Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 3, 4, 7, 10, 12 and 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Claims 4 and 13 recite the limitation "the authentication" and “the service” in “whether the authentication information of the service provider for the target device is stored in the SE, whether the authentication information of the service provider is valid”.
There are insufficient antecedent basis for these limitations in the claim.
Claims 1, 3, 10 and 12 recite limitation “a service” in “that a service is providable”, “at least one of a service provider and the target device”, and “whether a service is providable to the 
Claim 7 recite limitation “a target” in “whether a registered digital key is present” and “that a registered digital key is present”.  Each occurrence of “a target” failed to succeed with or establish antecedent basis link and therefore they rendered the limitations ambiguous.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-15 are rejected under 35 U.S.C. 103 as being unpatentable over GAUTAMA et al. (Hereinafter referred to as GAUTAMA, US 20140169564 A1) in view of Rezaei US 20190159026 A1 

As per claim 1:
GAUTAMA discloses a secure element (SE) for processing a digital key, the SE comprising:

a memory for storing programs and data for processing the digital key (0028; 0034); and
a processor for executing the programs stored in the memory to (0028; 0034);
receive a digital key processing request from a target device ([0066-0068]: Key Fob Programming Via Key Provisioning Server; At 314, the key fob programming device 340 transmits a request message to the KPS 310 to request a public key infrastructure (PKI) private/public key pair and/or a digital certificate), [0073]: When the user of the wireless communication device 170 opens the application a session is started. The wireless communication device 170 communicates message(s) to the KPS 410 at 412 to register the wireless communication device 170 with the KPS 410),
determine whether a service is providable to the target device, by using a service-provider-specific service performance manager ([0066-0068]: Key Fob Programming Via Key Provisioning Server; The request message includes the vehicle's vehicle identification number (VIN); [0073]: The wireless communication device 170 communicates message(s) to the KPS 410 at 412 to register the wireless communication device 170 with the KPS 410; this registration information can include an IMEI (or other unique identifier) for the wireless communication device 170. The registration information can include additional information (e.g., that is unique to the device 170 but is not the IEMI). This can help prevent spoofing and use of malware),

upon determining that a service is providable to the target device,
issue a digital key processing certificate by using the service-provider-specific service performance manager based on authentication information stored in the memory ([0069]: At 316, the KPS 410 transmits a response message to the device 340. The response message includes the private/public key pair and/or the digital certificate. At 318, the key fob programming device 340 transmits the private key to the central module 140 of the vehicle 110. The central module 140 can eventually use the private key to encrypt communications sent to the key fob 175 or to decrypt communications received from the key fob 175; [0071]: At 322, the key fob 175 can be preprogrammed at the manufacturing plant 320 or the vehicle dealership 330 to pair the key fob 175 with the central module 140 of the vehicle), and
transmit the digital key processing certificate to at least one of a service provider and the target device ([0076]: At 432, the KPS 410 communicates the PIN and an International Mobile Equipment Identity (IMEI) of the wireless communication device 170 to the central module of the vehicle 110. The PIN number along with the identifier has been provided to the central 

GAUTAMA does not explicitly disclose the digital key is processed by using a digital key manager. Rezaei, in analogous art however, discloses the digital key is processed by using a digital 
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitation of the digital key disclosed by GAUTAMA to include that the digital key is processed by using a digital key manager. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to a mechanism to authenticate embedded devices in vehicles and devices outside of a vehicle (e.g., mobile user devices) to ensure secure data exchange between these devices and/or remote servers and prevent unauthorized and/or malicious activities as suggested by Rezaei ([00021-0002]).

As per claim 2:
GAUTAMA discloses wherein the processing of the digital key comprises at least one of generating, removing, and managing the digital key ([0066-0071]: Key Fob Programming via Key 

As per claim 3:
GAUTAMA discloses wherein the processor determines whether a service is providable to the target device, by determining at least one of:
whether the authentication information of the service provider for the target device is stored in the SE ([0031]: The central module 144 includes a Bluetooth chipset 145, an end device authentication and authorization module 147),
whether the authentication information of the service provider is valid ([0039]: the central module 144 also includes an authentication and authorization module 147 that can perform authentication and/or authorization mechanisms that are described in any of the Bluetooth communication standards that are referenced herein, as well as other authentication and/or authorization mechanisms that are not described in the Bluetooth standards. As such, the authorization and authentication module 147 can receive signals transmitted from the end device 170 and perform authorization and/or authentication of the end device 170. When the end device 170 has been authorized and/or authenticated this allows the end device 170 to act as a controller for the some of the in-vehicle modules 140. Depending on the implementation this control can be performed automatically or at the command of a user who possesses the end device 170),
whether the target device is a valid target device ([0068]: At 314, the key fob programming device 340 transmits a request message to the KPS 410 to request a public key 
whether a user of the target device is a valid user ([0073]: When the user of the wireless communication device 170 opens the application a session is started. The wireless communication device 170 communicates message(s) to the KPS 410 at 412 to register the wireless communication device 170 with the KPS 410; this registration information can include an IMEI (or other unique identifier) for the wireless communication device 170; [0075]: At 422, the registration information and the PIN are communicated to the KPS 410, and the KPS 410 stores the registration information along with the PIN. At his point, the PIN number and the IEMI have been registered with the KPS 410. [0076]: At 432, the KPS 410 communicates the PIN and an International Mobile Equipment Identity (IMEI) of the wireless communication device 170 to the central module of the vehicle 110. The PIN number along with the identifier has been provided to the central module of the vehicle for authorization).

As per claim 4:
GAUTAMA discloses 
wherein the digital key processing information comprises at least one of 
attribute information comprising at least one of a valid time, a valid area, authority, and personal setting information for the target device ([0087]: “authorization range" refers to a distance that the wireless communication device 170 must be within with respect to the central module 140 to establish an authorized connection with a central module 140 of the vehicle. The authorization range is approximately five meters), and

wherein the authentication information comprises a key pair for a certificate comprising
a public key and a private key of the service provider ([0091]: A security module application at the wireless communication device will prompt the user to manually enter a pre-registered personal identification number (PIN) into the wireless communication device 170. The wireless communication device 170 and the central module 140 can then use this PIN, along with the previous or "most recently obtained" public key (that is stored in memory), to encrypt or decrypt information communicated between the wireless communication device and the central module during that session. Further details will now be described below with reference to FIGS. 7-10); and 
service operation data of the service provider comprising at least one of


As per claim 5:
GAUTAMA discloses wherein the processor transmits the digital key processing certificate to an entity other than the service provider and the target device, based on at least one of the authentication information and the digital key processing information ([0071]: At 322, the key fob 175 can be preprogrammed at the manufacturing plant 320 or the vehicle dealership 330 to pair the key fob 175 with the central module 140 of the vehicle).

As per claim 6:
GAUTAMA discloses wherein, when a request to integrally process digital keys of the service provider stored in the memory is received ([0077]: a system and method are provided for secure communication between a wireless communication device (e.g., a smart phone) and a central module of a vehicle), the processor
determines whether integral processing is enabled, by using the service-provider-specific service performance manager ([0072-0073]: a registration website that is accessed via an application at the wireless communication device 170. When the user of the wireless communication device 170 opens the application a session is started),
integrally processes the digital keys of the service provider stored in the memory, by using the digital key manager upon determining that integral processing is enabled ([0070]:  At 320, 
issues an integral processing certificate by using the service-provider-specific service performance manager, and transmits the integral processing certificate to the service provider ([0081]: A combination of these different types of security information can be distributed and used to secure communications between a wireless communication device (e.g., a smart phone) and a central module of a vehicle once the wireless communication device is determined to be within an authorization range. For instance, in one implementation, the security information can include both a public key and a digital certificate signed with a private key).

As per claim 7:
GAUTAMA discloses wherein the processor
receives a digital key authentication request from the target device ([0033]: The end device 170, central module 144 and ECU 162 are used to provide a passive entry passive start (PEPS) system for performing at least one passive entry passive start (PEPS) function with respect to a vehicle as the end device 170 (e.g., smart phone or key fob, etc.) approaches the vehicle and meets authorization criteria),
determines whether a registered digital key is present in the target device ([0037]: Based on the distance of the end device 170 from the vehicle the central module 144 can then 
performs an authentication procedure based on an authentication request type upon determining that a registered digital key is present in the target device ([0038]: When it's determined that the end device 170 is close enough to the vehicle 110, the PEPS functions are performed (e.g., the doors are unlocked, engine is started, etc.). When it's determined that the end device 170 is too far from the vehicle 110 the PEPS system remains inactivated and the doors remain locked; [0039]: Central module 144 also includes an authentication and authorization module 147 that can perform authentication and/or authorization mechanisms; the authorization and authentication module 147 can receive signals transmitted from the end device 170 and perform authorization and/or authentication of the end device 170. When the end device 170 has been authorized and/or authenticated this allows the end device 170 to act as a controller for the some of the in-vehicle modules 140).

As per claim 8:
GAUTAMA discloses wherein, when the digital key authentication request received from the target device is a one-way authentication request, the processor determines whether one-way authentication is performable, and performs one-way authentication upon determining that 

As per claim 9:
Rezaei discloses wherein the processor determines whether two-way authentication is performable, upon determining that one-way authentication is not performable, and transmits a two-way authentication request to the target device upon determining that two-way authentication is performable ([0031]: The authentication client (112) is configured to wirelessly authenticate the remote server (120) for the TCU (110). The authentication client (112) is configured to be wirelessly authenticated on behalf of the TCU (110) by the remote server (120). As used herein, “mutual authentication of the remote server (120) and the authentication client (112)” or “mutual authentication of the remote server (120) and the TCU (110)” refers to the authentication client (112) wirelessly authenticating the remote server (120) for the TCU (110) and the authentication client (112) being wirelessly authenticated on behalf of the TCU (110) by 

As per claim 10-15:
Claims 10-15 are directed to a method of operating a secure element (SE) to process a digital key, the method claims 10-15 are having substantially similar claimed limitations to their corresponding claims 1-6 and therefore claims 10-15 are rejected with the same rationale given above to reject claims 1-6 respectively.

BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as they would be interpreted by one of ordinary skill in the art at the time of filing the invention and the following claim words or terms or phrases or languages have been given to them, as follows, reasonable BRI considerations and context in view of the applicant’s disclosure in order to construe and appraise boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:

Digital Key:	[0002] A technology for performing security and authentication services using digital keys is being developed due to the spread of personalized electronic devices such as smartphones and tablet personal computers (PCs). As an example of the digital key technology, a technology for integrating digital keys into mobile devices, e.g., smartphones, by using a wireless communication technology such as near field communication (NFC) is being developed. That is, a digitalized virtual key, i.e., a digital key, may be inserted into a mobile device, and a user of the mobile device may use the digital key instead of a physical key to open a door or perform a control and access function.
[0085] A digital key application 430 is a lightweight application installed and driven in the SE 300. The digital key application 430 may generate and store digital keys in a storage 450 of the SE 300, and commonly provide use, removal, and management services to a plurality of service providers. The digital key application 430 may be previously embedded in the SE 300, or be loaded or installed later when required.

Service Provider:	[0058] The service provider server 210 is a server of a service provider who desires to provide a digital key service to the user 1. The service provider refers to a business operator for providing a service related to, for example, vehicles, hotels, houses, or buildings, and may provide the digital key service to the user 1 as an additional service added to the main service. For example, a vehicle company sells vehicles and a hotel, house, or building company provides a service related to hotels, houses, or buildings. The service provider may provide the digital key service for an access function such as door opening, engine starting, or control.

[0061] The target device 10 is an entity corresponding to a product and service sold by the service provider to the user 1. For example, the target device 10 may include a gate of a vehicle, a hotel, a house, or a building. Specifically, in regard to the vehicle, the target device 10 may include not only a vehicle door and a tailgate but also an access gate for starting an engine and controlling the vehicle.

Conclusion
The prior arts made of record and not relied upon are considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior arts.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784. The examiner can normally be reached 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TECHANE GERGISO/Primary Examiner, Art Unit 2494