DETAILED ACTION
Acknowledgements
Claims 1-20 are pending.
Claims 1-20 have been examined.


Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Specification Objection
PGPub Specification ¶0064 and ¶0073 contain typographical error.  An appropriate correction or clarification is required.
¶0064 recites “In box 509, the trusted application 256 provides the encrypted code 118 to the cryptographic coprocessor 206 of the client device 106... The encrypted code 256 may be provided to the cryptographic coprocessor 206 via an interface between the trusted execution environment 253 and the cryptographic coprocessor 206.” 
¶0073 contains similar error.


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 3-6 , 10-12 and 14-18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3, 5, 6, 8, 11-13 and 16 of copending Application No. 16/668,973. Although the claims at issue are not identical, they are not patentably distinct from each other.  For example,
Claim 1 of copending Application No. 16/668,973 recites:
A system, comprising:
a first computing device comprising a processor, a memory, and a cryptographic coprocessor, and
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least:
receive encrypted executable code implementing a cryptographic algorithm from a service executed on a second computing device via a network;
decrypt, by the cryptographic coprocessor, the encrypted executable code;
execute, by the cryptographic coprocessor, the decrypted executable code to generate a cryptogram including information encrypted using the cryptographic algorithm; and
send the cryptogram to the service via the network.
Claim 1 of copending Application No. 16/668,973 differs since it further recite additional claim limitations including a system comprising…a cryptographic coprocessor; decrypt, by the cryptographic coprocessor, the encrypted executable code; and send the cryptogram to the service via the network. However, it would have been obvious to a person of ordinary skill in the art to modify claim 1 of copending Application No. 16/668,973 by removing the cryptographic coprocessor to the system and the limitation directed to send the cryptogram to the service via the network in the claims of the present application since the claims of the present application and the claim recited in copending Application No. 16/668,973 actually perform a similar function.  It is well settled that the omission of an element and its function is an obvious expedient if the remaining elements perform the same function as before.  In re Karlson, 136 USPQ 184 (CCPA 1963).  Also note Ex parte Rainu, 168 USPQ 375 (Bd. App. 1969).  Omission of a reference element whose function is not needed would be obvious to one of ordinary skill in the art.
Similarly, claims 3-6, 10-12 and 14-18 of the present applicant corresponds to the claims 1, 8, 3, 5, 6, 11-12, 16, 13, 1 and 5 of the copending Applications  No.16/668,973 respectively.


Claim Rejections - 35 USC §101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Analysis
In the instant case, claims 1-10 and 17-20 are directed to a system and apparatus, claims 11-16 are directed to a method.  Therefore, these claims fall within the four statutory categories of invention.
The claim(s) recite(s) data decryption.  Specifically, the claims recite “receiving…encrypted data and encrypted code…; transferring… the encrypted data and encrypted code…; decrypting…the encrypted code; executing…the decrypted code..; receiving…information decrypted… ”, which is mathematical calculations within the “Mathematical concepts” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019)) because the claims involve a series of steps for conducting data decryption. Accordingly, the claims recite an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional element(s) of the claim(s) such as the use of computing device, processor, memory, non-transitory computer-readable medium, cryptographic coprocessor, cryptogram, signature, and cryptographic algorithm merely use(s) a computer as a tool to perform an abstract idea. Specifically, conducting data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, decrypting the encrypted data.  The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological 
The claims do not include additional elements that are sufficient to amount to significantly more than the abstract idea. The claims 1-10, and 17-20 are system and apparatus claims that are used to perform the method claims 11-16 which only involves the use of computers as tools to automate and/or implement the abstract idea. 
Taking the claim elements separately, the independent claims involve performing data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, and decrypting the encrypted data.  This only uses the processor or computer system to automate or implement the abstract idea of performing data decryption.  Dependent claims 2-3, 9 and 20 describe cryptogram.  Dependent claims 4, 12 and 16 describe obtaining encrypted code.  Dependent claims 5-8, 10 and 19 describe the trusted execution environment.  Dependent claim 13 describes decrypting the encrypted data.  Dependent claim 14 describes decrypting the encrypted code. Dependent claim 15 describes cryptographic coprocessor. Dependent claim18 describes the computing device.  These claims further describe the use of the processor or computer system to automate or implement the abstract idea. Therefore, the use of the computer in each step does no more than employ the computer as a tool to carry out functions corresponding to the acts performed in the abstract idea. Merely applying instructions by reciting the computing structure as a tool to implement the claimed limitations (see MPEP 2106.05(f)) or merely linking the use of the judicial exception to a particular technological environment or field of use (MPEP § 2106.05(h)), does not serve to provide significantly more than the abstract idea. 
Viewed as a whole, the combination of elements recited in the claims simply recite the concept of performing data decryption including receiving encrypted data and encrypted code, decrypting the encrypted code, and decrypting the encrypted data.  The claims do not, for example, purport to improve the functioning of the computer itself. Nor do they effect an improvement in any other technology or technical field. 
The use of a computing device, processor, memory, non-transitory computer-readable medium, cryptographic coprocessor, cryptogram, signature, and cryptographic algorithm as tools to implement the abstract idea does not render the claim patent eligible because it does not provide meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment and requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. 
Conclusion
The claims as a whole do not amount to significantly more than the abstract idea itself. This is because the claims do not effect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a computer system itself; and the claims do not move beyond a general link of the use of an abstract idea to a particular technological environment.
Accordingly, there are no meaningful limitations in the claims that transform the judicial exception into a patent eligible application such that the claims amount to significantly more than the judicial exception itself.


Claim Rejections - 35 USC §102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:

A person shall be entitled to a patent unless -

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 11-12 and 14-16 are rejected under 35 U.S.C. 102 as being anticipated by US Grant Publication US6378072B1 (“Collins et al.”).

Regarding claims 11, Collins et al. teaches:
receiving, by a first application executed in an untrusted execution environment, encrypted data and encrypted code implementing a cryptographic algorithm via a network; (Fig. 1, item 105; col 2 ln 50-53)
transferring, by the first application, the encrypted data and the encrypted code to a second application executed in a trusted execution environment; (Fig. 1, col 2 ln 54)
decrypting, by the second application, the encrypted code; (Fig. 1, col 2 ln 54-55; col 16 ln 18-20)
executing, by the second application, the decrypted code to decrypt the encrypted data using the cryptographic algorithm; and (Fig. 1, col 2 ln 65-66)
receiving, by the first application, information decrypted from the encrypted data from the second application. (Fig. 1, col 3 ln 46-49)

Regarding claim 12, Collins et al. teaches:
transferring the encrypted code from the second application to a cryptographic coprocessor using an interface; and (Fig. 1 items 110 and 115; col 4 ln 8-9)
verifying a signature of the encrypted code using the cryptographic coprocessor. (Figs. 1 and 6; col 2 ln 60-64)

Regarding claim 14,  Collins et al. teaches:
wherein decrypting the encrypted code is performed by the cryptographic coprocessor. (Fig. 1, col 2 ln 54-55; col 16 ln 18-20)

Regarding claim 15, Collins teaches:
wherein the cryptographic coprocessor includes code that implements a predefined plurality of cryptographic algorithms, and the cryptographic algorithm is executed from the predefined plurality of cryptographic algorithms. (col 4 ln 15-17)

Regarding claim 16, Collins et al. teaches: 
The method of claim 11, wherein the encrypted code is received from a service operated by an entity, and the first application and the second application are associated with the entity. (Col 3 ln 37-50) 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and
103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for
the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale
supporting the rejection, would be the same under either status.

The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained through the invention is not identically disclosed or described as set
forth in section 102, if the differences between the subject matter sought to be patented and the prior
art are such that the subject matter as a whole would have been obvious at the time the invention was
made to a person having ordinary skill in the art to which said subject matter pertains. Patentability
shall not be negatived by the manner in which the invention was made.

Claims 1-7, 9-10, 17-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20160381010A1 (“Bhandari et al.”).

Regarding claim 1 and 17, Collins et al. teaches:
a computing device comprising a processor and a memory; and (Fig. 1 item 100)
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least: (Figs. 1-2)
receive encrypted code implementing a cryptographic algorithm from a service via a network; (Fig. 1, item 105; col 2 ln 50-53)
provide the encrypted code to an application executed in a trusted execution environment of the computing device; and (Fig. 1, col 2 ln 54)
decrypt the encrypted code; (Fig. 1, col 2 ln 54-55, col 16 ln 18-20)

Collins et al. does not teach:
obtain a cryptogram including information encrypted using the cryptographic algorithm from the application.
return the cryptogram via the interface.
However, Bhandari et al. teaches:
obtain a cryptogram including information encrypted using the cryptographic algorithm from the application. (Fig. 3 item 312, Fig. 4 item 416; ¶¶0025, 0028-0029).
return the cryptogram via the interface. (Fig. 3 item 314; ¶¶0025, 0028-0029)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the Cryptographic  System of Collins et al. by adding cryptogram generation in accordance with the teaching of Bhandari et al.. This modification allows Collins’ system to support secure payment transactions. (Bhandari et al. ¶¶0003-0004)

Regarding claim 2, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the cryptogram is obtained by another application executed in an untrusted execution environment of the computing device. (Fig. 1, col 3 ln 46-49)

Regarding claim 3, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the machine-readable instructions further cause the computing device to at least send the cryptogram by the other application to the service via the network. (Fig. 1, col 3 ln 46-50)

Regarding claim 4, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the encrypted code is provided to the application via an interface between the trusted execution environment of the computing device and an untrusted execution environment of the computing device. (Fig. 1, col 3 ln 43-50)

Regarding claim 5, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the machine-readable instructions further cause the computing device to at least verify, by the cryptographic coprocessor, a signature of the encrypted code and a state of the computing device before decrypting the encrypted code. (Figs. 1, 4 and 6; col 2 ln 60-64, col 8 ln 43-56)

Regarding claims 6 and 18, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the machine-readable instructions further cause the computing device to at least verify, by the cryptographic coprocessor, a signature of the application. (Figs. 1 and 6; col 2 ln 60-64)

Regarding claim 7, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Bhandari et al. further discloses:
wherein the trusted execution environment includes a cryptographic coprocessor, and the cryptographic algorithm is not included in a predefined plurality of cryptographic algorithms supported by the cryptographic coprocessor. (¶0023)

Regarding claims 9 and 20, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Bhandari et al. further discloses:
wherein the cryptogram corresponds to a payment transaction, and the cryptogram includes a limited use payment credential. (Fig. .3 items 310-314; ¶0025)

Regarding claim 10, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. further discloses:
wherein the trusted execution environment stores a key used to decrypt the encrypted code, the key being associated with an entity that operates the service. (Fig. 1, col 2 ln 54-55; col 3 ln 5-7, col 16 ln 18-20)

Claims 8 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20160381010A1 (“Bhandari et al.”), and in further view of US Grant Publication US9442752B1 (“Roth et al.”).

Regarding claims 8 and 19, Collins et al. in view of Bhandari et al. discloses all the limitations as described above.  Collins et al. and Bhandari et al. do not teach:
wherein the trusted execution environment comprises a secure operating system executed on a secure virtual processor of the processor. 
However, Roth et al. teaches:
wherein the trusted execution environment comprises a secure operating system executed on a secure virtual processor of the processor. (Fig. 1 item 108, col 2 ln 56 – col 3 ln 3)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the combined system of Collins et al. and Bhandari et al. by adding support for virtual machine in accordance with the teaching of Roth et al.. This modification provides flexibility in customizing the virtual machine to meet the security requirement. (Roth et al. col 1 ln 15-16).

Claim 13 are rejected under 35 U.S.C. 103 as being unpatentable over US Grant Application US6378072B1 (“Collins et al.”) in view of US Application Publication US20080178010A1 (“Vaterlaus et al.”).

Regarding claim 13, Collins et al. teaches all the limitations as described above.  Collins et al. does not teach:
wherein executing the decrypted code is not performed by the cryptographic coprocessor.
However, Vaterlaus et al. teaches:
wherein executing the decrypted code is not performed by the cryptographic coprocessor. (Fig. 5 item 90, Fig. 7 item 100; Abs, ¶¶0081, 0085)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the filling
date of the invention to modify the Cryptographic  System of Collins et al. by executing the decrypted code outside of cryptographic coprocessor in accordance with the teaching of Vaterlaus et al.. This modification allows Collins’ system to decouple cryptographic operations from other application specific operations.  This allows cryptographic operations be shared by multiple applications and users.  (Vaterlaus et al. ¶¶0003-0005)


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Yingying Zhou whose telephone number is 571-272-5308.  The examiner can normally be reached on Monday-Friday 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Hayes can be reached on 571-272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/YINGYING ZHOU/Examiner, Art Unit 3685                                                                                                                                                                                                        
/ZESHAN QAYYUM/Primary Examiner, Art Unit 3685