Acknowledgements
This communication is in response to applicant’s response filed on 08/12/2021.
Claims 1, 9, and 17 have been amended. 
Claims 1-20 are pending and have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Regarding applicant’s arguments:
Regarding applicant’s arguments under Claim Rejections - 35 USC § 103 that the combination of Howard (US 20190095607) in view of Saxman (US 20140026193) does not disclose, teach, or suggest the following limitations in amended claim 1: “determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device; implementing the key hierarchy with the first secure key and the second secure key; receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first 
Applicant makes a similar argument for claims 9 and 17 as claim 1 above. Examiner respectfully argues applicant’s arguments are moot for the same reasons listed above for claim 1.
Applicant argues dependent claims 2-8, 10-16, and 19-20 are allowable based on their dependence upon allowable base claims, examiner respectfully argues applicant’s arguments are moot in light of the new rejections necessitated by the claim amendments for claims 1, 9, and 17.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing 


Claims 1-7 and 9-15 are rejected under 35 U.S.C. 103 as being unpatentable over Howard (US 20190095607) in view of Saxman (US 20140026193) in further view of Maeng (US 10,902,405 B1) in further view of Choudhuri (US 20130024358).

Regarding Claims 1 and 9, Howard teaches obtaining, from a trusted mobile device, a first request to authenticate a user on a first mobile device based on a user identifier for an account of the user (Paragraph 0102, 0048, and 0067 teach a user indicates an intent to use a connected device (i.e., first mobile device); the user may submit a request to provide the connected device with a specific application or upgrade; the connected device establishes a communication session with the user's mobile device (i.e., trusted mobile device) and transmit a device identifier identifying the connected device; the mobile device may also establish a connection with a processing server that provides back end support for the mobile device by maintaining and managing transaction-related activities; the mobile device may transmit information related to the connected device to the processing server, and the processing server may retrieve transaction processing information to be associated with the connected device and may send that transaction processing information to the mobile device); determine that a valid first secure key used to authenticate the user is not stored on the first mobile device (Paragraphs  0067-0068 and 0061 teach the mobile device may query a database to determine if the mobile device has previously determining a first device identifier for the first mobile device based on the determining that the first secure key is not stored on the first mobile device (Paragraph 0067 teaches the request may include a device identifier and the mobile device may query a database of device identifiers (e.g., device management data) to determine the identity of (or a type associated with) the connected device; the processing server may identify one or more rules for generating a subtoken associated with a particular connected device from the device management data; for example, rules such as constraints on use may be associated with a generated subtoken); transmitting a second request to authenticate the user on the first mobile device to the trusted mobile device, wherein the second request comprises the user identifier and the first device identifier (Paragraphs 0068-0069 and 0086-0087 teach the processing server may, based on the received identifiers, identify one or more protocols relevant to the connected devices and convey those protocols to the mobile device; for example, the protocol data may include an indication of a user's resource preferences and/or resource replenishment preferences; the mobile device may display the transaction information to a user of the mobile device for authorization, and upon receiving authorization from a user, and obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier to the first mobile device or the trusted mobile device, wherein the indication is based on a second secure key stored on the trusted mobile device (Paragraphs 0069 and 0062 teach the mobile device may receive a token (or other suitable access credential) from a token server, wherein the server stores and maintains relationships between tokens and actual account numbers used for payment; the mobile device receives an indication that a subtoken is to be generated, and may generate a subtoken from the received token information (i.e., a parent token); the subtoken may be derived from a parent token useable to conduct a transaction; for example, the mobile device may store and manage information related to one or more tokens in access credential data; upon determining that a connected device should be provided with a subtoken, the subtoken generation module may cause the processors to identify an appropriate token in access credential data and generate a subtoken derived from that token); obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier to the first mobile device or the trusted mobile device (Paragraphs 0067 and 0087 teach the mobile device may display the transaction to a user of the mobile device to obtain approval for the transaction; for example, upon receiving authorization from a user, the mobile device may generate a subtoken for a smart refrigerator; the , wherein the indication is based on a second secure key stored on the trusted mobile device, and wherein the indication comprises a restriction on a usage of the first mobile device for electronic transaction processing (Paragraphs 0067 teaches rules such as constraints may be associated with a generated subtoken; for example, if a subtoken is generated for a refrigerator to buy milk and eggs, than a constraint for that subtoken may be that it can only be used at grocery stores); generating the first secure key for the first mobile device based on the first device identifier, wherein the first -2-Application No. 15/193,487secure key comprises the restriction on the usage of the first mobile device for the electronic transaction processing (Paragraph 0069, 0048 teach the subtoken may be derived from a parent token, but may be limited in at least one of duration, the types of transactions that it may be used to conduct, a connected device that may utilize the subtoken, or in any other suitable way; once a subtoken has been generated, it may be provided to the connected device to complete one or more transactions; the transaction processing information may be provisioned onto the mobile device for a particular connected device; the transaction processing information may include an access credential, consumer identifier, protocol information and/or any other suitable information relevant to the connected device), and wherein the first secure key and the second secure key comprise different restrictions on the electronic transaction processing (Paragraph 0062 teaches an exemplary subtoken may reference the same underlying account information as the parent token from which it is derived, but authenticating the user on the first mobile device without requiring, from the user, the password corresponding to the account from the first mobile device or the trusted mobile device (Paragraphs 0070 and 0073-0074 teach the connected device may initiate a transaction using the generated subtoken and transmit the generated transaction request to the transaction server; once the authorization computer has decided whether to approve or decline the transaction, an authorization response message may be returned to the transaction server; the transaction server may, upon receiving the response, determine whether the transaction has been approved or declined; the completion of the transaction may be conducted without human intervention (e.g., without acquiring authorization from a user or otherwise requiring action on a user's behalf)); and storing the first secure key within a first hardware secure element of the first mobile device, wherein the first secure key enables an authentication of the account on the first mobile device using the user identifier in place of the password or a further request to the trusted mobile device (Paragraph 0046 teaches the memory of connected device may include a secure execution environment such as a secure memory that includes a secure element; the secure element (SE) can be a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data (e.g. key management) in 
However, Howard does not explicitly teach obtaining, from a first mobile device, a first request to authenticate a user on a first user device based on a user identifier; and determining, based on the first request, that a first secure key used to authenticate the user is not stored on the first mobile device; determining, based on a location of the first mobile device, the trusted mobile device of a plurality of trusted mobile devices on which the user has been authenticated, wherein the trusted mobile device is associated with the location of the first mobile device.
Saxman from same or similar field of endeavor teaches obtaining, from a first mobile device, a first request to authenticate a user on a first user device based on a user identifier (Paragraphs 0083 and 0023 teach a user at a shared device (i.e., first mobile device) is using a software application that utilizes certain personal information that is stored at a resource server; the software application requests access from the resource server; the credential server and the resource server are distinct servers, but in some implementations the credential server and resource server are implemented on a single server system); determining, based on the first request, that a first secure key used to authenticate the user is not stored on the first mobile device (Paragraphs 0083 and 0023 teach the software application on the shared device (i.e., first mobile device) does not have a valid access token for the software determining, based on a location of the first mobile device, the trusted mobile device of a plurality of trusted mobile devices on which the user has been authenticated, wherein the trusted mobile device is associated with the location of the first mobile device (Paragraphs 0076, 0080, and 0086 teach the user must confirm the personal device (i.e., trusted mobile device) is within the appropriate renewal radius; in some implementations, the renewal radius is measured from the initial location of the personal device (when access was first granted); in other implementations, the renewal radius is measured from the location of the shared user device; thus, if the personal user device is within the renewal radius and the access privileges have not been revoked, the access token is granted/automatically renewed; the personal device stores a permanent access token transmits the token to credential server; in some implementations that use a permanent access token, the user is prompted to confirm that access privileges should be granted).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the base invention in Howard, which teaches generating a first secure key for a first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, to incorporate the teachings of Saxman to determine, based on a location of the first mobile device, the trusted mobile device of a plurality of trusted mobile devices on which the user has been authenticated, wherein the trusted mobile device is associated with the location of the first mobile device; 
There is motivation to combine Saxman into Howard because the base invention is improved because the temporary token is associated with an access limit based on the physical location of the personal device. A user typically retains possession of the personal device, so as the person moves, so does the personal device. If the personal device moves more than a threshold distance, the user is probably no longer accessing the shared user device, and thus the shared user device no longer has access to the user’s personal information thus protecting the user’s personal information from potential fraudulent use (Saxman Paragraph 0077).
However, the combination of Howard and Saxman does not explicitly teach determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device; implementing the key hierarchy with the first secure key and the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region.
Maeng from same or similar field of endeavor teaches determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device (Col. 5, lines 31-49, Col. 6, lines 27-30, and Col. 8, lines 9-28 teach a user has established a mobile wallet (i.e., primary mobile wallet) on the user’s mobile device; a wallet management system may provide a transient mobile wallet to a user of a secondary device (e.g., a transient device); the user may identify one or more wallet elements from the primary mobile wallet (i.e., second secure key) to be added to the transient wallet (i.e., first secure key) with certain limitations (i.e., key hierarchy wherein the first secure key has limitations and is based on the second secure key); the personal device and secondary device may be similar to the mobile device (i.e., personal device is the trusted mobile device and the secondary device is the first mobile device), and the primary mobile wallet and transient wallet may be similar to the mobile wallet (i.e., primary mobile wallet comprises the second secure key, and the transient wallet comprises the first secure key)); implementing the key hierarchy with the first secure key and the second secure key (Col. 6 lines 5-26 teaches the wallet management system enables the user to create and configure the transient wallet with limited use and limited duration (i.e., implement a key hierarchy); the user may configure the transient wallet with a usage specification that limits the use of the transient wallet; the transient wallet may be configured with only certain wallet elements (e.g., only a single, low-limit credit card), or may set the transient wallet to only be usable at particular types of merchants, or may set a transaction amount limit, or may only be used in specified geographic regions; further, the user may also configure the transient wallet to be active only during a certain timeframe); and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region (Col. 14 lines 10-26 teaches certain types of non-conforming transactions may trigger the wallet management system to automatically uninstall, delete, deactivate, or otherwise disable the transient wallet; for example, if the transaction is attempted with a merchant in a non-confirming region (e.g., deactivation criterion is attempting a transaction in an unapproved country), then the wallet management system may automatically initiate deactivation of the transient wallet (i.e., deactivate the first secure key)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the base invention in the combination of Howard and Saxman, which teaches generating a first secure key for a first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, wherein the trusted mobile device and first mobile device are within a certain location, to incorporate the teachings of Maeng, which teaches determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device; implementing the key hierarchy with the first secure key and the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region.
There is motivation to combine Maeng into the combination of Howard and Saxman because the base invention is improved because the wallet management system may automatically initiate a de-installation (e.g., deactivation, or deletion) of the transient wallet on the secondary device (e.g., after a pre-determined number of non-conforming transactions are attempted). As such, the transient 
However, the combination of Howard, Saxman, and Maeng does not explicitly teach receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance.
Choudhuri from same or similar field of endeavor teaches receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key (Paragraphs 0093-0095 teach a user is associated with a first location that includes a specific address, a town, a county, a state, other region, or a location at which a transaction or account event occurred; also an agent (e.g., a household member, a co-worker, a partner, an employer, and employee, an accountant, or any other and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance (Paragraphs 0121 and 0073 teach for example, the fraud alert may indicate that the user should contact an affiliate and/or third party, or the alert may provide details of a potential fraudulent transaction such as the location, data, and time of a suspicious transaction or account event; the fraud alert includes a card cancelation notification, or a transaction cancelation, suspension, or hold notification); once the customer may tell the affiliate and/or third party that the transaction is fraudulent, the affiliate and/or third party may take the appropriate actions; the agent computer system may be disabled since it associated with the fraudulent transaction; therefore, transactions that have yet to occur in the future which are 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the base invention in the combination of Howard, Saxman, and Maeng, which teaches generating a first secure key for a first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, wherein the trusted mobile device and first mobile device are within a certain location, then, disabling the first secure key when a transaction is determined to be fraudulent, to incorporate the teachings of Choudhuri, which teaches receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance.
There is motivation to combine Choudhuri into the combination of Howard, Saxman, and Maeng because the base invention is improved because the first and second locations can be compared to take into account distances between the locations, the types of transactions or account events taken, the channels use, etc. to determine if a transaction is fraudulent. For example, the place of work and 
Regarding Claim 1, Howard teaches a system, comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to execute instructions from the non-transitory memory to cause the system to perform operations (Paragraphs 0049 and 0112 teach the processing server may be any type of computing device, including a remotely located server computer, configured to perform one or more actions on behalf of the mobile device; the processing server may be configured to provide information related to one or more connected devices to the mobile device; any of the software components or functions described in this application may be implemented as software code to be executed by a processor; the software code may be stored as a series of instructions or commands on a computer readable medium for storage and/or transmission, suitable media include random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a compact disk (CD) or DVD (digital versatile disk), flash memory, and the 
Regarding Claim 9, Howard teaches a method (Paragraph 0066 teaches FIG. 3 depicts an example data flow that may be implemented in accordance with at least some embodiments).

	Regarding Claims 2 and 10, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 1 and 9 above; and Howard further teaches storing the second secure key within a second hardware secure element of the trusted mobile device (Paragraph 0058 teaches the memory of mobile device (i.e., trusted mobile device) may include a secure execution environment such as a secure memory; the secure element (SE) can be a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data (e.g. key management) in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities; the parental token (i.e., second secure key) or other access credential data may be stored in the secure execution environment).

	Regarding Claims 3 and 11, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 2 and 10 above; and Howard further teaches wherein the storing the second secure key further comprises storing a derivative key of the second secure key within the second hardware secure element (Paragraphs 0059 and 0062 teach information provisioned by a processing server onto the mobile device may be stored in the  an exemplary subtoken may reference the same underlying account information as the parent token from which it is derived).

Regarding Claims 4 and 12, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 2 and 10 above; and Howard further teaches wherein the first secure key is generated based on the second secure key stored on the trusted mobile device (Paragraph 0062 teaches the subtoken module may be configured to identify an appropriate token in access credential and generate subtokens in accordance with transaction data and relevant protocol information, wherein the subtoken may be derived from a parent token useable to conduct a transaction).

Regarding Claims 5 and 13, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 2 and 10 above; and Howard further teaches determining the second secure key on the trusted mobile device is a primary key for the account (Paragraphs 0033-0035 teach a token may be associated with a protocol set; a “parent token” (i.e., primary key) can be a 

Regarding Claims 6 and 14, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 1 and 9 above; and Howard further teaches wherein the determining the trusted mobile device is performed in response to determining that the first mobile device is within a proximity range of the trusted mobile device (Paragraphs 0047 and 0039 teach a mobile device may be configured to perform a device discovery action that identifies all communicatively enabled electronic devices within range of the mobile device; in another example, the mobile device may connect to a private network (e.g., a home-based or business-based network) and may identify each of the connected devices that are also connected to the private network; the connected devices may be within range of a short range communication means used by the mobile device (e.g., less than about 100, 50, 20, 10, or 5 yards)).

Regarding Claims 7 and 15, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claims 1 and 9 above; and Howard further teaches wherein the user is authenticated on the trusted mobile device based on information, other than the password, that identifies the user (Paragraphs 0060 and 0062 teach the contents of the memory in the mobile .

Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Howard (US 20190095607) in view of Saxman (US 20140026193) in further view of Maeng (US 10,902,405 B1) in further view of Choudhuri (US 20130024358) in further view of Bhimanaik (US 8,627,438 B1).

Regarding Claims 8 and 16, the combination of Howard, Saxman, Maeng, and Choudhuri teaches all the limitations of claim 1 above; however the combination does not explicitly teach selecting the trusted mobile device as a primary trusted device from a plurality of trusted mobile devices.
Bhimanaik from same or similar endeavor teaches selecting the trusted mobile device as a primary trusted device from a plurality of trusted mobile devices (Col. 4, lines 36-40, Col. 5, lines 53-62, and Col. 6, lines 37-41, teach the 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Howard, Saxman, Maeng, and Choudhuri to incorporate the teachings of Bhimanaik to select the trusted mobile device as a primary trusted device from a plurality of trusted mobile devices.
There is motivation to combine Bhimanaik into the combination of Howard, Saxman, Maeng, and Choudhuri because the user may associate multiple devices having different levels of trust with a particular customer account in the customer account store, and the online resource provider may require addition authentication data from devices having a lower level of trust. For example, if the primary device is registered as a trusted device with the user's corporate account, the user may also register a personal device (such as a personal mobile phone) with the corporate account; however, additional authentication data may be required from the personal device to authenticate the secondary device for access to the corporate account, based on its lower level of trust relative to the primary device (Bhimanaik Col. 6, lines 37-49).

Claims 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Howard (US 20190095607) in view of Saxman (US 20140026193) in further view of Zhang (US 20140033286) in further view of Maeng (US 10,902,405 B1) in further view of Choudhuri (US 20130024358).

Regarding Claim 17, Howard teaches system, comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to execute instructions from the non-transitory memory to cause the system to perform operations (Paragraphs 0049 and 0112 teach the processing server may be any type of computing device, including a remotely located server computer, configured to perform one or more actions on behalf of the mobile device; the processing server may be configured to provide information related to one or more connected devices to the mobile device; any of the software components or functions described in this application may be implemented as software code to be executed by a processor; the software code may be stored as a series of instructions or commands on a computer readable medium for storage and/or transmission, suitable media include random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a compact disk (CD) or DVD (digital versatile disk), flash memory, and the like; the computer readable medium may be any combination of such storage or transmission devices), comprising: obtaining, from a trusted mobile device, a first request to authenticate a user on a first mobile device based on a user identifier for an account of the user (Paragraph 0102, 0048, and 0067 teach a  the user may submit a request to provide the connected device with a specific application or upgrade; the connected device establishes a communication session with the user's mobile device (i.e., trusted mobile device) and transmit a device identifier identifying the connected device; the mobile device may also establish a connection with a processing server that provides back end support for the mobile device by maintaining and managing transaction-related activities; the mobile device may transmit information related to the connected device to the processing server, and the processing server may retrieve transaction processing information to be associated with the connected device and may send that transaction processing information to the mobile device); determine, based on the first request, that a valid first secure key used to authenticate the user is not stored on the first mobile device (Paragraphs  0067-0068 and 0061 teach the mobile device may query a database to determine if the mobile device has previously encountered the connected devices; the processing server, which maintains an account associated with a user of the mobile device, may identify one or more rules for generating a subtoken associated with a particular connected device from the device management data and provide instructions to the connected device to cause it to check the validity of a subtoken currently stored by the connected device; for example, the connected device may check a cryptogram associated with the subtoken to determine if it is in fact authentic and operative); determining a first device identifier for the first mobile device based on the determining that the first secure key is not stored on the first mobile device (Paragraph 0067 teaches the request may include a device identifier and determining, based on a location of the first mobile device, the trusted mobile device of a plurality of trusted mobile devices on which the user has been authenticated, wherein the trusted mobile device is associated with the location of the first mobile device (Paragraphs 0068 and 0039 teach the mobile device may detect the connected device upon connecting to a private network or entering within range of the connected device (e.g., via a device discovery process); the connected devices may be located within range of a short range communication means used by the mobile device); in response to the obtaining, transmitting a second request to authenticate the user on the first mobile device to the trusted mobile device, wherein the second request comprises the user identifier and the first device identifier (Paragraphs 0068-0069 and 0086-0087 teach the processing server may, based on the received identifiers, identify one or more protocols relevant to the connected devices and convey those protocols to the mobile device; for example, the protocol data may include an indication of a user's resource preferences and/or resource replenishment preferences; the mobile device may display the transaction information to a user of the mobile device for authorization, and upon receiving authorization from a user, the mobile device, may receive an indication that a subtoken is to be generated (i.e., processing server and obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier to the first mobile device or the trusted mobile device, wherein the indication is based on a second secure key stored on the trusted mobile device (Paragraphs 0069 and 0062 teach the mobile device may receive a token (or other suitable access credential) from a token server, wherein the server stores and maintains relationships between tokens and actual account numbers used for payment; the mobile device receives an indication that a subtoken is to be generated, and may generate a subtoken from the received token information (i.e., a parent token); the subtoken may be derived from a parent token useable to conduct a transaction; for example, the mobile device may store and manage information related to one or more tokens in access credential data; upon determining that a connected device should be provided with a subtoken, the subtoken generation module may cause the processors to identify an appropriate token in access credential data and generate a subtoken derived from that token); obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier to the first mobile device or the trusted mobile device (Paragraphs 0067 and 0087 teach the mobile device may display the transaction to a user of the mobile device to obtain approval for the transaction; for example, upon receiving authorization from a user, the mobile device may generate a subtoken for a smart refrigerator; the mobile device identifies a parent token that can be used to conduct a transaction, and , wherein the indication is based on a second secure key stored on the trusted mobile device, and wherein the indication comprises a restriction on a usage of the first mobile device for electronic transaction processing (Paragraphs 0067 teaches rules such as constraints may be associated with a generated subtoken; for example, if a subtoken is generated for a refrigerator to buy milk and eggs, than a constraint for that subtoken may be that it can only be used at grocery stores); in response to obtaining the indication, generating the first secure key for the first mobile device based on the first device identifier, wherein the first -2-Application No. 15/193,487secure key comprises the restriction on the usage of the first mobile device for the electronic transaction processing (Paragraph 0069, 0048 teach the subtoken may be derived from a parent token, but may be limited in at least one of duration, the types of transactions that it may be used to conduct, a connected device that may utilize the subtoken, or in any other suitable way; once a subtoken has been generated, it may be provided to the connected device to complete one or more transactions; the transaction processing information may be provisioned onto the mobile device for a particular connected device; the transaction processing information may include an access credential, consumer identifier, protocol information and/or any other suitable information relevant to the connected device), and wherein the first secure key and the second secure key comprise different restrictions on the electronic transaction processing (Paragraph 0062 teaches an exemplary subtoken may reference the same underlying account information as the parent token from which it is derived, but may be of limited duration or use (i.e., parent token is not limited); for example, authenticating the user on the first mobile device without requiring, from the user, the password corresponding to the account from the first mobile device or the trusted mobile device (Paragraphs 0070 and 0073-0074 teach the connected device may initiate a transaction using the generated subtoken and transmit the generated transaction request to the transaction server; once the authorization computer has decided whether to approve or decline the transaction, an authorization response message may be returned to the transaction server; the transaction server may, upon receiving the response, determine whether the transaction has been approved or declined; the completion of the transaction may be conducted without human intervention (e.g., without acquiring authorization from a user or otherwise requiring action on a user's behalf)); and storing the first secure key within a first hardware secure element of the first mobile device, wherein the first secure key enables an authentication of the account on the first mobile device using the user identifier in place of the password or a further request to the trusted mobile device (Paragraph 0046 teaches the memory of connected device may include a secure execution environment such as a secure memory that includes a secure element; the secure element (SE) can be a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data (e.g. key management) in accordance with the rules and security requirements set forth by a set of well-
However, Howard does not explicitly teach obtaining, from a first mobile device, a first request to authenticate a user on a first user device based on a user identifier; and determining, based on the first request, that a first secure key used to authenticate the user is not stored on the first mobile device.
Saxman from same or similar field of endeavor teaches obtaining, from a first mobile device, a first request to authenticate a user on a first user device based on a user identifier (Paragraphs 0083 and 0023 teach a user at a shared device (i.e., first mobile device) is using a software application that utilizes certain personal information that is stored at a resource server; the software application requests access from the resource server; the credential server and the resource server are distinct servers, but in some implementations the credential server and resource server are implemented on a single server system); determining, based on the first request, that a first secure key used to authenticate the user is not stored on the first mobile device (Paragraphs 0083 and 0023 teach the software application on the shared device (i.e., first mobile device) does not have a valid access token for the software application (e.g., no existing access token at all, the temporary access token is expired, etc.) (i.e., a first secure key is not stored on the first mobile device)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the base 
There is motivation to combine Saxman into Howard because the base invention is improved because the shared device (i.e., first mobile device) receives an access token permitting an application executing on the shared user device to use the access token for retrieving at least a portion of the personal information for a limited time. The programs include instructions that detect a physical movement of the personal user device, where the movement meets predefined motion criteria. The programs also include instructions that respond to detecting the physical movement: the instructions send a message to the authentication server to revoke access privileges associated with the access token when the user has left the vicinity of the shared device (Saxman Paragraphs 0007 and 0080).
However, the combination of Howard and Zhang do not explicitly teach obtaining, from a first mobile device, a first request to authenticate a user on a first content viewing application based on a user identifier; obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier; in response to obtaining the indication, obtaining context data descriptive of information being presented to the user in a second content viewing application; and providing the context data to the first content viewing application to enable presentation of the information to the user in the first content viewing application.
Zhang from same or similar field of endeavor teaches obtaining, from a first mobile device, a first request to authenticate a user on a first content viewing application based on a user identifier (Paragraphs 0081, 0060, 0045, and 0111-112 teach the user inputs a web address of a WeChat (i.e., social media app) login page on a computer (i.e., first user device) and the computer sends a page login request to the WeChat server over the Internet, and the display terminal generates a page login request and sends the page login request to the server, and the server receives the information access request from the first client device; the information access request may be triggered, for example, when the user of the first client device clicks on a sign-in button in an account sign-in webpage or when the user clicks on a link to access information associated with another user account, and the server system generates a unique identifier and returns the unique identifier to the first client device, wherein the unique identifier, which may be a 1D bar code, a 2D bar code, or a 3D bar code, is to be displayed on a display of the first client device; moreover, the unique identifier includes authentication information generated by the server system or the information access request (i.e., unique identifier includes user identifier)); obtaining an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier (Paragraphs 0082, 0070, 0045, and 0114 teach the user opens the application program for scanning a 2D code in WeChat on the mobile phone (i.e., second user device) and scans (i.e., indication) the 2D code displayed on the WeChat login page on the  in response to obtaining the indication, obtaining context data descriptive of information being presented to the user in a second content viewing application (Paragraph 0118 teaches after authenticating the information access request, the server system generates a webpage using the information (i.e., context data) acquired from the second client device and associated with the user account information); and providing the context data to the first content viewing application to enable presentation of the information to the user in the first content viewing application (Paragraphs 0118 and 0084 teach the server system returns the webpage to the first client device to be displayed on the display of the first client device; for example, if the application module in the present invention is a web site, for example, a shopping web site, when the user finds a 2D code of an object on a computer or other outdoor display screens, the user may directly scan the 2D code through a scanning program in the shopping web site where login is performed on the mobile phone, so as to implement page login of the account at 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the modified the base invention in the combination of Howard and Saxman, which teaches receiving a request from a first mobile device to generate a first secure key for the first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, to incorporate the teachings of Zhang to obtain, from a first mobile device, a first request to authenticate a user on a first content viewing application based on a user identifier; obtain an indication that the user has approved the second request on the trusted mobile device without the user providing a password corresponding to the user identifier; in response to obtain the indication, obtaining context data descriptive of information being presented to the user in a second content viewing application; and provide the context data to the first content viewing application to enable presentation of the information to the user in the first content viewing application.
There is motivation to combine Zhang into the combination of Howard and Saxman because a method is provided to help facilitate the operation of a user during page login on a display terminal. This page login method is provided so as to guarantee the security of an account and facilitate the operation of a user during page login on a display terminal (Zhang Paragraphs 0008-0009).
However, the combination of Howard, Saxman, and Zhang does not explicitly teach determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device; implementing the key hierarchy with the first secure key and the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region.
Maeng from same or similar field of endeavor teaches determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device (Col. 5, lines 31-49 teaches a user has established a mobile wallet (i.e., primary mobile wallet) on the user’s mobile device; a wallet management system may provide a transient mobile wallet to a user of a secondary device (e.g., a transient device); the personal device and secondary device may be similar to the mobile device (i.e., personal device is the trusted mobile device and the secondary device is the first mobile device), and the primary mobile wallet and transient wallet may be similar to the mobile wallet (i.e., primary mobile wallet comprises the second secure key, and the transient wallet comprises the first secure key)); implementing the key hierarchy with the first secure key and the second secure key (Col. 6 lines 5-26 teaches the wallet management system enables the user to create and configure the transient wallet with limited use and limited duration (i.e., implement a key hierarchy); the user may configure the transient wallet with a usage specification that limits the use of the transient wallet; the transient wallet may be configured with only certain wallet elements (e.g., only a single, low-limit credit card), or may set the transient wallet to only be usable at particular types of and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region (Col. 14 lines 10-26 teaches certain types of non-conforming transactions may trigger the wallet management system to automatically uninstall, delete, deactivate, or otherwise disable the transient wallet; for example, if the transaction is attempted with a merchant in a non-confirming region (e.g., deactivation criterion is attempting a transaction in an unapproved country), then the wallet management system may automatically initiate deactivation of the transient wallet (i.e., deactivate the first secure key)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the base invention in the combination of Howard, Saxman, and Zhang, which teaches generating a first secure key for a first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, wherein the trusted mobile device and first mobile device are within a certain location, to incorporate the teachings of Maeng, which teaches determining a key hierarchy for the first secure key and the second secure key, wherein the key hierarchy identifies the first secure key as generated based on the second secure key stored on the trusted mobile device; implementing the key hierarchy with the first secure key and the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on non-conforming region.

However, the combination of Howard, Saxman, Zhang, and Maeng does not explicitly teach receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance.
Choudhuri from same or similar field of endeavor teaches receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key (Paragraphs 0093-0095 teach a user is associated with a first location that includes a specific address, a town, a county, a state, other region, or a location at which a transaction or account event occurred; also an agent (e.g., a household member, a co-worker, a partner, an employer, and employee, an accountant, or any other agent) acts on behalf of the user, and the agent is associated with a different location from the first location; the user uses the mobile device (i.e., comprises second secure key) to access an online account to check the balance in a savings account at 9:30 am on a certain day at the first location, and at 10:29 am of the same day the agent uses a computer device (i.e., comprises first secure key) to access the online account of the user and makes a payment; the IP address associated with the computer device indicates that the agent’s location is over 2,000 miles away from the first location; a comparison is made of the locations associated with the mobile device, and the computer device, as well as the times and dates of the balance inquiry and the payment; an identification of a fraud is made and a fraud alert is sent to the user or financial institution party responsible for responding to fraud alerts); and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance (Paragraphs 0121 and 0073 teach for example, the fraud alert may indicate that the user should contact an affiliate and/or third party, or the alert may provide details of a potential fraudulent transaction such as the location, data, and time of a suspicious transaction or account event; the fraud alert includes a card cancelation 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the base invention in the combination of Howard, Saxman, Zhang, and Maeng, which teaches generating a first secure key for a first mobile device from a second secure key stored on a trusted mobile device for electronic transaction processing, wherein the trusted mobile device and first mobile device are within a certain location, then, disabling the first secure key when a transaction is determined to be fraudulent, to incorporate the teachings of Choudhuri, which teaches receiving two separate transaction requests within an amount of time, wherein the two separate transaction requests occur from different locations separated by a set distance, wherein one of the two separate transaction requests separately uses one of the first secure key or the second secure key, and wherein another one of the two separate transaction requests uses another one of the first secure key or the second secure key; and performing, using the key hierarchy, one of a disabling, a deletion, or a pausing of the first secure key based on the two separate transaction requests occurring within the amount of time and from the different locations separated by the set distance.


Regarding Claim 19, the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri teaches all the limitations of claim 17 above; however the combination does not explicitly teach wherein the first content viewing application and the second content viewing application include a first browser and a second browser, respectively.
Zhang further teaches wherein the first content viewing application and the second content viewing application include a first browser and a second browser, respectively (Paragraphs 0058 and 0064 teach the application module of the mobile phone may be a web site (i.e., first content viewing 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have the modified the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri to incorporate the further teachings of Zhang for the first content viewing application and the second content viewing application include a first browser and a second browser, respectively.
There is motivation to further combine Zhang into the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri because of the same reasons listed above for claim 17.

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Howard (US 20190095607) in view of Saxman (US 20140026193) in further view of Zhang (US 20140033286) in further view of Maeng (US 10,902,405 B1) in further view of Choudhuri (US 20130024358) in further view of Banerjee (US 20160212113).

Regarding Claim 18, the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri teaches all the limitations of claim 17 above; however, the combination does not explicitly teach wherein the operations further comprise: selecting a trusted verification method from a plurality of trusted verification methods; and in response to selecting the trusted verification method, transmitting the second request to the trusted mobile device.
wherein the operations further comprise: selecting a trusted verification method from a plurality of trusted verification methods (Paragraphs 0008, 0019, 0028, and 0068 teach the requested authentication information is determined based on the authentication policy associated with the protected resource, and the various security policies can also be selected and/or otherwise established during the registration process; furthermore, multi-factor authentication can be selected and/or otherwise triggered in response to an end-user requesting access to a protected resource, wherein the policies can include, by way of example, relative device proximity policies, geofencing policies, biometric identification policies, and/or movement policies; the credential management (ZPL) platform generates and sends an authentication information request to the secondary authentication device that is determined by the policy or policies); and in response to selecting the trusted verification method, transmitting the second request to the trusted mobile device (Paragraph 0068 teaches the authentication information request indicates additional information to be obtained by the secondary authentication device, and although a single request for information is shown, it is appreciated that the credential management (ZPL) platform may request additional information more than once depending on the policy and/or the information obtained in the authentication information responses from the secondary authentication device).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri to incorporate the 
There is motivation to combine Banerjee into the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri because the authentication (multi-factor) module is configured to provide a configurable multi-factor authentication. The multi-factor authentication is configured such that it is not intrusive, time consuming or confusing. The system can provide various multifactor authentication techniques that may seem invisible yet effective at ascertaining the authenticity of the identity of the end client (Banerjee Paragraph 0051).

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Howard (US 20190095607) in view of Saxman (US 20140026193) in further view of Zhang (US 20140033286) in further view of Maeng (US 10,902,405 B1) in further view of Choudhuri (US 20130024358) in further view of Carlson (US 20140143137).

Regarding Claim 20, the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri teaches all the limitations of claim 17 above; however the combination does not explicitly teach wherein the context data corresponds to a particular stage of a transaction the user is conducting on the trusted mobile device.
Carlson from same or similar field of endeavor teaches wherein the context data corresponds to a particular stage of a transaction the user is conducting on the trusted mobile device (Paragraphs 0121 and 0127 teach the 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri to incorporate the teachings of Carlson for the context data to correspond to a particular stage of a transaction the user is conducting on the trusted mobile device.
There is motivation to combine Carlson into the combination of Howard, Saxman, Zhang, Maeng, and Choudhuri because the trusted device is indirectly paired to the untrusted device through the trusted intermediary, and the trusted device completes a transaction at the untrusted device without communicating transaction information to the untrusted device (Carlson Paragraph 0011).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Dietrich et al. (US 11,017,376) teaches receiving a transaction initiation request from a first user via a first computing device. A first micro-location parameter relating to a micro-location of the first computing device is received. Approval of the transaction initiation request is requested from a second user via a second computing device. Approval of the transaction initiation request is received from the second user via the second computing device. A second micro-location parameter relating to a micro-location of the second computing device is received. The transaction is approved if the micro-locations of the first and second computing devices indicate that the first and second computing devices are at least a predetermined distance from each other.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137.  The examiner can normally be reached on 7:30 am - 5:00 pm CST (M-F).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  




/C.P.J./Examiner, Art Unit 3685

/JAY HUANG/Primary Examiner, Art Unit 3685