DETAILED ACTION

Status of Claims

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This action is in reply to a request for continued examination (“RCE”) filed 11 February 2021, on an application filed 26 August 2011, which claims domestic priority to a provisional application filed 14 February 2011.
Claims 1, 7, 16 and 22 have been amended. 
Claims 1-10, 12 and 16-24 are currently pending and have been examined.


Continued Examination Under 37 CFR 1.114

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11 February 2021 has been entered.



Information Disclosure Statement

The information disclosure statement (IDS) submitted on 27 September 2004 has been considered by the Office to the extent indicated. The Office notes that European patent documents and non-patent literature must be submitted with the IDS to be considered.  


Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 1-10, 12 and 16-24  are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.

Claims 1 and 16 are replete with errors that make the claims impossible to interpret. What follows is an imcomplete listing of the errors in claims 1 and 16:
	Recitation of the user authentication information followed by user authentication in the first limitation. It is unclear if these elements are related or completely separate or should be exactly the same recitation;
	Recitation of transaction data, followed by transaction data, followed by transaction data and transaction data in the 4th, 5th, 6th and 7th limitation respectively. It seems clear that the first two recitations are the same element, but it is unclear how the third and fourth recitations are related/not related/or should be the same as the first two recitations;
	Recitation of the element and, and in the first limitation of claim 16;
	Recitation of the manual user authentication in the 5th limitation of claim 16, there is insufficient antecedent basis for this element;
	Recitation of the point-of-presence device in the receive the transaction data limitation, and the following limitation. As this element has previously been indicated as a POP device, the claims need to consistently reflect this acronym. Please note claims 2-5 and 17-21 have the same issue;
	Recitation of near field communication in the 4th limitation of claim 16. As this element has previously been indicated as NFC, the claims need to consistently reflect this acronym; and
	Recitation of a wireless transceiver that ... after generating the DVC. However, the DVC is generated by the secure element, not the wireless transceiver. It is unclear how to interpret this limitation.
	

To the extent that other claims rely on claims that are rejected under 35 USC 112 and fail to correct the deficiencies of the claims they rely on, those other claims are rejected for the same reasons as the claims they rely on. Appropriate correction is required.


Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a)  A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.

This application currently names joint inventors.  In considering patentability of the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various claims was commonly owned at the time any inventions covered therein were made absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out 

Claims 1-3, 5-9, 12, 16-18, 20-22 and 24 are rejected under 35 U.S.C. 103(a) as being obvious over Huomo et al. (U.S. PG-Pub 2009/0312011 A1), hereinafter Huomo, in view of Bernabeu (U.S. PG-Pub 2011/0296521 A1), further in view of Fisher (U.S. PG-Pub 2009/0144161 A1).

As per claims 1 and 16, Huomo XX discloses a method and System for transferring a medical digital artifact between NFC enabled devices (Huomo, Figs. 4, 5 and 11.), the system comprising: 
a mobile device memory that stores a non-browser based application … (Huomo discloses a mobile smartphone storing multiple applications, see Figs. 1, 4 and 5, and paragraphs 8 and 45-46. Paragraph 104 of Huomo discloses a text based application, which is a non-browser based application.), 
a first communication channel (Huomo discloses first and second communication channels in the use of NFC RF and cellphone communication channels. The NFC RF components are separate from the cellphone service components of device, see Fig. 5 #8 versus #15, and paragraphs 75-77.)
... the mobile device memory, a mobile device processor, and a mobile device wireless interface included in a mobile device (Huomo, Figs. 1, 4 and 5.); 
a secure element coupled to a mobile device (Fig. 1), wherein the secure element comprising:
a secure element memory storing a health care secure element software application and a user ID (Fig. 1 memory #33 stores various ID data #332, #346 and software applications #301-303. Operating system application of Fig. 1 #301 would comprise a secure element software application that is utilized every time the secure element application processes data.);
 a processor of the secure element, wherein the processor is capable of near field communication (processor of Fig. 3 #32 controls NFC transponder #401, see paragraphs 16, 88 and 96), and 
further wherein the processor after the ... user authentication, executes the active health care secure element software application in response to an NFC inductive signal by the Point-of-Presence (POP) device (Huomo, Fig. 11, S21, S23, S25, S27, S29, secure element app being executed. Transponder #401 receives an inductive signal from a reader/POP device, see Fig. 10 #2001, Fig. 11 S20 and paragraph 112. Transponder is under control of processor #32, which operates transponder utilizing software, see paragraph 88. Fig. 9 discloses executing an application after user authentication. The Office notes that every time the secure element software application is used it is executed; therefore it is being executed after authentication of S24, such as at step S25, S27 and S29. There is nothing in the claims to indicate that the secure element application is executed for the first time after user authentication.), and 
after receiving transaction data from the POP device, generates a Dynamic Verification Code (DVC) (Huomo, Fig. 11 S23. Message authentication code (MAC) is generated by the secure element at step S23 of Fig. 11, see paragraphs 111 and 113. Herein the transaction data is the request for Device ID, sent at S22 of Fig. 11; accordingly the DVC is generated after transaction data is received.); 
a wireless transceiver that receives the transaction data from the point-of presence device (Huomo, Fig. 11 S23, transaction data received. NFC RF transponder #34 of Fig. 3, coupled to smartphone #1000, receives transaction data from secure element near field reader #2001 of Fig. 10, such as a request for device ID, S22 of Fig. 11. Herein the transaction data is the request for Device ID, sent at S22 of Fig. 11.); 
after generating the DVC, wirelessly transmits transaction data, including the user ID and the DVC using the health care secure element software application, through a second communication channel to the point-of-presence device, the second communication channel being different from the first communication channel through which the mobile device communicates voice and data (Huomo, S23-S24. Device specific identifier (user ID) and MAC data (DVC) is transmitted to the reader, POP device, via NFC RF components, see paragraph 113. The NFC RF components are separate from the cellphone service components of device, see Fig. 5 #8 versus #15, and paragraphs 75-77. Herein transaction data is the device identifier and MAC Data, at least. The Office notes that this transaction data is not identified as the transaction data previously recited in the claims.) , 
after transmitting transaction data, including the user ID and the DVC using the health care secure element software application, wirelessly receives a command to unlock the secure element (Huomo, Fig. 11 S27 receives command after transmitting transaction data. Reader/POP device validates application platform, which unlocks the secure element to provide secure element data to reader, see Fig. 11, S26 and S27, and paragraphs 115-116. Herein transaction data is the device identifier and MAC Data, at least.); and 
receives the medical digital artifact at the secure element from the POP device which is subsequently displayed in the non-browser based application on the mobile device (Huomo, Fig. 11 S29. RF transponder receives data indicating ticket status, or other information, see medical digital artifact data, see claim 24. The Office notes that any data would comprise a digital artifact. Paragraph 104 of Huomo discloses a text based application, which is a non-browser based application.).

Huomo fails to explicitly disclose: 
an application which prompts the user to enter user authentication information and, and further wherein user authentication is transmitted using a ... communication channel to a remote server which authenticates the user ... and manual user authentication; and
a mobile application with a graphical user interface and a graphical icon ... .

Bernabeu teaches that it was old and well known in the art of secure electronic communications at the time of the invention/filing to provide an application which prompts the user to enter user authentication information and, and further wherein user authentication is transmitted using a ... communication channel to a remote server which authenticates the user and manual user authentication (Bernabeu discloses user authentication manually entered by the user, see paragraph 108-110, which is authenticated remotely, see also the identity authentication via remote server of paragraphs 114-115.) in order to provide additional security capabilities of electronic communication devices.

Although Huomo discloses the use of mobile applications, see above and Bernabeu discloses the  with a graphical user interface and a graphical icon ... .

Fisher teaches that it was old and well known in the art of secure electronic communications at the time of the invention/filing to provide use of an application with a graphical user interface and a graphical icon ... (Fisher, paragraph 21.), as taught by Fisher, in order to provide multiple device options for communicating data electronically. 

Therefore, it would have been obvious to one of ordinary skill in the art of secure electronic communications at the time of the invention/filing to modify the secure transaction communication system of Huomo to include an application which prompts the user for manual user authentication and, and further wherein authentication is performed by a remote server, as taught by Bernabeu, in order to provide a secure transaction communication system that has additional security capabilities of electronic communication devices; and to modify the secure transaction communication system that includes user authentication of Huomo/Bernabeu to include use of an application with a graphical user interface and a graphical icon ... (Fisher, paragraph 21.), as taught by Fisher, in order to arrive at a secure transaction communication system that includes user authentication and provides multiple device options for communicating data electronically. Moreover, merely adding a well-known element into a well-known system, to produce a predictable result to one of ordinary skill in the art, does not render the invention patentably distinct over such combination (see MPEP 2141).


As per claims 8, 9, 12 and 24, Huomo/Bernabeu/Fisher disclose claims 1 and 16, discussed above. Huomo also discloses:
8.	wherein the medical digital artifacts is stored in another memory storage different than the memory storage that the health care secure element software application resides in (Fig. 1 #302 shows that the applications are stored in the application platform layer of the secure element, as distinct from the transaction data stored in the specific application layer of the secure element, which would comprise different memory storages, see paragraphs 46-47).  
9.	wherein different secure element software applications are stored in different secure elements, wherein the secure element controller manages multiple secure element applications (Huomo, Fig. 14 and paragraphs 129-131 disclose plural secure element applications stored in different secure elements, and controlled by selector #510 or controller #504); and
12, 24.	wherein the medical digital artifact includes one or more of a medical id, patient information, prescription, emergency contact information, physician information, vital signs, insurance information, office visit summary, appointment cards, Electronic Medical Records (EMR), lab results, blood type, organ/donor status, diagnostic data, immunization records, payments and transaction history, and pictures (Transmitted data from reader to transponder includes payment and transaction history information, see paragraphs 117-118).


claims 6, 7, 21 and 22, Huomo/Bernabeu/Fisher disclose claims 1 and 16, discussed above. Huomo further discloses:
7, 22.	the non-browser based application (Bernabeu also discloses decrypting files, see paragraph 114. Paragraph 104 of Huomo discloses a text based application, which is a non-browser based application.).

Huomo fails to explicitly disclose:
6, 21.	wherein the secure element is unlocked by a remote server; and
7, 22.	wherein the secure element is unlocked by the mobile wallet application residing on the mobile device, wherein the mobile wallet application decrypts a file downloaded by a remote server and retrieves a secure element key inside of the file.

However, Bernabeu teaches that it was old and well known in the art of secure electronic communications at the time of the invention/filing to provide:
6, 21.	wherein the secure element is unlocked by a remote server (Bernabeu discloses unlocking secure memory functions through use of mobile wallet applications by downloading a key from a remote server, see paragraph 115); and
7, 22.	wherein the secure element is unlocked by the non-browser based application residing on the mobile device, wherein the non-browser based application decrypts a file downloaded by the remote server and retrieves a secure element key inside of the file (Bernabeu discloses unlocking secure memory functions through use of mobile wallet applications by downloading a key from a remote server, see paragraph 115.);
in order to provide additional security capabilities of electronic communication devices.

Therefore, it would have been obvious to one of ordinary skill in the art of secure electronic communications at the time of the invention/filing to modify the secure transaction communication system of Huomo/Bernabeu/Fisher to include wherein the secure element is unlocked by a remote server; and wherein the secure element is unlocked by the mobile wallet application residing on the mobile device, wherein the mobile wallet application decrypts a file downloaded by a remote server and retrieves a secure element key inside of the file, as taught by Bernabeu, in order to arrive at a secure transaction communication system that can provide additional security capabilities of electronic communication devices. Moreover, merely adding a well-known element into a well-known system, to produce a predictable result to one of ordinary skill in the art, does not render the invention patentably distinct over such combination (see MPEP 2141).


As per claims 2, 3, 5, 17, 18 and 20, Huomo/Bernabeu/Fisher discloses claims 1 and 16, discussed above. Huomo discloses various point-of-presence devices, as shown above at paragraph 113. Huomo fails to explicitly disclose:
2, 17. 	wherein the point-of-presence device is a medical personnel NFC Enabled mobile device;
3, 18.	wherein the point-of-presence device is a kiosk; and
5, 20.	wherein the point-of-presence device is a personal computer.

Fisher teaches that it was old and well known in the art of secure electronic communications at 
2, 17. 	wherein the point-of-presence device is a medical personnel NFC Enabled mobile device (Fisher, paragraph 17);
3, 18.	wherein the point-of-presence device is a kiosk (paragraph 17); and
5, 20.	wherein the point-of-presence device is a personal computer (paragraph 17),
in order to provide multiple device options for communicating data electronically.

Therefore, it would have been obvious to one of ordinary skill in the art of secure electronic communications at the time of the invention/filing to modify the secure transaction communication system of Huomo/Bernabeu/Fisher to provide wherein the point-of-presence device is a medical personnel NFC Enabled mobile device, a kiosk or a personal computer, as taught by Fisher, in order to arrive at a secure transaction communication system that can provide that can provide multiple device options for communicating data electronically. Moreover, merely adding a well-known element into a well-known system, to produce a predictable result to one of ordinary skill in the art, does not render the invention patentably distinct over such combination (see MPEP 2141).


Claims 4 and 19 are rejected under 35 U.S.C. 103(a) as being obvious over Huomo/Bernabeu/Fisher, further in view of Chivallier (U.S. PG-Pub 2010/0045425 A1), hereinafter Chivallier.

As per claims 4 and 19, Huomo/Bernabeu/Fisher discloses claims 1 and 16, discussed above. wherein the point-of-presence device is a medical sensor.

Chivallier teaches that it was old and well known in the art of secure electronic communications at the time of the invention/filing to provide wherein the point-of-presence device is a medical sensor (Chivallier, paragraphs 5-6), in order to provide multiple device options for communicating data electronically.

Therefore, it would have been obvious to one of ordinary skill in the art of secure electronic communications at the time of the invention/filing to modify the secure transaction communication system of Huomo/Bernabeu/Fisher to provide wherein the point-of-presence device is a medical sensor, as taught by Chivallier, in order to arrive at a secure transaction communication system that can provide multiple device options for communicating data electronically. Moreover, merely adding a well-known element into a well-known system, to produce a predictable result to one of ordinary skill in the art, does not render the invention patentably distinct over such combination (see MPEP 2141).


Claims 10 and 23 are rejected under 35 U.S.C. 103(a) as being obvious over Huomo/Bernabeu/Fisher, further in view of Yeager (U.S. Patent 8,151,345 B1), hereinafter Yeager.

claims 10 and 23, Huomo/Bernabeu/Fisher discloses claims 1 and 16, discussed above. Huomo discloses reception of transaction data from the POP, as shown above at paragraph 113. Huomo/Bernabeu/Fisher fails to explicitly disclose wherein the transaction data received from the POP is a random value.

Yeager teaches that it was old and well known in the art of secure electronic communications at the time of the invention/filing to provide wherein the transaction data received from the POP is a random value (Yeager, Fig. 14), in order to increase the security of electronic data communications.

Therefore, it would have been obvious to one of ordinary skill in the art of secure electronic communications at the time of the invention/filing to modify the secure transaction communication system of Huomo/Bernabeu/Fisher to provide wherein the transaction data received from the POP is a random value, as taught by Yeager, in order to arrive at a secure transaction communication system that can increase the security of electronic data communications. Moreover, merely adding a well-known element into a well-known system, to produce a predictable result to one of ordinary skill in the art, does not render the invention patentably distinct over such combination (see MPEP 2141).


Response to Arguments

Applicant’s arguments filed 11 February 2021 concerning the rejection of all claims 35 U.S.C. 103(a) have been fully considered but they are not persuasive.

The Applicant argues on pages 9-11 that the cited references fail to disclose the specific order of the claimed limitations, specifically:
	“As previously mentioned, Huomo positively recites that application platform identifier (Examiner alleges is "health care secure element software application") is executed after the MAC (Examiner alleges is "dynamic verification code") is transmitted to the reader in paragraph 111 relied upon by the Examiner. States another way, Huomo does not teach or suggest that the application platform is executed before transmitting the MAC (Examiner alleges is "dynamic verification code") much less used to transmit the MAC (Examiner alleges is "dynamic verification code").”; and
	“For example, if the transaction data is sent BEFORE the secure element is executed and without using the secure element applications, the result is that the data is transmitted without the uses of an application to any device and an authorized device may receive the transaction data.”

The Office respectfully disagrees. First, as indicated above, the Applicant has incorrectly read the previous rejection: the health care secure element software application would be, at least, the operating system application of Fig. 1 #301, which would comprise a secure element software application that is utilized everytime the secure element application processes data; and note the “application platform identifier”. Further, as indicated above, there is nothing in the claims to indicate that the secure element application is executed for the first time after user authentication; accordingly every time the secure element software application is used it is executed; it is being executed after authentication of S24, such as at step S25, S27 and S29.

Further, the transaction data provided by the transaction data received from the POP device is not necessarily the same as transaction data transmitting by the wireless transceiver of the mobile device; notice the antecedent basis in the receives and after generating the DVC steps. As shown above, the transaction data received from the POP device is the request for Device ID and the transaction data transmitting by the wireless transceiver of the mobile device is the device identifier and MAC Data, at least. Accordingly, the order of the claimed elements are met.

As the secure element application operating system is executed every time it is used (S21, S23, S25, S27 and S29), it is done before anything else happens in Fig. 11 of Huomo, note the bidirectional arrow of the link between S21 and S20 indicating that either the secure element device or the NFC device reader can begin the interaction.


Applicant’s arguments indicating that Huomo does not disclose support for non-browser based applications fails because Huomo clearly discloses support for text based applications, see paragraph 104.


To the extent that arguments concerning the rejection of claims are repeated in response to the rejection of other claims, the Office accordingly incorporates the responses to arguments detailed above.

The remainder of Applicant's arguments have been fully considered but are moot in view of the new ground(s) of rejection, specifically with reference to the new citation of the previously cited reference necessitated by amendment, Fisher, as detailed above, or because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.

In conclusion, all of the limitations which Applicant disputes as missing in the applied references, including the features newly added by amendment, have been fully addressed by the Office as either being fully disclosed or obvious in view of the collective teachings of Huomo, Bernabeu, Chivallier, Yeager and Fisher, based on the logic and sound scientific reasoning of one ordinarily skilled in the art at the time of the invention, as detailed in the remarks and explanations given in the preceding sections of the present Office Action and in the prior Office Actions (16 December 2019, 14 February 2019 and 6 August 2018), and incorporated herein.


Conclusion

The cited but unused art is relevant to the invention, including:
	Huomo et al. (U.S. PG-Pub 2009/0098825 A1) discloses a method for controlling a mobile terminal device using near field communication technologies.


Any inquiry of a general nature or relating to the status of this application or concerning Mark Holcomb, whose telephone number is 571.270.1382.  The Examiner can normally be reached on Monday-Friday (8-5).  If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Victoria Augustine, can be reached at 313.466.4858.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://portal.uspto.gov/external/portal/pair .  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free).

/MARK HOLCOMB/
Primary Examiner, Art Unit 3626
17 August 2021