Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-2, 6 and 12-16 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Coghlan et al. (Coghlan), U.S. Publication No. 2014/0115676.
Regarding Claims 1 and 14, Coghlan discloses a method of distributing, to a 
device (i.e., device 1; see figure 1), security information designed for encrypting end-to-end communication between the device and an end server (i.e., the authentication system 10 generating and signing a unique subscriber certificate and the device downloading it. The device uses the signed certificate to generate and encrypt the network access credentials for the network access.; see paragraph [0111]), wherein the device comprises a subscriber identity module (SIM) (i.e., SIM discussed in paragraph [0003]) and a module that stores a first key (i.e., a module for storing the token discussed in paragraph [0112]), the method comprising:
sending an authentication message (i.e., registration data in a MO SMS; see paragraph [0110]) from the device to a home location register (i.e., HLR shown in figure 1) over a mobile network (i.e., mobile network 20 shown in figure 1), wherein the authentication message comprises SIM identifying information, for identifying the SIM, and device identifying data associated with the device (i.e., sends an SMS message via its associated mobile network, including its identifier, the MSISDN/MDN, its public key, and a nonce for the registration; see paragraph [0113]); and
triggering, by the authentication message, steps of:
registering the device on the mobile network based on the SIM identifying information (in other words, The MO SMS is received by the short message gateway 8, which resolves the IMSI/MIN from the mobile network's HLR or HSS, validates the subscriber and forms the MSISDN/MDN to IMSI/MIN association.; see paragraph [0114]);
downloading of security information to the SIM over one or more signaling channels of the mobile network (in other words, the authentication system 10 generating and signing a unique subscriber certificate and the device downloading it; see paragraph [0111]);
storing the security information in the SIM (i.e., the server returns the signed 
certificate for the authentication requests. This is stored by the device 1 in its keychain vault, which is secure.; see paragraph [0115]); and
modifying the SIM and/or the security information, based on the device identifying data contained in the authentication message, so that accessing and/or decrypting the security information stored by the SIM requires the first key (i.e., the device 1 sends a token to the authentication system 10, and the authentication system 10 uses the token to sign the certificate, and the device 1 uses the token to subsequently retrieve the signed certificate.; see paragraph [0112]).
Regarding Claims 2 and 16, Coghlan discloses wherein the step of triggering 
the downloading of security information comprises: triggering a generation of configuration data comprising the security information and SIM configuration data, the SIM configuration data being based upon the device identifying data (i.e., The device … sends an SMS message via its associated mobile network, including its identifier, the MSISDN/MDN, its public key, and a nonce for the registration. The nonce is the token referred to above, and is a globally unique identifier. (GUID).; see paragraph [0113]); and triggering the downloading of the SIM configuration data (i.e., The server 2 then generates a certificate with a key for encrypting the identifier information. The client performs a HTTPs POST to a URL hosted by the server to retrieve the signed certificate…the authentication system 10 generating and signing a unique subscriber certificate and the device downloading it.; see paragraphs [0111] and [0115]), wherein the step of modifying the SIM or the security information comprises modifying the SIM, using the SIM configuration data, so that accessing the stored security information requires the first key (i.e., the authentication system 10 uses the token to sign the certificate, and the device 1 uses the token to subsequently retrieve the signed certificate.; see paragraph [0112]).
Regarding Claims 6 and 15, Coghlan discloses wherein the module comprises 
a cellular modem of the device (as required in device 1 shown in figure 1).
Regarding Claim 12, Coghlan discloses wherein the security information 
comprises at least one or more of: a security certificate (i.e., the authentication system 10 generating and signing a unique subscriber certificate; see paragraph [0111]), secure communications software, a private key, an encryption algorithm, server information, or server settings.
Regarding Claim 13, Coghlan discloses wherein the step of modifying the SIM 
and/or the security information, based on the device identifying data, comprises modifying the SIM and/or the security information, based on the device identifying data, so that accessing and/or decrypting the security information stored by the SIM requires access to the first key and the SIM identifying information (for example, the device 1 uses the token to subsequently retrieve the signed certificate.; see paragraph [0112]).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3-5, 7 and 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Coghlan in view of Byington et al. (Byington), U.S. Publication No. 2017/0357936.
Regarding Claims 3 and 17, Coghlan discloses the method and mobile network 
system as described above.  Coghlan fails to disclose wherein the step of modifying the SIM comprises modifying a read permission of the SIM to permit access to modules having an administrative (ADM) key, wherein the ADM key is obtainable using the first key.  Byington discloses wherein the step of modifying the SIM comprises modifying a read permission of the SIM to permit access to modules having an administrative (ADM) key, wherein the ADM key is obtainable using the first key (i.e., key 155c of administration credential SSD 154c may also be accessible to administration entity subsystem 400 (e.g., key 155c of administration credential SSD 154c may be the same as or associated with administration key 155c of administration entity subsystem 400 (e.g., they may be a public/private key pair) to enable secure communication of credential data of SSD 154c between SSD 154c and administration entity subsystem 400).; see paragraph [0025]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Byington’s invention with Coghlan’s invention for providing an effective and efficient, secured authorization and management of transactions between electronic devices and service providers (see paragraphs [0002]-[0003] of Byington).
Regarding Claims 4 and 18, Coghlan discloses the method and mobile network 
system as described above.  Coghlan fails to disclose wherein the module is further adapted to store a second, different key and the step of modifying the SIM and/or the security information comprises encrypting the security information so that it can be decrypted using the second key.  Byington discloses wherein the module is further adapted to store a second, different key and the step of modifying the SIM and/or the security information comprises encrypting the security information so that it can be decrypted using the second key (i.e., A key 155 of an SSD 154 may be a piece of information that can determine a functional output of a cryptographic algorithm or cipher. For example, in encryption, a key may specify a particular transformation of plaintext into ciphertext, or vice versa during decryption. Keys may also be used in other cryptographic algorithms, such as digital signature schemes and message authentication codes…for example, key 155b is considered as a second key; see paragraph [0025]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Byington’s invention with Coghlan’s invention for providing an effective and efficient, secured authorization and management of transactions between electronic devices and service providers (see paragraphs [0002]-[0003] of Byington).
Regarding Claims 5 and 19, Coghlan discloses the method and mobile network 
system as described above.  Coghlan fails to disclose wherein the step of modifying the SIM or the security information comprises encrypting the security information so that it can be decrypted using the first key.  Byington discloses wherein the step of modifying the SIM or the security information comprises encrypting the security information so that it can be decrypted using the first key (i.e., For example, in encryption, a key may specify a particular transformation of plaintext into ciphertext, or vice versa during decryption.; see paragraph [0025]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Byington’s invention with Coghlan’s invention for providing an effective and efficient, secured authorization and management of transactions between electronic devices and service providers (see paragraphs [0002]-[0003] of Byington).
Regarding Claim 7, Coghlan discloses the method as described above.  
Coghlan fails to disclose further comprising: accessing, using the module, the security information stored by the SIM using the first key; and storing the accessed security information in the module.  Byington discloses further comprising: accessing, using the module, the security information stored by the SIM using the first key; and storing the accessed security information in the module (i.e., Each SSD 154 and/or applet 153 may also include and/or be associated with at least one keys 155 (e.g., applet 153a with at least one key 155a, applet 153b with at least one key 155b, and applet 153c with at least one key 155c).; see paragraph [0024]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Byington’s invention with Coghlan’s invention for providing an effective and efficient, secured authorization and management of transactions between electronic devices and service providers (see paragraphs [0002]-[0003] of Byington).
	
Claim 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Coghlan in view of Marsden, U.S. Publication No. 2018/0041541.
Regarding Claim 11, Coghlan discloses the method as described above.  Coghlan fails to disclose wherein the step of sending an authentication message from the device is performed on first power up of the device.  Marsden discloses wherein the step of sending an authentication message from the device is performed on first power up of the device (i.e., On first power up… this is a requirement for the subsequent steps, i.e. until the device 2 is protected the security information will not be downloaded.; see paragraph [0053]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Marsden’s invention with Coghlan’s invention for avoiding the possibility of downloading security information to a non-protected device (see paragraph [0053] of Marsden).

Allowable Subject Matter
Claims 8-10 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHANTELL HEIBER whose telephone number is (571)272-0886.  The examiner can normally be reached on M-F 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Anthony Addy can be reached on 571-272-7795.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SHANTELL L HEIBER/Primary Examiner, Art Unit 2645                                                                                                                                                                                                       
May 25, 2022