DETAILED ACTION

The following FINAL Office action is in response to Amendment filed on November 29, 2021 for application 14414413.

Acknowledgements

Claim 15 has been added.
Claim 5 has been canceled.
Claims 1-4, 6-9 and 14-15 are pending.
Claims 1-4, 6-9 and 14-15 have been examined.

Notice of Pre-AIA  or AIA  Status

The present application is being examined under the pre-AIA  first to invent provisions. 

Response to Arguments

35 USC § 103 Arguments
In response to Applicant’s arguments under 35 USC § 103, Applicant argues that Ginter does not teach or suggest a universal integrated circuit card for a portable electronic device that connects to a telecommunications network, as presently claimed 
Applicant further argues that Ginter does not disclose "authenticating the remote transaction verification server in the telecommunications network". Examiner respectfully disagrees as portable appliance 2600 or SUP chip 2600 supports communications with a third party provider's VDE electronic appliance 600 and in this communication, each participant's secure VDE subsystem, portable appliance 2600 VDE secure subsystem may provide authentication and appropriate credit or debit card information to the retail terminal VDE secure subsystem.
Applicant argues that the secondary reference Loevenguth does not disclose the recited transaction cryptogram. Examiner respectfully disagrees as primarily the Applicant’s Specification discloses in paragraph 0068 that a cryptogram can be generated on the basis of the transaction data (amount, date, place) and of the bank data (bank identifier of the user of the telephone 400). The cryptogram is generated by cooperation between the SIM card of the telephone 400 and the payment application of the telephone 200. Paragraph 0071 of Loevenguth discloses that the unique identifier for the recipient 110 can comprise one or any combination of a phone number for a mobile device of the recipient, an email address for the recipient, an instant messaging identifier for the recipient, a preferred customer number for the recipient or other unique
customer identifier issued by a money transfer facilitator 140 or its agent 135, the mobile network operator 120, a retailer,a bank, a service provider or any other party, account, information (e.g., Stored value account identifier, bank account
number and/or ABA routing number), a tax number (e.g., Social Security Number or Taxpayer Identification Number), a drivers’ license number, a state ID number, a student ID number or another unique identifier. The unique identifier is our transaction cryptogram.
Applicant’s arguments are moot under new grounds of rejection.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all 
obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 6-9 and 14-15 are rejected under 35 U.S.C. 103(b) as being unpatentable over Ginter et al. (5,892,900) in view of Loevenguth et al. (US 2010/0250436A1) in further view of Lu et al. (US 2005/0259673 A1)
Regarding Claims 1 and 14, Ginter discloses a system comprising a remote transaction verification server, a portable electronic device configured to connect to a telecommunications network, and a universal integrated circuit card (UICC) portable electronic device, the UICC comprising: a memory including instructions; a communications interface a processor, operably connected to the memory and the communications interface, that executes the instructions and performs operations of an application, the operations comprising (Col. 79 lines 59-65, Col. 256 lines 12-37):
authenticating a remote transaction verification server in the telecommunications network; authenticating the UICC with said remote transaction verification server (Col. 257 line 54-Col. 258 line 3)
establishing a secure connection, via the telecommunications network, with said remote transaction verification server; and (Col. 60 lines 10-11, Col. 168 lines 10-25)
receiving, via said communications interface, data relating to an intended transaction with a third party device, the data including at least one of a bank identifier, an amount, a date, and a place wherein communication between the payment application of the portable electronic device and the application of the UICC is secured with an access control mechanism (Col. 260 line 32- Col. 261 line 9)
generating, based on the data, [a transaction cryptogram] (Col. 257 lines 10-12)
Ginter does not disclose transmitting the data and the transaction cryptogram, via the secure connection, to the remote transaction verification server, whereby the remote transaction verification server analyzes the data and the transaction cryptogram in order to make a decision as to whether to authorize the intended transaction.
Loevenguth however discloses transmitting the data and the transaction cryptogram, via the secure connection, to the remote transaction verification server, whereby the remote transaction verification server analyzes the data and the transaction cryptogram in order to make a decision as to whether to authorize the intended transaction (¶0013, ¶0016-¶0019, ¶0021, ¶0071).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to modify the system of Ginter to include transmitting the data and the transaction cryptogram, via the secure connection, to the remote transaction verification server, whereby the remote transaction verification server  analyzes the data and the transaction cryptogram in order to make a decision as to whether to authorize the intended transaction, as disclosed in Loevenguth, in order to allow a recipient of funds to redirect the funds after the money transfer has been initiated (see Loevenguth ¶0003).
The combination of Ginter and Loevenguth does not disclose using application protocol data unit (APDU) commands and acknowledgments exchanged between the UICC and the portable electronic device for activating a bearer independent protocol (BIP) system.
Lu however discloses using application protocol data unit (APDU) commands and acknowledgments exchanged between the UICC and the portable electronic device for activating a bearer independent protocol (BIP) system (¶0054, ¶0055, ¶0057, ¶0125).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to modify the system of Ginter and Loevenguth to include using application protocol data unit (APDU) commands and acknowledgments exchanged between the UICC and the portable electronic device for activating a bearer independent protocol (BIP) system, as disclosed in Lu, in order to an improved method to provide support for cryptographic communications protocols to enable secure communications end-to-end between the UICC device and the remote node (see Lu ¶0014).
Regarding Claim 6, Loevenguth discloses wherein the communications interface is adapted for communication between the secure electronic entity and a short-range communications interface of the portable electronic device (¶0078).
Regarding Claim 7, Loevenguth discloses wherein the operations further comprise: taking account of information received from the portable electronic device indicating that the remote transaction verification server has not been able to authenticate the secure electronic entity (¶0102-¶0103).
Regarding Claim 8, Loevenguth discloses supplying said portable electronic device with an element stored during a preceding use in order to enable a user of the portable electronic device to verify that use is being made of an application of the portable electronic device that the user has already used beforehand (¶0130).
Regarding Claim 9, Loevenguth discloses verifying the identity of a user of the portable electronic device (¶0111-¶0112).
Regarding Claim 15, Lu discloses wherein the portable electronic device comprises a memory including instructions; a communications interface; and a processor, operably connected to the memory and the communications interface, that executes the instructions and performs operations, the operations comprising: establishing the secure connection with said remote transaction verification server using user datagram protocol (UDP) commands or transmission control protocol / Internet protocol (TCP/IP) commands transmitted to said remote transaction verification server (¶0032, ¶0053).
Claim 2 is rejected under 35 U.S.C. 103(b) as being unpatentable over Ginter, Loevenguth and Lu in further view of Carroll (US 2008/0127296 A1). 
Regarding Claim 2, the combination of Ginter, Loevenguth and Lu does not disclose wherein authenticating the remote transaction verification server in the telecommunications network, comprises: sending, via said communications interface, a first exchange authentication element encrypted with a private key of the secure electronic entity, receiving from said remote transaction verification server a second exchange authentication element associated with the verification  server, and comparing the first and second exchange authentication elements.
Carroll however discloses wherein authenticating the remote transaction verification server in the telecommunications network, comprises: sending, via said communications interface, a first exchange authentication element encrypted with a private key of the secure electronic entity, receiving from said remote transaction verification server a second exchange authentication element associated with the verification  server, and comparing the first and second exchange authentication elements (¶0015, ¶0016, ¶0039, ¶0045, ¶0046, ¶0048, ¶0060, ¶0061).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to modify the system of Ginter, Loevenguth and Lu to include wherein authenticating the remote transaction verification server in the telecommunications network, comprises: sending, via said communications interface, a first exchange authentication element encrypted with a private key of the secure electronic entity, receiving from said remote transaction verification server a second exchange authentication element associated with the verification  server, and comparing the first and second exchange authentication elements, as disclosed in Carroll, in order to assure a person’s identity in real time without the need of having a trusted, vouching individual present (see Carroll ¶0012).
Claims 3 and 4 are rejected under 35 U.S.C. 103(b) as being unpatentable over Ginter, Loevenguth and Lu in further view of Kawell, JR. et al. (US 2005/0220296 A1). 
Regarding Claim 3, the combination of Ginter, Loevenguth and Lu does not disclose authenticating the secure electronic entity with the remote transaction verification server comprises: transmitting, via said communications interface, an identification parameter for a payment service, which identification parameter is encrypted with a private key of the secure electronic entity.
Kawell, JR. however discloses authenticating the secure electronic entity with the remote transaction verification server comprises: transmitting, via said communications interface, an identification parameter for a payment service, which identification parameter is encrypted with a private key of the secure electronic entity (¶0030).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to modify the system of Ginter, Loevenguth and Lu to include authenticating the secure electronic entity with the remote transaction verification server comprises: transmitting, via said communications interface, an identification parameter for a payment service, which identification parameter is encrypted with a private key of the secure electronic entity, as disclosed in Kawell, JR., in order to distribute access to a data item using an encryption key to impede unauthorized access to the data item (see Kawell, JR. ¶0003).
Regarding Claim 4, Kawell, JR. discloses configured so that the secure connection is a connection of the SMS, CAT-TP, or HTTP type (¶0044).

Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZEHRA RAZA whose telephone number is (571)272-8128. The examiner can normally be reached 10AM-6:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ZEHRA RAZA/Examiner, Art Unit 3685  

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685