of one or more mathematical operations that may be used to generate new tokens (e.g., the agreed-upon hashing algorithm for the protocol in use: see [0046]); transmit, to the user token device, the new token request (e.g., where the mobile device can be node in the network which receives requests: see [0036], [0086]); and receive, from the user token device, one or more second tokens, wherein the one or more second tokens comprise at least tokens generated based on the new token request (e.g., by the mobile devices transmitting tokens to other devices: see [0046], [0052]).

Regarding claim 13, Hayes shows the limitations of claim 1 as applied above, and further shows wherein: the assignee corresponds to one of a device, a system, or an application (see [0036]-[0037]), and the user information comprises at least one of user biological information, user location information, or information corresponding to user activity in a network associated with the computing platform (see [0043]).


receiving, via the communication interface, user information corresponding to a first user, wherein the user information comprises information determined using one or more sensor systems (e.g., biometric data received from a connected mobile device: see [0043]); 
generating, based on the received user information, a first token corresponding to the first user (e.g., generating an ID token: see [0046]), wherein generating the first token comprises assigning the token to an assignee (e.g., the user or an application: see [0036]-[0037]); 
storing, in the memory, the first token, wherein the storing comprises storing the first token in a first token chain corresponding to the first user (e.g., adding the token to an identity chain: see [0047], [0050]-[0053], and [0057]), and linking the first token to a second token in a second token chain corresponding to a second user (e.g., linking the token to an activity token on an activity chain, corresponding to a counterparty to an activity of the user: see [0028], [0054], [0071], and [0078]); and 
transmitting, via the communication interface and to a user token device corresponding to the first user, the first token and the second token (e.g., where the device transmits the identity token and the activity token to other devices on 

Claims 15-18 correspond to claims 2-4 and 6 and are rejected for the reasons given above, mutatis mutandis.

Regarding claim 20, Hayes shows one or more non-transitory computer-readable media (see [0019]) storing instructions that, when executed by a computing platform comprising at least one processor, a communication interface, and memory, cause the computing platform to: 
receive, via the communication interface, user information corresponding to a first user, wherein the user information comprises information determined using one or more sensor systems (e.g., biometric data received from a connected mobile device: see [0043]); 
generate, based on the received user information, a first token corresponding to the first user (e.g., generating an ID token: see [0046]), wherein generating the first token comprises assigning the token to an assignee (e.g., the user or an application: see [0036]-[0037]); 
store, in the memory, the first token, wherein the storing comprises storing the first token in a first token chain corresponding to the first user (e.g., adding the token to an identity chain: see [0047], [0050]-[0053], and [0057]), and linking the first token to a second token in a second token chain corresponding to a second user (e.g., linking the token to an activity token on an activity chain, 
transmit, via the communication interface and to a user token device corresponding to the first user, the first token and the second token (e.g., where the device transmits the identity token and the activity token to other devices on the network, which includes the user’s mobile device, which in turn stores the identity chain and activity chain: see [0052], [0057], [0080], and [0085]-[0086]).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 9 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Hayes (US Pub. No. 2019/0158487) in view of Padmanabhan (US Pub. No. 2019/0238525).

Regarding claim 9, Hayes shows the limitations of claim 1 as applied above, but does not explicitly show wherein linking the first token to the second token comprises including, in the first token, a location of the second token.
Padmanabhan shows where linking a first token to a second token comprises including, in the first token, a location of the second token (see [0168]-[0169]).


Claim 19 corresponds to claim 9 and is rejected for the reasons given above, mutatis mutandis.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Hayes (US Pub. No. 2019/0158487) in view of Aluvala (US Pub. No. 2019/0166107).

Regarding claim 10, Hayes shows the limitations of claim 1 as applied above, but does not explicitly show wherein storing the first token comprises storing only a first portion of the first token, and transmitting the first token comprises transmitting only a second portion of the first token, and wherein the memory stores additional computer- readable instructions that, when executed by the at least one processor, cause the computing platform to: generate, based on the first portion of the first token and the second portion of the first token, a checksum; and store, in the memory, the checksum, wherein storing the checksum comprises associating the checksum with the first portion of the first token.
Aluvala shows wherein storing an item comprises storing only a first portion of the item (e.g., a first portion of data: see [0027]), and transmitting the item comprises transmitting only a second portion of the item (e.g., a second portion of the data: see [0028]), and wherein the memory stores computer- readable instructions that, when executed by the at least one processor, cause the computing platform to: generate, based on the first portion of the first item and the 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Hayes with the teachings of Aluvala in order to permit the system to distribute the burden of encrypting the data to prevent unauthorized access, while reducing the likelihood that a single intercepted transmission could reveal the entire set of data: see Aluvala, [0027]).

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Hayes (US Pub. No. 2019/0158487) in view of Darnell (US Pub. No. 2019/0378142).

Regarding claim 11, Hayes shows the limitations of claim 1 as applied above, but does not explicitly show wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive a request to deactivate one or more second tokens stored in the memory; and based on the request, deactivate the one or more second tokens.
Darnell shows instructions to cause a computing platform to: receive a request to deactivate one or more second tokens stored in the memory; and based on the request, deactivate the one or more second tokens (see [0047]).
.

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Hayes (US Pub. No. 2019/0158487) in view of Alain (US Pub. No. 2003/0110131).

Regarding claim 12, Hayes shows the limitations of claim 1 as applied above, and further shows wherein the token comprises a body, wherein the body comprises a value generated based on the received user information (e.g., hashed ID data: see [0046]).
Hayes does not explicitly show wherein the token comprises a header, wherein the header comprises an indication of the assignee corresponding to the first token.
Alain shows wherein a data structure comprises a header, wherein the header comprises an indication of the assignee corresponding to the data structure (e.g., a secured asset with a header containing a user block for users having access privileges: see [0102]-[0104] and [0161]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Hayes with the teachings of Darnell in order to clearly separate metadata from payload data, allowing the tokens to be more easily parsed.

Allowable Subject Matter
5 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: the prior art of record does not teach or suggest a combination as claimed in claim 5, including instructions to: when the one or more third tokens correspond to the one or more fourth tokens, deactivate the one or more fourth tokens, generate a token deactivation message, wherein the token deactivation message indicates the one or more third tokens, and transmit, via the communication interface and to the user token device, the token deactivation message. For example, although US Pub. No. 2019/0158487 to Hayes describes the system of claims 1 and 3 as explained above, Hayes does not teach or suggest that, when the one or more third tokens correspond to the one or more fourth tokens, the system deactivates the tokens in the manner claims and generates and transmits the claimed token deactivation messages. Moreover, although US Pub. No. 2019/0378142 to Darnell provides for revoking biometric tokens, such as in response to a user request (see, e.g., [0047]), Darnell does not teach or suggest doing so according to the detailed condition claimed, nor does Darnell teach or suggest generating and transmitting the claimed token deactivation messages via the specific claimed communication interface to a user token device.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US Pub. No. 2019/0268159 to High describes a system which provides for biometric authentication using a private ledger. 
US Pub. No. 2021/0126794 to Forrester describes a system which provides identification verification using a blockchain network.
US Pub. No. 2008/0270791 to Nystrom describes a system for remote administration of cryptographic authentication devices.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Christopher D. Biagini whose telephone number is (571)272-9743.  The examiner can normally be reached on weekdays from 9 AM - 5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on (571) 270-1684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-






/Christopher Biagini/Primary Examiner, Art Unit 2445