DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 03/18/2022 has been entered.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 07/31/2018 and 01/04/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1, 2, 5, 8, 10, 11, 26 and 27 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 2017/0317833 A1 Smith et al. in view of NZ 585446 A Gill et al. 

Regarding claim 1, Smith teaches a method of configuring a terminal in a payment system via electronic communication with an operator device (Smith Para. [0155] computer element may be configured in specific ways; Para. [0128-0132] the use of the terminals may be for payments), the method comprising:  
identifying, at the terminal whether the terminal is already bound to an operator device, by checking whether an operator identifier corresponding to one of a plurality of operators has already been introduced to the terminal (Smith Para. [0059-0060] a digital ledger is present, that records operators access to the system, and determines if they have had previous access), wherein the operator identifier is a unique data element corresponding to a specific one of the plurality of operators in the payment system (Smith Para. [0106] the personal identification information is unique to the specific user), the operator identifier for identification of the operator device being is introduced into the terminal by the operator device after the production of, and up to commissioning the terminal into service (Smith Para. [0040] devices and system may be adapted to use a secure authentication of operators; this would mean the terminals are already produced, and that the authentication may be installed before use of the terminal); 
determining, at the terminal, whether a chain of trust of a public-key infrastructure is complete from a digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor (Smith Para. [0060-0064] the attest key combines hashed data, which includes operator identifier, with a public key to allow use/setup of device; Para. [0070] the operator may input their information, and then use the keys to verify the operator is able to attain this desired request; Para. [0077]), wherein a complete certificate chain up to the trust anchor is provided to the terminal at a time of the introduction of the operator identifier, such that the terminal ensures that (i) the operator identifier was given by a trustworthy certification body, (ii) an authorized operator device was identified, and (iii) the digital certificate was not manipulated during electronic transfer to the terminal (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific key to an operator), 
extracting, at the terminal, the operator identifier from a digital certificate of a signing device for signing applications and permanently storing the operator identifier it in an integrity-protected-non-volatile memory so that the terminal is bound to the operator device, wherein the operator identifier is stored as an expansion in a digital certificate which is signed by the certification body, such that the terminal is associated with the authorized operator device, the operator identifier authorizes the operator device (Smith Para. [0071] creating a hash key to associate with an operator, and using that information to verify the operator, and this information may be stored for future extraction), and an authorization of the operator device is established by the terminal, wherein after successful authorization of the at operator device (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific key to an operator); 
transferring cryptographic keys during an asymmetrical cryptography from an operator device that distributes cryptographic keys, wherein cryptographic keys and a 2corresponding digital certificate of the operator device for introducing cryptographic keys are transmitted to the terminal (Smith Para. [0054] asymmetric key cryptography used to allow access to only operators using their specific secret key); 
verifying, at the terminal, that the chain of trust from the digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor is complete (Smith Para. [0077-0078] a verification protocol is used to authenticate the operator, who used the attest key, to access information);
extracting, at the terminal the operator identifier from the digital certificate of the operator device for introducing cryptographic keys, and verifying whether the operator identifier corresponds to the operator identifier previously introduced to the terminal (Smith Para. [0086] verification may be done by using previously attested to information, in which a previous operator identifier was introduced to the terminal using keys and certificates);
rejecting in an instance in which the operator identifier corresponds to another of the plurality of operator devices, wherein the terminal only permits a change by the operator device with which the terminal is associated (Smith Para. [0150] if the individuals action are unauthorized, the action is halted); and 
accepting, at the terminal, only cryptographic keys which are authorized by the operator device for introducing cryptographic keys and, introducing the cryptographic keys from the operator device, into the terminal, the cryptographic keys being encrypted by the operator device using a public key of the terminal and signed using a private key, and the cryptographic keys are decrypted by the terminal after their introduction into the terminal which has a corresponding private key (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific keys to an operator; Para. [0086] the trusted keys are further verified using signatures and other information associated with the operator). 

Gill is in the field of authorization (Gill Pg. 12, Lns. 32-36, The long process differs from others in the field in that it uses strong mutual authentication of parties at all stages. The file received from POS terminal suppliers (the Key Data File) is signed with a public/private key pair and then not only does the PED device authenticate itself to the computer system 2, but the terminal verifies that the computer system 2 is the authorized source for the master key) and teaches the terminal being a POS terminal (Gill Pg. 2, Lns. 31-33, In one aspect the present invention may be said to consist in a method of reconfiguring a POS terminal comprising: receiving at a computer system configuration data indicating operating configuration of a POS terminal), a method of configuring a POS terminal of an operator, wherein the configuration or the change of the configuration comprises the steps of; the POS terminal performs the configuration or the change of the configuration; rejecting the configuration of the change of the configuration wherein the POS terminal only permits a change of a configurable property (Gill Pg. 2, Lns 31-Pg. 3, Ln. 2, configuration of a POS terminal, and when there is not a match the configuration originally suggested in rejected). 
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the POS terminal of Gill. The motivation for doing so would be to increase security in a field where private financial information is exchanged (Gill, Pg. 2, Lns. 24-26, increased security in relation to POS terminals).

Regarding claim 2, modified Smith teaches the method of claim 1, characterized in that the at least one operator initializes a POS terminal which is uninitialized by a producer of the POS terminal (Smith Para. [0040] devices and system may be adapted to use a secure authentication of operators; this would mean the terminals are already produced, and that the authentication may be installed before use of the terminal).


Regarding claim 5, modified Smith teaches the method of claim 1, wherein the POS terminal verifies cryptographically with which operator device the POS terminal is associated (Smith Para. [0054] asymmetric key cryptography used to allow access to only operators using their specific secret key).

Regarding claim 8, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein a payment application is configured during the configuration. Gill teaches wherein a payment application is configured during the configuration (Gill Pg. 11, Lns. 16-30, payment machine incorporated with authentication and verification). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the payment application of Gill. The motivation for doing so would to increase security in a field where private financial information is exchanged (Gill, Pg. 2, Lns. 24-26, increased security in relation to POS terminals).

Regarding claim 10, modified Smith teaches the method of claim 1, wherein the payment application is signed using a private key (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific keys to an operator).
 
Regarding claim 11, modified Smith teaches the method of claim 1, wherein a public key is known to the terminal, and a right is granted using this public key to introduce the terminal, and the terminal carries out a check of the authorization before the introduction of the application, and/or a manipulation of the application is checked by the terminal (Smith Para. [0070] the operator may input their information, and then use the keys to verify the operator is able to attain this desired request). Smith fails to explicitly disclose the request being to introduce applications into the POS terminal. Gill teaches the method characterized in that introducing applications into the POS terminal (Gill Pg. 12, Lns. 32-36, the authorization has a public and private key, comparison and authenticate). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the application of Gill. The motivation for doing so would be to increase security in a field where private financial information is exchanged (Gill, Pg. 2, Lns. 24-26, increased security in relation to POS terminals).

Regarding claim 26, modified Smith teaches the method of claim 1, wherein to verify an operator device association with a POS terminal, a random number is generated and transmitted to the POS terminal, and the POS terminal forms a tuple from random number and operator identifier and signs the tuple using the private key, wherein the POS terminal responds with the operator identifier, the signature and the digital certificate, and subsequently the digital certificate is checked, subsequently the tuple of random number and operator feature is formed, the tuple of the random number and operator identifier is formed, and the signature of the tuple is checked using the public key from the digital certificate (Smith Para. [0065] the nonce may be a random number generated; Para. [0067] the user may comprise a certification to verify the user; Para. [0077] verification process of keys; attestation protocol is able to assign a user specific keys to an operator). 

Regarding claim 27, modified Smith teaches a method of changing a configuration of a terminal that was initially configured in accordance with claim 1, the method comprising: 
verifying, at the terminal, that an operator identifier corresponding to one of a plurality of operator devices has already been introduced to the terminal (Smith Para. [0086] verification may be done by using previously attested to information, in which a previous operator identifier was introduced to the terminal using keys and certificates); 
determining, at the processor of the terminal, whether a chain of trust of a public- key infrastructure is complete from a digital certificate for a change of configuration which contains the operator identifier for identification of the operator device up to a trust anchor (Smith Para. [0060-0064] the attest key combines hashed data, which includes operator identifier, with a public key to allow use/setup of device; Para. [0070] the operator may input their information, and then use the keys to verify the operator is able to attain this desired request), wherein a complete certificate chain up to the trust anchor is provided to the terminal at a time of the introduction of the operator identifier, such that the terminal ensures that (i) the operator identifier was given by the trustworthy certification body, (ii) an authorized operator device was identified, and (iii) the digital certificate was not manipulated during electronic transfer to the terminal (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific keys to an operator), 
extracting, at the terminal, the operator identifier from a digital certificate of a signing device for signing applications including configuration data, and verifying whether the operator identifier corresponds to the previously introduced operator identifier which authorizes the operator device (Smith Para. [0071] creating a hash key to associate with an operator, and using that information to verify the operator, and this information may be stored for future extraction), wherein after successful authorization of the operator device, the terminal performs the change of the configuration (Smith Para. [0077] verification process of keys; attestation protocol is able to assign a user specific keys to an operator); 
transferring cryptographic keys associated with the change of configuration during an asymmetrical cryptography from an operator device that distributes cryptographic keys, wherein cryptographic keys and a corresponding digital certificate of the operator device for introducing cryptographic keys are transmitted to the terminal (Smith Para. [0054] asymmetric key cryptography used to allow access to only operators using their specific secret key); 
verifying, at the terminal, that the chain of trust from the digital certificate for the change of configuration which contains the operator identifier for identification of the operator device up to a trust anchor is complete (Smith Para. [0077-0078] a verification protocol is used to authenticate the operator, who used the attest key, to access information); 
extracting, at the terminal, the operator identifier from the digital certificate for the change of configuration, and upon verifying that the operator identifier corresponds to the previously introduced operator identifier, introducing the cryptographic keys into the terminal (Smith Para. [0086] verification may be done by using previously attested to information, in which a previous operator identifier was introduced to the terminal using keys and certificates). Smith fails to explicitly disclose the terminal being a POS terminal. Gill teaches the terminal being a POS terminal (Gill Pg. 2, Lns. 31-33, In one aspect the present invention may be said to consist in a method of reconfiguring a POS terminal comprising: receiving at a computer system configuration data indicating operating configuration of a POS terminal). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the POS terminal of Gill. The motivation for doing so would be to increase security in a field where private financial information is exchanged (Gill, Pg. 2, Lns. 24-26, increased security in relation to POS terminals).










Claims 18-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 2017/0317833 A1 Smith et al. in view of NZ 585446 A Gill et al and further in view of US 2009/0125996 A1 Guccione et al..

Regarding claim 18, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein runtime parameters are configured during the configuration. Guccione teaches wherein runtime parameters are configured during the configuration (Guccione Para. [0056] In a preparatory phase (not shown) the MTP 200 has executed a certified initial startup procedure and has loaded a specific trusted software layer of the OS and its trusted units; Para. [0105] Before the procedure of FIG. 8 begins, it is assumed the MTP 200 has performed an initial startup process and loaded the trusted operating system and trusted services. This procedure in particular includes the instantiation of the services vSIM-CORE and vSIM-MGMT. The trustworthiness of the platform is checked so that the installed hardware and running software are in a trusted state and configuration. The MTP is able to report and certify this state when queried by an authorized entity). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the runtime parameters of Guccione. The motivation for doing so would be to open and run the desired parameters needed for the actions being performed, the parameters which are trusted operating systems and services ready for upload (Guccione Para. [0105]).

Regarding claim 19, modified Smith teaches the method of claim 18. Smith fails to explicitly disclose wherein changes of the runtime parameters for the configuration of the POS terminal take place only after successful authorization by a terminal management system. Guccione teaches wherein changes of the runtime parameters for the configuration of the POS terminal take place only after successful authorization by a terminal management system (Guccione Para. [0056] In a preparatory phase (not shown) the MTP 200 has executed a certified initial startup procedure and has loaded a specific trusted software layer of the OS and its trusted units; Para. [0105] Before the procedure of FIG. 8 begins, it is assumed the MTP 200 has performed an initial startup process and loaded the trusted operating system and trusted services. This procedure in particular includes the instantiation of the services vSIM-CORE and vSIM-MGMT. The trustworthiness of the platform is checked so that the installed hardware and running software are in a trusted state and configuration. The MTP is able to report and certify this state when queried by an authorized entity). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the runtime parameter authorization of Guccione. The motivation for doing so would be to open and run the desired parameters needed for the actions being performed, the parameters which are trusted operating systems and services ready for upload (Guccione Para. [0105]).

Regarding claim 20, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein a terminal management system communicates with the POS terminal via a direct communication connection, and the terminal management system establishes an encrypted communication connection to the POS terminal, and the terminal management system authenticates itself with the POS terminal by means of an asymmetrical key pair and a corresponding digital certificate, and the POS terminal carries out an authorization check, and upon authorization, a change of runtime parameters is performed. Guccione teaches wherein a terminal management system communicates with the POS terminal via a direct communication connection, and the terminal management system establishes an encrypted communication connection to the POS terminal, and the terminal management system authenticates itself with the POS terminal by means of an asymmetrical key pair and a corresponding digital certificate, and the POS terminal carries out an authorization check, and upon authorization, a change of runtime parameters is performed (Guccione Para. [0064] vSIM-MGMT then generates an asymmetrical signature key pair K-U and generates a corresponding certificate which includes all of the user's relevant information (REGDATA-U, the public portion of K-U), at 552. The service vSIM-MGMT then transmits the certificate CERT-U and an attestation, signed by the private portion of K-U, to the service vSIM-ECORE, at 554. Within the scope of a trusted environment it is assumed that a secure link is established between the vSIM-MGMT and vSIM-CORE; the claim limitation discusses the process of how asymmetric cryptography is performed). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the asymmetric cryptogaphy of Guccione. The motivation for doing so would be to use a more dynamic security measure, which creates a more secure software solution (Guccione Para. [0005] Accordingly, a more dynamic and concurrently secure software based solution to the SIM function is needed).

Regarding claim 21, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein a terminal management system communicates with the POS terminal without a direct communication connection, and changes of runtime parameters are carried out using signed data packets and a subsequent authorization check. Guccione teaches wherein a terminal management system communicates with the POS terminal without a direct communication connection, and changes of runtime parameters are carried out using signed data packets and a subsequent authorization check (Guccione Para. [0056] In a preparatory phase (not shown) the MTP 200 has executed a certified initial startup procedure and has loaded a specific trusted software layer of the OS and its trusted units; Para. [0105] Before the procedure of FIG. 8 begins, it is assumed the MTP 200 has performed an initial startup process and loaded the trusted operating system and trusted services. This procedure in particular includes the instantiation of the services vSIM-CORE and vSIM-MGMT. The trustworthiness of the platform is checked so that the installed hardware and running software are in a trusted state and configuration. The MTP is able to report and certify this state when queried by an authorized entity). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the runtime parameter authorization of Guccione. The motivation for doing so would be to open and run the desired parameters needed for the actions being performed, the parameters which are trusted operating systems and services ready for upload (Guccione Para. [0105]).

Claims 22-24 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 2017/0317833 A1 Smith et al. in view of NZ 585446 A Gill et al and further in view of US 6,490,367 B1 Carlsson et al.

Regarding claim 22, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein to activate optional functions of the POS terminal, a license for activation is granted by using a producer device to activate the optional functions of the POS terminal. Carlsson is in the field of administering certificates (Carlsson Abstract, A system for administering certificates involves the generation, distribution and recall of certificates for public key systems. The generation comprises generating encryption keys and personalizing smart cards) and teaches wherein to activate optional functions of the POS terminal, a license for activation is granted by using a producer device to activate the optional functions of the POS terminal (Carlsson Col. 5, Lns. 11-19, Starting from the requirements for local verification of the certified person's identity and role and for simple administration, and from the security requirements, the architectural requirements can be summarized as follows: Distributed function: it will be possible for a certificate to be requisitioned and briefly personalized at the lowest possible organizational level, and preferably where this certificate is later to be used. A basic consideration is that personal recognition is best at local level). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the license/certificate of Carlsson. The motivation for doing so would be to give the administrator authority to send a unique identity to each system to ensure a secure transaction (Carlsson Col. 5, Lns. 41-52, The CA central unit represents the central part of the system where CA keys are stored and where verification and signing of the finished certificate take place. A CA central unit will manage to administer one or more CA terminals. A CA central unit can itself accommodate one or more CA identities (i.e. one or more private CA keys). A CA central unit has a system-unique identity. The CA terminal is the unit where an authorized CA administrator makes a request for a certificate. The CA administrator signs this request and sends it to the central unit. A CA terminal has a system-unique identity and is certified by each CA it serves).

Regarding claim 23, modified Smith teaches the method of claim 22. Smith fails to explicitly disclose wherein the activation takes place in the form of license keys. Carlsson teaches wherein the activation takes place in the form of license keys (Carlsson Col. 5, Lns. 11-19, Starting from the requirements for local verification of the certified person's identity and role and for simple administration, and from the security requirements, the architectural requirements can be summarized as follows: Distributed function: it will be possible for a certificate to be requisitioned and briefly personalized at the lowest possible organizational level, and preferably where this certificate is later to be used. A basic consideration is that personal recognition is best at local level). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the license/certificate of Carlsson. The motivation for doing so would be to give the administrator authority to send a unique identity to each system to ensure a secure transaction (Carlsson Col. 5, Lns. 41-52, The CA central unit represents the central part of the system where CA keys are stored and where verification and signing of the finished certificate take place. A CA central unit will manage to administer one or more CA terminals. A CA central unit can itself accommodate one or more CA identities (i.e. one or more private CA keys). A CA central unit has a system-unique identity. The CA terminal is the unit where an authorized CA administrator makes a request for a certificate. The CA administrator signs this request and sends it to the central unit. A CA terminal has a system-unique identity and is certified by each CA it serves).

Regarding claim 24, modified Smith teaches the method of claim 1. Smith fails to explicitly disclose wherein a hardware topology is configured during the configuration. Carlsson teaches wherein a hardware topology is configured during the configuration (Carlsson Col. 15, Lns. 33-46, Physical and logical administration will be possible during the use of the centre, but it will not be possible for the base components to be altered. After a CA centre's death, components can be reused or the whole centre can be destroyed. In order to achieve this (to have a strong protection at the same time as some administration may be permitted), it is possible to have the CA consist of two parts. One part which contains the hardware and the programs (base components) which are needed for the centre to be able to execute its tasks, and one part which makes it possible physically to administer the centre during operation. The part with base components is given a physical protection which in principle makes it impossible to open the part without it being destroyed (becomes unusable)). It would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify the method of Smith with the hardware of Carlsson. The motivation for doing so would be to make it possible to physically administer the operation in the centre (Carlsson Col. 15, Lns. 44-46, The part with base components is given a physical protection which in principle makes it impossible to open the part without it being destroyed (becomes unusable)).

Allowable Subject Matter
The following claims drafted by the examiner and considered to distinguish patentably over the art of record in this application, are presented to applicant for consideration: 
1. A method of configuring a POS terminal in a payment system via electronic communication with of an operator device, the method comprising:  
identifying, at the POS terminal whether the POS terminal is already bound to an operator device, by checking whether an operator identifier corresponding to one of a plurality of operators has already been introduced to the POS terminal, wherein the operator identifier is a unique data element corresponding to a specific one of the plurality of operators in the payment system, the operator identifier for identification of the operator device being is introduced into the POS terminal by the operator device after the production of, and up to commissioning the POS terminal into service; 
determining, at the POS terminal, whether a chain of trust of a public-key infrastructure is complete from a digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor, wherein a complete certificate chain up to the trust anchor is provided to the POS terminal at a time of the introduction of the operator identifier, such that the POS terminal ensures that (i) the operator identifier was given by a trustworthy certification body, (ii) an authorized operator device was identified, and (iii) the digital certificate was not manipulated during electronic transfer to the POS terminal, 
extracting, at the POS terminal, the operator identifier from a digital certificate of a signing device for signing applications and permanently storing the operator identifier it in an integrity-protected-non-volatile memory so that the POS terminal is bound to the operator device, wherein the operator identifier is stored as an expansion in a digital certificate which is signed by the certification body, such that the POS terminal is associated with the authorized operator device, the operator identifier authorizes the operator device, and an authorization of the operator device is established by the POS terminal, wherein after successful authorization of the at operator device, the POS terminal performs the configuration; 
transferring cryptographic keys during an asymmetrical cryptography from an operator device that distributes cryptographic keys, wherein cryptographic keys and a 2corresponding digital certificate of the operator device for introducing cryptographic keys are transmitted to the POS terminal; 
verifying, at the POS terminal, that the chain of trust from the digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor is complete;
extracting, at the POS terminal the operator identifier from the digital certificate of the operator device for introducing cryptographic keys, and verifying whether the operator identifier corresponds to the operator identifier previously introduced to the POS terminal;
rejecting the configuration in an instance in which the operator identifier corresponds to another of the plurality of operator devices, wherein the POS terminal only permits a change of a configurable property by the operator device with which the POS terminal is associated; 
and 
activating, optional functions of the POS terminal, wherein using a license for activation is granted by using a producer device to activate the optional functions of the POS terminal.




23. (Previously presented). The method of claim 1, wherein the activation takes place in the form of license keys.

The following is a statement of reasons for the indication of allowable subject matter:  Regarding 103, with the addition of claim language previously found in claim 22, and the affirmative action of activation of a POS terminal with a license for optional functions, would be a combination that allows for further configuration that is specific to a POS terminal. With the primary reference comprising a generic computer, further limiting specifics as it relates to a POS terminal, and it would destroy the inherent purpose of a generic computer, and the obviousness to combine is no longer present. As claim 22 stands, without amendment, the activation with a license is shown as a future possibility, instead of an action actively being taken by the POS terminal, and with amendment would move the prosecution forward.

Response to Arguments
Applicant's arguments filed 03/18/2022 have been fully considered but they are not persuasive. 
 Regarding 103, Applicant specifically focuses on independent claim 1 limitations 
-"checking whether an operator identifier corresponding to one of a plurality of operator devices has already been introduced to the POS terminal, wherein the operator identifier is a unique data element corresponding to a specific one of the plurality of operators in the payment system, the operator identifier for identification of the operator device being introduced into the POS terminal by the operator device  after the production, and up to commissioning the POS terminal into service in the payment" and 
-"determining, at the POS terminal, whether a chain of trust of a public-key infrastructure is complete from a digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor."
Applicant believes Smith does not disclose the implementation of PKI , which is well known to assure a specific person or organization is actually registered as belonging to a specific technical account. Throughout Smith, the Examiner has cited to a ledger, which records operator identifiers, as well as any other accounts allowed access Para. [0059-0060], that personal identification information is unique to a specific user Para. [0106], and that the authentication may be installed before the use of the terminal, but after the production of the terminal Para. [0040].
Applicant asserts the difference in Smith and the claimed limitation include
Para. [0059-0060] that a digital ledger is different that operator identifiers being stored in a non-volatile integrity-protected memory, which Examiner does not note any difference. The digital ledger of Smith is found within a computer memory, that is protected. 
Para. [0040] POS terminal bound to an operator device being distinct from Smiths addition of devices to attestation systems. Examiner notes Smith is able to connect two systems after production. 
Para. [0070-0071];[0077] binding of the Operator Device of the terminal is distinct from Smiths description of changes of user information that are in a secure blockchain, using hashes and keys for validation, but Examiner notes that Smith is able to teach the secure linking of different accounts, with authentication keys and hashes. 
Para. [0054] the public keys of Smith are used to implement the new applications being introduced into the POS system, but the blockchain is also used to form the trust that the operator is allowed access to control the POS terminal, which would disclose validation of the operators ability to import keys
Para. [0150] Smith gives the ability to authorize or deny access, which Examiner notes is the same as rejecting access if the operator identifier is not part of the authorized list, and therefore is rejected
Para. [0077];[0086] using specific keys and signatures show that only those that have access may import the asymmetric keys, which would be when the operator identifier matches those that are allowed, as is claimed. 
Applicant specifically points to “determining, at the POS terminal, whether a chain of trust from a digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor is complete."; Examiner points specifically to Para. [0070] and Para. [0077], which is able to teach using an operator key to gain access, and includes an attestation process to confirm that the operator is able to have access to the specific account, and therefore establishes a chain of trust. In addition to Para. [0060-0064] uses hashes data to include operator identifiers combined with public keys to allow use/setup of devices. 
Applicant additionally mentions " transferring cryptographic keys during an asymmetrical cryptography from an operator device that distributes cryptographic keys, wherein cryptographic keys and a 2corresponding digital certificate of the operator device for introducing cryptographic keys are transmitted to the terminal."; Examiner cited to Para. [0054] in which asymmetric key cryptography is used to allow access to specific users, and those operators are distinct to specific accounts found in the ledger.
Next applicant states claim limitation “verifying, at the terminal, that the chain of trust from the digital certificate which contains the operator identifier for identification of the operator device up to a trust anchor is complete”; which Examiner points to Para. [0077-0078] that indicates a verification protocol for an operator to access the information. 
Gill is not presented to teach the above limitations, and therefore, the argument that Gill does not teach those limitations is accurate. The combination of Smith, which does teach the limitations, as discussed above, combined with the limitations not found in Smith, presented by Gill, teaches the entirety of claim 1, and therefore the 103 rejections is maintained for independent claim 1. 
Next, Applicant discuses dependent claims 18-24, as not teaching the claim limitations discussed above in claim 1, and that the additional art does not teach those limitations. Examiner notes that the additional art is not intended to teach the above limitations, but to teach the limitations not found in Smith as discussed on the previous office action. Applicant has therefore not presented reasoning why dependent claims 18-24 are to overcome the 103 rejection, and therefore it is maintained. 

Applicant’s arguments, see Pg. 8-11, filed 03/18/2022, with respect to Claims 1-3, 5-8, 10, 11, 13 and 26 have been fully considered and are persuasive.  The 101 of 11/29/2021 has been withdrawn. Regarding 101, The 101 has been re-evaluated, and the Examiner notes that the system includes a POS terminal, and POS terminals are used in everyday economic principles, but the claim is directed to the act of configuring the POS terminal. Therefore, under Step 2A Prong 1, the claimed subject matter, as recited, does not fall into any of the enumerated groupings considered abstract ideas. Therefore, the 101 rejection is removed. 

Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 2015/0371031 A1 Ueno et al. teaches changing configurations of a virtual system (Para. [0026]). US 2008/0189774 A1 Ansari et al. teaches trust chains and public keys for terminal use authorization (Para. [0106-0110]; Para. [0119]).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JESSICA E SULLIVAN whose telephone number is (571)272-9501. The examiner can normally be reached M-Th; 7:30 AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NATHAN UBER can be reached on (571)270-3923. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/J.E.S./Examiner, Art Unit 3687                                                                                                                                                                                                        
/NATHAN C UBER/Supervisory Patent Examiner, Art Unit 3687