DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated on May 03, 2022.
Claims 1, 3-4, 6-11, 13-14 and 16-20 are allowed.

Allowable Subject Matter
Claims 1, 3-4, 6-11, 13-14 and 16-20 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance.
Independent Claim 1 is allowable based on the amendment presented on May 03. 2022.
Specifically, the independent Claim 1 now recites limitations as follows:
“An electronic device comprising: 
a display; 
a memory configured to store encryption information; 
a processor; and 
a switch configured to electrically disconnect the processor from the memory in a first state and to electrically connect the processor and the memory in a second state,
wherein the processor is configured to: 
receive a user input for switching the switch from the first state to the second state while the switch is in the first state, 
provide the encryption information stored in the memory to a secure application executing only in a second execution environment through a secure operating system of the second execution environment, when the switch is switched from the first state to the second state to generate an electrical path between the memory and the processor, 
acquire signature information for a transaction based on the encryption information, and 
provide the signature information acquired based on the encryption information to a signature request application, 
wherein the processor is further configured to: 
receive a signature request for the transaction by using the signature request application, 
provide a token for signing the transaction obtained using the secure application to the signature request application in response to the reception of the signature request, 
provide the token to an authentication secure application executing in the second execution environment by using the signature request application in response to providing the token to the signature request application, 
authenticate a user of the electronic device using the authentication secure application, 
provide an encryption token for the token obtained using the authentication secure application to the secure application through the signature request application when the user of -2-Serial No: 16/931,616Docket No: 4500-1-654 Reply to Office Action of: February 15, 2022 Amendment Dated: May 3, 2022the electronic device is authenticated, 
provide a decrypted encryption token to the secure application in response to a decryption request, and 
acquire the signature information for the transaction based on the encryption information by using the secure application when the decrypted encryption token corresponds to the token obtained using the secure application”.
The cited reference Thadikaran et al. (US PGPUB. # US 2013/0283380) discloses, a lockable storage would be configurable ranges of either secure storage or modification locked storage because the fixed the secure storage is inaccessible to normal users anyways. In a further embodiment and in addition to the locking storage, a physical switch (e.g., hardware switch 142 for FIG. 1 above) could be employed to make an "always on" secure storage inaccessible even to authenticated users while the switch is on. In one embodiment, locking down secure storage to all others is actually is a useful feature because a lot of malware can attack other, potentially (normally) trusted applications that may have access to the secure store. (Fig. 1, ¶65). A user can initiate the lock by using a switch that is outside the control of the operating system. In this embodiment, this action creates a system interrupt that would be communicated via trusted API 146 and trusted firmware 118 to lock the lockable storage 702. As described above, this could be used to lock important user files such as antivirus data files, financial files, and personal files. The user locking mechanism is further described in FIG. 10 below. In another embodiment, data in the lockable storage can be locked down by the operating system. In one embodiment, the operating system selectively locks different parts of lockable storage during boot time. This embodiment can be used to lock down important operating system data (including master boot record, and other important operating system components) during the computer boot time. (¶66). At block 1006, method 1000 receives an indication that a user lockdown has been activated. In one embodiment, a user may initiate a lockdown of lockable storage by activating a dedicated switch for the lockdown, a keyboard combo (e.g., ALT+F5, etc.), a touch sequence if using a touch user interface, or any other way to indicate a command to a computer as known in the art. At block 1008, method 1000 triggers system interrupt on the computer system, which the software on the system is listening for. In one embodiment, by triggering interrupt, method 1000 that executes a lockdown is outside of the operating system control. This is useful if malware, virus, etc., may be present on the computer system so that the malware cannot defeat the user initiated lockdown. At block 1010, method 1000 sends a message to the storage system to perform the user lockdown. In one embodiment, method 1000 uses a tunnel between an agent executing method 1000 in the operating system to the secure storage system to perform the user lockdown. In one embodiment, method 1000 uses the tunnel as described above in FIGS. 1-6 above. At block 1012, method 1000 indicates that the user lockdown is completed. In one embodiment, method 1000 displays on this display of the computer system an icon or other graphical image that indicates that the user lockdown mode is initiated. (Fig. 10(1006, 1010), ¶77-¶78).
The reference by van de Ruit et al. (US PGPUB. # US 2019/0121988) discloses, a the memory system comprises a low security memory 110 and a high security memory 210, for storing the low and high security data areas respectively. For example, the high security memory 210 may be used to store private keys, whereas the low security memory 110 may comprise less sensitive information, e.g., the corresponding public keys. Access to high security memory 210 is restricted, for example, only restricted application may access the high security memory 210. For example, software or hardware measures may be taken to restrict access to the high security memory 210. Blockchain transaction device 100 may comprise a low security processor circuit 120 and a high security processor circuit 220. The high and low security processor circuits may be used to execute the cryptographic kernel application and the transaction application respectively. The high and low security data areas may store the computer instructions implementing the cryptographic kernel application and the transaction application respectively, or part thereof. (¶111). The blockchain transaction device 100 may have a kernel having a user mode and a kernel mode, wherein the cryptographic kernel runs in kernel mode, but the transaction application runs in user mode. For example, blockchain transaction device 100 may be arranged so that applications that run in user mode do not have access to the high security area. (¶120). Cryptographic kernel 430 comprises a signing unit 440. The signing unit 440 is configured to access the high security data area and compute the signature from the private key. For example, signing unit 440 may execute a signing algorithm that corresponds to the signature algorithm, e.g., the ECDSA signing algorithm, etc. The correct signing key may be selected through a key index or key identifier which may also be supplied on interface 460. The signing unit 440 may directly receive a hash value to sign from interface 460 and transaction application 330. This keeps the cryptographic kernel small, as it does not need a hashing algorithm. In theory, this keeps the threat that a rogue or hacked transaction application may perform transactions that are not authorized by the user. Still, this set-up provides several advantages, an attacker cannot extract the private key from area 420, so that the attacker needs to have access to device 300 at the time he wants to attack a particular key. (¶136). FIG. 6 schematically shows an example of an embodiment of a blockchain transaction method 600. Blockchain transaction method 600 is arranged to generate a transaction for a blockchain. For example, blockchain transaction method 600 could be executed on hardware such as device 100, 202, 201, 300 and 500. Method 600 comprisesproviding (610) a private key of a public key and private key pair in a high security data area, generate (620) a transaction in a transaction application, said transaction comprising a signature, calling (630) a signing interface of a cryptographic kernel application to obtain a signature for including in the transaction, accessing (640) the high security data area and computing (650) the signature from the private key, by a cryptographic kernel application comprising the signing interface, transmitting (660) the transaction for inclusion in the blockchain. (Fig. 6, ¶187).
The reference by Jonathan E. Ramaci (US PGPUB. # US 2013/0307670) discloses, the system authenticates the identity of the user based on the comparison of the biometric scan to the biometric information. In an embodiment, based on the comparison between the biometric scan and the biometric information, the system may authenticate the user's identity. In an embodiment, the user is identified based on a statistical similarity test. For example, the user is authenticated if the biometric scan and the biometric information are 95% similar. The level of similarity may be adjusted to account for variation in biometric scanner resolution, desired level of confidence, or any other feature. For example, the level of similarity may be set to 90%, 99%, or 99.9%. Once authenticated, the user may gain access to the system and/or the mobile device. As will be discussed in greater detail in FIG. 5, the user will be able to access secure areas of the biometric authentication system and perform actions that are based on authentication of the user's identity. For example, the user may be able to biometrically sign a transaction or legal document using the biometric authentication system. In this example, the biometric signature would supplement and/or replace a written signature. Other examples will be discussed and it should be understood that these examples are merely exemplary and one skilled in the art would be able to use the biometric authentication system in other ways. (¶39).
Korkishko et al. (US PGPUB. # US 2015/0121516) discloses, a method and electronic device for enhancing security authentication. An execution mode may be changed from a non-trusted execution mode to a trusted execution mode. At least one input may be authenticated while in the non-trusted execution mode. (Abstract).
Upendra Mardikar (US PAT. # US 8,108,318) discloses, a client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key. (Abstract).
Alain Hiltgen (US PGPUB. # US 2019/0138707) discloses, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where the key associated with first challenge type may be selected by the secure component from multiple keys (for the generation of the first challenge response) based on the first challenge corresponding to the first challenge type. The first challenge response may be provided to the computer system. (Abstract).
GIJS et al. (EP # 3246845) discloses, a data processing system with a trusted execution environment, comprises a host processor (12) having a secure mode for operating in the trusted execution environment and a non-secure mode; and a secure module (10) configured to respond to tokens posted by the host processor in secure mode, wherein each token identifies a secure asset, and source and destination addresses within secure and public address spaces. The secure module includes an internal memory (16) storing secure assets identifiable by the tokens; a memory access circuit (26) connected to read data from the source addresses and write processed data to the destination addresses; and a cryptography engine (18, 20) configured to process the read data using the identified secure assets. The secure module (10') is configured to also respond to tokens posted by the host processor in non-secure mode. The internal memory (16') of the secure module stores a rule (Px) together with each secure asset (Ax), defining permissions as to the address spaces where the memory access circuit may read and write the data. The secure module ignores tokens that do not satisfy the permissions defined for the corresponding assets. (Abstract).
Antonios Dimitrios Broumas (US PGPUB. # US 2016/0253519) discloses, a method for securing sensitive data on a mobile device are provided. The method includes receiving an encryption or decryption request for the sensitive data on the mobile device, forwarding a file access request for the sensitive data to a secure environment, instantiating a trusted user interface (TUI), collecting user input via the TUI, generating a key using the collected user input, and encrypting or decrypting the sensitive data on the mobile device. (Abstract).
However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “…wherein the processor is further configured to: receive a signature request for the transaction by using the signature request application, provide a token for signing the transaction obtained using the secure application to the signature request application in response to the reception of the signature request, provide the token to an authentication secure application executing in the second execution environment by using the signature request application in response to providing the token to the signature request application, authenticate a user of the electronic device using the authentication secure application, provide an encryption token for the token obtained using the authentication secure application to the secure application through the signature request application when the user of -2-Serial No: 16/931,616Docket No: 4500-1-654 Reply to Office Action of: February 15, 2022 Amendment Dated: May 3, 2022the electronic device is authenticated, provide a decrypted encryption token to the secure application in response to a decryption request, and acquire the signature information for the transaction based on the encryption information by using the secure application when the decrypted encryption token corresponds to the token obtained using the secure application..”, in combination with the rest of the limitations recited in the independent claim(s).

None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 11 is a method claim of above electronic device claim 1 and Claim 20 is also an electronic device  claim of above electronic device claim 1, and therefore, they are also allowed.
Claims 3-4 and 6-10 depend on the allowed claim 1, and therefore, they are also allowed.
Claims 13-14 and 16-19 depend on the allowed claim 11, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/           Primary Examiner, Art Unit 2498