DETAILED ACTION
 	This Office Action corresponds to the filing of application on 01/15/2020 in which Claims 1, 7, 9, 31, 34-38, 40-42 are presented for examination on the merits. Claims 1, 7, 9, 31, 34-38, 40-42, now re-numbered as claims 1-12 are pending.
Notice of Pre-AIA  or AIA  Status
 	The present application is being examined under the first inventor to file provisions of the AIA . 
Information Disclosure Statement
 	The information disclosure statement (IDS) submitted on 01/15/2000, 02/12/2021, and 07/22/2021 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
The drawings filed on 01/15/2000 are accepted by the examiner.
Priority
 The application is filed on 01/15/2020 and claims the priority of provisional application 62/534,056 filed on 07/18/2017.
Allowable Subject Matter
1.	  Claims 1, 7, 9, 31, 34-38, 40-42 are allowed over prior art of record.
Reasons for Allowance
2. 	The following is an examiner’s statement of reasons for allowance:
  Independent claims 1, 31, and 38 are allowed and the corresponding dependent claims depend upon one of the above-mentioned allowed claims and are therefore allowed by virtue of their dependencies.
Ghosh et al. (US 9286481 B2, cited in PTO-892) discloses a method of controlling access to a resource comprises the following: reading a first code from a user carried device, wherein the first code comprises an encoded form of at least an ID of a user and at least one privilege, and wherein the privilege embodies a policy defining the user's access to the resource; comparing the first code to a second code; and, permitting access only if the first code compares favorably to the second code. In accordance with another aspect of the present invention, a method of controlling access to a resource comprises the following: storing a first code on a user carried device, wherein the first code is based on at least an ID of a user, at least one privilege, a first secret key, and an encoding function, and wherein the privilege defines the user's access to the resource; computing a second code from the user ID, the privilege, a second secret key, and the encoding function, wherein the first and second secret keys are symmetrical, and wherein the second secret key is stored in a user carried device reader; comparing the first code to a second code; and, permitting access only if the first code compares favorably to the second code (Ghosh, Col. 4, lines 21-40).
 Further, Ghosh et al. discloses a reader of an access control system that controls access to a resource comprises a memory and a processor. The memory stores a secret key. The processor reads the secret key from the memory, and reads an ID of a user, at least one privilege, and a first code from an user carried device carried by the user. The processor computes a second code based on the secret key read from the memory and the user ID and privilege read from the user carried device, and compares the first code to the second code. The processor permits access to the resource based on the comparison. The privilege defines the user's access to the resource, and the first code comprises an encoded form of at least the user ID and the privilege (Ghosh, Col. 4, lines 45-65) 
Hammad (US 8602293 B2, cited in PTO-892) discloses a biometric identification system directed toward use of dual-band visual-infrared imaging with appropriate techniques for integrating the analysis of both images to distinguish less reliable from more reliable image components, so as to generate a composite image comprised of layers. Correlation and analysis of the composite layers enables improved reliability in identification. The method and apparatus of the invention provide for efficient and optimized use of dual-band imaging for biometric identification of faces, fingerprints, palm and hand prints, sweat pore patterns, wrist veins, and other anatomical features of humans and animals a verification token for obtaining a device verification value for a portable consumer device. The exemplary verification token comprises a peripheral interface adapted to communicatively couple to a peripheral interface of a computer, a reader adapted to read identification information from portable consumer devices, a computer-readable medium, a data processor electrically coupled to the peripheral interface of the verification token, the reader, and the computer-readable medium, and code embodied on the computer-readable medium that directs the data processor to perform various actions. In exemplary embodiments, the verification token is located within a housing of the computer or a peripheral device electrically coupled to the computer. In an exemplary implementation, the verification token comprises code that directs the data processor to communicate with a computer by way of the verification token's peripheral interface and to gain access to a networking facility of the computer, code that directs the data processor to receive identification information read from a portable consumer device by the reader, code that directs the data processor to transmit at least a portion of the received identification information to an entity that can provide a device verification value (e.g., validation entity or gateway) by way of the networking facility of the computer, and code that directs the data processor to receive, after transmitting said identification information, a device verification value from the entity by way of the networking facility of the computer. The verification token may send the identification information to the computer in a number of forms, including: (1) unaltered form ("clear form"), (2) encrypted form, (3) hashed formed (e.g., encoded), (4) signed form, (5) or any combination of these forms. These forms may be generated by the portable consumer device, the verification token, the computer, or any combination thereof. In addition, the verification token and the entity (e.g., validation entity or gateway) may perform a mutual authentication process before the verification token sends the identification information. As used in the claims, the term "entity that can provide a device verification value" encompasses a validation entity, a gateway, or any combination thereof (Hammad, Col. 2, lines 10-50).
McGeachie (US 8319606 B2, cited in PTO-892) discloses  validation device for an access control system includes modular communication interfaces that provide coupling to the access control system, at least one processor, and a computer readable storage medium storing executable code that is executable by the at least one processor. The computer readable storage medium includes executable code that receives cardholder data in connection with an access request at an access point controlled by the access control system. Executable code is included that validates the cardholder data. Executable code is included that extracts ID information from the validated cardholder data. executable code that sends the extracted ID information to an access decision component of the access control system. The modular communication interfaces may include a first communication port that couples to at least one reader of the access control system and enables the validation device to receive the cardholder data from the at least one reader, a second communication port that couples to the access decision component of the access control system and enables the validation device to send the extracted ID information to the access decision component, and a third communication port that couples to a management station. Executable code may be included that exchanges information with the management station. The executable code that validates the cardholder data may include executable code that authenticates the cardholder data according to an authentication mechanism. The authentication mechanism may be at least one of: cardholder unique identifier (CHUID), card authentication key (CAK), PIV authentication key (PKI), and biometric authentication (BIO). The executable code that validates the cardholder data may perform certificate path discovery and validation to a trusted authority. Executable code may be included that performs enrollment processing for cardholder data that is identified as being used for a first time with the access control system. The enrollment processing may include capturing and storing certificates of the cardholder data that is identified as being used for the first time (McGeachie, Col. 1, lines 45-67, Col. 2 lines 1-15).
 Furthermore, McGeachie discloses  a computer readable storage medium stores executable code executable by the at least one processor, the computer readable storage medium including executable code that receives cardholder data in connection with an access request at an access point controlled by the access control system. Executable code is provided that validates the cardholder data. Executable code is provided that extracts ID information from the validated cardholder data. Executable code is provided that sends the extracted ID information to an access decision component of the access control system. Executable code may be provided that exchanges information with a management station. The executable code that validates the cardholder data may include executable code that authenticates the cardholder data according to an authentication mechanism. The authentication mechanism may be at least one of: cardholder unique identifier (CHUID), card authentication key (CAK), PIV authentication key (PKI), and biometric authentication (BIO). The executable code that validates the cardholder data may perform certificate path discovery and validation to a trusted authority. Executable code may be provided that performs enrollment processing for cardholder data that is identified as being used for a first time with the access control system. The enrollment processing may include capturing and storing certificates of the cardholder data that is identified as being used for the first time. (McGeachie, Col. 2 lines 42-67).
  	Although, the cited references above are from same or similar fields of endeavor however, the Applicant’s invention is directed towards a method of receiving a credential at a mobile communication device, the received credential including a data object that comprises a mobile access control token (MACT) and an access control token (ACT); storing the credential in a secured memory location of the mobile communication device. 
The subject matters of the independent claims 1, 31, and 38 are not taught or fairly suggested by the prior art of record, specifically the limitations in claim 1 that recite: “…wherein the first reader is configured to receive one or both of a mobile access control token (MACT) and an access control token (ACT) from the mobile communication device via the communication channel, wherein the first reader is configured to assess a validity of the MACT, wherein the first reader is configured to provide the mobile communication device with a response that indicates the first reader's validity assessment for the M ACT, and wherein the response provided by the first reader enables the mobile communication device to present the ACT or another credential derived from the ACT to other readers of the physical access control system; and a second reader configured to assess a validity of the ACT or a credential derived from the ACT based on a presentation of the ACT or the credential derived from the ACT by the mobile communication device, wherein the second reader is at a second position in the physical access control system that is internal with respect to the first position...” in combination with the rest of the limitations recited in the independent claim 1.
 	Independent claims 31 and 38 recite similar subject matters as to those in claim 1.
 	The claimed subject matters are novel and non-obvious in scope over the prior art of record as the prior-art references fail to teach each and every features of the independent claim(s) including the limitations set forth above.
 	In view of the foregoing, the scope of claimed subject matters renders the invention patentably distinct as none of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
  	Furthermore, the Examiner performed updated search which does not yield other specific references that reasonably, either alone or in combination, would result a proper rejection of all the claimed features presented in each of the independent claims 1, 31 and 38 under 35 U.S.C 102 or 35 U.S.C.103 with proper motivation. 
 	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."
					Conclusion	
3.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHFUZUR RAHMAN whose telephone number is (571)270-7638.  The examiner can normally be reached on Monday thru Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-88788593.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MAHFUZUR RAHMAN/Primary Examiner, Art Unit 2498