DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/02/2022 has been entered.

Priority
Acknowledgment is made of applicant’s claim for domestic benefit under 35 U.S.C. 119 (e). This application claims the domestic benefit of U.S. provisional patent application 62/841,949 filed on 05/02/2019.

Response to Arguments
This action is in reply to papers filed on 05/02/2022. Claims 1-2, 4-12, and 14-20 are pending. Claims 1 and 11 were amended. Claims 3 and 13 were previously canceled. Claims 1 and 11 are independent.
Applicant's arguments ("REMARKS") filed 05/02/2022, with respect to the rejections(s) of claim(s) 1-2, 4-12, and 14-20 under 35 U.S.C. §103 with respect to Ross et al., US 2016/0134599 A1 and Kim et al., US 2016/0065378 A1 have been fully considered and are persuasive. Therefore, the rejections have been withdrawn. However, upon further consideration, a new ground of rejection is made in view of Landrok et al., US 2015/0142666 A1. See Claim Rejections – 35 USC §103 below for details.

Re: Claim Interpretation
The Applicant’s argument, on pp. 6-7 of REMARKS, states that the term “transfer processing device” of claims 11, 14, 17, and 19-20 does not invoke 35 U.S.C. 112(f) interpretation as the term recites sufficient definite structure. In particular, Applicant submits that one of ordinary skill would understand the specification to provide sufficient structure for the term “transfer processing device.”
The Examiner, however, does not find this argument persuasive. 
The term “transfer processing device” is being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation (“transfer processing device”) uses a generic placeholder (“device”) that is coupled with functional language (“configured to … store … receive … authenticate … retrieve … generate …”) without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier (“transfer processing” is not a structural modifier). Applicant cites to paragraph [0015] of the specification as support that sufficient structure for “transfer processing device” is provided, however, sufficient structure must be provided in the claim limitation with in the respective claims (emphasis added). Here, language that recites sufficient structure for “transfer processing device” to perform the recited function is not provided in the respective claims. Therefore, under 35 U.S.C. 112(f), “transfer processing device” is being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Thus, the 112(f) interpretation of claims 11, 14, 17, and 19-20 is maintained. See Claim Interpretation below for details.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: 
“… a transfer processing device is … configured to …” in claims 11, 14, 17, and 19-20.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 4-11, and 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ross et al., US 2016/0134599 A1 (hereinafter, “Ross ‘599”), in view of Kim et al., US 2016/0065378 A1 (hereinafter, “Kim ‘378”), and further in view of Landrok et al., US 2015/0142666 A1 (hereinafter, “Landrok ‘666”).

As per claim 1: Ross ‘599 discloses: 
A method of using hardware-secured receptacle devices, the method comprising: 
storing, by a transfer processing device (Internet user devices 102, 104, 106; Internet user devices 102, 104, 106 utilize communications interface modules A 130 and B 135 to transfer and store various data [Ross ‘599 ¶¶43-44; Fig. 1]), transfer method data associated with a user (user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by relying parties (RPs), such as the transfer of data) [Ross ‘599 ¶¶44, 46, 48; Fig. 1, Fig. 7]) on an at least a cryptographically secured receptacle device (identity provider (IDP) service cores 150; the IDP service cores 150 serve as repositories and store user data sent by Internet user devices 102, 104, 106, where the IDP service cores are encrypted and cryptographically secure [Ross ‘599 ¶¶42, 46-49, 83-84; Fig. 1, Fig. 3]),
wherein storing (storing user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by RPs, such as the transfer of data, on IDP service cores 150 [Ross ‘599 ¶¶44, 46, 48; Fig. 1, Fig. 7]) by the transfer processing device (Internet user devices 102, 104, 106, where the Internet user devices 102, 104, 106 uses the dID app 750 to communicate and perform actions with IDP service cores 150 [Ross ‘599 ¶¶43, 46; Fig. 1]) comprising: 
	
selecting a verification datum (authentication tokens; dID app 750 generates authentication tokens, where the authentication tokens include key pairs used to securely communicate with IDP service cores 150 [Ross ‘599 ¶¶79, 82-84]) inherent to the receptacle device (the authentication token is bound to a pseudorandom string generated by the IDP service core 150, where the authentication token is registered with the IDP service core 150 [Ross ‘599 ¶¶79-80]), 

associating the verification datum with the user (the authentication token is specific to a user identifier or credential [Ross ‘599 ¶¶79-80]);
receiving, by the transfer processing device (Internet user devices 102, 104, 106 [Ross ‘599 ¶43; Fig. 1]), user authentication credentials from the user (user credentials from users; Internet user devices 102, 104, 106 use an identity provider application, such as the device identity provider application (dID app) 750, to receive user credentials from users [Ross ‘599 ¶¶29, 66, 72; Fig. 6C, Fig. 7, Fig. 11]); 
authenticating, by the transfer processing device (Internet user devices 102, 104, 106 [Ross ‘599 ¶43; Fig. 1]), user identity as a function of the user authentication credentials (Internet user devices 102, 104, 106 utilize the identity provider application, such as the dID app 750, to verify user identity based on authentication of user credentials [Ross ‘599 ¶¶29, 66, 72; Fig. 6C, Fig. 7, Fig. 11]); 
retrieving, by the transfer processing device (Internet user devices 102, 104, 106 [Ross ‘599 ¶43; Fig. 1]), a transfer authorization (a validation of an authentication challenge message that authorizes the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]) from the at least a cryptographically secured receptacle device (IDP service cores 150; authentication engine 120 of IDP service cores 150 directs the validation of authentication challenge messages to Internet user devices 102, 104, 106 [Ross ‘599 ¶¶103-105; Fig. 5G, Fig. 7]) as a function of the transfer method data (the validation is based on the stored user device identity records, authentication tokens, history of transmitted authentication requests by users, or records for Internet services provided to users by RPs, such as the transfer of data, in IDP service cores 150 [Ross ‘599 ¶¶44, 48, 96, 99, 103-105]); and 
generating, by the transfer processing device (Internet user devices 102, 104, 106 [Ross ‘599 ¶43; Fig. 1]), a transfer (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs) [Ross ‘599 ¶¶36, 44, 48, 89-94, 102-105; Fig. 1, Fig. 5G, Fig. 7]) as a function of the transfer authorization (the transfer of data, such as the transfer of data from accessing Internet services by Internet user devices 102, 104, 106, is authorized based on the validation of authentication challenge messages [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]).

As stated above, Ross ‘599 does not explicitly disclose: “assigning a confidence level to the at least a receptacle device; selecting a verification datum … wherein the verification datum is generated by a physically unclonable function (PUF) of the receptacle device”. 
Kim ‘378, however, discloses:

selecting a verification datum … wherein the verification datum (selecting a unique key that identifies the corresponding apparatus [Kim ‘378, ¶¶9, 15, 21, 25, 73]) is generated by a physically unclonable function (PUF) of the receptacle device (the unique key is generated using a PUF of the apparatus, where the unique key is associated with a user, or user information, of the apparatus during the authentication process [Kim ‘378, ¶¶9, 15, 21, 47, 50]).

Ross ‘599 and Kim ‘378 are analogous art because they are from the same field of endeavor, namely that of authentication methods with respect to secure hardware devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Ross ‘599 and Kim ‘378 before them, to modify the method in Ross ‘599 to include the teachings of Kim ‘378, namely to generate authentications tokens, as disclosed in Ross ‘599, using a physically unclonable function (PUF) of the IDP service core 150, and selecting the PUF-generated authentications token to be associated with a user. The motivation for doing so would be to ensure the integrity of devices containing sensitive data by authentication a unique identifier of the device, such as an authentication token or a unique key, where the unique identifier is generated using an unpredictable value such as through the PUF of the device (see Kim ‘378, ¶¶7-9).

As stated above, Ross ‘599 in view of Kim ‘378 does not explicitly disclose: “assigning a confidence level to the at least a receptacle device”. 
Landrok ‘666, however, discloses:
assigning a confidence level to the at least a receptacle device (assigning a confidence score to a device 102, where the device 102 may be a cryptographically secure device containing a digital wallet, and where the confidence score of the device is based on the a variety of security factors [Landrok ‘666, ¶¶11-12, 20, 31-32]);

Ross ‘599 (modified by Kim ‘378) and Landrok ‘666 are analogous art because they are from the same field of endeavor, namely that of authentication methods with respect to secure hardware devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Ross ‘599 (modified by Kim ‘378) and Landrok ‘666 before them, to modify the method in Ross ‘599 (modified by Kim ‘378) to include the teachings of Landrok ‘666, namely to assign a confidence score to the IDP service core 150, as disclosed in Ross ‘599, where the confidence score is based on a variety of security factors, such as user authentication data and device identifier information. The motivation for doing so would be to increase the security of personal trusted devices, such as those containing digital wallets, by adjusting the level of authentication for digital transactions based on the determined confidence score (see Landrok ‘666, ¶¶30-32).

As per claim 4: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 4 is dependent upon. Furthermore, Ross ‘599 discloses:
 wherein storing (storing user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by RPs, such as the transfer of data, on IDP service cores 150 [Ross ‘599 ¶¶44, 46, 48; Fig. 1, Fig. 7]) further comprises encryption of the transfer method (user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by RPs, such as the transfer of data; information sent and stored between Internet user devices 102, 104, 106 and IDP service cores 150 are encrypted [Ross ‘599 ¶¶44, 48, 83, 102; Fig. 1]).

As per claim 5: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claims 1 and 4, as stated above, all from which claim 5 is dependent upon. Furthermore, Ross ‘599 discloses:
wherein encryption further comprises encryption using a public key (encryption using public key portion of the authentication token [Ross ‘599 ¶83]) linked to transfer processing device (the public key portion of the authentication token is generated on Internet user devices 102, 104, 106 using the dID app 750 [Ross ‘599 ¶¶37, 42, 55]).

As per claim 6: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claims 1 and 4, as stated above, all from which claim 6 is dependent upon. Furthermore, Ross ‘599 discloses:
wherein transfer method data is encrypted using a key linked to at least a verified device (encryption using public key portion of the authentication token, where the public key portion of the authentication token is generated on registered and verified Internet user devices 102, 104, 106 [Ross ‘599 ¶¶37, 42, 44, 52, 55, 83]).

As per claim 7: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 7 is dependent upon. Furthermore, Ross ‘599 discloses:
wherein authenticating the user identity (Internet user devices 102, 104, 106 utilize the identity provider application, such as the dID app 750, to verify user identity based on authentication of user credentials [Ross ‘599 ¶¶29, 66, 72; Fig. 6C, Fig. 7, Fig. 11]) further comprises performing a biometric authentication of the user (authentication requiring biometric factor [Ross ‘599 ¶¶36-37, 55]).

As per claim 8: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 8 is dependent upon. Furthermore, Ross ‘599 discloses:
wherein the transfer authorization (a validation of an authentication challenge message that authorizes the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]) includes a secure timestamp (authentication challenge message includes a digitally signed timestamp or time identifier [Ross ‘599 ¶¶66, 102]).

As per claim 9: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 9 is dependent upon. Furthermore, Ross ‘599 discloses:
 wherein generating the transfer (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs) [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 1, Fig. 5G, Fig. 7]) further comprises digitally signing, by the transfer processing device (Internet user devices 102, 104, 106, using the dID app 750, digitally signs authentication challenge messages [Ross ‘599 ¶¶37, 102]), the transfer authorization (a validation of an authentication challenge message that authorizes the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]).

As per claim 10: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 10 is dependent upon. Furthermore, Ross ‘599 discloses:
 wherein generating the transfer (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs) [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 1, Fig. 5G, Fig. 7]) further comprises transmitting transfer transaction details (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160 includes the transfer of detailed information regarding the transfer, such as the specific Internet service requested, the user’s identifier data, validation tokens based on information stored in IDP service cores 150, and URL information [Ross ‘599 ¶¶44, 48, 89-94, 105; Fig. 1, Fig. 5G, Fig. 7]).

As per claim 11: Ross ‘599 discloses: 
A system (system 200 [Ross ‘599 ¶52; Fig. 2]) for using hardware-secured receptacle devices, the system comprising 
a transfer processing device, including a computing device and secure computing module, the(Internet user devices 102, 104, 106, where the internet user devices 102, 104, 106, comprise a cryptographic component 820, and where the cryptographic component 820 may include a cryptographic engine for generating cryptographic keys and performing encryption/decryption [Ross ‘599 ¶¶43, 53-54; Fig. 1, Fig. 8]), configured to: 
store (Internet user devices 102, 104, 106 utilize communications interface modules A 130 and B 135 to transfer and store various data [Ross ‘599 ¶¶43-44; Fig. 1]) transfer method data associated with a user (user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by RPs, such as the transfer of data) [Ross ‘599 ¶¶44, 46, 48; Fig. 1, Fig. 7]) on an at least a cryptographically secured receptacle device (IDP service cores 150; the IDP service cores 150 serve as repositories and store user data sent by Internet user devices 102, 104, 106, where the IDP service cores are encrypted and cryptographically secure [Ross ‘599 ¶¶42, 46-49, 83-84; Fig. 1, Fig. 3]),
wherein storing (storing user device identity records, authentication tokens, history of transmitted authentication requests by users, and records for Internet services provided to users by RPs, such as the transfer of data, on IDP service cores 150 [Ross ‘599 ¶¶44, 46, 48; Fig. 1, Fig. 7]) by the transfer processing device (Internet user devices 102, 104, 106, where the Internet user devices 102, 104, 106 uses the dID app 750 to communicate and perform actions with IDP service cores 150 [Ross ‘599 ¶¶43, 46; Fig. 1]) comprising: 
	
selecting a verification datum (authentication tokens; dID app 750 generates authentication tokens, where the authentication tokens include key pairs used to securely communicate with IDP service cores 150 [Ross ‘599 ¶¶79, 82-84]) inherent to the receptacle device (the authentication token is bound to a pseudorandom string generated by the IDP service core 150, where the authentication token is registered with the IDP service core 150 [Ross ‘599 ¶¶79-80]), 

associating the verification datum with the user (the authentication token is specific to a user identifier or credential [Ross ‘599 ¶¶79-80]);
receive user authentication credentials from the user (user credentials from users; Internet user devices 102, 104, 106 use an identity provider application, such as the dID app 750, to receive user credentials from users [Ross ‘599 ¶¶29, 66, 72; Fig. 6C, Fig. 7, Fig. 11]); 
authenticate user identity as a function of the user authentication credentials (Internet user devices 102, 104, 106 utilize the identity provider application, such as the dID app 750, to verify user identity based on authentication of user credentials [Ross ‘599 ¶¶29, 66, 72; Fig. 6C, Fig. 7, Fig. 11]); 
retrieve a transfer authorization (a validation of an authentication challenge message that authorizes the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]) from the at least a cryptographically secured receptacle device (IDP service cores 150; authentication engine 120 of IDP service cores 150 directs the validation of authentication challenge messages to Internet user devices 102, 104, 106 [Ross ‘599 ¶¶103-105; Fig. 5G, Fig. 7]) as a function of the transfer method data (the validation is based on the stored user device identity records, authentication tokens, history of transmitted authentication requests by users, or records for Internet services provided to users by RPs, such as the transfer of data, in IDP service cores 150 [Ross ‘599 ¶¶44, 48, 96, 99, 103-105]); and 
generate a transfer (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs) [Ross ‘599 ¶¶36, 44, 48, 89-94, 102-105; Fig. 1, Fig. 5G, Fig. 7]) as a function of the transfer authorization (the transfer of data, such as the transfer of data from accessing Internet services by Internet user devices 102, 104, 106, is authorized based on the validation of authentication challenge messages [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 5G, Fig. 7]).

As stated above, Ross ‘599 does not explicitly disclose: “a transfer processing device, including a computing device and secure computing module … comprising a trusted platform module, … assigning a confidence level to the at least a receptacle device; selecting a verification datum … wherein the verification datum is generated by a physically unclonable function (PUF) of the receptacle device”. 
Kim ‘378, however, discloses:


selecting a verification datum … wherein the verification datum (selecting a unique key that identifies the corresponding apparatus [Kim ‘378, ¶¶9, 15, 21, 25, 73]) is generated by a physically unclonable function (PUF) of the receptacle device (the unique key is generated using a PUF of the apparatus, where the unique key is associated with a user, or user information, of the apparatus during the authentication process [Kim ‘378, ¶¶9, 15, 21, 47, 50]).

Ross ‘599 and Kim ‘378 are analogous art because they are from the same field of endeavor, namely that of authentication methods with respect to secure hardware devices. For the reasons stated in Claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Ross ‘599 and Kim ‘378 before them, to modify the method in Ross ‘599 to include the teachings of Kim ‘378.

As stated above, Ross ‘599 in view of Kim ‘378 does not explicitly disclose: “a transfer processing device … comprising a trusted platform module, … assigning a confidence level to the at least a receptacle device”. 
Landrok ‘666, however, discloses:
a transfer processing device … comprising a trusted platform module (a connected user device with a plurality of connected device that are able to securely communicate between themselves, where the connected device contains a trusted platform module (TPM) that is used by the secure application 114 within the secure server 104 to validate the device [Landrok ‘666, ¶62; Fig. 1A, Fig. 6]), 
… assigning a confidence level to the at least a receptacle device (assigning a confidence score to a device 102, where the device 102 may be a cryptographically secure device containing a digital wallet, and where the confidence score of the device is based on the a variety of security factors [Landrok ‘666, ¶¶11-12, 20, 31-32]);

Ross ‘599 (modified by Kim ‘378) and Landrok ‘666 are analogous art because they are from the same field of endeavor, namely that of authentication methods with respect to secure hardware devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Ross ‘599 (modified by Kim ‘378) and Landrok ‘666 before them, to modify the method in Ross ‘599 (modified by Kim ‘378) to include the teachings of Landrok ‘666, namely to assign a confidence score to the IDP service core 150, as disclosed in Ross ‘599, where the confidence score is based on a variety of security factors, such as user authentication data and device identifier information; furthermore, to include a TPM within the internet user devices disclosed in Ross ‘599. The motivation for doing so would be to increase the security of personal trusted devices, such as those containing digital wallets, by adjusting the level of authentication for digital transactions based on the determined confidence score; furthermore to include a secure signing service such as a TPM on the device for authentication of the device (see Landrok ‘666, ¶¶30-32, 62).

As per claims 14-19: Claims 14-19 define a system that recites substantially similar subject matter as the method of claims 4-9, respectively. Claims 14-19 are directed to a system comprising a transfer processing device configured to perform the method of claims 4-9, respectively. Thus, the rejections of claims 4-9 are equally applicable to claims 14-19, respectively.

As per claim 20: Ross ‘599 in view of Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 11, as stated above, from which claim 20 is dependent upon. Furthermore, Ross ‘599 discloses:
wherein the transfer processing device (Internet user devices 102, 104, 106 [Ross ‘599 ¶43; Fig. 1]) is further configured to generate the transfer (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160, such as the transfer of data from accessing Internet services provided by RPs) [Ross ‘599 ¶¶36, 44, 48, 102-105; Fig. 1, Fig. 5G, Fig. 7]) by transmitting transfer transaction details (the transfer of data between Internet user devices 102, 104, 106 and RP servers 160 includes the transfer of detailed information regarding the transfer, such as the specific Internet service requested, the user’s identifier data, validation tokens based on information stored in IDP service cores 150, and URL information [Ross ‘599 ¶¶44, 48, 89-94, 105; Fig. 1, Fig. 5G, Fig. 7]).


Claims 2 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Ross ‘599 in view of Kim ‘378 and further in view of Aabye ‘472 and further in view of Landrok ‘666.

As per claim 2: Ross ‘599 in view Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Ross ‘599 in view Kim ‘378 and further in view of Landrok ‘666 does not explicitly disclose the limitations of claim 2. 
Aabye ‘472, however, discloses: 
wherein the at least a receptacle device (mobile device 110 that contains an embedded secure element; mobile device 110 contains an embedded secure element, such as secure memory 112B, that communicates with the digital wallet application 113 and stores encrypted credentials and transaction information [Aabye ‘472 ¶¶40, 66; Fig. 2]) further comprises the transfer processing device (memory 112A that contains a digital wallet application 113; mobile device 110 includes memory 112A, where memory 112A contains a digital wallet application 113 that transfers data to the secure element on the mobile device 110, receives and authenticates credentials, and initiates transactions [Aabye ‘472 ¶¶40, 43, 65-67, 123; Fig. 2, Fig. 10]).

Ross ‘599 (modified by Kim ‘378 and Landok ‘666) and Aabye ‘472 are analogous art because they are from the same field of endeavor, namely that of data storage and authentication. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Ross ‘599 (modified by Kim ‘378 and Landok ‘666) and Aabye ‘472 before them, to modify the method in Ross ‘599 (modified by Kim ‘378 and Landok ‘666) to include the teachings of Aabye ‘472, namely to have Internet user devices 102, 104, 106 and their functionalities to be contained within IDP service cores 150. The motivation for doing so would be increased security for communication/data of Internet user devices provided by cryptographically secure devices like IDP service cores 150, as well as the convenience of having multiple devices and functions in a single entity (see Aabye ‘472, ¶¶65-67, 71).

As per claim 12: Ross ‘599 in view Kim ‘378 and further in view of Landrok ‘666 discloses all limitations of claim 11, as stated above, from which claim 12 is dependent upon.
Claim 12 defines a system that recites substantially similar subject matter as the method of claim 2. Claim 12 is directed to a system comprising a transfer processing device configured to perform the method of claim 2. Thus, the rejection of claim 2 is equally applicable to claim 12.

Conclusion
The prior art made of record and not relied upon is considered pertinent to the Applicant’s disclosure:
Lindelsee et al., US 8,924,301 B2: mobile entities with token based authentication systems that reduce risks involving various digital transaction types.
von Behren et al., US 9,355,391 B2: mobile electronic devices containing a digital wallet that facilitates secure digital transactions.
Kreft, US 2014/0108786 A1: using hardware-based Physical Unclonable Functions (PUFs) and configuration fingerprints of FPGAs to implement tamper-resistant hardware.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494