DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on April 15, 2014.
Claims 1-20 are submitted for examination.
Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority

This application filed on July 17, 2020 claims priority as of July 24, 2019 from a foreign application KR10-2019-0089432 filed on July 24, 2019 at South Korea.

Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 20 July 2020.
IDS filed on 19 January 2021.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 5 and 15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 5 recites limitations,
The electronic device of claim 2, wherein the processor is configured to: 
receive a signature request for the transaction by using the signature request application, 
provide a token for signing the transaction obtained using the secure application to the signature request application in response to the reception of the signature request, 
provide the token to the authentication secure application by using the signature request application in response to providing the token to the signature request application, 
provide an encryption token for the token obtained using the authentication secure application to the secure application through the signature request application when the user of the electronic device is authenticated, and 
acquire the signature information for the transaction based on the encryption information by using the secure application when the encryption token corresponds to the token obtained using the secure application.
	It appears that the underline claim limitation (when the encryption token…) compares two tokens to acquire the signature information, when the two tokens are similar. However, it is not clear how an encrypted token is compared to a plain token. A step for decrypting the encrypted token for comparing two plain token is missing.
Claim 15 recites similar limitations and therefore Claim 15 is rejected.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 8, 10-11, 17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Thadikaran et al. (US PGPUB. # US 2013/0283380, hereinafter “Thadikaran”), and further in view of van de Ruit et al. (US PGPUB. # US 2019/0121988, hereinafter “van de Ruit”)
Referring to Claims 1, 11 and 20:
Regarding Claim 1, Thadikaran teaches,
An electronic device comprising: 
a display; (Fig. 1(128), ¶32)
a memory configured to store encryption information; (Fig. 1(114), ¶32, Fig. 7(702), ¶63, “the lockable storage is part of the secure storage 114”, ¶90-¶91, ¶97, “the ISV/server 1406 authenticates the client 1402 and stores the public key using the agent 1420 of the secure storage 1422”)
a processor; (Fig. 1(102), implicit to execute operating system and applications, Fig. 21) and 
a switch configured to electrically disconnect the processor from the memory in a first state and to electrically connect the processor and the memory in a second state, (Fig. 1(142) ¶32, ¶65, “ a physical switch (e.g., hardware switch 142 for FIG. 1 above) could be employed to make an "always on" secure storage inaccessible even to authenticated users while the switch is on. In one embodiment, locking down secure storage to all others is actually is a useful feature because a lot of malware can attack other, potentially (normally) trusted applications that may have access to the secure store”), 
wherein the processor is configured to: 
receive a user input for switching the switch from the first state to the second state while the switch is in the first state, (¶66, “the user can initiate the lock by using a switch that is outside the control of the operating system”, i.e. a user input is received)
[provide the encryption information stored in the memory to a secure application executing only in a second execution environment through a secure operating system of the second execution environment], when the switch is switched from the first state to the second state to generate an electrical path between the memory and the processor, (¶66, Fig. 10(1006, 1008, 1010), ¶77-¶78, “method 1000 sends a message to the storage system to perform the user lockdown. In one embodiment, method 1000 uses a tunnel between an agent executing method 1000 in the operating system to the secure storage system to perform the user lockdown”, i.e. switch is switched from unlock state (first state) to lock state (second state)).
Thadikaran does not teach explicitly,
provide the encryption information stored in the memory to a secure application executing only in a second execution environment through a secure operating system of the second execution environment, (¶120, “ [when the switch is switched from the first state to the second state to generate an electrical path between the memory and the processor],
acquire signature information for a transaction based on the encryption information, and 
provide the signature information acquired based on the encryption information to a signature request application.
However van de Ruit teaches,
 provide the encryption information stored in the memory to a secure application executing only in a second execution environment through a secure operating system of the second execution environment, (¶111, “only restricted application may access the high security memory 210. For example, software or hardware measures may be taken to restrict access to the high security memory 210”, ¶120, “device 100 may have a kernel having a user mode and a kernel mode, wherein the cryptographic kernel runs in kernel mode, but the transaction application runs in user mode “, ¶136, “Cryptographic kernel 430 comprises a signing unit 440. The signing unit 440 is configured to access the high security data area and compute the signature from the private key”, ¶172, “Together with the cryptographic kernel that handles the private key operations”, Fig. 6(610, 640), ¶187, “providing (610) a private key of a public key and private key pair in a high security data area “, “accessing (640) the high security data area and computing (650) the signature from the private key, by a cryptographic kernel application comprising the signing interface”, i.e. private key (encryption information) is provided from high security memory for signing) [when the switch is switched from the first state to the second state to generate an electrical path between the memory and the processor],
acquire signature information for a transaction based on the encryption information, (Fig. 6(620), ¶187, “generate (620) a transaction in a transaction application, said transaction comprising a signature, calling “, i.e. signature information is acquired for a transaction) and 
provide the signature information acquired based on the encryption information to a signature request application. (Fig. 6(640, 650, 660), ¶187, “(630) a signing interface of a cryptographic kernel application to obtain a signature for including in the transaction, accessing (640) the high security data area and computing (650) the signature from the private key, by a cryptographic kernel application comprising the signing interface, transmitting (660) the transaction for inclusion in the blockchain”, i.e. signed transaction (signature information) is provided to the requested application).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of van de Ruit with the invention of Thadikaran.
Thadikaran teaches, switching from an unlocked state to a locked state. van de Ruit teaches, providing a private key from a high security area when a transaction signing request is received. Therefore, it would have been obvious to have providing a private key from a high security area when a transaction signing request is received of van de Ruit with switching from an unlocked state to a locked state of Thadikaran, to KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 11, it is a method Claim of above device Claim 1 and therefore Claim 11 is rejected with the same rationale as applied against Claim 1 above.

Regarding Claim 20, it is also a device Claim and therefore Claim 20 is rejected with the same rationale as applied against Claim 1 above.

Referring to Claims 8 and 17:
Regarding Claim 8, rejection of Claim 1 is included and for the same motivation Thadikaran teaches,
The electronic device of claim 1, wherein the processor is configured to: 
identify whether the switch is in the second state (¶66, Fig. 10(1006, 1008, 1010), ¶77-¶78, “method 1000 sends a message to the storage system to perform the user lockdown. In one embodiment, method 1000 uses a tunnel between an agent executing method 1000 in the operating system to the secure storage system to perform the user lockdown”, i.e. switch is in lock state (second state)) [in response to providing the encryption information to the secure application], and 
[display another screen for guiding release of the user input by using the signature request application] in response to identifying that the switch is in the second state. (¶66, Fig. 10(1006, 1008, 1010), ¶77-¶78, “method 1000 sends a message to the storage system to perform the user lockdown. In one embodiment, method 1000 uses a tunnel between an agent executing method 1000 in the operating system to the secure storage system to perform the user lockdown”, i.e. switch is identified as in lock state (second state))
Thadikaran does not teach explicitly,
[identify whether the switch is in the second state] in response to providing the encryption information to the secure application, and 
display another screen for guiding release of the user input by using the signature request application [in response to identifying that the switch is in the second state].
However, vad de Ruit teaches,
[identify whether the switch is in the second state] in response to providing the encryption information to the secure application, (¶111, “only restricted application may access the high security memory 210. For example, software or hardware measures may be taken to restrict access to the high security memory 210”, ¶120, “device 100 may have a kernel having a user mode and a kernel mode, wherein the cryptographic kernel runs in kernel mode, but the transaction application runs in user mode “, ¶136, “Cryptographic kernel 430 comprises a signing unit 440. The signing unit 440 is configured to access the high security data area and compute the signature from the private key”, ¶172, “Together with the cryptographic kernel that handles the private key operations”, Fig. 6(610, 640), ¶187, “providing (610) a private key of a public key and private key pair in a high security data area “, “accessing (640) the high security data area and computing (650) the signature from the private key, by a cryptographic kernel application comprising the signing interface”, i.e. private key (encryption information) is provided from high security memory for signing) and 
display another screen for guiding release of the user input by using the signature request application (¶180, “As the cryptographic kernel is installed on a mobile phone, this is possible since a display and input is available. For example, before actually signing the transaction, the signing applet may display the transaction information and prompt the user for review and approval. Optionally, a secure applet, e.g. the signing applet, may provide an option to the user to display the private key, root seed or mnemonic seed to the user outside the realm of the OS and Apps”) [in response to identifying that the switch is in the second state].

Regarding Claim 17 rejection of Claim 11 is included and Claim 19 is rejected with the same rationale as applied against Claim 8 above. 

Referring to Claims 10 and 19:
Regarding Claim 10 rejection of Claim 1 is included and for the same motivation Thadikaran does not teach explicitly,
The electronic device of claim 1, wherein the processor is configured to transmit the transaction including the acquired signature information to a blockchain network through the signature request application so that the transaction including the acquired signature information is recorded in a block of a blockchain.
However, van de Ruit teaches,
The electronic device of claim 1, wherein the processor is configured to transmit the transaction including the acquired signature information to a blockchain network through the signature request application so that the transaction including the acquired signature information is recorded in a block of a blockchain. (Fig. 6(640, 650, 660), ¶187, “(630) a signing interface of a cryptographic kernel application to obtain a signature for including in the transaction, accessing (640) the high security data area and computing (650) the signature from the private key, by a cryptographic kernel application comprising the signing interface, transmitting (660) the transaction for inclusion in the blockchain”, i.e. signed transaction (signature information) is provided to the requested application to record the transaction in a blockchain).

Regarding Claim 19 rejection of Claim 11 is included and Claim 19 is rejected with the same rationale as applied against Claim 10 above. 

Claims 2-4 and 12-14 are rejected under 35 U.S.C. 103 as being unpatentable over Thadikaran et al. (US PGPUB. # US 2013/0283380, hereinafter “Thadikaran”), and further in view of van de Ruit et al. (US PGPUB. # US 2019/0121988, hereinafter “van de Ruit”), and further in view of Jonathan E. Ramaci (US PGPUB. # US 2013/0307670, hereinafter “Ramaci”).

Referring to Claims 2 and 12:
Regarding Claim 2 rejection of Claim 1 included and Thadikaran does not teach explicitly,
The electronic device of claim 1, wherein the processor is configured to:
authenticate a user of the electronic device using an authentication secure application executing in the second execution environment, and 
acquire the signature information for the transaction based on the encryption information, by using the secure application when the user of the electronic device is authenticated.
However, van de Ruit teaches,
acquire the signature information for the transaction based on the encryption information, by using the secure application (Fig. 6(620), ¶187, “generate (620) a transaction in a transaction application, said transaction comprising a signature, calling “, i.e. signature information is acquired for a transaction)  [when the user of the electronic device is authenticated].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of van de Ruit with the invention of Thadikaran.
Thadikaran teaches, switching from an unlocked state to a locked state. van de Ruit teaches, providing a private key from a high security area when a transaction signing request is received. Therefore, it would have been obvious to have providing a private key from a high security area when a transaction signing request is received of van de Ruit with switching from an unlocked state to a locked state of Thadikaran, to KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Thadikaran and van de Ruit does not teach explicitly,
authenticate a user of the electronic device using an authentication secure application executing in the second execution environment, and 
[acquire the signature information for the transaction based on the encryption information, by using the secure application] when the user of the electronic device is authenticated.
However, Ramaci teaches,
authenticate a user of the electronic device using an authentication secure application executing in the second execution environment, (Fig.1, ¶39, “in block 114, the system authenticates the identity of the user based on the comparison of the biometric scan to the biometric information”, “the user is authenticated if the biometric scan and the biometric information are 95% similar”, i.e. a user is authenticated) and 
[acquire the signature information for the transaction based on the encryption information, by using the secure application] when the user of the electronic device is authenticated. (¶39, “the user will be able to access secure areas of the biometric authentication system and perform actions that are based on authentication of the user's identity”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
.
Thadikaran in view of van de Ruit teaches, switching from an unlocked state to a locked state and providing a private key from a high security area when a transaction signing request is received. Ramaci teaches, a user accessing secure area after an authentication. Therefore, it would have been obvious to have a user accessing secure area after an authentication of Ramaci into the teachings of Thadikaran in view of van de Ruit to provide an access to a secure area to an authorized user and to avoid malicious user. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 12 rejection of Claim 11 is included and Claim 12 is rejected with the same rationale as applied against Claim 2 above. 

Referring to Claims 3 and 13:
Regarding Claim 3, rejection of Claim 2 is included and for the same motivation combination of Thadikaran and van de Ruit does not teach explicitly,
The electronic device of claim 2, wherein the switch comprises a sensor for biometric authentication that is directly contactable by the user, and the processor is configured to: 
acquire biometric information of the user while the sensor is in contact with the user according to the user input, and 
authenticate the user of the electronic device based on the acquired biometric information by using the authentication secure application.
However, Ramaci teaches,
The electronic device of claim 2, wherein the switch comprises a sensor for biometric authentication that is directly contactable by the user, (¶26, “A user of the biometric authentication system swipes a finger of the user on the fingerprint scanner to provide the biometric information to the system. The fingerprint sensor includes CMOS active capacitance pixel sensing with anti-spoofing capabilities. In an embodiment, the fingerprint sensor also includes a conductance sensor to determine that the finger has a conductance, so that the fingerprint sensor can determine that the user is alive”) and the processor is configured to: 
acquire biometric information of the user while the sensor is in contact with the user according to the user input, (Fig. 1(110), ¶36, “the system receives a biometric scan of a user. For example, a user may desire to access secure information stored in associated with the biometric authentication system or the user may desire to authenticate the user's identity”) and 
authenticate the user of the electronic device based on the acquired biometric information by using the authentication secure application. (Fig. 1(114), ¶39, “in block 114, the system authenticates the identity of the user based on the comparison of the biometric scan to the biometric information”).

Regarding Claim 13 rejection of Claim 12 is included and Claim 13 is rejected with the same rationale as applied against Claim 3 above. 

Referring to Claims 4 and 14:
Regarding Claim 4, rejection of Claim 2 is included and for the same motivation combination of Thadikaran and van de Ruit does not teach explicitly,
The electronic device of claim 2, wherein the processor is configured to authenticate the user based on biometric authentication, a data input pattern, or a combination thereof through the authentication secure application.
However, Ramaci teaches,
The electronic device of claim 2, wherein the processor is configured to authenticate the user based on biometric authentication, a data input pattern, or a combination thereof through the authentication secure application. (Fig. 1, ¶26, ¶39, “in block 114, the system authenticates the identity of the user based on the comparison of the biometric scan to the biometric information”, i.e. user is authenticated based on a biometric authentication).

Regarding Claim 14 rejection of Claim 12 is included and Claim 13 is rejected with the same rationale as applied against Claim 3 above. 


Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Thadikaran et al. (US PGPUB. # US 2013/0283380, hereinafter “Thadikaran”), and further in view of van de Ruit et al. (US PGPUB. # US 2019/0121988, hereinafter “van de Ruit”), and further in view of Liu et al. (US PGPUB. # US 2017/0061436, hereinafter “Liu”).

Referring to Claims 9 and 18:
Regarding Claim 9 rejection of Claim 1 is included and combination of Thadikaran and van de Ruit does not teach explicitly,
The electronic device of claim 1, wherein the switch comprises a physical button and/or a physical wheel.
However, Liu teaches,
The electronic device of claim 1, wherein the switch comprises a physical button and/or a physical wheel. (Fig. 1(192), ¶48, “The interface unit 192 may be configured based on the user terminal device 100 and include any suitable input mechanism such as a mechanical button, a touch pad, a wheel, and so forth”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of van de Liu with the invention of Thadikaran in view of van de Ruit.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 18 rejection of Claim 11 is included and Claim 18 is rejected with the same rationale as applied against Claim 9 above. 


Referring to Claims 5 and 15:

Objected

Claims 5 and 15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and addressing 35 U.S.C. 112(b) issues as indicated in paragraphs 8-10. 
Thadikaran et al. (US PGPUB. # US 2013/0283380) discloses, a switch for switching from an unlock state to a lock state. The lock state allows only authorized users to access secure information.
The reference by van de Ruit et al. (US PGPUB. # US 2019/0121988) discloses a transaction signing procedure. In particular, the blockchain transaction device is configured to generate a transaction, said transaction comprising a signature, by calling a signing interface of a cryptographic kernel application to obtain the signature for the transaction. The cryptographic kernel application is configured to access a high security data area and compute the signature from a private key.
The reference by Belshe et al. (US PAT. # US 11,120,438) discloses, the processing device 11 may sign a transaction, e.g. a digital currency transaction, and may transmit the signed transaction for signing by the service. Signing the transaction by the processing device 11 may be associated with using a secure token, providing the private key directly from the user, providing a key of a local key storage device, e.g. a USB drive, an operator typing in a key, or the like, or combinations thereof. Signing by the service may be associated with accessing a stored key and signing with the stored key. Signing by the service may be associated with accessing a stored key, decrypting the stored key, and signing with the decrypted key. (CL(5), LN(37-50)).
The reference by O’Regan et al. (WIPO PUB. # WO 2016/0128906) discloses, a communication component to receive the token together with auxiliary information and a seed value, and for the authenticating component to include: a database searching component for identifying a stored token and stored seed value associated with the 
However, none of the reference teaches limitations of the dependent claims 5 and 15.

Claim 6:		Objected
Claim 6 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Referring to Claims 7 and 16:

Objected

Claims 7 and 16 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Korkishko et al. (US PGPUB. # US 2015/0121516) discloses, a method and electronic device for enhancing security authentication. An execution mode may be changed from a non-trusted execution mode to a trusted execution mode. At least one input may be authenticated while in the non-trusted execution mode.
Upendra Mardikar (US PAT. # US 8,108,318) discloses, a client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.
Alain Hiltgen (US PGPUB. # US 2019/0138707) discloses, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where 
GIJS et al. (EP # 3246845) discloses, a data processing system with a trusted execution environment, comprises a host processor (12) having a secure mode for operating in the trusted execution environment and a non-secure mode; and a secure module (10) configured to respond to tokens posted by the host processor in secure mode, wherein each token identifies a secure asset, and source and destination addresses within secure and public address spaces. The secure module includes an internal memory (16) storing secure assets identifiable by the tokens; a memory access circuit (26) connected to read data from the source addresses and write processed data to the destination addresses; and a cryptography engine (18, 20) configured to process the read data using the identified secure assets. The secure module (10') is configured to also respond to tokens posted by the host processor in non-secure mode. The internal memory (16') of the secure module stores a rule (Px) together with each secure asset (Ax), defining permissions as to the address spaces where the memory access circuit may read and write the data. The secure module ignores tokens that do not satisfy the permissions defined for the corresponding assets. 
Antonios Dimitrios Broumas (US PGPUB. # US 2016/0253519) discloses, a method for securing sensitive data on a mobile device are provided. The method includes receiving an encryption or decryption request for the sensitive data on the mobile device, forwarding a file access request for the sensitive data to a secure 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498