DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 09/04/2019. Claims 1-25 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 16/560,464.
Claim Objections
Claims 8-10 are objected to because of the following informalities: when using acronyms, they should first be spelled out at least once before referring to them in the condensed form. For example, the O2O should be spelled out at least once in order to indicate the meaning of what O2O stand for. Appropriate correction is required.
Claim 6 recites” further comprising providing, by the first tag and to the arrangement broker system, a second security certificate for the first tag”. It is unclear for the examiner what the limitation trying to convey. Examiner interpreted this limitation that the first tag/ first device generates one or more digital certificate for authenticity/ identifying and verification purpose.
Allowable Subject Matter
Claims 9-12 are objected and would be allowable if rewritten to overcome the claim objection set forth in this Office action.
Claims 14-17  are objected as there is no standing prior art rejection


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-5, 7-8, 13, and 18-25 are rejected under 35 U.S.C. 102(a) (2) as being anticipated by Sharpe et al. (US 2019/0058591 A1) hereinafter referred to as Sharpe (cited in IDS filed on 12/17/2020).
 Regarding claim 1, Sharpe discloses a method comprising: receiving, in a first tag, a first security certificate for a second tag and a session token corresponding to an arrangement involving the first and second tags[ ¶28, Ticket holder's device 110 may be any device capable of providing data directly and/or indirectly to validator 120. The data may include, for example, a digital ticket (equated to the session token) previously purchased by the ticket holder. In some 110 may be a portable device, such as a cellular phone, PDA, tablet, laptop, smart watch. Alternatively, or additionally, ticket holder's device 110 may be a dedicated device (e.g., a fob) for providing the data], and [¶34,  Ticket server 130 may be any physical or virtual server capable of providing the digital ticket associated with the purchased products and/or services to ticket holder's device 110. In some embodiments, ticket server 130 may be a group of physical and/or virtual servers], and [¶197-198, at an operation 1220, device 1202 (or the software provided at operation 1216) may receive configuration data from RDM server 1204. The configuration data may be any data that affects operations of the software program executing on device 1202. In some embodiments, the configuration data may be pushed by RDM server 1204. In some embodiments, the configuration data may be requested by device 1202 and provided to device 1202 in response to the request… the configuration data may include one or more cryptographic keys/certificates used by device 1202. In some embodiments, the configuration data may include one or more list of entities (e.g., IP addresses of servers) that device 1202 is authorized to communicate with]; and 
	determining, by the first tag, that the second tag satisfies a proximity criterion with regard to the first tag [¶86, ticket holder's device 110 may provide the digital ticket, the ticket-server signature, and the device signature in response to a request from validator 120. In some embodiments, ticket holder's device 110 may provide the digital ticket, the ticket-server signature, and the device signature after ticket holder's device 110 is detected by one or more beacons (e.g., Bluetooth beacons). In some embodiments, ticket holder's device 110 may provide the digital ticket, the ticket-server signature, and the device signature in response to ticket holder's device], and [¶103, in embodiments where the device data provided by ticket holder's device 110 includes a location of ticket holder's device 110, validator 120 may determine that the 
 receiving, in the first tag and from the second tag, the first security certificate and the session token [¶66 a digital ticket may be a set of data that identifies and/or defines one or more purchased products and/or services. For example, a digital ticket (session token) may include identifiers of purchased products and/or services. In another example, a digital ticket may further include usable time periods, blackout periods, an expiration time/date, and/or a valid duration. Some of the data that may be included the digital ticket, such as an expiration time/date and a valid duration, may be determined based on the products and/or services purchased and/or based on one or more business rules, para [¶125, token dispenser 620 may generate digital token data including token identifier 612 and cryptographic signature 614 and transmit the digital token data to a device of rider 650], and  [¶197-198, at an operation 1220, device 1202 (or the software provided at operation 1216) may receive configuration data from RDM server 1204. The configuration data may be any data that affects operations of the software program executing on device 1202. In some embodiments, the configuration data may be pushed by RDM server 1204. In some embodiments, the configuration data may be requested by device 1202 and provided to device 1202 in response to the request… the configuration data may include one or more cryptographic keys/certificates used by device 1202. In some embodiments, the configuration data may include one or more list of entities (e.g., IP addresses of servers) that device 1202 is authorized to communicate with]; and
 and generating, by the first tag and in response to the determination and the receipt of the first security certificate and the session token, a first output corresponding to verification of a custodian of the second tag as a participant in the arrangement [¶137,  Subsequently, token validator 630 may verify cryptographic signature 614 using a public key associated with before, during, and/or after verifying the cryptographic signature 614, token validator 630 may request server 610 to validate server 610 physical token 625 (or token identifier 612 associated with physical token 625). In these embodiments, token validator 630 may transmit the received token identifier 612, and optionally, validator context data 632 to server 610. Validator context data 632 may be indicative of context in which physical token 625 is being validated. For example, validator context data 632 may include a location of token validator 630 and/or time/date at which physical token 625 is presented to token validator 630 (i.e., validation time)], and [¶139,  server 610 may store records pertaining to prior token validations. For example, server 610 may store records of token identifiers that have been validated by server 610, including the times and dates of validations, the received validator context data, and/or validation results. In these embodiments, server 610 may determine whether physical token 625 associated with token identifier 612 is valid further based on these records], and [¶198, the configuration data may include one or more cryptographic keys/certificates used by device 1202].
Regarding claim 2, Sharpe discloses, wherein receiving the first security certificate and the session token from the second tag comprises: receiving, by the first tag and from the second tag, an encrypted communication [¶68,  The ticket-server signature may be generated using ticket server's private key 135. For example, the ticket-server signature may be generated by encrypting a hash value of the digital ticket with ticket server's private key 135], 110 may communicate with ticket server 130 using secure HTTPS connections], and [¶42, the communication between validator 120 and ticket server 130 may be encrypted. For example, validator 120 may communicate with ticket server 130 using secure HTTPS connections], and [¶¶28-29, 182-183, 186]; and 

 decrypting, by the first tag, the encrypted communication using the first security certificate [¶51, A digital signature may be generated in numerous ways. In one example, a digital signature may be generated by encrypting a hash value of given data using a private key. In this example, a corresponding public key may be used to decrypt the digital signature and obtain the hash value of the original data. Thus, if the decrypted digital signature matches the hash value of the received data, it may prove that (i) the data was signed with a private key that corresponds to the public key, and (ii) the data has not changed since it was signed. However, if the decrypted digital signature does not match the hash value of the received data, the data has been altered and/or the digital signature was created with a private key that does not correspond to the public key], and [¶¶94, 185-187, 1981]; and 
	and determining, by the first tag, that the encrypted communication includes the session token.  [¶94, the device signature may be verified using device's public key 117. In an example where the device signature is generated by encrypting a hash value of the digital ticket with device's private key 115, the device signature may be verified by decrypting the device signature with device's public key 117, generating a hash value of the digital ticket, and comparing the decrypted device signature with the generated hash value of the digital ticket. A match between the decrypted device signature and the generated hash value of the digital ticket may indicate that (i) the digital ticket was generated by an entity with access to device's private 115 (i.e., ticket holder's device 110), and (ii) the digital ticket has not been altered since the device signature was generated by the entity], and [¶¶122, 136, 1391].
Regarding claim 3, Sharpe discloses, wherein the first security certificate is received from an arrangement broker system [¶¶193-194, at an operation 1212, device 1202 may transmit an enrollment request. The enrollment request indicates to RDM server 1204 that device 1202 is requesting to be managed by RDM server 1204…], and [¶¶197-198].
Regarding claim 4, Sharpe discloses, wherein a first person associated with the first tag makes the arrangement using an online interface provided by the arrangement broker system [¶31…The products and/or services may have been purchased, for example, by the ticket holder via an app on ticket holder's device 110, an e-commerce website…], and  [¶¶35,65,116, 202].
Regarding claim 5, Sharpe discloses, wherein the arrangement broker system provides the first security certificate and the session token to the first tag upon the arrangement being made [¶31, As used herein, a “digital ticket” may be a set of data that identifies and/or defines one or more products and/or services that may have been purchased (or authorized to use) by the ticket holder. For example, a digital ticket may include identifiers of one or more products and/or services, usable time periods, blackout periods, an expiration time/date, and/or a valid duration. The products and/or services may have been purchased, for example, by the ticket holder via an app on ticket holder's device 110, an e-commerce website, a dedicated kiosk, and/or a salesperson at a ticket counter. After the purchase, ticket holder's device 110 may have obtained the digital ticket associated with the purchased products and/or services from ticket server 130], 
Regarding claim 7, Sharpe discloses, wherein the arrangement broker system comprises a service broker system.  [¶34] Ticket server 130 may be any physical or virtual server capable of providing the digital ticket associated with the purchased products and/or services to ticket holder's device 110. In some embodiments, ticket server 130 may be a group of physical and/or virtual servers. In some embodiments, at least some functions of ticket server 130 may be implemented on a cloud platform such as Amazon Web Services, Microsoft Azure, or Google Cloud], and [¶35,  in some embodiments, ticket server 130 may maintain records (e.g., identifiers) of digital tickets that have been used, unused, and/or voided. In some embodiments, ticket server 130 may maintain records (e.g., identifiers) of ticket holder's devices, pieces of software executing on ticket holder's devices, and validators that may have been compromised. In some embodiments, ticket server 130 may be further capable of providing such records, or data derived from such records, to validator 120 and/or ticket holder's device 110], and [31, 661].
Regarding claim 8, Sharpe discloses, wherein the arrangement comprises that a first person associated with the first tag makes a reservation for an O2O service using an online interface provided by the arrangement broker system [¶31, As used herein, a “digital ticket” may be a set of data that identifies and/or defines one or more products and/or services that may have been purchased (or authorized to use) by the ticket holder. For example, a digital ticket may include identifiers of one or more products and/or services, usable time periods, blackout periods, an expiration time/date, and/or a valid duration. The products and/or services may have been purchased, for example, by the ticket holder via an app on ticket holder's device 110, an e-commerce website, a dedicated kiosk, and/or a salesperson at a ticket counter. After the 110 may have obtained the digital ticket associated with the purchased products and/or services from ticket server 130], and [¶¶104, 162, 200, 217]-218].
Regarding claim 13, Sharpe discloses, further comprising, providing, by the first tag and after receiving the first security certificate and the session token, the session token to the arrangement broker system[¶143,  In some embodiments, token validator 630 and/or server 610 may validate physical token 625 by verifying that physical token 625 is not being used fraudulently. In one example, physical token 625 may be configured (e.g., by token dispenser 620) to provide the dispense time and/or location to token validator 630, and token validator 630 and/or server 610 may determine whether the provided dispense time and/or location are reasonable in view of the current time and location of token validator 630 (e.g., determine whether the speed at which rider 650 would need to have traveled from the dispense location to the location of token validator 630 is reasonable or theoretically possible). In another example, token validator 630 and/or server 610 may determine whether physical token 625 was validated at the same token validator 630 and/or another validator in the last two hours. In this example, token validator 630 may prevent fraudulent use of physical token 625 involving one rider passing physical token 625 to another rider to reuse physical token 625], and [¶¶198, 202, 211].
Regarding claim 18, Sharpe discloses, further comprising generating, by the first tag, a communication to the second tag that confirms the arrangement.  [¶68, the ticket-server signature may be generated using ticket server's private key 135. For example, the ticket-server signature may be generated by encrypting a hash value of the digital ticket with ticket server's private key 135], and [¶41, ticket holder's device 110 may communicate with ticket server 130 using secure HTTPS connections], and [¶42, the communication between 120 may communicate with ticket server 130 using secure HTTPS connections], and [¶¶28-29, 182-183, 185-186, 193].
Regarding claim 19, Sharpe discloses, wherein the session token includes a secured, single-use, digitally signed token [¶70, Accordingly, any entity that has access to the digital ticket, the ticket-server signature, and ticket server's public key 137 (e.g., validator 120) may determine: (i) whether the digital ticket has been indeed signed by ticket server 130, and (ii) whether the digital ticket has not been altered since it was signed by ticket server 130. Thus, such an entity may detect digital tickets that have been generated and/or altered by an unauthorized entity], and [¶¶50, 52, 95].
Regarding claim 20, Sharpe discloses, wherein the arrangement includes that a second person associated with the second tag is to enter premises of a first person, a lock to the premises associated with the first tag [¶40, in some embodiments, access control device 140 may be a gate or a door, which may be electronically controlled such that the gate/door is locked when a person is denied from proceeding and unlocked/turned when the person is permitted to proceed. Additionally, or alternatively, access control device 140 may include a speaker that produces sound, and the produced sound may be indicative of whether a person is permitted or denied from proceeding. In some embodiments, access control device 140 may include a display monitor that displays a visual content indicative of whether a person is permitted or denied from proceeding. In some embodiments, access control device 140 may include one or more light emitting devices, and access control device 140
Regarding claim 21, Sharpe discloses, further comprising a pre-authorization process comprising: the first security certificate being received by a device carried by the first person; and the first tag receiving the first security certificate from the device
 [¶¶31.139, 175, 198-203].
Regarding claim 22, Sharpe discloses, wherein receipt of the first security certificate by the device occurs in a first context when the device does not have online access, and wherein receipt of the first security certificate by the first tag occurs in a second context when the device does have the online access [¶¶124-126, 198, 217-218].
Regarding claim 23, this claim is interpreted and rejected for the same rational set forth in claim 1.
Regarding claim 24, Sharpe discloses receiving, in an arrangement broker system and from a first tag associated with a first person, a first security certificate for the first tag, the first security certificate received in - 70 -Attorney Docket No. 0184-006001 association with an arrangement involving the first person[¶28,  Ticket holder's device 110 may be any device capable of providing data directly and/or indirectly to validator 120.The data may include, for example, a digital ticket previously purchased by the ticket holder. In some embodiments, ticket holder's device 11 may be a portable device, such as a cellular phone, PDA, tablet, laptop, smart watch. Alternatively, or additionally, ticket holder's device 110 may be a dedicated device (e.g., a fob) for providing the data., para [0034) Ticket server 130 may be any physical or virtual server capable of providing the digital ticket associated with the purchased products and/or services to ticket holder's device 110. In some embodiments, ticket server 130 may be a group of physical and/or virtual servers], and [¶198, the configuration data may include one or more cryptographic keys/certificates used by 
 identifying, by the arrangement broker system, a second tag associated with a second person also involved with the arrangement [¶55, validator 120 may communicate with ticket server 130. In the example system of FIG. 2, validator 120 may communicate with ticket server 130 (not shown in FIG. 2) using a router 206 installed on vehicle 202], and [¶162, Token validator 630 may be located, for example ... a transit vehicle (e.g., train/subway, bus, taxi, ride-share vehicle, airplane). In some embodiments, token validator 630 may be a portable device that can be carried by, for example, an employee of the transit system]; and 
 generating, by the arrangement broker system, a session token for the arrangement [¶66, a digital ticket may be a set of data that identifies and/or defines one or more purchased products and/or services. For example, a digital ticket may include identifiers of purchased products and/or services. In another example, a digital ticket may further include usable time periods, blackout periods, an expiration time/date, and/or a valid duration. Some of the data that may be included the digital ticket. such as an expiration time/date and a valid duration. may be determined based on the products and/or services purchased and/or based on one or more business rules], and [¶125, token dispenser 620 may generate digital token data including token identifier 612 and cryptographic signature 614 and transmit the digital token data to a device of rider 650. In these embodiments. the device of rider 650 may generate an output encoded with token identifier 612 and cryptographic signature 614 such that the output can be captured and decoded by token validator 630. The output may include, for example, a barcode displayed on a display of the device, a sound clip played using a speaker of the device, and/or a transmission by a transmitter (e.g., NFC, Wi-Fi, Bluetooth) of the device.)]; and
 and providing, by the arrangement broker system and to the second tag, the first security certificate and the session token [¶92, Validator 120 may determine that the digital
ticket is valid after verifying the ticket-server signature and the device signature. In some embodiments, validator 120 may verify the device signature and then the ticket-server signature. Verifying the ticket-server signature ensures that: (i) the digital ticket has indeed been
signed by ticket server 130, and (ii) the digital ticket has not been altered since it was signed by ticket server 130], and [¶138, server 610 may access fare type 622 and dispenser context data 624 associated with the received token identifier 612 (e.g., by looking up token records 652), and based on the received validator context data 632, accessed fare type 622, and/or accessed dispenser context data 624, server 610 may determine whether physical token 625 associated with token identifier 612 is valid], and [¶198, the configuration data may include one or more cryptographic keys/certificates used by device 1202. In some embodiments, the configuration data may include one or more list of entities (e.g., IP addresses of servers) that device 1202 is authorized to communicate with].
Regarding claim 25, Sharpe discloses, further comprising receiving, by the arrangement broker system and from at least one of the first tag or the second tag, a communication that includes the session token [¶¶31, 41-42, 185-186]. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to 


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 6 is rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. (US2019/0058591) issued to Sharpe in view of US Patent No. (US2018/0123804) issued to Smith (cited in IDS filed on 12/17/2020).
Regarding claim 6, Sharpe does not explicitly disclose, however, Smith  discloses  further comprising providing, by the first tag and to the arrangement broker system, a second security certificate for the first tag [¶301-302, in the system 100 in the illustrated embodiment, the SCM 120, the device 110, and the equipment 140 may be considered constrained devices.  While one or two certificates may be feasible, the number of certificates that may be required to verify the authenticity of each authorization, as well as the identity of each connecting device 110, may not be feasible…In one embodiment, the device 110 may generate one or more self-signed digital certificates to establish the identity of the device 110].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the electronic tickets and tokens of Sharpe with the .
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Bergdale (US20150213660) [Systems And Methods For Electronic Ticket Validation Using Proximity Detection].
CA (2399610 A1) [APPARATUS, SYSTEMS AND METHODS FOR WIRELESSLY TRANSACTING FINANCIAL TRANSFERS, ELECTRONICALLY RECORDABLE AUTHORIZATION TRANSFERS, AND OTHER INFORMATION TRANSFERS].
Rodriguez (US2015/0126234) [USER INTERFACE FOR OBJECT TRACKING].
JP 2002215981 A [digital ticket server, reservation management server, Web Server, digital ticket database].
CN 111340567 A [Verification Method, Device of Electronic Ticket, The Store Terminal, The User Terminal And System].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496