DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Amendments
This communication is in response to the amendments filed on 23 February 2022:
	Claims 1, 11 and 17 are amended.
	Claim 21 is added.
	Claims 1-21 are pending.


Response to Arguments
In response to Applicant’s remarks filed on 23 February 2022:
a.	Applicant’s arguments that claims 1, 11 and 17 are proposed to be amended to clarify that the security key is a “physical device” and the prior art reference cited does not perform in connection in pre-registration of a physical device has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action. 



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 11 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over YANG et al. (U.S. PGPub. 2017/0005995), hereinafter Yang, in view of Schrecker (U.S. PGPub. 2018/0091975). 

	Regarding claim 1, Yang teaches A method for pre-registering a security key to an application (Yang, Paragraph [0087], see “The second communication terminal 620 generates authentication information of a user through the security keypad, and pre-registers the authentication information in the service server 630”), the method comprising:
	receiving, by a security key provider system, an instruction to pre-register the security key to the application from an enterprise (Yang, Paragraph [0091], see “the second communication terminal 620 requests service registration such as member enrollment to the service server 630. Subsequently, to proceed with service registration, the service server 630 requests authentication information to the second communication terminal 620”, where the “request” is being read as an instruction to pre-register the security key to the application from an enterprise) (Yang, Paragraph [0092], see “the second communication terminal 620 identifies an endpoint (e.g., a site address) of authentication information, and generates a code table only for use in the endpoint using an embedded code table generation algorithm”), 
	identifying, by the security key provider system, an authentication code generated by the security key to pre-register the security key to the application (Yang, Paragraph [0012], see “a secure authentication system according to a fifth aspect of the present disclosure includes a service server which receives a request for a service from a first communication terminal, a security server which stores a decryption key of a code table, and transmits a notification message including the stored decryption key to a second communication terminal in response to a notification message transmission request received from the service server, and a second communication terminal which stores an encrypted code table, decrypts the encrypted code table using a decryption key received from the security server, identifies each code mapped to at least one input value received through a security keypad in the decrypted code table, generates authentication information consisting of a combination of each identified code, and transmits it to the service server, wherein the service server authenticates the first communication terminal based on the authentication information received from the second communication terminal”); and
	pre-registering, by the security key provider system, the authentication code of the security key to the application, wherein, response to determining a user attempt to authenticate with the application after the pre-registering by interaction with the security key, the application authenticates the user using the authentication code without requiring registration, by the user, of the security key (Yang, Paragraph [0083], see “The second communication terminal 620 is a communication device for storing confidential data of the user, and in particular, stores a plurality of encrypted code tables and has a security keypad mounted therein”) (Yang, Paragraph [0087], see “The second communication terminal 620 generates authentication information of a user through the security keypad, and pre-registers the authentication information in the service server 630”) (Yang, Paragraph [0104], see “the second communication terminal 620 identifies the codes mapped to each key button inputted by the user in the decrypted code table…the second communication terminal 620 arranges the codes mapped to each key button sequentially inputted by the user in an input order of the key buttons, and sets a character string consisting of the arranged codes as authentication information to generate authentication information of the user…the second communication terminal 620 transmits the generated authentication information of the user to the service server 630”) (Yang, Paragraph [0105], see “the service server 630 authenticates the user by identifying whether the authentication information received from the second communication terminal 620 matches pre-registered authentication information of the user, and when authentication succeeds, provides the service to the first communication terminal 10”). 
	Yang does not teach the following limitation(s) as taught by Schrecker: wherein the security key is a physical device (Schrecker, Paragraph [0016], see “…In some instances, wireless token devices 105, 110 can function as a wireless, physical security token for authenticating a user to a device (e.g., 125, 130, 135) or data and software programs accessible through the device (e.g., 125, 130, 135), including data served by remote data servers and services hosted by remote application servers accessible by cooperating computing devices…”, where “wireless token devices…” is analogous to a physical device and where the wireless token devices can function as a physical security token is analogous to comprising a security key). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, by implementing techniques for a wireless token device, comprising a security key being a physical device, disclosed of Schrecker.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising a security key being a physical device. This allows for better security management and a more user-friendly environment due to physical security keys providing an ease of access. Since a security key is compact and can be easily carried, they offer a frictionless authentication experience. Schrecker is deemed as analogous art due to the art disclosing a security key being a physical device (Schrecker, Paragraph [0016]). 

	Regarding claim 11, Yang teaches A non-transitory computer-readable medium comprising computer program instructions that, when executed by a computer processor, cause the processor to perform steps comprising (Yang, Paragraph [0010], see “…includes at least one processor, a memory, and at least one program stored in the memory and configured to be executed by the at least one processor”) (Yang, Paragraph [0137], see “The above mentioned method of the present disclosure may be implemented as program instructions and recorded in non-transitory computer-readable media”):
	receiving an instruction to pre-register a security key to an application from an enterprise (Yang, Paragraph [0091], see “the second communication terminal 620 requests service registration such as member enrollment to the service server 630. Subsequently, to proceed with service registration, the service server 630 requests authentication information to the second communication terminal 620”, where the “request” is being read as an instruction to pre-register the security key to the application from an enterprise) (Yang, Paragraph [0092], see “the second communication terminal 620 identifies an endpoint (e.g., a site address) of authentication information, and generates a code table only for use in the endpoint using an embedded code table generation algorithm”), 
	identifying an authentication code generated by the security key to pre-register the security key to the application (Yang, Paragraph [0012], see “a secure authentication system according to a fifth aspect of the present disclosure includes a service server which receives a request for a service from a first communication terminal, a security server which stores a decryption key of a code table, and transmits a notification message including the stored decryption key to a second communication terminal in response to a notification message transmission request received from the service server, and a second communication terminal which stores an encrypted code table, decrypts the encrypted code table using a decryption key received from the security server, identifies each code mapped to at least one input value received through a security keypad in the decrypted code table, generates authentication information consisting of a combination of each identified code, and transmits it to the service server, wherein the service server authenticates the first communication terminal based on the authentication information received from the second communication terminal”); and
	pre-registering the authentication code to the security key to the application, wherein, responsive to determining a user attempt to authenticate with the application after the pre-registering by interaction with the security key, the application authenticates the user using the authentication code without requiring registration, by the user, of the security key (Yang, Paragraph [0083], see “The second communication terminal 620 is a communication device for storing confidential data of the user, and in particular, stores a plurality of encrypted code tables and has a security keypad mounted therein”) (Yang, Paragraph [0087], see “The second communication terminal 620 generates authentication information of a user through the security keypad, and pre-registers the authentication information in the service server 630”) (Yang, Paragraph [0104], see “the second communication terminal 620 identifies the codes mapped to each key button inputted by the user in the decrypted code table…the second communication terminal 620 arranges the codes mapped to each key button sequentially inputted by the user in an input order of the key buttons, and sets a character string consisting of the arranged codes as authentication information to generate authentication information of the user…the second communication terminal 620 transmits the generated authentication information of the user to the service server 630”) (Yang, Paragraph [0105], see “the service server 630 authenticates the user by identifying whether the authentication information received from the second communication terminal 620 matches pre-registered authentication information of the user, and when authentication succeeds, provides the service to the first communication terminal 10”).
	Yang does not teach the following limitation(s) as taught by Schrecker: wherein the security key is a physical device (Schrecker, Paragraph [0016], see “…In some instances, wireless token devices 105, 110 can function as a wireless, physical security token for authenticating a user to a device (e.g., 125, 130, 135) or data and software programs accessible through the device (e.g., 125, 130, 135), including data served by remote data servers and services hosted by remote application servers accessible by cooperating computing devices…”, where “wireless token devices…” is analogous to a physical device and where the wireless token devices can function as a physical security token is analogous to comprising a security key). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, by implementing techniques for a wireless token device, comprising a security key being a physical device, disclosed of Schrecker.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising a security key being a physical device. This allows for better security management and a more user-friendly environment due to physical security keys providing an ease of access. Since a security key is compact and can be easily carried, they offer a frictionless authentication experience. Schrecker is deemed as analogous art due to the art disclosing a security key being a physical device (Schrecker, Paragraph [0016]).

	Regarding claim 17, Yang teaches A system comprising:
	a processor (Yang, Paragraph [0010], see “…includes at least one processor, a memory, and at least one program stored in the memory and configured to be executed by the at least one processor”); and
	a non-transitory computer-readable medium comprising computer program instructions that, when executed by the processor, causes the processor to perform steps comprising (Yang, Paragraph [0010], see “…includes at least one processor, a memory, and at least one program stored in the memory and configured to be executed by the at least one processor”) (Yang, Paragraph [0137], see “The above mentioned method of the present disclosure may be implemented as program instructions and recorded in non-transitory computer-readable media”):
	receiving an instruction to pre-register the security key to the application from an enterprise (Yang, Paragraph [0091], see “the second communication terminal 620 requests service registration such as member enrollment to the service server 630. Subsequently, to proceed with service registration, the service server 630 requests authentication information to the second communication terminal 620”, where the “request” is being read as an instruction to pre-register the security key to the application from an enterprise) (Yang, Paragraph [0092], see “the second communication terminal 620 identifies an endpoint (e.g., a site address) of authentication information, and generates a code table only for use in the endpoint using an embedded code table generation algorithm”), 
	identifying an authentication code generated by the security key to pre-register the security key to the application (Yang, Paragraph [0012], see “a secure authentication system according to a fifth aspect of the present disclosure includes a service server which receives a request for a service from a first communication terminal, a security server which stores a decryption key of a code table, and transmits a notification message including the stored decryption key to a second communication terminal in response to a notification message transmission request received from the service server, and a second communication terminal which stores an encrypted code table, decrypts the encrypted code table using a decryption key received from the security server, identifies each code mapped to at least one input value received through a security keypad in the decrypted code table, generates authentication information consisting of a combination of each identified code, and transmits it to the service server, wherein the service server authenticates the first communication terminal based on the authentication information received from the second communication terminal”); and
	pre-registering the authentication code of the security key to the application, wherein, responsive to determining a user attempt to authenticate with the application after the pre-registering by interaction with the security key, the application authenticates the user using the authentication code without requiring registration, by the user, of the security key (Yang, Paragraph [0083], see “The second communication terminal 620 is a communication device for storing confidential data of the user, and in particular, stores a plurality of encrypted code tables and has a security keypad mounted therein”) (Yang, Paragraph [0087], see “The second communication terminal 620 generates authentication information of a user through the security keypad, and pre-registers the authentication information in the service server 630”) (Yang, Paragraph [0104], see “the second communication terminal 620 identifies the codes mapped to each key button inputted by the user in the decrypted code table…the second communication terminal 620 arranges the codes mapped to each key button sequentially inputted by the user in an input order of the key buttons, and sets a character string consisting of the arranged codes as authentication information to generate authentication information of the user…the second communication terminal 620 transmits the generated authentication information of the user to the service server 630”) (Yang, Paragraph [0105], see “the service server 630 authenticates the user by identifying whether the authentication information received from the second communication terminal 620 matches pre-registered authentication information of the user, and when authentication succeeds, provides the service to the first communication terminal 10”).
	Yang does not teach the following limitation(s) as taught by Schrecker: wherein the security key is a physical device (Schrecker, Paragraph [0016], see “…In some instances, wireless token devices 105, 110 can function as a wireless, physical security token for authenticating a user to a device (e.g., 125, 130, 135) or data and software programs accessible through the device (e.g., 125, 130, 135), including data served by remote data servers and services hosted by remote application servers accessible by cooperating computing devices…”, where “wireless token devices…” is analogous to a physical device and where the wireless token devices can function as a physical security token is analogous to comprising a security key). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, by implementing techniques for a wireless token device, comprising a security key being a physical device, disclosed of Schrecker.    
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising a security key being a physical device. This allows for better security management and a more user-friendly environment due to physical security keys providing an ease of access. Since a security key is compact and can be easily carried, they offer a frictionless authentication experience. Schrecker is deemed as analogous art due to the art disclosing a security key being a physical device (Schrecker, Paragraph [0016]).


Claims 2-3, 12-13 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of BEADLES (U.S. PGPub. 2014/0325328), hereinafter Beadles.

	Regarding claim 2, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The method of claim 1, wherein pre-registering the authentication code of the security key to the application comprises uploading, by the security key provider system, the authentication code to the application.
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing uploading an authentication code to each application (Beadles, Claim 19).
 
	Regarding claim 3, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The method of claim 1, wherein pre-registering the authentication code of the security key to the application comprises providing the authentication code to the enterprise, the authentication code uploaded to the application by the enterprise.
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing providing the authentication code to the enterprise (Beadles, Claim 19).

	Regarding claim 12, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The non-transitory computer-readable medium of claim 11, wherein pre-registering the authentication code to the security key comprises uploading the authentication code to the application.
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing uploading the authentication code to the application (Beadles, Claim 19).

	Regarding claim 13, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The non-transitory computer-readable medium of claim 11, wherein pre-registering the authentication code to the security key comprises providing the authentication code to the enterprise, the authentication code uploaded to the application by the enterprise.
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing providing the authentication code to the enterprise (Beadles, Claim 19).

	Regarding claim 18, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The system of claim 17, wherein pre-registering the authentication code of the security key to the application comprises uploading, by the security key provider system, the authentication code to the application.
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing uploading the authentication code to the application (Beadles, Claim 19).

	Regarding claim 19, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Beadles: The system of claim 17, wherein pre-registering the authentication code of the security key to the application comprises providing the authentication code to the enterprise, the authentication code uploaded to the application by the enterprise. 
(Beadles, Claim 19, see “An online application executable by a computing device comprising a processor and a memory for storing the online application, the online application comprising: a program by which to combine regenerated short codes and security codes to create a unique URL code that is tagged and associated with each file uploaded by a user; and a program by which to create an multi-digit alpha numeric code that is tagged and associated to each file submitted by the user…”)	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for memory tag hybrid multidimensional bar-text code with social media platform, comprising of uploading the authentication code to the application, disclosed of Beadles.   
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of uploading the authentication code to the application. This allows for a more user-friendly interface by uploading the authentication code directly to the application so the end-user can simply log-in if the security code matches the authentication code provided to them. Beadles is deemed as analogous art due to the art disclosing providing the authentication code to the enterprise (Beadles, Claim 19).


Claims 4, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of James (U.S. PGPub. 2011/0314534).

	Regarding claim 4, Yang as modified by Schrecker does not teach the following limitation(s) as taught by James: The method of claim 1, wherein pre-registering the authentication code of the security key to the application comprises:
	emulating a connection to the application; and
	providing the authentication code to the application through the emulated connection.
	(James, Paragraph [0020], see “The secured execution environment is preferably configured to execute a secured application launcher for a plurality of host computer environments…the execution environment device could include one or more virtual machines, emulators, or other types of operating system adaptors to allow an application to execute across different platforms”) (James, Claim 2, see “wherein the step of configuring the application launcher includes providing a key file encoded with the authentication token, wherein the key file is stored in the memory and is at least in part required for authentication”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for secured execution environments, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection, disclosed of James.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection. This allows for a more user-friendly interface by emulating a connection to an application to provide potentially better graphics quality than original hardware, as well as potentially adding additional features original hardware didn’t have. James is deemed as analogous art due to the art disclosing emulation of a connection to an application (James, Paragraph [0020]). 

	Regarding claim 14, Yang as modified by Schrecker does not teach the following limitation(s) as taught by James: The non-transitory computer-readable medium of claim 11, wherein pre-registering the authentication code to the security key comprises:
	emulating a connection to the application; and
	providing the authentication code to the application through the emulated connection. 
	(James, Paragraph [0020], see “The secured execution environment is preferably configured to execute a secured application launcher for a plurality of host computer environments…the execution environment device could include one or more virtual machines, emulators, or other types of operating system adaptors to allow an application to execute across different platforms”) (James, Claim 2, see “wherein the step of configuring the application launcher includes providing a key file encoded with the authentication token, wherein the key file is stored in the memory and is at least in part required for authentication”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for secured execution environments, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection, disclosed of James.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection. This allows for a more user-friendly interface by emulating a connection to an application to provide potentially better graphics quality than original hardware, as well as potentially adding additional features original hardware didn’t have. James is deemed as analogous art due to the art disclosing emulation of a connection to an application (James, Paragraph [0020]). 

	Regarding claim 20, Yang as modified by Schrecker does not teach the following limitation(s) as taught by James: The system of claim 17, wherein pre-registering the authentication code to the security key comprises:
	emulating a connection to the application; and
	providing the authentication code to the application through the emulated connection.
	(James, Paragraph [0020], see “The secured execution environment is preferably configured to execute a secured application launcher for a plurality of host computer environments…the execution environment device could include one or more virtual machines, emulators, or other types of operating system adaptors to allow an application to execute across different platforms”) (James, Claim 2, see “wherein the step of configuring the application launcher includes providing a key file encoded with the authentication token, wherein the key file is stored in the memory and is at least in part required for authentication”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for secured execution environments, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection, disclosed of James.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising emulating a connection to an application and providing the authentication code to the application through the emulated connection. This allows for a more user-friendly interface by emulating a connection to an application to provide potentially better graphics quality than original hardware, as well as potentially adding additional features original hardware didn’t have. James is deemed as analogous art due to the art disclosing emulating a connection to an application (James, Paragraph [0020]). 


Claims 5, 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of Speyer et al. (U.S. PGPub. 2011/0296522), hereinafter Speyer.

	Regarding claim 5, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Speyer: The method of claim 1, wherein the instruction is to pre-register a plurality of security keys comprising the security key to the application, and wherein a different authentication code is pre-registered to each of the plurality of security keys.
	(Speyer, Paragraph [0007], see “each token domain operates to authenticate a type of security token; a lookup database that stores therein a mapping of security tokens to token types and the plurality of token domains; a token management interface that operates to register the provided security token by creating a user profile that includes the provided security token, a token type of the provided security token as provided by the mapping in the lookup database, and a corresponding one of the token domains as also provided by the mapping in the lookup database… a user store database that operates to store the user profile”, where “a user store database” is analogous to comprising a different authentication code pre-registered to each of the plurality of security keys). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for providing security token authentication, comprising registering a plurality of security tokens, wherein a different authentication code is registered to each of the plurality of security keys, disclosed of Speyer. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering a plurality of security tokens, wherein a different authentication code is registered to each of the plurality of security keys. This allows for better security management by associating each security key with a pre-registered authentication code, that way the system can authenticate the respective security key through mapping in the database. Speyer is deemed as analogous art due to the art disclosing pre-registering a different authentication code to each key (Speyer, Paragraph [0007]). 

	Regarding claim 9, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Speyer: The method of claim 1, wherein the application is associated with a plurality of domains, and the plurality of domains are pre-registered with a same authentication code.
(Speyer, Paragraph [0007], see “there is provided a system for authenticating a security token provided to request access to at least one business application in an enterprise, comprising: a plurality of token domains. Each token domain operates to authenticate a type of security token; a lookup database that stores therein a mapping of security tokens to token types and the plurality of token domains; a token management interface that operates to register the provided security token by creating a user profile that includes the provided security token, a token type of the provided security token are provided by the mapping in the lookup database…”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for providing security token authentication, comprising registering the plurality of domains with the same authentication code, disclosed of Speyer. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering the plurality of domains with the same authentication code. This allows for a more user-friendly interface by allowing the users to surf the same domains within an application without having to enter a different authentication code for each domain. Speyer is deemed as analogous art due to the art disclosing an application associated with a plurality of domains (Speyer, Paragraph [0007]). 

Regarding claim 15, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Speyer: The non-transitory computer-readable medium of claim 11, wherein the received instruction is to pre-register a plurality of security keys comprising the security key to the application, and wherein a different authentication code is pre-registered to each of the plurality of security keys. 
	(Speyer, Paragraph [0007], see “each token domain operates to authenticate a type of security token; a lookup database that stores therein a mapping of security tokens to token types and the plurality of token domains; a token management interface that operates to register the provided security token by creating a user profile that includes the provided security token, a token type of the provided security token as provided by the mapping in the lookup database, and a corresponding one of the token domains as also provided by the mapping in the lookup database… a user store database that operates to store the user profile”, where “a user store database” is analogous to comprising a different authentication code pre-registered to each of the plurality of security keys). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for providing security token authentication, comprising registering a plurality of security tokens, wherein a different authentication code is registered to each of the plurality of security keys, disclosed of Speyer. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering a plurality of security tokens, wherein a different authentication code is registered to each of the plurality of security keys. This allows for better security management by associating each security key with a pre-registered authentication code, that way the system can authenticate the respective security key through mapping in the database. Speyer is deemed as analogous art due to the art disclosing pre-registering a different authentication code to each key (Speyer, Paragraph [0007]). 


Claims 6 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of Speyer, in further view of MIYAZAKI et al. (U.S. PGPub. 2009/0138699), hereinafter Miyazaki. 

	Regarding claim 6, Yang as modified by Schrecker and further modified by Speyer does not teach the following limitation(s) as taught by Miyazaki: The method of claim 5, wherein the pre-registering is performed for the plurality of security keys at a same time in batch.
	(Miyazaki, Paragraph [0073], see “The key information management unit 162 relates the plural pieces of information so as to be drawn out in batch if multiple items of specified key information or information of cryptographic method parameters are provided, and registers the resultant information in the key information DB 165”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, techniques disclosed of Schrecker and techniques disclosed of Speyer, by implementing techniques for software module management, comprising registering is performed for the plurality of security keys at a same time in batch, disclosed of Miyazaki. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering is performed for the plurality of security keys at a same time in batch. Utilizing batch processing can save money and labor over time. Miyazaki is deemed as analogous art due to the art disclosing pre-registering a plurality of keys at a same time in batch (Miyazaki, Paragraph [0073]). 

Regarding claim 16, Yang as modified by Schrecker and further modified by Speyer does not teach the following limitation(s) as taught by Miyazaki: The non-transitory computer-readable medium of claim 15, wherein the pre-registering is performed for the plurality of security keys at a same time in batch.
	(Miyazaki, Paragraph [0073], see “The key information management unit 162 relates the plural pieces of information so as to be drawn out in batch if multiple items of specified key information or information of cryptographic method parameters are provided, and registers the resultant information in the key information DB 165”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, techniques disclosed of Schrecker, and techniques disclosed of Speyer, by implementing techniques for software module management, comprising registering is performed for the plurality of security keys at a same time in batch, disclosed of Miyazaki. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering is performed for the plurality of security keys at a same time in batch. Utilizing batch processing can save money and labor over time. Miyazaki is deemed as analogous art due to the art disclosing pre-registering a plurality of keys at a same time in batch (Miyazaki, Paragraph [0073]). 


Claims 7-8 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of FINKE et al. (U.S. PGPub. 2018/0336547), hereinafter Finke.

	Regarding claim 7, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Finke: The method of claim 1, wherein the security key is pre-registered to a set of applications comprising the application, and wherein the security key is pre-registered to each application of the set of application with a different authentication code.
	(Finke, Paragraph [0040], see “The authentication code or a portion thereof may be transmitted to the user in the first entity application. The first entity application may store the authentication code or a portion thereof (which may be a different portion of the authentication code, such as a long security token) for future use”) (Finke, Paragraph [0041], see “This may transmit the short code phrase back to the intermediary server. The intermediary server may register another portion of the authentication code (e.g., long security token) to the second entity application”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for mobile devices with optical recognition, comprising registering the security key to an application, wherein the security key is registered to each application with a different authentication code, disclosed of Finke.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering the security key to an application, wherein the security key is registered to each application with a different authentication code. This allows for better security management by associating each different application with its own authentication code, therefore, if one of the authentication codes gets compromised, the unauthorized entity cannot access all of the applications with the same authentication code. Finke is deemed as analogous art due to the art disclosing the security key being registered to each application with a different authentication code (Finke, Paragraphs [0040 – 0041]). 

	Regarding claim 8, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Finke: The method of claim 1, wherein the application is associated with a plurality of sites, and the plurality of sites are pre-registered with a same authentication code.
	(Finke, Paragraph [0035], see “The authentication code may be transmitted to the user in the second entity application. The user may launch a first entity’s application. The user may enter a third party application integration setup within the first entity’s application. The user may provide the authentication code in the setup…the user may provide the authentication code in any manner to the first entity application”, where the “first entity application” comprises a plurality of sites and each entity application is pre-registered with the same authentication code) (Finke, Paragraph [0040], see “The authentication code or a portion thereof may be transmitted to the user in the first entity application. The first entity application may store the authentication code or a portion thereof (which may be a different portion of the authentication code, such as a long security token) for future use”) (Finke, Paragraph [0041], see “This may transmit the short code phrase back to the intermediary server. The intermediary server may register another portion of the authentication code (e.g., long security token) to the second entity application”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for mobile devices with optical recognition, comprising registering each of the plurality of sites within an application with the same authentication code, disclosed of Finke. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising registering each of the plurality of sites within an application with the same authentication code. This allows for a more user-friendly interface by allowing the user to navigate through the different websites within the application without having to enter multiple authentication codes. Finke is deemed as analogous art due to the art disclosing an application associated with a plurality of sites (Finke, Paragraph [0035]). 

	Regarding claim 10, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Finke: The method of claim 1, wherein the security key is pre-registered to the application under a plurality of accounts, each of the plurality of accounts pre-registered with a different authentication code. 
	(Finke, Paragraph [0040], see “The authentication code or a portion thereof may be transmitted to the user in the first entity application. The first entity application may store the authentication code or a portion thereof (which may be a different portion of the authentication code, such as a long security token) for future use”) (Finke, Paragraph [0041], see “This may transmit the short code phrase back to the intermediary server. The intermediary server may register another portion of the authentication code (e.g., long security token) to the second entity application”).
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for mobile devices with optical recognition, comprising each entity being registered with a different authentication code, disclosed of Finke. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising each entity being registered with a different authentication code. This allows for better security management by associating each account with a different authentication code, therefore, the system can manage accounts properly in terms of one account having more privileges than another account. Finke is deemed as analogous art due to the art disclosing the security key being registered to each application with a different authentication code (Finke, Paragraphs [0040 – 0041]). 


Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Yang, in view of Schrecker, in further view of UHR et al. (U.S. PGPub. 2019/0370479), hereinafter Uhr. 

	Regarding claim 21, Yang as modified by Schrecker does not teach the following limitation(s) as taught by Uhr: The method of claim 1, wherein the authentication code comprises a public key and a private key, wherein the public key is transmitted to the application in pre-registering the application (Uhr, Paragraph [0022], see “…if the personal information for authentication and the account registration requesting information have been determined as valid, encrypted first variable authentication information created by encoding first variable authentication information with the first public key has been transmitted to the 1st application by the authentication server…”, where “authentication information with the first public key” is analogous to the public key being transmitted to the application), and wherein the application authenticates the user based on the private key matching the public key (Uhr, Paragraph [0022], see “…to thereby allow the 1st application to display the first variable authentication information, created by decoding the encrypted first variable authentication information with a first private key corresponding to the first public key, to the user…”, where “decoding the encrypted first variable authentication information with a first private key corresponding to the first public key” is analogous to authenticating the user based on the private key matching the public key). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for confidential data management, disclosed of Yang, and techniques disclosed of Schrecker, by implementing techniques for providing simplified account registration, comprising of transmitting a public key to an application and utilizing the private key to authenticate the user, disclosed of Uhr.  
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for pre-registration of authentication devices, comprising of transmitting a public key to an application and utilizing the private key to authenticate the user. This allows for better security management by utilizing public/private key pairs for authentication, rather than a password input by the user. Uhr is deemed as analogous art due to the art disclosing public/private key authentication for a user (Uhr, Paragraph [0022]). 



Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office Action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
	A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571) 272-3951.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/RODMAN ALEXANDER MAHMOUDI/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499