DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Amendment filed 02/14/2022 has been received and considered.
Claims 1-7, 14-22, 29-30 and 36 are pending.
This action is Final.
Claim Objections
2.	Objections to claims 4-7, 14-15, 19-22 and 29-30 have been withdrawn based on the filed amendments.

Response to Arguments
3.	Applicant's arguments filed 02/14/2022 have been fully considered but they are not persuasive. Applicant argues that regarding independent claims 1, 16 and 36, Piqueras in view of Muhanna fails to teach a subscription concealed identifier (SUCI) or a two-step procedure for verifying the SUCI.
	With respect to this argument, as disclosed below, Piqueras in paragraph [0046] discloses registering a mobile device (UE) and provisioning a subscriber identification module (SIM) card. The subscriber identification module card includes a unique identifier (e.g., international mobile subscriber identification/identifier (IMSI)) and a secret/private cryptographic key. A stored database tuple pairs the unique identifier and the public cryptographic key associated with the mobile device which is signed or encrypted. This database tuple represents a subscription concealed identifier associated with the mobile device and thereafter used for verification purposes. 
In paragraph [0049], verification of the identifier (SUCI) is initiated by ensuring that a database tuple stored to the associated database device and comprising the received identifier has previously been encrypted using a private/secret cryptographic key associated with a mobile network operator 
	Therefore, Piqueras in view of Muhanna teaches a two-step procedure for verifying an identifier using a first nonce string and a second nonce string. 

Applicant further argues that regarding independent claims 1, 16 and 36, Piqueras in view of Muhanna fails to teach “receiving a message including the subscription concealed identifier.”
With respect to this argument, as disclosed below, Muhanna in paragraph [0086] discloses receiving an initial authentication request (IAR) message from the UE including a MAC signature, UE information and a home network identifier which are encrypted using a home network public key to form an encrypted portion of the IAR message. The encrypted portion is generated by using a home network public key to encrypt a UE security capability parameter, an International Mobile Subscriber Identity (IMSI), a RAND1, a RAND2, a COUNTER, and a MAC signature, as disclosed in paragraph [0091]. Furthermore, paragraph [0131] discloses encrypting an IMSI in an IAR message using the home network public key or any other encryption key serves to at least partially conceal the IMSI from malicious third parties. 	

Applicant further argues that regarding dependent claim 6, Piqueras in view of Muhanna fails to teach “validating the subscription concealed identifier comprises determining whether the subscription concealed identifier is valid by comparing the first set of encryption parameters to the second set of encryption parameters”
With respect to this argument, as disclosed below, paragraph [0073] discloses using integrity encryption keys in conjunction with the home network public-private key pair to provide two layers of encryption for the contents of IAR messages, which include the subscription concealed identifier. In paragraph [0074], a first random nonce value and key associated with the UE are used to independently generate an integrity key used to decrypt the encrypted inner portion of the IAR message. Then the IMSI in the decrypted inner portion is matched to the IMSI in the decrypted outer portion to verify that the encrypted outer portion had not been tampered with by an unauthorized third party. If validations are successful, an initial authentication response encryption key is generated based on a second random nonce value and the key associated with the IMSI. Therefore, the encrypted inner portion, as a first set of encryption parameters are compared to the encrypted outer portion, as a second set of encryption parameters to provide validation of the identifier. 

Therefore, Piqueras in view of Muhanna teaches the claimed limitations of independent claims 1, 16 and 36, dependent claim 6 and thereby any dependent claims. 



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



4.	Claims 1-7, 14-22, 29-30 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over US Pub No. US 2016/0294783 A1 to Piqueras Jover, (hereinafter, “Piqueras”) in view of US Pub. No. US 2018/0013568 A1 to Muhanna, (hereinafter, “Muhanna”).
As per claims 1, 16 and 36, Piqueras teaches a method implemented by a network node in a mobile network of validating a subscription concealed identifier for a user equipment (UE), a network node in a mobile network configured to validate a subscription concealed identifier, and a non-transitory computer-readable storage medium containing a computer program, respectively, comprising executable instructions that, when executed by a processing circuit in a network node of a mobile network, said network node comprising: 
an interface circuit for communicating with other network nodes over a communication network; and a processing circuit connected to the interface circuit (Piqueras, para. [0093] “a processor can refer to an integrated circuit, an application specific integrated circuit (ASIC), a digital signal processor (DSP), a field programmable gate array (FPGA), a programmable logic controller (PLC), a complex programmable logic device (CPLD), a discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. Processors can exploit nano-scale architectures such as, but not limited to, molecular and quantum-dot based transistors, switches and gates, in order to optimize space usage or enhance performance of user equipment. A processor may also be implemented as a combination of computing processing units”), said processing circuit being configured to: 
obtaining a first set of encryption parameters used to generate the subscription concealed identifier (Piqueras, para. [0046] “Mobile device 202, prior to first use on a network topology controlled and/or operated by a mobile network operator (MNO), can be registered with the network topology and provisioned with a subscriber identification module (SIM) card. The subscriber identification module card can include information such as a unique identifier (e.g., international mobile subscriber identification/identifier (IMSI)) and a secret/private cryptographic key to be utilized or employed by mobile device 202 when mobile device 202 receives messages that have been encrypted by another entity (e.g., base station device 102) using a counterpart public cryptographic key that has been associated with mobile device 202, and that corresponds with the persisted secret/private cryptographic key. Additionally, the mobile network operator can also persist the unique identifier (e.g., IMSI) to a database device associated with a varied and network distributed cluster of database devices, wherein the unique identifier associated with mobile device 202 (or more particularly, the IMSI associated with the subscriber identification module card used by mobile device 202) can be paired with a public cryptographic key and stored as a database tuple to a database device (e.g., storage 110 associated with base station device 102). The stored database tuple that pairs the unique identifier and the public cryptographic key associated with the mobile device 202 can be signed or encrypted with one of a plurality of secret/private cryptographic keys associated with a mobile network operator device. The pairing of the identifier and its associated public cryptographic key signed/encrypted with a private/secret key associated with the mobile network operator device can thereafter be used as a verification mechanism”); 
(Piqueras, para. [0049] “Verification of the identifier received from mobile device 202 can take the form of base station device 102 ensuring that a database tuple stored to the associated database device and comprising the received identifier has previously been encrypted using a private/secret cryptographic key associated with a mobile network operator device. Once base station device 102 has verified that the identifier is valid and is associated with a public cryptographic key associated with mobile device 202, base station device 102 can generate a nonce string, encrypt the nonce string, and send/forward an encrypted nonce string to mobile device 202. The encrypted nonce string can be encrypted using the public cryptographic key associated with mobile device 202 (e.g., the public cryptographic key retrieved by base station 102 during the verification phase). Mobile device 202, on receiving the encrypted nonce string, using its previously stored private/secret cryptographic key, can decrypt the received and encrypted nonce string to extract the nonce string that was generated, encrypted, and forwarded by base station device 102.”); 
obtaining a second set of encryption parameters associated with the subscription using the subscription information (Piqueras, para. [0053] “Verification engine 204 can, in response to receiving a database tuple comprising an identifier associated with a base station device and a public key (e.g., first encryption key) associated with the base station device, can generate a second nonce string, combine the first nonce string (received from the base station device) with the generated second nonce string to form a combined nonce string (e.g., the combined nonce string can be the first nonce string and/or the second nonce string), encrypt the combined nonce string using a public key associated with the base station device, and thereafter send the encrypted combined nonce string to the base station device.” and para. [0054] “verification engine 204, in response to receiving, from the base station device, an encrypted second nonce string (e.g., the second nonce string previously generated, combined, and the combination encrypted by Verification engine 204 and earlier sent to the base station) can decrypt the received encrypted second nonce string using the private/secret cryptographic key of mobile device 202 to obtain the decrypted second nonce string. It should be noted that the encrypted second nonce string can have been encrypted by the returning base station device using the public key of the mobile device 204.”); and 
validating the subscription concealed identifier based on the second set of encryption parameters (Piqueras, para. [0061] “in response to receiving an identifier from a mobile device (e.g. international mobile subscriber identifier/identification (IMSI) string), authentication engine 104 can send/forward the received identifier to an associated distributed database device (e.g., storage 110). At 804 authentication engine 104, in response to receiving, from the associated distributed database device a public cryptographic key associated with the identifier, can generate a first nonce string…on receiving the encrypted combined nonce string from the mobile device, at act 812, can decrypt the encrypted combined nonce string by using the private cryptographic key associated with the base station device. The result of the decryption of the encrypted combined nonce string is the first nonce string and/or the second nonce string, wherein the first nonce string was generated by authentication engine 104 and second nonce string was generated by the mobile device (e.g., by verification engine 204). Authentication engine 104 at 814, in response to receiving the first nonce string appropriately and validly decrypted by facilities provided on mobile device, can effectuate and facilitate establishing a communication channel with the mobile device. At 816, authentication engine 104 can also encrypt the second nonce string using the public cryptographic key associated with a mobile device and thereafter send the encrypted second nonce string to the mobile device for its use in establishing the communication channel with the base station device.” and para. [0064] “verification engine 204 can generate a second nonce string and can send an encrypted combined nonce string comprising the first nonce string (e.g., the result of the decryption of the encrypted first nonce string) and/or the recently generated second nonce string, wherein the combined nonce string is encrypted using a public cryptographic key associated with the base station device to form the encrypted combined nonce string.” And para. [0065] “verification engine 204, in response to receiving, from the base station device, an encrypted second nonce string that has now been encrypted by the base station device using the public cryptographic key associated with the mobile device, can decrypt the encrypted second nonce string using the private cryptographic key of the mobile device to obtain the unencrypted second nonce string, and as a function of in response or, or base on receiving a valid unencrypted second nonce string, establishing a secure communication channel”).
Piqueras teaches all the limitations of claims 1, 16 and 36 above, however fails to explicitly teach, but Muhanna teaches:
receiving a message from a user equipment including the subscription concealed identifier (Muhanna, para. [0086] “The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE info), a MAC signature, and a home network identifier (HID). The UE info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.” And para. [0131] “encrypting an IMSI in an IAR message (as well as other messages) using, for example, a KIAR.sub.ENC, a SNPuK, and/or a HNPuK serves to at least partially conceal the IMSI from malicious third parties.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into (Muhanna, para. [0002]-[0003]). 
As per claims 2 and 17, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters is obtained from the received message (Muhanna, para. [0074] “the initial authorization and data response includes a UE security capability parameter. The MME may then select one of the authentication vectors, as well as a non-access stratum (NAS) ciphering algorithm. The MME may also assign a temporary network identifier (e.g., a globally unique temporary identifier (GUTI)) to the UE. Thereafter, the MME may encrypt the KIAS.sub.ENC, the temporary network identifier, and a key set identifier (KSI) associated with the selected NAS ciphering algorithm using the KIAS.sub.ENC to obtain encrypted NAS security data.” and para. [0086] The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE_info), a MAC signature, and a home network identifier (HID). The UE_info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE_info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE_info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 
As per claims 3 and 18, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters comprise a key identifier indicating a public key used to generate the subscription concealed identifier (Piqueras, para. [0051] “mobile device 202, once again through facilities provided by Verification engine 204 can, in accordance with an aspect, receive from a base station device (e.g. base station device 102) a database tuple that can comprise an identification string associated with the base station device and a public cryptographic key that can also be associated with the base station device. Mobile device 202, and more particularly verification engine 204, in response to receiving such a database tuple can confirm the validity of origination of the database tuple by ensuring that the private/ secret cryptographic key associated with a mobile network operator device was employed to encrypt the database tuple.” And para. [0052] “verification engine 204 associated with mobile device 202, in response to sending an identifier (e.g., international mobile subscriber identifier/identification (IMSI)), can receive an encrypted first nonce string, wherein the first nonce string is generated by a base station device (e.g., base station device 102) and encrypted by the base station device using a public cryptographic key associated with mobile device 202.”).
As per claims 4 and 19, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters comprise a scheme identifier indicating an encryption scheme used to generate the subscription concealed identifier (Muhanna, para. [0074] “the initial authorization and data response includes a UE security capability parameter. The MME may then select one of the authentication vectors, as well as a non-access stratum (NAS) ciphering algorithm. The MME may also assign a temporary network identifier (e.g., a globally unique temporary identifier (GUTI)) to the UE. Thereafter, the MME may encrypt the KIAS.sub.ENC, the temporary network identifier, and a key set identifier (KSI) associated with the selected NAS ciphering algorithm using the KIAS.sub.ENC to obtain encrypted NAS security data.” and para. [0086] The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE_info), a MAC signature, and a home network identifier (HID). The UE_info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE_info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE_info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 
As per claims 5 and 20, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein: the subscription information comprises a subscription permanent identifier; and the subscription permanent identifier is used to obtain the second set of encryption parameters (Piqueras, para. [0020] “Additional acts can include using a private key to decrypt the first data to obtain the first nonce string, wherein the private key is burned, indelibly persisted, or permanently stored, to an integrated circuit device associated with the system; using the public key associated with the base station device to encrypt the second data; and using the private key to decrypt the third data to obtain the second nonce string.” and para. [0047] “In parallel with registering and persisting the pairing of the international mobile subscriber identification /identifier associated with the subscriber identification module and the public cryptographic key to the database device and/or to the plurality of network distributed database device, the international mobile subscriber identification /identifier together with a private/secret cryptographic key can be burned, indelibly stored, permanently persisted to a write once read only integrated circuit device that can be associated with mobile device 202.”).
As per claims 6 and 21, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein validating the subscription concealed identifier comprises determining whether the subscription concealed identifier is valid by comparing the first set of encryption parameters to the second set of encryption parameters (Muhanna, para. [0073] “a higher complexity MASA protocol uses encryption keys (e.g., KIAR.sub.ENC and/or KIAS.sub.ENC) in conjunction with the home network public-private key pair to provide two layers of encryption for the contents of IAR and/or IAS messages. In particular, a UE may use a pre-provisioned key and a first random number (RAND1) to generate an initial authentication request encryption key (KIAR.sub.ENC). The KIAR.sub.ENC is then used to encrypt private information to form an encrypted inner portion of an authentication request message. The private information may include the IMSI of the UE, the RAND1, a second random number (RAND2), UE-Security-Capabilities, and/or a counter. Next, the UE may encrypt the RAND1, the IMSI, and the encrypted inner portion to obtain an encrypted outer portion of the authentication request message.” And para. [0074] “the HSS would then use the RAND1 and a K key associated with the UE to independently generate the KIAR.sub.ENC, which the HSS would subsequently use to decrypt the encrypted inner portion. The HSS would then verify that IMSI in the decrypted inner portion matched the IMSI in the decrypted outer portion to verify that the encrypted outer portion had not been tampered with by an unauthorized third party. Thereafter, the HSS may verify that the counter in the decrypted inner portion matched a counter maintained by the HSS initial authentication request (IAR) was fresh (i.e., not stale). If the validations were successful, then the HSS may generate an initial authentication response encryption key (KIAS.sub.ENC) based on the RAND2 and the K key associated with the IMSI…The MME may then send an initial authentication and data response to the UE carrying the encrypted NAS security data as well as an unencrypted RAND2.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 

As per claims 7 and 22, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising performing a security operation depending on whether the subscription concealed identifier is valid, wherein the security operation comprises one or more of:
rejecting the received message responsive to determining that the subscription concealed identifier is invalid; returning an error message responsive to determining that the subscription concealed identifier is invalid (Muhanna, para. [0159] “FIG. 32 is a diagram of a communications sequence 3200 in which a UE unsuccessfully attempts to attach to a wireless network. In this example, the UE 215 sends an attach request 3210 to an SeAN 220, who is unable to authenticate the UE 215, and returns an attach reject 3220 to the UE 215. The attach reject 3220 prompts the UE 215 to set a back off timer, and the UE 215 is unable to initiate mobility management signaling prior to expiration of the back-off timer.”); 
accepting the received message if a number of related messages that have been received containing an invalid subscription concealed identifier is less than a predetermined number (Muhanna, para. [0082] “Upon receiving the authentication and data request message 430, the HSS 230 may decrypt encrypted portion using a HPrK, and verify the integrity of the encrypted portion based on the MAC signature…The HSS 230 may also take further steps to validate the encrypted portion. For example, the HSS 230 may verify that a COUNTER in the encrypted portion of the authentication and data request message 430 (e.g., a counter originally in the IAR message 420) exceeds an independent COUNTER maintained by the HSS 230 in order to confirm that the encrypted portion in the authentication and data request message 430 is fresh (e.g., not stale). If the encrypted portion is stale, then it may have been intercepted by a malicious man-in-the-middle entity.”); 
updating encryption parameters for a user equipment associated with the subscription responsive to determining that the subscription concealed identifier is invalid (Muhanna, para. [0162] “FIG. 34 is a diagram of a communications sequence 3400 in which a UE unsuccessfully attempts to attach to a wireless network. Similar to the communications sequence 3200, the UE 215 sends an attach request 3410 to the SeAN 220, who is unable to authenticate the UE 215, and returns an attach reject 3420 to the UE 215 that indicates that the UE 215 could not be authenticated by the network. However, unlike the attach reject 3220, the attach reject 3420 includes a MAC signature, which is generated by the SeAN by computing a hash function of information carried by the attach reject message 3420 using a SPrK associated with the underlying serving network. Upon reception, the UE 215 attempts to validate the attach reject 3420 by processing the MAC signature according to a SPuK assigned to the serving network. The SPrK and the SPuK form a public-private key pair such that processing of a MAC signature using the SPuK will only result in successful validation of the attach reject 3420 if the MAC signature was generated using the SPrK. Because the MAC signature carried by the attach reject 3420 was generated using the SPrK, the UE 215 will determine that the attach reject 3420 is valid, and will set a back-off timer.”); or 
(Muhanna, para. [0083] “After verifying the integrity of the encrypted portion(s), the HSS 230 may generate authentication vectors based on an EPS-AKA procedure, and send an authentication and data response message 435 carrying the EPS authentication vectors to the SeAN 220. The authentication and data response message 435 may include other information in addition to the EPS authentication vectors, such as integrity/encryption keys (e.g., a KIAS.sub.INT, KIAS.sub.ENC, etc.), the IMSI of the UE, a COUNTER, and/or a UE security capabilities. The UE security capabilities may indicate protocol capabilities supported by the UE, such as, for example, NAS ciphering algorithms supported by the UE.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 

As per claims 14 and 29, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising verifying that the first set of encryption parameters is valid before de-concealing the subscription concealed identifier (Piqueras, para. [0049] “Upon receiving this identifier from mobile device 202, base station device 102 can forward this identifier to an associated database device (e.g., storage 110) associated with a grouping of diversely located distributed database devices for verification. Verification of the identifier received from mobile device 202 can take the form of base station device 102 ensuring that a database tuple stored to the associated database device and comprising the received identifier has previously been encrypted using a private/secret cryptographic key associated with a mobile network operator device. Once base station device 102 has verified that the identifier is valid and is associated with a public cryptographic key associated with mobile device 202, base station device 102 can generate a nonce string, encrypt the nonce string, and send/forward an encrypted nonce string to mobile device 202.” And para. [0050] “Once mobile device 202, through facilities provided by verification engine 204, has decrypted the encrypted nonce string received from base station device 102, it can send the now decrypted nonce string back to base station device 102”).

As per claims 15 and 30, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising verifying that the result of de- concealing is valid before obtaining the second set of encryption parameters (Piqueras, para. [0060] “Subsequent to sending the encrypted nonce string to the base station device, at act 708 verification engine 204 can establish, or facilitate the establishment, a secure communication channel between the base station device and the mobile device should the base station device respond with a valid decrypted nonce string.” And para. [0061] “At 810 authentication engine 104 can receive from the mobile device an encrypted combined nonce string, wherein the encrypted combined nonce string can comprise one or both of the first nonce string generated earlier by authentication engine 104 and/or a second nonce string that has been generated and by the mobile device…Authentication engine 104, on receiving the encrypted combined nonce string from the mobile device, at act 812, can decrypt the encrypted combined nonce string by using the private cryptographic key associated with the base station device. The result of the decryption of the encrypted combined nonce string is the first nonce string and/or the second nonce string, wherein the first nonce string was generated by authentication engine 104 and second nonce string was generated by the mobile device (e.g., by verification engine 204).”).

Conclusion
5.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20170272121 A1 – Relaying data over a communication network.
US 20160088096 A1 – Accessing a service and corresponding device.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZOHA PIYADEHGHIBI TAFAGHODI/Examiner, Art Unit 2437   

/KRISTINE L KINCAID/Supervisory Patent Examiner, Art Unit 2437