DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

                                             Examiner’s Amendment
2.  Authorization for the Examiner’s Amendment was given in an interview with the Applicant’s representative, Vikas Bhargava (Reg. No. 68,005), on July 6, 2021.
3.  Claims 1, 3-4, 9, 11-12, and 17 have been amended by the Applicant, and claims 2, 10, and 18 have been canceled by the Applicant. The following Examiner’s amendment is listed below:

                                                                     Claims

1.	(Currently Amended) A computer-implemented method for seeding a security key, the computer-implemented method comprising:
as implemented by a first computing device having one or more processors,
retrieving an application from an application distribution server;
selecting a first value in response to an initialization of the retrieved application;
receiving, from the application distribution server, a second value;
generating a first code based at least in part on the selected first value and the second value;
determining an initialization key based at least in part on a hash of the generated first code;
retrieving an identifier associated with the first computing device; 
generating a hash of the identifier and the initialization key to form the security key, wherein the security key is stored locally by the computing device, is inaccessible to any computing device external to the first computing device, and can be recreated by a second computing device using a second copy of the initialization key generated by the second computing device;
transmitting a request that comprises the identifier associated with the first computing device;
receiving a message in response to transmitting the request; and
generating a hash of the message and the security key to form a first key, wherein the second computing device recreates the first key using the request and the security key recreated by the second computing device wherein neither the security key nor the first key are transmitted over a network.

2.	(Canceled)

3.	(Currently Amended) The computer-implemented method of Claim [[2]] 1, wherein the first key is a symmetric key. 

4.	(Currently Amended) The computer-implemented method of Claim [[2]] 1, wherein the message is a transaction. 


9.	(Currently Amended) A system for seeding a security key, the system comprising:
a document authentication server configured to generate an initialization key; and
a computing device comprising one or more processors, the computing device configured with computer-executable instructions that, when executed by the one or more processors, cause the computing device to:
retrieve an application from an application distribution server;
select a first value in response to an initialization of the retrieved application;
receive, from the application distribution server, a second value;
generate a first code based at least in part on the selected first value and the second value;
obtain a second copy of the initialization key based at least in part on a hash of the generated first code;
retrieve an identifier associated with the computing device; 
generate a hash of the identifier and the second copy of the initialization key to form the security key, wherein the security key is stored locally by the computing device, is inaccessible to any computing device external to the computing device, and can be recreated by document authentication server using the initialization key generated by the document authentication server;
transmit a request that comprises the identifier associated with the computing device;
receive a message in response to transmitting the request; and
generate a hash of the message and the security key to form a first key, wherein the document authentication server recreates the first key using the request and the security key recreated by the document authentication server wherein neither the security key nor the first key are transmitted over a network.

10.	(Canceled)

11.	(Currently Amended) The system of Claim [[10]] 9, wherein the first key is a symmetric key. 

12.	(Currently Amended) The system of Claim [[10]] 9, wherein the message is a transaction. 

17.	(Currently Amended) Non-transitory, computer-readable storage media comprising computer-executable instructions, wherein the computer-executable instructions, when executed by a computer system, cause the computer system to:
process a first value received from a user device that initialized a mobile application;
select a second value in response to reception of the first value;
generate a first code based at least in part on the first value and the selected second value;  
generate an initialization key based at least in part on a hash of the generated first code;
process a request received from the user device that obtained the mobile application, wherein the request comprises an identifier associated with the user device;
generate a hash of the identifier and the initialization key to form a security key, wherein the security key is stored locally by the computer system, is inaccessible to any computer system external to the computer system, and can be recreated by the user device using a second copy of the initialization key generated by the user device;
transmit a message to the user device in response to receiving the request; and
generate a hash of the message and the security key to form a first key, wherein the user device recreates the first key using the request and the security key recreated by the user device wherein neither the security key nor the first key are transmitted over a network.

18.	(Canceled)




                                                       Reasons for Allowance


4.    Claims 1, 3-9, 11-17, and 19-20 are allowable.

5.    The following is an Examiner’s statement of reasons for allowance:

       The present invention is directed to a system and method that discloses an acceptance hash code is disclosed herein. An acceptance hash code is a value generated by a device using a hash function. The acceptance hash code itself may represent a legally enforceable document. The acceptance hash code may be structured in a manner such that a device operated by a user can transmit a legally enforceable document over a network using a smaller file size than is possible with conventional secure transaction techniques. In addition, the manner in which the acceptance hash code is generated allows a receiving device to verify that the document elements of the document are as expected and to verify an identity of a user that allegedly executed the document. Thus, even if a malicious user attempts to alter document elements or perform other fraudulent activity, the receiving device can use the acceptance hash code to identify such activity and prevent a transaction from being completed.
	The prior art of Matyas, Jr. et al. (7,051,211) discloses the installation server has access to first and second secret values associated with a copy of the software for installation.  An unencrypted installation client is also provided where the installation client incorporates the first secret value.  An encrypted portion of the software is encrypted with a first key value derived from the first and second secret values.  The unencrypted installation client is configured to receive the second secret value from the installation server, to generate the first key value, to decrypt the encrypted portion of the software and to install the software.  
The prior art of Matyas, Jr. et al. (7,051,211) does not disclose or suggest, “generating a hash of the identifier and the initialization key to form the security key, wherein the security key is stored locally by the computing device, is inaccessible to any computing device external to the first computing device, and can be recreated by a second computing device using a second copy of the initialization key generated by the second computing device; transmitting a request that comprises the identifier associated with the first computing device; receiving a message in response to transmitting the request; and generating a hash of the message and the security key to form a first key, wherein the second computing device recreates the first key using the request and the security key recreated by the second computing device wherein neither the security key nor the first key are transmitted over a network”.
The prior art of Prakash et al. (2019/0089774) discloses during the first time initialization of the software application (e.g., when the software application is first compiled and installed on a device, or the first time that the software application is activated), the software application may execute a binding algorithm to obtain a dynamic device identifier from an application server associated with the software application. The dynamic device identifier can be generated by the server based on a set of device identifiers associated with the device. The server-generated dynamic device identifier can be stored as part of the software application. During runtime execution of the software application, the software application may generate a runtime dynamic device identifier and verify whether the runtime dynamic device identifier matches the server-generated dynamic device identifier from initialization. If the two dynamic device identifiers match, it is likely that the device currently executing the software application is the same device that originally installed the software application, and execution of the software application is allowed to continue.
The prior of Prakash et al. (2019/0089774) does not disclose or suggest, “generating a hash of the identifier and the initialization key to form the security key, wherein the security key is stored locally by the computing device, is inaccessible to any computing device external to the first computing device, and can be recreated by a second computing device using a second copy of the initialization key generated by the second computing device; transmitting a request that comprises the identifier associated with the first computing device; receiving a message in response to transmitting the request; and generating a hash of the message and the security key to form a first key, wherein the second computing device recreates the first key using the request and the security key recreated by the second computing device wherein neither the security key nor the first key are transmitted over a network”.
The Non-patent literature Atighehci et al. (Title: A Cryptographic Keys Transfer Protocol for Secure Communicating Systems) teaches or suggests the aim of the paper is to introduce the KTP (for Keys Transfer Protocol) for exchanging secret keys within a communication network. The protocol allows users to exchange fixed keys without compromising security. It uses a key agreement protocol in order to construct a session key and relies on it in order to transmit the fixed key. Therefore, secure transfers are obtained using a symmetric cryptography scheme which is more efficient than usual asymmetric cryptography.  Such a protocol can be used, and is often mandatory, for several application classes which use fixed key exchanges through a communication network that requires rights management with one key associated to each level of a given exchange protocol.  Keys which can have quite huge crypto periods are said long-term keys. Exchanging them with a simple asymmetric cryptographic protocol does not guarantee forward security, which is a quite critical property for the transfer of that kind of keys. We will precise in the next section, in the context of this paper, the notion of forward security.
The Non-patent literature Atighehci et al. (Title: A Cryptographic Keys Transfer Protocol for Secure Communicating Systems) does not teach or suggest, “generating a hash of the identifier and the initialization key to form the security key, wherein the security key is stored locally by the computing device, is inaccessible to any computing device external to the first computing device, and can be recreated by a second computing device using a second copy of the initialization key generated by the second computing device; transmitting a request that comprises the identifier associated with the first computing device; receiving a message in response to transmitting the request; and generating a hash of the message and the security key to form a first key, wherein the second computing device recreates the first key using the request and the security key recreated by the second computing device wherein neither the security key nor the first key are transmitted over a network”.

Therefore the claims are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."


                                                                 Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JENISE E JACKSON whose telephone number is (571)272-3791.  The examiner can normally be reached on M-F 8:00am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
7/9/2021


/J.E.J/
Examiner, Art Unit 2439     


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439