DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
This action is in reply to the amendments and remarks filed on 28 February 2022.
Claims 16, 24, 26have been amended.
Claims 1-15, 17, 18 have been canceled. 
Claims 16, 19-31 are allowed.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Attorney Gerrit Winkel 14 June 2022.
The application has been amended as follows: 

1. – 15.  (Cancelled)


16.	(Currently Amended) A method in a system comprising at least one portable data carrier, an authentication server and at least one reading device of at least one service provider which is couplable with the authentication server, wherein the data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking that can be read contactlessly by the reading device, on the basis of which security marking the data carrier can be authenticated by the authentication server, comprising the steps of:

equipping the data carrier with a data-carrier management marking, which encodes a piece of data-carrier management information and which is contactlessly readable by means of a portable terminal of a user of the system;

contactlessly reading the data-carrier management marking by means of a portable terminal and transferring the data-carrier management information encoded in the data-carrier management marking to the authentication server;

managing the data carrier in the system employing the data-carrier management information including a step of allocating the user to the data carrier,

wherein, in the step of allocating, user registration data of a user can be transferred to the authentication server and allocated to the data-carrier management information, and 

wherein the authentication server produces a public marking of the data carrier, said public marking being allocated to the data-carrier management information, and transfers said public marking to the portable terminal;

wherein the management of the data carrier in the system comprises a step of activating the data carrier in the system, 

wherein the data carrier is activated in the system after the authentication server having received the data-carrier management information encoded in the data-carrier management marking.


17.	(Cancelled) 


18.	(Cancelled) 


19.	(Previously Presented) The method according to claim 16, wherein the management of the data carrier in the system comprises a step of enabling an application of a service provider for the data carrier,

wherein the system is preferably adapted to support the carrying out of a transaction between the application of the service provider and the data carrier after the application has been enabled.


20.	(Previously Presented) The method according to claim 19, wherein the step of enabling an application of a service provider is carried out by the user allocated to the data carrier.


21.	(Previously Presented) The method according to claim 19, wherein the step of enabling an application of a service provider is carried out by the service provider itself, for which purpose the service provider in turn can read the data-carrier management marking contactlessly by means of a suitable reading device and can transfer the data-carrier management information encoded in the data-carrier management marking to the authentication server.


22.	(Previously Presented) The method according to claim 19, wherein the application is enabled in such a manner that a transaction between the data carrier and the application can be carried out automatically.


23.	(Previously Presented) The method according to claim 16, wherein the further steps of:

requesting a piece of authentication information comprising the security information of the data carrier from the data carrier by the reading device of the service provider;

supplying the authentication information to the reading device by the data carrier;

forwarding the authentication information to the authentication server by the reading device;

authenticating the data carrier on the basis of the security information contained in the authentication information by the authentication server;

transferring a result of authenticating the data carrier to the reading device; and

upon successful authentication of the data carrier, carrying out a transaction between an application of the service provider and the data carrier.


24.	(Currently Amended) An authentication server for a system comprising at least one portable data carrier, the authentication server and at least one reading device of at least one service provider which is couplable to the authentication server via a communication network, 

wherein the data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking that can be read contactlessly by the reading device and a data-carrier management marking that can be read contactlessly by means of a portable terminal,

wherein the authentication server is adapted,

to receive a piece of security information encoded in the security marking from the reading device and to authenticate the data carrier on the basis of the piece of security information, and is adapted

to receive a piece of data-carrier management information encoded in the data-carrier management marking from a terminal and to manage the data carrier in the system employing the piece of data-carrier management information including a step of allocating a user to the data carrier,

wherein, in the step of allocating, user registration data of a user can be transferred to the authentication server and allocated to the data-carrier management information, and 

wherein the authentication server produces a public marking of the data carrier, said public marking being allocated to the data-carrier management information, and transfers said public marking to the terminal and/or the reading device;

 wherein the management of the data carrier in the system comprises a step of activating the data carrier in the system, 

wherein the data carrier is activated in the system after the authentication server having received the data-carrier management information encoded in the data-carrier management marking.



25.	(Previously Presented) The authentication server according to claim 24, wherein the authentication server is adapted to store and manage the security information together with the data-carrier management information related to the least one data carrier, and to support a method, comprising the steps of:

equipping the data carrier with a data-carrier management marking, which encodes a piece of data-carrier management information and which is contactlessly readable by means of a portable terminal of a user of the system;

contactlessly reading the data-carrier management marking by means of a portable terminal and transferring the data-carrier management information encoded in the data-carrier management marking to the authentication server;

managing the data carrier in the system employing the data-carrier management information.


26.	(Currently Amended) A system comprising:

at least one portable data carrier;

an authentication server; and 

at least one reading device of at least one service provider which is couplable to the authentication server via a communication network;

wherein the data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking that can be read contactlessly by the reading device and a data-carrier management marking that can be read contactlessly by means of a portable terminal; and

wherein the authentication server is adapted,

to receive a piece of security information encoded in the security marking from the reading device and to authenticate the data carrier on the basis of the piece of security information, and is adapted

to receive a piece of data-carrier management information encoded in the data-carrier management marking from the terminal and to manage the data carrier in the system employing the piece of data-carrier management information including a step of allocating a user to the data carrier,

wherein, in the step of allocating, user registration data of a user can be transferred to the authentication server and allocated to the data-carrier management information, and 

wherein the authentication server produces a public marking of the data carrier, said public marking being allocated to the data-carrier management information, and transfers said public marking to the reading device and/or the portable terminal;

wherein the management of the data carrier in the system comprises a step of activating the data carrier in the system, 

wherein the data carrier is activated in the system after the authentication server having received the data-carrier management information encoded in the data-carrier management marking.


27.	(Previously Presented) The system according to claim 26, wherein the data carrier is configured as a chip card or as a label.


28.	(Previously Presented) The system according to claim 26, wherein the security marking of the data carrier is configured as a radio-frequency identification (RFID) transponder.


29.	(Previously Presented) The system according to claim 28, wherein the transponder is adapted to encrypt a piece of security information stored in the transponder and to transmit said piece of security information to a reading device only in an encrypted form.


30.	(Previously Presented) The system according to claim 26, wherein the data-carrier management marking is configured as an optically readable marking.


31.	(Previously Presented) The system according to claim 26, wherein the security marking of the data carrier is configured as a near-field communication (NFC) transponder or as an ultra high frequency (UHF) transponder.

Allowable Subject Matter
Claims 16, 19-31 are allowed.
The following is a statement of reasons for allowance and a discussion of the closest prior art of record:
The claims at hand generally deal with management, authentication, and activation of a data carrier.  The claims disclose an authentication server producing a public marking and tying the public marking to management information.  Moreover, the claims disclose that only information pertinent to a specific location is released.  The claims disclose a method in a system comprising at least one portable data carrier, an authentication server and at least one reading device of at least one service provider which is couplable with the authentication server, wherein the data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking that can be read contactlessly by the reading device, on the basis of which security marking the data carrier can be authenticated by the authentication server, comprising the steps of: equipping the data carrier with a data-carrier management marking, which encodes a piece of data-carrier management information and which is contactlessly readable by means of a portable terminal of a user of the system; contactlessly reading the data-carrier management marking by means of a portable terminal and transferring the data-carrier management information encoded in the data-carrier management marking to the authentication server; managing the data carrier in the system employing the data-carrier management information including a step of allocating the user to the data carrier, wherein, in the step of allocating, user registration data of a user can be transferred to the authentication server and allocated to the data-carrier management information, and wherein the authentication server produces a public marking of the data carrier, said public marking being allocated to the data-carrier management information, and transfers said public marking to the portable terminal; wherein the management of the data carrier in the system comprises a step of activating the data carrier in the system, wherein the data carrier is activated in the system after the authentication server having received the data-carrier management information encoded in the data-carrier management marking.
Terminal disclaimer filed 02 June 2022 overcomes the non-statutory double patenting rejection with co-pending application 15/754,897.
The amended claimed invention are directed to patent-eligible subject matter under 35 USC § 101 because the abstract idea is integrated into a practical solution when hiding a data mark.  The claims are directed to increasing security of information of a single data carrier across multiple applications and service providers and the abstract idea is integrated into a practical application.
Shalev (US 2017/0024945 A1) discloses an access control system that comprises a storage for storing a plurality of user profiles of a plurality of users, each one of the plurality of user profiles is associated with a unique identifier, and defining access credentials of each user to each of a plurality of gates.  Shalev discloses the user may use an application on his mobile device in order to be granted access.  Shalev discloses that upon arrival to an access gate, the user can present the barcode, for instance on the screen of his mobile device, allowing a reader of the gate control unit to extract an encoded user identifier.  The user identifier may be forwarded to a central server for authentication using the respective user profile.
Harper (US 2015/0302394 A1) discloses an authentication server receives the authentication information from the reader.  Hart discloses that the authentication server attempts to authenticate the data card by using the authentication information that is encrypted from the data card.  Hart discloses the authentication server decrypts the information in order to determine if the user/data card is authenticated and may be proceed.  Hart discloses the reader then transmits the challenge to the authentication server.  The authentication server decrypts the reader’s challenge and formulates an encrypted response.  The authentication server then sends the formulated response to the reader.  The reader validates the response.
Hart et al. (US 2008/0215887 A1) discloses an authentication server receives the authentication information from the reader.  Hart discloses that the authentication server attempts to authenticate the data card by using the authentication information that is encrypted from the data card.  Hart discloses the authentication server decrypts the information in order to determine if the user/data card is authenticated and may be proceed.  Hart discloses the reader then transmits the challenge to the authentication server.  The authentication server decrypts the reader’s challenge and formulates an encrypted response.  The authentication server then sends the formulated response to the reader.  The reader validates the response.  Hart discloses the authentication server receives the authentication information from the reader. Hart discloses that registration may occur directly via an authentication server when the authentication server receives the communication to authenticate.
The closest Foreign Patent Document the Examiner could find is Kuster et al. (WO 2016/037295 A1) Identification system, method, and user medium.  Kuster discloses an identification system that has a plurality of user media, each of which has an integrated circuit having memory means and an identification code  stored in the memory means; at least one reading device; wherein the reading device is capable of contactlessly reading data for an authentication process from the integrated circuit via radio waves; and wherein the identification system additionally has a user management device and is capable of initiating or not initiating a process on the basis of whether the read user medium is recorded as authorized in the user management device.  The system is distinguished in that each user medium additionally has an optically readable code that contains an identification information item individually identifying the user medium in question, wherein the identification system is capable of recording a user medium recognized via the optically readable code in the user management device.
The closest Non Patent Literature the Examiner could find is Hoffman et al. Securing number plates based on digital signatures and RFID, 16th International IEEE Conference on Intelligent Transportation Systems (ITSC 2013) (Pages: 2051-2057).  Hoffman discloses that since a vehicle number plate is a primary token used for the identification of a vehicle, RFID in combination with digital signatures can help in identifying number plates.  Elliptic curve cryptography can be used to obtain the required cryptographic key strength without exceeding the storage limitations of passive RFID.  A number plate management system enforces integrity onto the issuing and distribution process.  Also is aimed at the efficient and secure management of number plates over their complete life cycle, from the production of blank plates till the final disposal of plates.
Examiner determined that it would not have been obvious to combine these arts to specifically disclose a method in a system comprising at least one portable data carrier, an authentication server and at least one reading device of at least one service provider which is couplable with the authentication server, wherein the data carrier is adapted to communicate contactlessly with the reading device and comprises a security marking that can be read contactlessly by the reading device, on the basis of which security marking the data carrier can be authenticated by the authentication server, comprising the steps of: equipping the data carrier with a data-carrier management marking, which encodes a piece of data-carrier management information and which is contactlessly readable by means of a portable terminal of a user of the system; contactlessly reading the data-carrier management marking by means of a portable terminal and transferring the data-carrier management information encoded in the data-carrier management marking to the authentication server; managing the data carrier in the system employing the data-carrier management information including a step of allocating the user to the data carrier, wherein, in the step of allocating, user registration data of a user can be transferred to the authentication server and allocated to the data-carrier management information, and wherein the authentication server produces a public marking of the data carrier, said public marking being allocated to the data-carrier management information, and transfers said public marking to the portable terminal; wherein the management of the data carrier in the system comprises a step of activating the data carrier in the system, wherein the data carrier is activated in the system after the authentication server having received the data-carrier management information encoded in the data-carrier management marking.


Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALISON L LAMB whose telephone number is (571)272-1060. The examiner can normally be reached Monday-Thursday 8am-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Kalinowski can be reached on (571)272-6771. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/A.L.L./Examiner, Art Unit 3691                                                                                                                                                                                                        

/HANI M KAZIMI/Primary Examiner, Art Unit 3691