Detailed Action
The present application is being examined under the pre-AIA  first to invent provisions.  

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claims 1-19, as originally filed, are currently pending and have been considered below. Claim 1, 9 and 18 are independent claim.

Priority
The application is a continuation of 16/422,715 (US Patent No 10749859) filed on 05/24/2019 and 15/887,873 filed on 02/02/2018 and 14/982,981 (US Patent No 9,954,854) and 13/794,878 (US Patent No. 9,251,531) which claims benefit of 61/740,731 filed on 12/21/2012. 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal 
Claims 1, 9 and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 of U.S. Patent No. 9,251,531 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims in the U.S. Patent No. 9,251,531 B2 contains every element of claims of the instant application. Please see the claim mapping below.  A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a 35 patent claim to a species within that genus). “ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).
Claim 1, 9 and 18 of current application No.16/893,023 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of US Patent No. 9,251,531 B2 in view of Bhatnagar (US Patent Application Publication No. 2012/0240204 A1). 

Patent No.US 9,251,531 B2 (13/794,878)
1.A computer-implemented method comprising: 

storing, in a memory of an officially verifiable electronic representation (OVER) generation and verification engine, information associated with a credential of a user for proving the user's identity or qualifications;
 
receiving, from an OVER file storage client device of the user, an OVER file generation request to provide authentication of the user based on the information associated with the credential; 

generating, by a processor of the OVER engine, an OVER file comprising a virtual representation of the credential that has been verified by an issuing agency to be an official representation of the credential, based on the information associated with the credential of the user; 

transmitting, to the OVER file storage client device of the user, the OVER file in response to the OVER file generation request.

receiving, from an OVER file third-party client verifying device, a verifying request to verify that the OVER file transmitted to the user authenticates the user based on a Near Field Communication (NFC) protocol-based communication associated with the OVER file on the OVER file storage client device of the user; 

verifying that the NFC protocol-based communication associated with the OVER file corresponds with the 

transmitting, to the OVER file third-party client verifying device, an authentication message comprising an indication of whether the NFC protocol-based communication associated with the OVER file on the OVER file storage client device of the user corresponds to the information associated with the credential of the user that is stored in the OVER engine .



storing, in a memory of an officially verifiable electronic representation (OVER) generation and verification engine, information associated with a credential of a user for proving the user's identity or qualifications;

receiving, from an OVER file storage client device of the user, an OVER file generation request to provide authentication of the user based on the information associated with the credential;


generating, by a processor of the OVER engine, an OVER file comprising a virtual representation of the credential that has been verified by an issuing agency to be an official representation of the credential, based on the information associated with the credential of the user;


transmitting, to the OVER file storage client device of the user, the OVER file in response to the OVER file generation request;

receiving, from an OVER file third-party client verifying device, a verifying request to verify that the OVER file transmitted to the user authenticates the user based on a scan associated with the OVER file on the OVER file store client device of the user;



verifying that the scan associated with the OVER file corresponds with the information associated with the credential 


transmitting, to the OVER file third-party client verifying device, an authentication message comprising an indication of whether the scan associated with the OVER file on the device of the user corresponds to the information associated with the credential of the user that is stored in the OVER engine.



US Patent No. 9,251,531 B2 does not explicitly disclose “the NFC protocol based communication”. Therefore Bhatnagar (US Patent Application Publication No. 2012/0240204 A1) is used to modify US Patent No 9,251,531 B2 to arrive at the claimed invention. Bhatnagar, ¶[0043], teaches a portable communication device scans the barcode of a user device. ¶[0048] teaches the portable device includes a NFC unit.
This is a non-provisional non-statutory double patenting rejection because the conflicting claims have been patented.

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having 
.

Claim 1-19 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Kang (US Patent Application Publication No. 2009/0307756 A1) in view of Bhatnagar (US Patent Application Publication No. 2012/0240204 A1).

Regarding Claim 1, Kang discloses a computer-implemented method comprising: 
storing, in a memory of an officially verifiable electronic representation (OVER) generation and verification engine, information associated with a credential of a user for proving the user's identity or qualifications (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
receiving, from an OVER file storage client device of the user, an OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the registration module produces additional metadata, appends 
generating, by a processor of the OVER engine, an OVER file comprising a virtual representation of the credential that has been verified by an issuing agency to be an official representation of the credential, based on the information associated with the credential of the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
transmitting, to the OVER file storage client device of the user, the OVER file in response to the OVER file generation request (Kang, ¶[0071], the reading module performs security processing on the reading information package for transmission and transmits the resultant information package to the user).
Kang does not appear to disclose the following limitation that Bhatnagar discloses:
receiving, from an OVER file third-party client verifying device, a verifying request to verify that the OVER file transmitted to the user 
verifying that the NFC protocol-based communication associated with the OVER file corresponds with the information associated with the credential of the user that is stored in the OVER engine, in response to the verifying request (Bhatnagar, ¶[0046], the authentication server compares the user information and third party server credential to a database. The authentication server transmits the authentication results to the portable communication device. ¶[0053], the authentication server transmits whether or not the authentication was successful to the portable communication device which can display the result to the user); and 
transmitting, to the OVER file third-party client verifying device, an authentication message comprising an indication of whether the NFC protocol-based communication associated with the OVER file on the OVER file storage client device of the user corresponds to the information associated with the credential of the user that is stored in the OVER engine (Bhatnagar, ¶[0045], the barcode is decoded to obtain user information and third party server credential. The portable communication device transmits the user information and third party 
Kang in view of Bhatnagar are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authentication and authorization based on user credential”. It would have been obvious to a person of ordinary skill in the art at the time the invention was made to modify the invention of Kang in view of Bhatnagar to include the idea of authentication mechanism that relies upon scanning and transmitting user credential to the authorization server or the issuer to make sure the user provided log in information is valid. This overcomes the vulnerabilities of static password. 

 Regarding claim 2, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, wherein the OVER file is a first OVER file, the OVER file storage client device of the user is a first OVER file storage client device of the user, the virtual representation is a first virtual representation, the official representation is a first official representation, and the method further comprises: 
receiving, from a second OVER file storage client device of the user, a second OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the 
generating, by the processor, a second OVER file comprising a second virtual representation of the credential that has been verified by the issuing agency to be a second official representation of the credential that is invalid for use in the first OVER file storage client device for authenticating the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
and 
transmitting, to the second OVER file storage client device of the user, the second OVER file in response to the second OVER file generation request (Kang, ¶[0071], the reading module performs security processing on the reading information package for transmission and transmits the resultant information package to the user).

Regarding claim 3, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, further comprising generating, by the 

Regarding claim 4, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, further comprising: 
requesting, by the processor of the OVER engine to the issuing agency, an agency authentication to validate the credential, wherein the issuing agency issued the credential of the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
receiving, by the OVER engine, a status indicator and credential information associated with the credential (Kang, ¶[0015], management module discards the stored electronic document that has been stored for long time. Also 
storing, by the OVER engine, the status indicator (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc).

Regarding claim 5, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, further comprising generating, by the OVER engine, a device identifier for the credential, wherein the device identifier limits the credential to the OVER file storage client device (Bhatnagar, ¶[0041], generating a barcode includes generating multidimensional dynamic barcode based on a preconfigured user identifier. ¶[0050], the user database includes information related to each user or user device such as identification information of the user or device).

Regarding claim 6, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, further comprising generating, by the OVER engine, a reference to a remotely stored credential, wherein the information 

Regarding claim 7, Kang in view of Bhatnagar discloses the computer-implemented method of claim 1, further comprising checking, by the OVER engine, a status indicator of a stored credential, wherein the OVER file generation request comprises a credential identifier for specifying which credential among a plurality of credentials of the user is officially represented by the OVER file (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc. Also Bhatnagar, ¶[0053], the authentication server transmits whether or not the authentication was successful to the portable communication device which can display the result to the user).

Regarding Claim 8, Kang in view of Bhatnagar discloses the computer-implemented method of claim 7, wherein the OVER file comprises a 

Regarding Claim 9, Kang discloses an apparatus comprising: 
receive, from an officially verifiable electronic representation (OVER) file storage client device of the user, an OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database); 
generate an OVER file comprising a virtual representation of the credential that has been verified by an issuing agency to be an official representation the credential, based on the information associated with the credential of the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification 
transmit, to the OVER file storage client device of the user, the OVER file in response to the first OVER file generation request (Kang, ¶[0071], the reading module performs security processing on the reading information package for transmission and transmits the resultant information package to the user); 
Kang does not appear to disclose the following limitation that Bhatnagar discloses:
a processor (Bhatnagar, ¶[0048], processor); 
a memory unit operatively coupled to the processor, the memory unit configured to store information associated with a credential of a user and a plurality of instructions, wherein the instructions are configured to program the processor to (Bhatnagar, ¶[0048], memory): 
receive, from an OVER file third-party client verifying device, a verifying request to verify that the OVER file transmitted to the OVER file storage client device of the user authenticates the user based on a Near Field Communication (NFC) protocol-based communication associated with the OVER file on the OVER file storage client device of the user (Bhatnagar, ¶[0043], a portable communication device scans the barcode of a user device. ¶[0048], the portable device includes a NFC unit);

transmit, to the OVER file third-party client verifying device, an authentication message comprising a status indicator indicating whether the OVER file corresponds to the credential of the user (Bhatnagar, ¶[0045], the barcode is decoded to obtain user information and third party server credential. The portable communication device transmits the user information and third party credential to an authentication server. ¶[0046], the authentication server compares the user information and third party server credential to a database. The authentication server transmits the authentication results to the portable communication device and also to the service server).
Kang in view of Bhatnagar are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authentication and authorization based on user credential”. It would have been obvious to a 

Regarding claim 10, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the OVER file is a first OVER file, the OVER file storage client device of the user is a first OVER file storage client device of the user, the virtual representation is a first virtual representation, the official representation is a first official representation, and the instructions are further configured to program the processor to: 
receive, from a second OVER file storage client device of the user, a second OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database); 
generate a second OVER file comprising a second virtual representation of the credential that has been verified by the issuing agency to be a second official representation of the credential that is invalid for use in the first OVER file storage client device for authenticating the user (Kang, ¶[0044], the 
transmit, to the second OVER file storage client device of the user, the second OVER file in response to the second OVER file generation request (Kang, ¶[0071], the reading module performs security processing on the reading information package for transmission and transmits the resultant information package to the user).

Regarding Claim 11, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions further program the processor to generate the credential, wherein the credential is generated after the processor determines that no matching credential is stored (Bhatnagar, ¶[0041], generating a barcode includes generating multidimensional dynamic barcode based on a preconfigured user identifier. ¶[0050], the user database includes information related to each user or user device such as identification information of the user or device).

Regarding Claim 12, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions are further configured to program the processor to: 
request the credential from the issuing agency, wherein the issuing agency stores credentials issued by the issuing agency (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
receive the status indicator and credential information associated with the credential transmitted by the issuing agency (Kang, ¶[0015], management module discards the stored electronic document that has been stored for long time. Also ¶[0051], management module notifies the user when the storage period has expired); and 
store the credential and a status indicator (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document 

Regarding claim 13, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions are further configured to program the processor to generate a device identifier for the credential, wherein the device identifier limits the credential to the client device (Bhatnagar, ¶[0041], generating a barcode includes generating multidimensional dynamic barcode based on a preconfigured user identifier. ¶[0050], the user database includes information related to each user or user device such as identification information of the user or device). 

Regarding Claim 14, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions are further configured to program the processor to generate a reference to a remotely stored credential, wherein the information associated with the credential of the user comprises the reference to the remotely stored credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database).

Regarding Claim 15, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions are further configured to program the processor to check a stored status indicator of a stored credential, wherein the status indicator comprises the stored status indicator (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc. Also Bhatnagar, ¶[0053], the authentication server transmits whether or not the authentication was successful to the portable communication device which can display the result to the user).

Regarding Claim 16, Kang in view of Bhatnagar discloses the apparatus of claim 9, wherein the instructions are further configured to program the processor to check a status indicator of a stored credential, wherein the OVER file generation request comprises a credential identifier for specifying which credential among a plurality of credentials of the user is officially represented by the OVER file (Kang, ¶[0063], the registration module produces additional metadata, appends authentication 

Regarding Claim 17, Kang in view of Bhatnagar discloses the apparatus of claim 16, wherein when the credential identifier matches the stored credential, and the authentication message comprises the status indicator of the stored credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database).

Regarding Claim 18, Kang discloses a computer-implemented method comprising: 
storing, in a memory of an officially verifiable electronic representation (OVER) generation and verification engine, information associated with a credential of a user for proving the user's identity or qualifications (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate 
receiving, from an OVER file storage client device of the user, an OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database); 
generating, by a processor of the OVER engine, an OVER file comprising a virtual representation of the credential that has been verified by an issuing agency to be an official representation of the credential, based on the information associated with the credential of the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); 
transmitting, to the OVER file storage client device of the user, the OVER file in response to the OVER file generation request (Kang, ¶[0071], the reading module performs security processing on the reading 
Kang does not appear to disclose the following limitation that Bhatnagar discloses:
receiving, from an OVER file third-party client verifying device, a verifying request to verify that the OVER file transmitted to the user authenticates the user based on a Bluetooth protocol-based communication associated with the OVER file on the OVER file storage client device of the user (Bhatnagar, ¶[0043], a portable communication device scans the barcode of a user device. ¶[0048], the portable device includes a NFC unit); 
verifying that the Bluetooth protocol-based communication associated with the OVER file corresponds with the information associated with the credential of the user that is stored in the OVER engine, in response to the verifying request (Bhatnagar, ¶[0046], the authentication server compares the user information and third party server credential to a database. The authentication server transmits the authentication results to the portable communication device. ¶[0053], the authentication server transmits whether or not the authentication was successful to the portable communication device which can display the result to the user); and 
transmitting, to the OVER file third-party client verifying device, an authentication message comprising an indication of whether the 
Kang in view of Bhatnagar are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authentication and authorization based on user credential”. It would have been obvious to a person of ordinary skill in the art at the time the invention was made to modify the invention of Kang in view of Bhatnagar to include the idea of authentication mechanism that relies upon scanning and transmitting user credential to the authorization server or the issuer to make sure the user provided log in information is valid. This overcomes the vulnerabilities of static password.

Regarding Claim 19, Kang in view of Bhatnagar discloses the computer-implemented method of claim 18, wherein the OVER file is a 
receiving, from a second OVER file storage client device of the user, a second OVER file generation request to provide authentication of the user based on the information associated with the credential (Kang, ¶[0063], the registration module produces additional metadata, appends authentication information associated with the electronic document and stores the electronic document in the database);
generating, by the processor, a second OVER file comprising a second virtual representation of the credential that has been verified by the issuing agency to be a second official representation of the credential that is invalid for use in the first OVER file storage client device for authenticating the user (Kang, ¶[0044], the electronic document repository system checks the electronic document information package, produces metadata, appends authentication information such as an electronic signature. ¶[0048], the issuing module serves to control and manage issuing of the electronic document according to user’s issue right upon receipt of a request from the user. Also ¶[0054], the issued certificate includes a name of an issue requester, an identification number of the issue requester, a serial number of the certificate, a validity period etc); and 
. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-Form 892).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WASIKA NIPA whose telephone number is (571)272-8923.  The examiner can normally be reached on M-F, 8 am to 5 pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private 



/WASIKA NIPA/           Primary Examiner, Art Unit 2433