DETAILED ACTION
1.	This office action is in response to the communication filed on 08/06/2020.
2.	Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
3.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Examiner Notes
5.	In light of the specification (para. 97, “computer-readable storage media is any available media that provides for the non-transitory storage”), the limitation “one or more computer-readable media” in claim 1 or claim 19 is/are non-transitory storage device(s).

Claim Objections
6.	Claim(s) 7 and 16 is/are objected to because of the following informalities:  
On line 1, there is missing a colon (:) after the word “comprising”
Appropriate correction(s) is/are required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


7.	Claim(s) 10, 12-14, 16-17 and 19-20 is/are rejected under 35 U.S.C. 102(a)(1)/102(a)(2) as being anticipated by Singhal (US 2007/0067642 A1).
Regarding claim(s) 10:
Singhal discloses:
detecting, by a first electronic device, that a second electronic device is attempting to establish a direct connection with the first electronic device (see figs. 1D, 4A and paras. 34-35, 104 where a card device is inserted into a physical interface of a network device which is a computer, where the network device collects the information/data record from the card device for authentication requirement. In other words, a network device (i.e., first electronic device) detects a card device (i.e., second electronic device) attempting to establish a direct connection with the network device); 
determining, by the first electronic device, to authenticate the second electronic device using an authentication service; sending, to one or more devices associated with the authentication service, a request to authenticate the second electronic device (see fig. 4A and paras. 104-106 where the network device sends the card device’s data record to an authentication server having access to an authentication database to authenticate the card device. In other words, the network device determines to authenticate the card device using an authentication service associated with an authentication server (i.e., one or more devices), and sends the card device’s data record (i.e. a request comprises the card device’s data record) to the authentication server to authenticate the card device); and 
receiving, from the one or more devices, an indication that the one or more devices authenticated the second electronic device (see fig. 4B and paras. 106, 126 where the network device receives, from the authentication server, an authentication approval/successful message indicating that the authentication server authenticated the card device).

Regarding claim(s) 12:
Singhal discloses:
sending, to the one or more devices, the request to authenticate the second electronic device using multi-factor authentication (see fig. 4C and paras. 99, 104-106 where the network device sends the card device’s data record to an authentication server having access to an authentication database to authenticate the card device based on multiple factors (e.g., a card’s serial number, card ID, thumb print, PIN, and GPS location)).

Regarding claim(s) 13:
Singhal discloses:
receiving, from the second electronic device, information representing an environment of the second electronic device, and wherein determining to authenticate the second electronic device is based at least in part on the information (see fig. 4C and paras. 46, 88-89, 99, where the network device receives, from the card device, geographic location (i.e., information representing an environment) of the card device, wherein the geographic location is authenticated using an authentication database associated with the authentication server).

Regarding claim(s) 14:
Singhal discloses:
wherein the information represents at least one of: a media access control address associated with the second electronic device; an Internet Protocol address associated with the second electronic device; connection information associated with the second electronic device; a location associated with the second electronic device; a time period associated with a previous connection with the second electronic device; or an action to be performed by the second electronic device (see fig. 4C and paras. 88-89, for geographic location of the card device).

Regarding claim(s) 16:
Singhal discloses:
determining, based at least in part on the information, that the second electronic device includes a new electronic device (see figs. 1D, 4A and paras. 34-35, 104 where a card device is inserted into a physical interface of the network device, where the network device collects the information/data record from the card device for authentication requirement; see paras. 88-89 where the geographic location of the card device is included in the record. In other words, the network device determines, based at least in part on the record, that the card device includes a newly inserted card device (i.e. new electronic device)), and 
wherein determining to authenticate the second electronic device is based at least in part on the second electronic device including the new electronic device (see fig. 4B and paras. 104-106, 126 where the network device receives, from the authentication server, an authentication approval/successful message indicating that the authentication server authenticated the card device which newly inserted into the network device).

Regarding claim(s) 17:
Singhal discloses:
detecting, by the first electronic device, that the second electronic device was inserted into an input interface of the first electronic device (see fig. 4A and para. 104 where a card device is inserted into a physical interface of the network device).

Regarding claim(s) 19:
Singhal discloses one or more devices comprising: one or more processors; and one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors (see para. 97 for an authentication system comprising an authentication server, an authentication database, and a network device) to perform operations comprising: 
storing first information representing a first state of an environment of an electronic device (see fig. 1D and para. 46 where a geographic/GPS location (i.e., first state of an environment) of a card device (i.e., an electronic device) is pre-stored in an authentication database); 
receiving second information representing a second state of the environment of the electronic device (see fig. 4C and paras. 88, 104-106 where the authentication server receives a record including a GPS location (i.e., second state of the environment) from the card device when the card device is inserted into the network device); 
determining to authenticate the electronic device based at least in part on the first information and the second information (see figs. 4A, 4C and para. 125 where the authentication server verifies the authentication factors including a GPS location in the record against the pre-stored data including a GPS location); and 
authenticating the electronic device (see fig. 4B, step 5, and/or para. 126).

Regarding claim(s) 20:
Singhal discloses:
analyzing the first information with respect to the second information in order to identify a transition associated with the environment, and wherein determining to authenticate the electronic device is based at least in part on the transition (see para. 125 where the authentication server verifies the authentication factors including a GPS location in the record against the pre-stored data including a GPS location; see paras. 46, 66 where the card-device is authorized to be used from certain locations, and not from any other location. In other words, the authentication server evaluates/analyzes a GPS location of the card device against the pre-stored GPS location associated with the card device in order to identify a change to the location of card device in order to authenticate the card device based at least in part on whether the location of the card device is changed).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


8.	Claim(s) 1-5, 7-8 and 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Singhal in view of Tola (US 20180375841 A1).
Regarding claim(s) 1:
Singhal discloses a first electronic device comprising: one or more processors; and one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising: 
detecting a second electronic device (see figs. 1D, 4A and paras. 34-35, 104 where a card device is inserted into a physical interface of the network device which is a computer, where the network device collects the information/data record from the card device for authentication requirement. In other words, the network device detects a card device (i.e., second electronic device) inserted into a physical interface of the network device for authentication requirement); 
determining, using a component [of a communication stack], to authenticate the second electronic device using an authentication service; sending, to one or more devices associated with the authentication service, a request to authenticate the second electronic device (see fig. 4A and paras. 104-106 where the network device sends the card device’s data record to an authentication server having access to an authentication database to authenticate the card device. In other words, the network device determines, using a software or hardware component, to authenticate the card device using an authentication service associated with an authentication server (i.e., one or more devices), and sends the card device’s data record (i.e. a request comprises the card device’s data record) to the authentication server to authenticate the card device); and 
receiving, from the one or more devices, an indication that the one or more devices authenticated the second electronic device (see fig. 4B and paras. 106, 126 where the network device receives, from the authentication server, an authentication approval/successful message indicating that the authentication server authenticated the card device).
Singhal does not, but Tola discloses:
determining, using a component of a communication stack, to authenticate a device (see Tola, para. 83, where a virtual communications kernel (i.e. a component) is a layer of an Open Systems Interconnect (OSI) stack (i.e., communication stack); para. 168 where a virtual communications kernel is combined with authentication and authorization processes; see para. 145 for authenticating and authorizing communications between devices (i.e. a device authenticates the other device)).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to determining, using a component of a communication stack, to authenticate a device, as taught by Tola, in order for protecting communications between devices (Tola, abstract).

Regarding claim(s) 2:
Singhal does not, but Tola discloses:
wherein the component is included in one or more layers associated with the communication stack (see Tola, para. 83, where a virtual communications kernel (i.e. a component) is a layer of an Open Systems Interconnect (OSI) stack (i.e., communication stack)).

Regarding claim(s) 3:
Singhal discloses:
sending, to the one or more devices, the request to authenticate the second electronic device using multi-factor authentication (see fig. 4C and paras. 99, 104-106 where the network device sends the card device’s data record to an authentication server having access to an authentication database to authenticate the card device based on multiple factors (e.g., a card’s serial number, card ID, thumb print, PIN, and GPS location)).

Regarding claim(s) 4:
Singhal discloses:
receiving, from the second electronic device, information representing an environment of the second electronic device, and wherein determining to authenticate the second electronic device is based at least in part on the information (see fig. 4C and paras. 46, 88-89, 99, where the network device receives, from the card device, geographic location (i.e., information representing an environment) of the card device, wherein the geographic location is authenticated using an authentication database associated with the authentication server).

Regarding claim(s) 5:
Singhal discloses:
wherein the information represents at least one of: a media access control address associated with the second electronic device; an Internet Protocol address associated with the second electronic device; connection information associated with the second electronic device; a location associated with the second electronic device; a time period associated with a previous connection with the second electronic device; or an action to be performed by the second electronic device (see fig. 4C and paras. 88-89, for geographic location of the card device).

Regarding claim(s) 7:
Singhal discloses:
determining, based at least in part on the information, that the first electronic device has not connected to the second electronic device (see fig. 4C and paras. 88-89 where the network device receives, from the card device, a record including a thumb print; see fig. 1A and para. 40 where a thumb print is taken by the card device when the card device has not inserted/connected (e.g., the card device is held away from the network device’s interface) into the network device), and 
wherein determining to authenticate the second electronic device is based at least in part on the first electronic device not having connected with the second electronic device (see fig. 4A and paras. 104-106 where the network device sends the card device’s data record to an authentication server to authenticate the card device, wherein the authentication server authenticates a record including a thump print; see fig. 1A and para. 40 where a thumb print is taken by the card device when the card device has not inserted/connected into the network device).

Regarding claim(s) 8:
Singhal discloses
an input interface, and wherein detecting the second electronic device comprises detecting that the second electronic device was inserted into the input interface (see fig. 4A for a physical interface of a network device; see para. 104 where a card device is inserted into a physical interface of the network device).

Regarding claim(s) 11:
Singhal discloses wherein determining to authenticate the electronic device comprises: 
receiving data from the second electronic device (see para. 104 where the network device receives data record from the card device); and 
determining, [by the component,] to authenticate the second electronic device [based at least in part on analyzing the data] (see fig. 4A and paras. 104-106 where the network device sends the card device’s data record to an authentication server having access to an authentication database to authenticate the card device).
Singhal does not, but Tola discloses:
analyzing the data using a component of a communication stack associated with the first electronic device, and determining, by the component, to authenticate a device based at least in part on analyzing the data (see Tola, para. 83, where a virtual communications kernel (i.e. a component) is a layer of an Open Systems Interconnect (OSI) stack (i.e., communication stack); para. 168 where a virtual communications kernel is combined with authentication and authorization processes; see para. 145 for authenticating and authorizing communications between devices (i.e. a device authenticates the other device); see para. 155 where a device is authorized based on the location of the device, e.g., based on changes on location (i.e., the location of a device is analyzed for changing)).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to analyzing the data using a component of a communication stack associated with the first electronic device, and determining, by the component, to authenticate a device based at least in part on analyzing the data, as taught by Tola, in order for protecting communications between devices (Tola, abstract).

9.	Claim(s) 6 and 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Singhal, Tola, and further in view of Jung et al. (US 20140115675 A1).
Regarding claim(s) 6:
Singhal discloses:
wherein the information comprises first information representing one or more first characteristics associated with a first state of the environment (see fig. 4C and paras. 88-89, where a geographic location (i.e., first information representing one or more first characteristics) of the card device is transferred to the network device),
[storing] second information representing one or more second characteristics associated with a second state of the environment (see fig. 4A and para. 46 where a geographic location of a card device (i.e., second information representing one or more second characteristics) is pre-stored in an authentication database); and 
[determining] at least a transition between the one or more first characteristics and the one or more second characteristics, and wherein [determining to] authenticate the second electronic device is based at least in part on the transition (see paras. 46, 125).
Singhal does not, but Jung discloses:
	storing second information, determining a difference between first information and second information, and determining to authenticate a second device based at least in the difference (see Jung, fig. 1 and paras. 82-83, where a smart card service apparatus 200 (i.e., first device) acquires login information (i.e., second information) from a smart terminal (i.e., second device), and determines to authorize the smart terminal’s user based on whether the acquired login information exists in a list of authorized users (i.e., login information stored in advance with a list of authorized users)).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to storing second information, determining a difference between first information and second information, and determining to authenticate a second device based at least in the difference, as taught by Jung, in order for smart card service apparatus to authenticate a smart terminal based on login information of the user of the smart terminal (Jung, paras. 73-74).

Regarding claim(s) 9:
Singhal discloses:
receiving credentials from the second electronic device (see fig. 4C and paras. 88-89 where the network device receives, from the card device, a record including a PIN and a thumb print (i.e., credentials) of a user); 
authenticating the second electronic device using at least the credentials [and] the indication (paras. 104-106 where the network device sends the card device’s data record to an authentication server to authenticate the card device based on the data record); and 
based at least in part on authenticating the second electronic device, establishing a connection with the second electronic device (see figs. 4A, 4B and paras. 106, 110 where the user of the card device is allowed to access a service (e.g., select a transaction in an ATM application) provided by the network device based on the authentication granted/approved by the authentication server).
Singhal does not, but Jung discloses:
authenticating the second device using at least the credential and the indication (see Jung, fig. 1 and paras. 82-83, where a smart card service apparatus 200 (i.e., first device) acquires login information (i.e., credential) from a smart terminal (i.e., second device), and determines to authorize the smart terminal’s user based on the acquired login information; see para. 87 where the smart card service apparatus receives, from the security/authentication management device, an authentication result information (i.e., indication) indicating an authentication success performed by the security/authentication management device on the smart terminal based on the smart card service apparatus’s request).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to authenticating the second device using at least the credentials and the indication, as taught by Jung, in order to authenticate a smart terminal using a smart card service apparatus and a security/authentication management device (Jung, paras. 82-83 and 87).

10.	Claim(s) 15 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Singhal in view of Jung.
Regarding claim(s) 15:
Singhal discloses:
wherein the information comprises first information representing one or more first characteristics associated with a first state of the environment (see fig. 4C and paras. 88-89, where a geographic location (i.e., first information representing one or more first characteristics) of the card device is transferred to the network device), and 
[storing] second information representing one or more second characteristics associated with a second state of the environment (see fig. 4A and para. 46 where a geographic location of a card device (i.e., second information representing one or more second characteristics) is pre-stored in an authentication database); and 
[determining] at least a transition associated with the environment based at least in part on the one or more first characteristics and the one or more second characteristics (), and wherein [determining to] authenticate the second electronic device is based at least in part on the transition (see paras. 46, 125).
Singhal does not, but Jung discloses:
	storing second information, determining a difference between first information and second information, and determining to authenticate a second device based at least in the difference (see Jung, fig. 1 and paras. 82-83, where a smart card service apparatus 200 (i.e., first device) acquires login information (i.e., second information) from a smart terminal (i.e., second device), and determines to authorize the smart terminal’s user based on whether the acquired login information exists in a list of authorized users (i.e., login information stored in advance with a list of authorized users)).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to storing second information, determining a difference between first information and second information, and determining to authenticate a second device based at least in the difference, as taught by Jung, in order for smart card service apparatus to authenticate a smart terminal based on login information of the user of the smart terminal (Jung, paras. 73-74).

Regarding claim(s) 18:
Singhal discloses:
receiving credentials from the second electronic device (see fig. 4C and paras. 88-89 where the network device receives, from the card device, a record including a PIN and a thumb print (i.e., credentials) of a user); 
authenticating the second electronic device using at least the credentials [and] the indication (paras. 104-106 where the network device sends the card device’s data record to an authentication server to authenticate the card device based on the data record); and 
based at least in part on authenticating the second electronic device, establishing the direct connection with the second electronic device (see figs. 4A, 4B and paras. 106, 110 where the user of the card device is allowed to access a service (e.g., select a transaction in an ATM application) provided by the network device based on the authentication granted/approved by the authentication server).
Singhal does not, but Jung discloses:
authenticating the second device using at least the credential and the indication (see Jung, fig. 1 and paras. 82-83, where a smart card service apparatus 200 (i.e., first device) acquires login information (i.e., credential) from a smart terminal (i.e., second device), and determines to authorize the smart terminal’s user based on the acquired login information; see para. 87 where the smart card service apparatus receives, from the security/authentication management device, an authentication result information (i.e., indication) indicating an authentication success performed by the security/authentication management device on the smart terminal based on the smart card service apparatus’s request).
It would have been obvious to one having ordinary skill in the art to which the claimed invention pertains, before the effective filing date of the claimed invention, to modify Singhal's invention by enhancing it to authenticating the second device using at least the credentials and the indication, as taught by Jung, in order to authenticate a smart terminal using a smart card service apparatus and a security/authentication management device (Jung, paras. 82-83 and 87).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Brown, US 20170195339 A1, METHOD AND APPARATUS FOR GEOGRAPHIC LOCATION BASED ELECTRONIC SECURITY MANAGEMENT.
Lee, US 20180212957 A1, APPARATUS AND METHOD FOR AUTHENTICATION, AND COMPUTER PROGRAM AND RECORDING MEDIUM APPLIED TO THE SAME.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUAN V. DOAN whose telephone number is 571-272-3809. The examiner can normally be reached on Monday – Thursday, 9:00am – 5:00pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA, can be reached on 571-272-3951.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HUAN V DOAN/Primary Examiner, Art Unit 2499