Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

DETAILED ACTION

1.       This action is in response to application amendments filed on 8-11-2021.  
2.       Claims 1 - 20 are pending.  Claims 1, 8, 15 are independent.  This application was filed on 6-13-2018.  

Response to Arguments

3.    Applicant’s arguments, see Arguments/Remarks Made in an Amendment, filed 8-11-2021, with respect to the rejection(s) under Marshall in view Innis and further in view of Zic have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Smeets in view Innis and further in view of Zic.

A.  Applicant argues on page 3 of Remarks:    ...   Marshall is not proper prior art.

    Marshall is no longer used as grounds of rejection.    

B.  Applicant argues on page 3 of Remarks:    ...   independent Claims 8 and 15 include recitations similar to the recitations of independent Claim 1, Applicant submits that Claims 8 and 15 are also patentable over the cited art.

    Independent claims 8 and 15 have similar limitations as independent claim 1.  

C.  Applicant argues on page 3 of Remarks:    ...   Claims 9-14 depend from independent Claim 8 and Claims 16-20 depend from independent Claim 15.

    Responses to arguments against the independent claims also answer arguments against the associated dependent claims.     

Claim Rejections - 35 USC § 112

4.       The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

5.        Claims 1, 8, 15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  The claims recite “returning a portion of the credentials stored in the secure element… without communicating and without revealing the portion of the credentials outside the secure element” is unclear how the authentication process can be implemented without the communication of credential information in some manner between network-connected nodes.  Dependent claims 2-7, 9-14 and 16-20 are also rejecting under the same rationale set forth above. 

Claim Rejections - 35 USC § 103  

6.        The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7.        Claims 1 - 6, 8 - 13, 15 - 19 are rejected under 35 U.S.C. 103 as being unpatentable over Smeets et al. (US PGPUB No. 20090205028) in view of Innes (US PGPUB No. 20090210934) and further in view of Zic et al. (US PGPUB No. 20090319793).     

Regarding Claims 1, 8, 15, Smeets discloses a method and a mobile computing device comprising a secure element implemented in tamper-resistant hardware and one or more computer storage devices storing computer readable instructions that, when executed by at least a processor, cause the at least one processor to perform operations, the method, mobile computing device, and storage media comprising:
a)  receiving, from an application executing on a mobile communication device, a request for a secure element to provision credentials for the application (see Smeets paragraph [0017], lines 1-9: credentialing subsystem configured to request credentials (i.e. a request) from an operator credentialing entity, referring device to provisioning server for subscription credential provisioning of device (i.e. software application)) and    


Furthermore, Smeets discloses for d) returning data stored in the secure element without revealing the portion of the credentials outside of the secure element. (see Smeets paragraph [0029], lines 13-15: information can be loaded into the device and held in secure processing module, secure processing module operates as a trusted module having physical protection against tampering; paragraph [0039], lines 8-12: credentialing server transfers encrypted credentials to provisioning server in response to request, which provides encrypted credentials to device; (encryption mechanism provides data without exposing data outside of secure element)) 

Smeets does not specifically disclose for d) processing data without communicating a portion of the credentials outside of a secure element.
However, Innes discloses wherein for d) processing without communicating the portion of the credentials outside of the secure element. (see Innes paragraph [0104], lines 14-19: broker integration component utilizes standard Windows authentication interfaces such as Security Support Provider Interface (SSPI) to authentication to the broker service without communicating the user credentials; 
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Smeets for d) processing data without communicating a portion of the credentials outside of a secure element as taught by Innes.  One of ordinary skill in the art would have been motivated to employ the teachings of Innes for the benefits achieved from a system that enables an authentication procedure without communicating authentication credentials between the network-connected nodes.  (see Innes paragraph [0104], lines 17-18)   

Although Smeets discloses a communication module for the transfer of messages such as emails messages, status updates messages, and short message service (see Smeets paragraph [0035], lines 1-4: credentialing subsystem sends a message (i.e. messaging) via a secure communication link established through interface requesting processing information; paragraph [0036], lines 7-13: credentialing server sends a message (i.e. messaging) to device that its credentials are ready, message processed through a verification process; (i.e. status update messages)), Smeets-Innes does not specifically disclose for c) receiving a signature of data, and for d) returning signature stored in secure element. 
However, Zic discloses:
c)  receiving, by the application, a request for a signature of data using the credentials; (see Zic paragraphs [0011] - [0015]: generate a digital certificate using public key (of key pair) and credential data; generate digital signature using private key (of key pair) and credential certificate; (digital signature generated 
d)  based at least on receiving the request for the signature, returning a portion of the credentials to be used as the signature. (see Zic paragraphs [0011] - [0015]: generate a digital certificate using public key (of key pair) and credential data; generate digital signature using private key (of key pair) and credential certificate; (digital signature generated utilizing credential information (i.e. digital certificate)); paragraph [0043], lines 26-29: credential digital signature generated based on credential and cryptographic private key (i.e. public/private key pair); paragraph [0044], lines 1-8: TPM generates identity request messages to load (i.e. transfer) digital certificates and the generation and storage of cryptographic hashes)
         It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Smeets-Innes for c) receiving a request for a signature of data, and for d) returning signature stored in secure element as taught by Zic. One of ordinary skill in the art would have been motivated to employ the teachings of Zic for the benefits achieved from a system that enables the secure communication of data via the generation of digital signatures associated with a set of processed data.  (see Zic paragraphs [0011] - [0015])  

Regarding Claims 2, 9, 16, Smeets-Innes-Zic discloses the method of claim 1 and the mobile computing device of claim 8 and the one or more computer storage devices of claim 15, wherein an integrated circuit implements the secure element. (see Smeets paragraph [0013], lines 11-16: supporting processing circuitry implementing one or more communication protocols for communication with network-connected servers)    

Regarding Claims 3, 10, 17, Smeets-Innes-Zic discloses the method of claim 2 and the mobile computing device of claim 9 and the one or more computer storage devices of claim 16, wherein the integrated circuit is resistant to removal from a circuit board of the mobile communication device. paragraph [0029], lines 13-15: information loaded into device and held in secure processing module; secure processing module operates as a trusted module having physical protection against tampering (i.e. resistant to removal); paragraph [0039], lines 8-12: credentialing server transfers encrypted credentials to provisioning server in response to request, which provides encrypted credentials to device; (encryption mechanism provides management of data without exposing data outside of secure element))      

Regarding Claims 4, 11, 18, Smeets-Innes-Zic discloses the method of claim 1 and the mobile computing device of claim 8 and the one or more computer storage devices of claim 15, wherein the credentials are configured to authenticate a user’s identity for the application. (see Smeets paragraph [0014], lines 1-5: includes authentication subsystem to interrogate communication devices for their device certificates and to submit device certificates to an external authentication server for verification)    

Regarding Claims 5, 12, Smeets-Innes-Zic discloses the method of claim 1 and the mobile computing device of claim 8, wherein the secure element includes a private key configured to decrypt data that includes the credentials encrypted using a corresponding public key, the secure element configured to perform decryption without exposing the private key and the one or more credentials outside of the secure element. (see Smeets paragraph [0029], lines 13-15: information can be loaded into the device and held in secure processing module, secure processing module operates as a trusted module having physical protection against tampering; paragraph [0039], lines 8-12: credentialing server transfers encrypted credentials to provisioning server in response to request, which provides encrypted credentials to device; (encryption mechanism provides data without exposing data outside of secure element))   

Regarding Claims 6, 13, Smeets-Innes-Zic discloses the method of claim 5 and the mobile computing device of claim 12, wherein the private key is configured during manufacture of the secure element. (see Smeets paragraph [0042], lines 1-8: manufacturer of approved device gets a device certificate within common PKI (public, private key information), and stores certificate, corresponding secret key, and CA’s root certificate in trusted computing module; stores preliminary credentials; paragraph [0029], lines 9-12: information loaded into secure processing module of device before device is sold to user (i.e. stored, configured during manufacturer of device); information held in secure processing module of device)    

Regarding Claim 19, Smeets-Innes-Zic discloses the one or more computer storage devices of claim 15, wherein the secure element includes a private key configured to decrypt data that includes the credentials encrypted using a corresponding public key, the secure element configured to perform the decryption without exposing the private key and the one or more credentials outside of the secure element (see Smeets paragraph [0029], lines 13-15: information can be loaded into the device and held in secure processing module, secure processing module operates as a trusted module having physical protection against tampering), and wherein the private key is configured during manufacture of the secure element. (see Smeets paragraph [0042], lines 1-8: manufacturer of approved device gets a device certificate within common PKI (public, private key information), and stores certificate, corresponding secret key, and CA’s root certificate in trusted computing module; paragraph [0029], lines 9-12: information loaded into secure processing module of device before device is sold to user (i.e. stored, configured during manufacturer of device))       

7.        Claims 7, 14, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Smeets in view of Innes and further in view of Zic and Farino et al. (US PGPUB No. 20070094716).    

Regarding Claims 7, 14, 20, Smeets-Innes-Zic discloses the method of claim 1 and the mobile computing device of claim 8 and the one or more computer storage devices of claim 15, wherein the one or more credentials are configured for use by the mobile communication device to authenticate the user. (see Smeets paragraph [0042], lines 1-8: manufacturer of approved device gets a device certificate within common PKI (public, 

Smeets does not specifically disclose credentials utilized to make a purchase using a credit card, provide an identifier for use as a transit access card, provide an identifier associated with a loyalty card, or provide credentials usable by a device to access a premises.
However, Farino discloses wherein credentials utilized to make a purchase using information relating to a credit card, provide an identifier for use as a transit access card, provide an identifier associated with a loyalty card, or provide credentials usable by the mobile communication device to access a premises. (see Farino paragraph [0094], lines 11-19: engine logs all attempts to access a physical facility or a network resource and implements policy-based instructions in response to each or any access attempt; paragraph [0093], lines 4-8: user profiles may be transferred, if, for example the user is visiting a different facility; implements a unified policy-based network and physical premises access server that operating off a common database of user/personnel attributes; (selected: provide credentials usable by device to access a premises)) 
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Smeets-Innes-Zic for credentials utilized to make a purchase using a credit card, provide an identifier for use as a transit access 
 
Conclusion
         
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CARLTON JOHNSON whose telephone number is (571)270-1032.  The examiner can normally be reached on Work: 12-9PM (most days).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 





/CJ/
November 8, 2021     
                                                                                                                                                                                                      
                                                                                                                                                                                            
/FATOUMATA TRAORE/Primary Examiner, Art Unit 2436