Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of the Claims
Claims 1-10, 13-25, and 28-34 are all the claims pending in the application. 
Claims 11, 12, 26, and 27 are cancelled.
Claims 33 and 34 are new.
Claims 1, 5-10, 13-16, 20-25, and 28-32 are amended.
Claims 1-10, 13-25, and 28-34 are rejected.
The following is a Final Office Action in response to amendments and remarks filed May 3, 2021.

Response to Arguments
Regarding the 101 rejections, the rejections are maintained for the following reasons.  First, Applicant asserts the rejections should be withdrawn because the claims as amended recite storing cryptographic information which renders the device a special purpose computer.  Examiner respectfully does not find this assertion persuasive because storing data is a generic computer function that does not integrate the abstract idea into a practical application, see MPEP 2106.05(f)(2) (noting the use of computers in their ordinary capacity to receive, store, or transmit data does not integrate a judicial exception into a practical application); see also MPEP 2106.05(b) (noting use of conventional computer functions does not qualify as a particular machine).
Second, similarly, Applicant asserts the rejections should be withdrawn because the claims recite a verification app being applied to the cryptogram to verify the data which renders the device a special purpose computer.  Examiner respectfully does not find this assertion persuasive because storing 
Accordingly the rejections are maintained, please see below for the complete rejections of the claims as amended.

Regarding the 102 rejections, the rejections are withdrawn because the Saylor reference does not teach cryptographic information, as claimed.  Please see below for the new rejections of the claims as amended.
Please note, Applicant asserts the rejection should be withdrawn because Saylor does not teach filtering as claimed.  Examiner respectfully does not find this assertion persuasive because Saylor's teaching of preventing unsubstantiated credentials from being sent out is a filtering rule because it filters out some of the requested credentials.  Applicant's assertion that Saylor does not teach a filtering rule that determines which of the valid credential data is to be sent is similarly not persuasive because the system verifying the credential would be determining which valid credentials are to be sent out.
In response to arguments in reference to any depending claims that have not been individually addressed, all rejections made towards these dependent claims are maintained due to a lack of reply by Applicant in regards to distinctly and specifically pointing out the supposed errors in Examiner's prior office action (37 CFR 1.111).  Examiner asserts that Applicant only argues that the dependent claims should be allowable because the independent claims are unobvious and patentable over the prior art.

Claim Objections
Claims 1, 16, and 31 are objected to because of the following informalities: the claims use an abbreviation in the term (emphasized) "verification app".  The meaning of the abbreviation should be identified in the claims (i.e. the claims should be amended to clarify the verification app is software installed on a mobile device).  
Claims 1 and 31 are also objected to because the claims appear to have the term "and" in between the wrong limitations.  It appears claims 1 and 31 should read (emphasized) "… ; [[and]] applying the verification app to the cryptogram to verify the at least some of the valid credential data: and displaying, after verification of the at least some of the valid…" Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 7, 8, 22, 23, and 34 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 7, 22, and 34 are rejected under 112(b) because the claims recite (emphasized) "…applying second cryptographic information to the cryptogram…"  This limitation is not clear because it a cryptogram is text written in code or a figure or representation having a hidden significance.  It is not clear how information can be applied to text.  That is, it is not clear if the limitation is intended to be 
Accordingly, claims 7, 22, and 34 are rejected under 112(b).  Claims 8 and 23 do not clarify this issue and as such are rejected due to their dependencies.

The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 7, 8, 22, 23, and 34 rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention. 
When examining computer-implemented functional claims, examiners should determine whether the specification discloses the algorithm (e.g., the necessary steps and/or flowcharts) that perform the claimed function in sufficient detail such that one of ordinary skill in the art can reasonably conclude that the inventor invented the claimed subject matter. See MPEP 2161.01.  If one skilled in the art would know how to program the disclosed computer to perform the necessary steps described in the and the inventor was in possession of that knowledge, the written description requirement would be satisfied.  On the other hand, if the specification does not provide a disclosure of the algorithm in sufficient detail to demonstrate to one of ordinary skill in the art that the inventor possessed the invention including how to program the disclosed computer to perform the claimed function, a rejection under 35 U.S.C. § 112(a) or pre-AIA  35 U.S.C. § 112, first paragraph, for lack of written description must be made.
Regarding claims 7, 22, and 34, claims 7, 22, and 34 are computer-implemented claims described in functional language. As computer-implemented functional claims, the specification must disclose the steps or algorithms with which Applicant has programmed the application to apply second cryptographic information to the cryptogram.  However, as discussed above under the 112(b) rejection it is not clear what the scope of this limitation is.  Since it is not clear what the scope of the limitation is, it is also not clear how the limitation is being performed.
Accordingly, claims 7, 22, and 34 are rejected under 112(a).  Claims 8 and 23 do not clarify this issue and as such are rejected due to their dependencies.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-10, 13-25, and 28-34 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.  
Under the 2019 Patent Eligibility Guidance (PEG) Step 1 analysis, it must first be determined whether the claims are directed to one of the four statutory categories of invention (i.e., process, machine, manufacture, or composition of matter).  Applying Step 1 of the analysis for patentable subject 
Independent Claims
Under the 2019 PEG Step 2A, Prong 1 analysis, it must be determined whether the claims recite an abstract idea that falls within one or more designated categories or “buckets” of patent ineligible subject matter (i.e., organizing human activity, mathematical concepts, and mental processes) that amount to a judicial exception to patentability.  
Claims 1, 16 and 31 recite an abstract idea because the claims recite the limitations:
 "receiving, at the computer infrastructure and storing in the computer-readable storage medium, a filtering rule from an issuing authority that issued the virtualized credential for determining which data of the valid credential data is to be sent to the device of the relying party, wherein the filtering rule depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party" in claim 1.
"facilitate setting, and storing in the computer-readable medium, of a filtering rule from an issuing authority that issued the virtualized credential for determining which data of the valid credential data is to be sent to the device of the relying party, wherein the filtering rule depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party" in claim 16.
"storing, at the device of the holder, a filtering rule from an issuing authority that issued the virtualized credential for determining which data of the valid credential data is to be sent to the device of the relying party, wherein the filtering rule depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party" in claim 31.  
These limitation encompass managing personal behavior or relationships or interactions between people because the claims encompass following rules or instructions, see MPEP 2104(a)(2).II.C.  

Under the 2019 PEG Step 2A, Prong 2 analysis, it must be determined whether the identified, recited abstract idea includes additional limitations that integrate the abstract idea into a practical application.
Claim 1 recites the additional elements "using a computer infrastructure comprising a computer processor and a computer-readable storage medium, the computer infrastructure facilitating communication between a device of the holder and a device of a relying party"; " storing first cryptographic information in the computer-readable storage medium"; "receiving a request, at the computer infrastructure, from the device of the relying party for the virtualized credential corresponding to the holder, the device of the relying party comprising a verification app configured to verify information received from the computer infrastructure "; "providing, by the computer infrastructure, the device of the relying party with a cryptogram comprising at least some of the valid credential data according to the filtering rule, the cryptogram generated as a function of the first cryptographic information; "applying the verification app to the cryptogram to verify the at least some of the valid credential data"; and "displaying, after verification of the at least some of the valid credential data, at least a subset of the credential data received by the device of the relying party from the computer infrastructure on a screen of the device of the relying party".  The additional elements of 
The additional elements of "storing first cryptographic information in the computer-readable storage medium" do not integrate the abstract idea into a practical application because storing data is a generic computer function, see MPEP 2106.05(f)(2) (noting the use of computers in their ordinary capacity to receive, store, or transmit data does not integrate a judicial exception into a practical application).
The additional elements of "the device of the relying party comprising a verification app configured to verify information received from the computer infrastructure" and "applying the verification app to the cryptogram to verify the at least some of the valid credential data" do not integrate the abstract idea into a practical application because storing and transmitting data is a generic 
The additional elements of "providing, by the computer infrastructure, the device of the relying party with a cryptogram comprising at least some of the valid credential data according to the filtering rule, the cryptogram generated as a function of the first cryptographic information"; and "displaying after verification of the at least some of the valid credential data at least, a subset of the valid credential data received by the device of the relying party from the computer infrastructure on a screen of the device of the relying party", when considered individually, do not integrate the abstract idea into a practical application because the additional elements are only requiring the use of software to tailor information and provide it to the user on a generic computer, see MPEP 2106.05(f) (discussing Intellectual Ventures I LLC v. Capital One Bank (USA)).  Further, the additional elements, when considered in combination, do not integrate the abstract idea into a practical application because the combination amounts to no more than mere instructions to apply the exception using generic computer components.  Claim 1 is directed to an abstract idea.
Claims 16 and 31 recites similar limitations as claim 1 and as such are directed to an abstract idea for similar reasons as claim 1.

Under the 2019 PEG Step 2B analysis, the additional elements are evaluated to determine whether they amount to something “significantly more” than the recited abstract idea (i.e., an innovative concept).
Claims 1, 16, and 31 do not include additional elements that are sufficient to amount to significantly more than the judicial exception.  As discussed above with respect to integration of the 

Dependent Claims
Claims 2, 3, 17, and 18 are directed to the same abstract idea as the independent claims because claims 2, 3, 17, and 18 further specify what types of information will be used as the basis of rules or instructions to be followed.
Claims 4 and 19 do not integrate the abstract idea into a practical application because the additional elements of a digital signature and a mutual authentication algorithm are only a general link to a technological environment or a field-of use (i.e., broadly invoking a computing environment), see MPEP 2106.05(h).
Claims 5 and 20 do not integrate the abstract idea into a practical application because the additional elements of receiving pseudo data are recited at a high-level of generality (i.e. as a generic computer function of receiving data) such that it amounts to no more than mere instructions to apply the exception using generic computer components.
Claims 6, 21, and 33 are directed to the same abstract idea as the independent claims because presenting data to a verification service would also be following rules or instructions.
Claims 7, 22, and 34 are directed to the same abstract idea as the independent claims because comparing cryptographic information would also be following rules or instructions.
Claims 8 and 23 do not integrate the abstract idea into a practical application because the additional element of cryptographic keys are recited at a high-level of generality (i.e., as generic 
Claims 9 and 24 are directed to the same abstract idea as the independent claims because generating and sending a cryptogram based on time would also be following rules or instructions.
Claims 10 and 25 do not integrate the abstract idea into a practical application because the additional element or a URL is only a generic link to a field of use or technological environment (i.e. broadly invoking the internet), see MPEP 2106.05(h).
Claims 13 and 28 do not integrate the abstract idea into a practical application because the additional element of the device communicating with an intermediate service is only a general link to a technological environment or field-of-use (i.e., broadly invoking the internet), see MPEP 2106.05(h).
Claims 14, 15, 29, 30, and 32 are directed to the same abstract idea as the independent claims because setting a condition and preventing the condition from being overwritten are following rules or instructions.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-9, 13-24, and 28-34 is/are rejected under 35 U.S.C. 103 as being unpatentable over Saylor et al, US Pat. No. 9,160,727, herein referred to as “Saylor” in view of Gaddam et al, US Pub. No. 2015/0269566, herein referred to as “Gaddam”.
Regarding claim 1, Saylor teaches:
A method of providing a virtualized credential of a holder using a computer infrastructure comprising a computer processor and a computer-readable storage medium (processor and memory, Col. 4, ll. 54-58.  Additionally, please note, Examiner finds the claim limitation "providing a virtualized credential of a holder" does not further limit the scope of the claim because it is only reciting the intended use of the claim, see MPEP 2111.02.II.), 
the computer infrastructure facilitating communication between a device of the holder and a device of a relying party (communication system, Fig. 2 and Col. 8, ll. 38-57), 
the relying party being different from the holder (first user's credentials are provided to a second user, e.g. Fig. 3 and Col. 1, ll. 36-44), 
and the virtualized credential comprising valid credential data, the method comprising (data is indicative of credentials, e.g. Abstract):
receiving, at the computer infrastructure and storing in the computer-readable storage medium, a filtering rule from an issuing authority that issued the virtualized credential (credential granting authority determines if user is entitled to the credential and system makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid), and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials; and Col. 17, ll. 42-54 discussing storing availability data of users' credentials),
for determining which data of the valid credential data is to be sent to the device of the relying party (users then send out their available credentials to other users, e.g. Col. 13, ll. 1-25, Col. 16, ll. 15-24, and Figs. 6, 7 and 11; see also Col. 10, ll. 40-57 discussing users' credentials being in their accounts)

receiving a request, at the computer infrastructure, from the device of the relying party for the virtualized credential corresponding to the holder (user selects desired credentials they wish to view, Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 11-18), 
the device of the relying party comprising a verification app configured to verify information received from the computer infrastructure (system is implemented as a mobile device-based application, Col. 6, ll. 20-30); 
providing, by the computer infrastructure, the device of the relying party with at least some of the valid credential data according to the filtering rule (identifies users with selected credentials, Col. 7, ll. 9-32; Col. 23, ll. 11-28), 
and applying the verification app to the to verify the at least some of the valid credential data  (credential granting authority determines if user is entitled to the credential and system makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid), and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials; and Col. 17, ll. 42-54 discussing storing availability data of users' credentials): 
displaying, after verification of the at least some of the valid credential data, at least a subset of the valid credential data received by the device of the relying party from the computer infrastructure on a screen of the device of the relying party (displays credentials, Col. 7, ll. 9-41; Col. 23, l. 29 – Col. 24, l. 11 and Figs. 1 and 15).
However Saylor does not teach but Gaddam does teach:

providing, by the computer infrastructure, the device of the relying party with a cryptogram (sends token, ¶¶0057]-[0058])
the cryptogram generated as a function of the first cryptographic information (token is generated based on key stored on device, ¶¶[0035]-[0036]);
and applying the verification app to the cryptogram (devices receives and validates token, e.g. ¶¶[0036], [0048]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 2, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Saylor further teaches:
wherein the contextual data is at least one of: a privacy level setting, distance between the device of the relying party and the device of the holder, and geolocation of the device of the holder or the device of the relying party (credentials transmission can be based on contextual data like location of the parties, e.g. Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 50-56; see also Col. 12, ll. 11-30 and Fig. 12 discussing conditions involving the location of the providing user).
Regarding claim 3, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Saylor further teaches:
wherein the role of the relying party is provided by the device of the relying party, and the role of the relying party is provided in a verifiable format (provides information about role like alumni status, which has been verified by the university, Col. 8, ll. 18-27).
Regarding claim 4, the combination of Saylor and Gaddam teaches all the limitations of claim 3 and Saylor further teaches:
wherein the role of the relying party in a verifiable format is one of: securely derived via a process of mutual authentication between the device of the relying party and the device of the holder or digitally signed (utilizes various mutual authentication methods like verifying both parties are at a location, Col. 14, ll. 28-54 and Col. 22, ll. 50-56).  
Regarding claim 5, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Saylor further teaches:
wherein the device of the relying party receives pseudo data in places of at least some of the valid credential data (sends credential data about the user (i.e., that the user is a certified lifeguard) instead of sending personal information about the user, e.g. Col. 18, ll. 29-48).
Regarding claim 6, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Gaddam further teaches:
wherein applying the verification app to the cryptogram to verify the at least some of the valid credential data comprises presenting, by the verification app, the cryptogram to a verification service (the access device sends the token to the token vault computer for validation, ¶[0057]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 7, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Gaddam further teaches:
applying the verification app to the cryptogram to verify the at least some of the valid credential data comprises applying second cryptographic information to the cryptogram, the second cryptographic information corresponding to the first cryptographic information (the access device sends the token to 
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 8, the combination of Saylor and Gaddam teaches all the limitations of claim 7 and Gaddam further teaches:
wherein the first cryptographic information includes a first cryptographic key and the second cryptographic information includes a second cryptographic key (encryption key is stored on device, ¶¶[0035]-[0036] and token vault computer may stores the encryption key to validate the token, ¶[0036]).  
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 9, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Gaddam further teaches:
wherein the cryptogram includes a variable component corresponding to at least one of: time, a counter or a randomly generated nonce (uses time as a variable input when encrypting, ¶[0055]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 13, the combination of Saylor and Gaddam teaches all the limitations of claim 6 and further teaches:

However Saylor does not explicitly teach:
wherein the verification app communicates with an intermediary service that directs the verification app.
Nevertheless, it would have been obvious to modify the teachings of Saylor to have the relying party to present the credentials to a verification service because the rearrangement of parts is obvious, see MPEP 2144.04.VI.C.  Saylor teaches the system contacting the credential granting authority to request the credentials be verified, Col 10, l. 58 – Co. 11, l. 19, and the user who provides their credentials contacting the credential granting authority to request the credentials be verified, Col. 11, ll. 20-44.  One of ordinary skill would have recognized that other users would also be interested in verifying the providing user’s credentials and would have modified Saylor to enable other users to verify the user’s credentials by presenting the credentials to the credential granting authority for verification as well.
Regarding claim 14, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Saylor further teaches:
further comprising receiving a condition from the holder for determining which data of the valid credential data is to be sent to the device of the relying party, wherein the condition depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party (users define what credentials they wish to make available, e.g. Col. 7, l. 62 – Col. 8, l. 17, Col. 16, ll. 15-29 and Fig. 11).  
Regarding claim 15, the combination of Saylor and Gaddam teaches all the limitations of claim 1 and Saylor further teaches:
wherein the filtering rule from the issuing authority cannot be overridden by the holder for at least some of the credentials (if the user’s credentials are invalid, system does not allow user to add the credentials to their account, Col. 11, ll. 13-16 and Col. 11, ll. 37-44).

Regarding claim 16, Saylor teaches:
A non-transitory computer-readable medium containing software (machine readable storage device and software, Col. 24, l. 55 – Col. 25, l. 10):
that provides a virtualized credential of a holder, the virtualized credential comprising valid credential data (provides information about a credential held by a user, e.g. Abstract), 
the software comprising executable code, that when executed by one or more processors, causes the software to facilitate communication between a device of the holder and a device of a relying party (communication system, Fig. 2 and Col. 8, ll. 38-57), 
the relying party being different from the holder, and to (first user's credentials are provided to a second user, e.g. Fig. 3 and Col. 1, ll. 36-44): 
facilitate setting, and storing in the computer-readable medium, of a filtering rule from an issuing authority that issued the virtualized credential (credential granting authority determines if user is entitled to the credential and system makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid), and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials; and Col. 17, ll. 42-54 discussing storing availability data of users' credentials),

wherein the filtering rule depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party (availability of the credential is based on the user being able to adequately verify themselves, Col. 11, ll. 5-44); 
provide, in response to receiving a request from the device of the relying party for the virtualized credential corresponding to the holder, at least some of the valid credential data to the device of the relying party according to the stored filtering rule (first user selects desired credentials, Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 11-18, and system identifies users with selected credentials, Col. 7, ll. 9-32; Col. 23, ll. 11-28), 
applying a verification app of the device of the relying party to verify the at least some of the valid credential data (credential granting authority determines if user is entitled to the credential and system makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid), and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials; and Col. 17, ll. 42-54 discussing storing availability data of users' credentials; see also, Col. 6, ll. 20-30 noting system is implemented as a mobile device-based application); 
and display, after verification of the at least some of the valid credential data, at least a subset of the valid credential data received by the device of the relying party on a screen of the device of the relying party (displays credentials, Col. 7, ll. 9-41; Col. 23, l. 29 – Col. 24, l. 11 and Figs. 1 and 15).  
However Saylor does not teach but Gaddam does teach:
store first cryptographic information in the computer-readable medium (encryption key is stored on device, ¶¶[0035]-[0036]);

the cryptogram generated as a function of the first cryptographic information (token is generated based on key stored on device, ¶¶[0035]-[0036]); 
applying a verification app of the device of the relying party to the cryptogram (devices receives and validates token, e.g. ¶¶[0036], [0048]). 
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 17, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Saylor further teaches:
wherein the contextual data is at least one of: a privacy level setting, distance between the device of the relying party and the device of the holder, and geolocation of the device of the holder or the device of the relying party (credentials transmission can be based on contextual data like location of the parties, e.g. Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 50-56; see also Col. 12, ll. 11-30 and Fig. 12 discussing conditions involving the location of the providing user).
Regarding claim 18, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Saylor further teaches:
wherein the role of the relying party is provided by the device of the relying party, and the role of the relying party is provided in a verifiable format (provides information about role like alumni status, which has been verified by the university, Col. 8, ll. 18-27).
Regarding claim 19, the combination of Saylor and Gaddam teaches all the limitations of claim 18 and Saylor further teaches:
wherein the role of the relying party in a verifiable format is one of: securely derived via a process of mutual authentication between the device of the relying party and the device of the holder or digitally 
Regarding claim 20, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Saylor further teaches:
wherein the device of the relying party receives pseudo data in places of at least some of the valid credential data (sends credential data about the user (i.e., that the user is a certified lifeguard) instead of sending personal information about the user, e.g. Col. 18, ll. 29-48). 
Regarding claim 21, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Gaddam further teaches:
wherein applying the verification app of the device of the relying party to the cryptogram to verify the at least some of the valid credential data causes the cryptogram to be presented to a verification service (the access device sends the token to the token vault computer for validation, ¶[0057]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 22, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Gaddam further teaches:
wherein applying the verification app of the device of the relying party to the cryptogram to verify the at least some of the valid credential data causes second cryptographic information to be applied to the cryptogram, the second cryptographic information corresponding to the first cryptographic information (the access device sends the token to the token vault computer for validation, ¶[0057], and token vault computer may stores the encryption key to validate the token, ¶[0036]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 23, the combination of Saylor and Gaddam teaches all the limitations of claim 22 and Gaddam further teaches:
wherein the first cryptographic information includes a first cryptographic key and the second cryptographic information includes a second cryptographic key (encryption key is stored on device, ¶¶[0035]-[0036] and token vault computer stores the encryption key to validate the token, ¶[0036]).  
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 24, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Gaddam further teaches:
wherein the cryptogram includes a variable component corresponding to at least one of: time, a counter or a randomly generated nonce (uses time as a variable input when encrypting, ¶[0055]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 28, the combination of Saylor and Gaddam teaches all the limitations of claim 21 and Saylor further teaches:
communicates with an intermediary service that directs to a particular one of a number of possible verification services (connects users with credential management server and multiple systems operated by credential granting authorities, Col. 8, ll. 38-57, Col. 10, ll. 11-30; see also Fig. 2, to verify the credentials, Col. 10, l. 58 - Col. 11, l. 19).
However Saylor does not explicitly teach:
wherein the verification app communicates with an intermediary service that directs the verification app.
Nevertheless, it would have been obvious to modify the teachings of Saylor to have the relying party to present the credentials to a verification service because the rearrangement of parts is obvious, see MPEP 2144.04.VI.C.  Saylor teaches the system contacting the credential granting authority to request the credentials be verified, Col 10, l. 58 – Co. 11, l. 19, and the user who provides their credentials contacting the credential granting authority to request the credentials be verified, Col. 11, ll. 20-44.  One of ordinary skill would have recognized that other users would also be interested in verifying the providing user’s credentials and would have modified Saylor to enable other users to verify the user’s credentials by presenting the credentials to the credential granting authority for verification as well.
Regarding claim 29, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Saylor further teaches:
the software further comprising executable code that facilitates setting a condition from the holder for determining which data of the valid credential data is to be sent to the device of the relying party, wherein the condition depends on at least one of: a role of the relying party, selection by the holder, and contextual data of the holder or relying party (users define what credentials they wish to make available, e.g. Col. 7, l. 62 – Col. 8, l. 17, and the system only allows virtualized credentials to be added to the user’s account if the credentials are verified, Col. 10, l. 58 – Col. 11, l. 19 and selection of credentials can be based on contextual data like location, e.g. Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 50-56).  
Regarding claim 30, the combination of Saylor and Gaddam teaches all the limitations of claim 16 and Saylor further teaches:
wherein the filtering rule set by the issuing authority cannot be overridden by the holder for at least some of the credentials (if the user’s credentials are invalid, system does not allow user to add the credentials to their account, Col. 10, l. 58 – Col. 11, l. 19).

Regarding claim 31, Saylor teaches:
providing a virtualized credential of a holder (provides information about a credential held by a user, e.g. Abstract)
from a device of the holder to a device of a relying party (communication system, Fig. 2 and Col. 8, ll. 38-57), 
the relying party being different from the holder (first user's credentials are provided to a second user, e.g. Fig. 3 and Col. 1, ll. 36-44), 
and the virtualized credential comprising valid credential data, the method comprising (data is indicative of credentials, e.g. Abstract): 
storing, at the device of the holder (mobile device based credential management application holds user's credentials, Col. 6, ll. 20-30; see also Col. 9, ll. 8-25 discussing storing data and applications on users' devices and Col. 10, ll. 1-10 discussing storing credential data on user devices), 
a filtering rule from an issuing authority that issued the virtualized credential (credential granting authority determines if user is entitled to the credential and makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid) and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials) 
for determining which data of the valid credential data is to be sent to the device of the relying party (users then send out their available credentials to other users, e.g. Col. 13, ll. 1-25, Col. 16, ll. 15-24, and Figs. 6, 7 and 11; see also Col. 10, ll. 40-57 discussing users' credentials being in their accounts),

receiving, at the device of the holder, a request from the device of the relying party for the virtualized credential corresponding to the holder (user selects desired credentials they wish to view, Col. 6, l. 49 – Col. 7, l. 8; and Col. 22, ll. 11-18), 
the device of the relying party comprising a verification app configured to verify information received from the device of the holder (system is implemented as a mobile device-based application, Col. 6, ll. 20-30); 
providing, by the device of the holder, the device of the relying party with at least some of the valid credential data according to the filtering rule (identifies users with selected credentials, Col. 7, ll. 9-32; Col. 23, ll. 11-28), 
and applying the verification app to the cryptogram to verify the at least some of the valid credential data (credential granting authority determines if user is entitled to the credential and system makes the credential unavailable if the user is not entitled to it (i.e. if the credential is invalid), and adds the credentials to the user's account if the credential is valid, Col. 11, ll. 5-44; see also Col. 11, ll. 45-67 discussing verification states of credentials; and Col. 17, ll. 42-54 discussing storing availability data of users' credentials); 
displaying, after verification of the at least some of the valid credential data, at least a subset of the valid credential data received by the relying party from the device of the holder on a screen of the device of the relying party (displays credentials, Col. 7, ll. 9-41; Col. 23, l. 29 – Col. 24, l. 11 and Figs. 1 and 15).  
However Saylor does not teach but Gaddam does teach:

providing, by the device of the holder, the device of the relying party with a cryptogram (sends token, ¶¶0057]-[0058])
the cryptogram generated as a function of the first cryptographic information (token is generated based on key stored on device, ¶¶[0035]-[0036]); 
and applying the verification app to the cryptogram (devices receives and validates token, e.g. ¶¶[0036], [0048]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 32, the combination of Saylor and Gaddam teaches all the limitations of claim 31 and Saylor further teaches:
wherein the filtering rule from the issuing authority cannot be overridden by the holder (if the user’s credentials are invalid, system does not allow user to add the credentials to their account, Col. 11, ll. 13-16 and Col. 11, ll. 37-44).
Regarding claim 33, the combination of Saylor and Gaddam teaches all the limitations of claim 31 and Gaddam further teaches:
wherein applying the verification app to the cryptogram to verify the at least some of the valid credential data comprises presenting, by the verification app, the cryptogram to a verification service (the access device sends the token to the token vault computer for validation, ¶[0057]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.
Regarding claim 34, the combination of Saylor and Gaddam teaches all the limitations of claim 31 and Gaddam further teaches:
wherein applying the verification app to the cryptogram to verify the at least some of the valid credential data comprises applying second cryptographic information to the cryptogram, the second cryptographic information corresponding to the first cryptographic information (the access device sends the token to the token vault computer for validation, ¶[0057], and token vault computer stores the encryption key to validate the token, ¶[0036]).
Further, it would have been obvious at the time of filing to combine the credential management system of Saylor with the encryption of Gaddam because Gaddam suggests using tokens to limit exposure if the information is obtained by an unauthorized person, ¶[0002], see MPEP 2143.I.G.

Claims 10 and 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Saylor in view of Vercher, Brady “Protect Your Products and Improve Your Systems with Signed URLs” BlazerSix Engage Blog, May 16, 2013, herein referred to as “Vercher”.
Regarding claim 10, the combination of Saylor and Gaddam teaches all the limitations of claim 6 and does not teach but Vercher teaches:
providing, by the computer infrastructure a Uniform Resource Locator (URL) of the verification service to the device of the relying party (hands out a URL, pg. 1).
Further, it would have been obvious at the time of filing to combine the encrypted credential management system of Saylor and Gaddam with the signed URLs of Vercher because Vercher suggests using signed URL to protect downloadable information, pg. 1; see also MPEP 2143.I.G.

Regarding claim 25, the combination of Saylor and Gaddam teaches all the limitations of claim 21 and does not teach but Vercher teaches:
the software further comprising executable code that provides a Uniform Resource Locator (URL) of the verification service to the verification app (hands out a URL, pg. 1).
Further, it would have been obvious at the time of filing to combine the encrypted credential management system of Saylor and Gaddam with the signed URLs of Vercher because Vercher suggests using signed URL to protect downloadable information, pg. 1; see also MPEP 2143.I.G.



Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRENDAN S O'SHEA whose telephone number is (571)270-1064.  The examiner can normally be reached on Monday to Friday 10-6.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynda Jasmin can be reached on (571) 272-6782.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BOS/Examiner, Art Unit 3629                                                                                                                                                                                                        

/ANDREW B WHITAKER/Primary Examiner, Art Unit 3629