DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Amendment filed on 6/1/2022.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative Marc Boillot on June 27, 2022.

Claims
Please replace claims as following: 
Claim 1 (Currently amended) A method for authenticating to a device, comprising:
registering data associated with a credential related to a user role on said device thereby producing an encrypted credential with corresponding registered data;
deleting the credential responsive to said registering; 
receiving, by the device, from a chip, said registered data;
retrieving, by the device, based on the registered data received, said encrypted credential that was encrypted by the chip during said registering;
sending, by the device, to the chip, a decryption request for decrypting the encrypted credential including or being accompanied with the encrypted credential to be decrypted;
retrieving, by the chip, a secret key;
decrypting, by the chip, the encrypted credential by using the secret key to reproduce said credential;
sending, by the chip, to the device, as a decryption request response, the credential;
deleting the credential reproduced on the chip; then
verifying, by the device, whether the credential for said user role is or is not valid; 
deleting the credential reproduced on the device; and then
authenticating the chip for said user role, by the device, only if the credential for said user role was deemed valid during said verifying, 
Claim 7 (Currently amended) An authentication device comprising:
a microprocessor;
at least one memory configured to store, for each chip to be authenticated, registered data in association with a predetermined encrypted credential; and
an interface, 
wherein microprocessor of the authentication device is configured to:
register data associated with a credential related to a user role on said device thereby producing an encrypted credential with corresponding registered data;
deleting the credential responsive to said registering; 
receive, via the interface, from a chip, said registered data;
retrieve, from the at least one memory, based on the registered data received, an associated encrypted credential that was encrypted by the chip during said registering;
send, via the interface, to the chip, a decryption request for decrypting the encrypted credential including or being accompanied with the encrypted credential to be decrypted to reproduce said credential;
receive, via the interface, from the chip, as a decryption request response, the credential, that credential since deleted on the chip responsive to sending it;
verify, whether the credential is or is not valid; 
delete the credential on the authentication device; and then
authenticate the chip for said user role, only if the credential was deemed valid during said verify, 









Claim 9 (Currently amended) A chip for authenticating to a device, the chip comprising:
a microprocessor;
at least one memory configured to store registered data and a secret key, said registered data associated with a credential related to a user role on said device; and
an interface configured to communicate with the device, 
wherein the microprocessor of the chip is configured to:
register the data associated with the credential related to the user role on said device thereby producing an encrypted credential with corresponding registered data stored in the at least one memory;
delete the credential responsive to said registering; 
retrieve, by the device, based on the registered data, said encrypted credential that was encrypted by the chip during said registering;
send, via the interface, to said device, the registered data stored in the at least one memory;
receive, via the interface, from the device, a decryption request for decrypting the encrypted credential that was encrypted by the chip, including or being accompanied with the encrypted credential to be decrypted;
retrieve the secret key from the at least one memory;
decrypt the encrypted credential by using the secret key 
send, via the interface, to the device, as a decryption request response, the credential; and
delete said credential reproduced on said chip after said send
wherein the device
verifies whether the credential for said user role is or is not valid; 
deletes the credential reproduced on the device; and then
authenticates the chip for said user role only if the credential for said user role was deemed valid during said verifying. 





Examiner's Statement of Reason for Allowance

Claims 1-4 and 7-9 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is directed to a method for authenticating to a device, comprising receiving, by the device, from a chip, data; retrieving, by the device, based on the received data, a predetermined encrypted credential; sending, by the device, to the chip, a decryption request for decrypting the encrypted credential including or being accompanied with the encrypted credential to be decrypted; retrieving, by the chip, a secret key; decrypting, by the chip, the encrypted credential by using the secret key; sending, by the chip, to the device, as a decryption request response, the credential; verifying, by the device, whether the credential is or is not valid; and authenticating, by the device, only if the credential is valid, the chip.

The closest prior art, as previously recited,  Kim (US 2016/0226837 A1), Scheidt (US 7,111,173 B1), Watanabe et al. (US 2002/0026574 A1) and Ali et al. (US 2014/0310532 A1) in which, Kim disclose a server for authenticating a smart chip, which is connected to a terminal transmitting and receiving data to and from the smart chip through a network, the server including: a server transceiving unit receiving a card identifier identifying a user from the terminal; and an authentication unit generating an authentication key from the card identifier and authenticating the smart chip from the authentication key, in which the smart chip receives the encrypted text to generate the decrypted text from a private key, and the card identifier is a public key corresponding to the private key. Accordingly, the present invention has the advantages of increasing the safety of a transaction to confirm whether a user has a medium in possession during online and offline transactions; and in which Scheidt teaches encrypting an object includes generating a cryptographic key, using the cryptographic key to initialize a cryptographic algorithm, and applying the algorithm to the object. Accordingly, an encrypted object is formed. The key is generated by combining key splits derived from different sources. One of the key splits is a biometric value derived from and corresponding to a particular person; and in which Watanabe teaches a person authentication system, a person authentication method, and an information processing apparatus which allow person authentication to be performed in an easy fashion in various devices by comparing a template serving as person identification data with sampling information input by a user. A service provider (SP) or user device (UD) executes person authentication by acquiring a template from a person identification certificate (IDC) generated by a third-party agency serving as a person identification certificate authority (IDA). The IDA acquires a template serving as identification data after verifying a person requesting an IDC to be issued, and generates the IDC storing template information. The IDA distributes the IDC having a digital signature of the IDA added thereto to the SP and the UD; and in which Ali teaches an electronic device has a lower power state in which power to a storage device is disabled. Predetermined information stored in a memory is useable to unlock the storage device during a procedure to transition the electronic device from the lower power state to a higher power state. The predetermined information is different from a credential for use in unlocking the storage device.

However, none of Kim (US 2016/0226837 A1), Scheidt (US 7,111,173 B1), Watanabe et al. (US 2002/0026574 A1) and Ali et al. (US 2014/0310532 A1) teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent Claim 1 and similarly Claim 7 and Claim 9.  For example, none of the cited prior art teaches or suggest the steps of Claim 1 and similarly Claim 7 and Claim 9: registering data associated with a credential related to a user role on said device thereby producing an encrypted credential with corresponding registered data; deleting the credential responsive to said registering; receiving, by the device, from a chip, said registered data; retrieving, by the device, based on the registered data received, said encrypted credential that was encrypted by the chip during said registering; sending, by the device, to the chip, a decryption request for decrypting the encrypted credential including or being accompanied with the encrypted credential to be decrypted; retrieving, by the chip, a secret key; decrypting, by the chip, the encrypted credential by using the secret key to reproduce said credential; sending, by the chip, to the device, as a decryption request response, the credential; deleting the credential reproduced on the chip; then verifying, by the device, whether the credential for said user role is or is not valid; deleting the credential reproduced on the device; and then authenticating the chip for said user role, by the device, only if the credential for said user role was deemed valid during said verifying.

Therefore, the claims are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385.  The examiner can normally be reached on Monday-Friday 10am - 6pm (MDT).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KARI L SCHMIDT/Primary Examiner, Art Unit 2439