DETAILED ACTION
	This is a non-final action on the merits.  The U.S. Patent and Trademark Office has received claims 1-20 in application number 16/076,269.  Claims 14–20 are withdrawn.  Claim 4 is canceled.  Claims 1–3 and 5-13 are currently pending.

Notice of Pre-AIA  or AIA  Status
	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Request for Continued Examination
	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application on 12/06/2021 after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/24/2022 has been entered.

Response to Remarks
	A new search was conducted in accordance with the request for continued examination and the amendments to independent claims 1 and 13.  The resulting new ground of rejection under 35 U.S.C. 103 is provided along with additional prior art in the Relevant Art Not Cited section at the end of this action.


Claim Rejections 35 U.S.C. 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

	Claims 1–3 and 5-13 are rejected under 35 U.S.C. 103 as being unpatentable over Guedalia et al. (US 2014/0244834 A1) (“GUEDALIA”), in view of Swift et al. (US 2006/0225132 A1) (“SWIFT”), and in further view of Svigals et al. (US 20150200914 A1) (“SVIGALS”).  Throughout this section, claim limitations are numbered by decimal and all quotations of prior art are cited to the applicable paragraph number; bold-type is used to emphasize disclosure.

	Regarding claim(s) 1 and 7, SWIFT discloses:
1.	 A method comprising: 
7. 	 An apparatus comprising: a processor; one or more short range communication means; and a memory including instructions that, when executed with the processor, cause the apparatus to, at least: 
1.1		detecting, by a proxy device having access to a communication network connection, a plurality of electronic devices within a vicinity of the proxy device, each of the plurality of electronic devices lacking direct access to the communication network connection, the proxy device connected to a processing server via the communication network connection;
[0028] Referring now to FIG. 2, the present invention is directed to a mechanism by which a user 70 of a computer network 72 is able to give proxy authorization to a client 74 in the network, and the authorized client is able to authenticate itself for accessing a service 76 on behalf of the user, without having to give confidential security data of the user, such as the user's password, to the proxy client for the purpose of authenticating the client by the service. To give the proxy authorization, the user 70 submits a proxy registration request 78 to a trusted security server 80.
SWIFT at 0028, Fig. 2 (disclosing the recited proxy device as the “proxy client 74,” that accesses a communication network to the “trusted security server 80,” where the recited electronic devices correspond to the “computer 70” in communication to the “proxy client 74”); further SWIFT at 0029 (disclosing lacking direct access to the trusted server) (“When the proxy client 74 acting as a proxy of the user 70 needs to access the target service 76, it first sends a proxy access request 84 to the trusted security server 80. The proxy access request 84 identifies the user 70 that authorized the proxy and the target service 76 the proxy client wants to access.”).
1.2		establishing, by the proxy device, a trusted relationship with each of the electronic devices by:
SWIFT at 0028 (“to give the proxy authorization, the user 70 submits a proxy registration request 78 to a trusted security server 80” and “the proxy authorization data 82 are stored by the trusted security server 80 in its database”; figure 2);
		authenticating each of the electronic devices during an enrollment process by requesting security protocols or security certificates from each of the electronic devices;
SWIFT at 0009 (“To permit the proxy client to function as a proxy, the user first registers with a trusted security server proxy authorization information that identifies the proxy client and specifies the extent of proxy authority granted to the proxy client.”).
		and providing an encryption key to the electronic devices such that future communications between the electronic devices and the proxy device are encrypted using the encryption key;
[0033] The Kerberos protocol relies heavily on an authentication technique involving shared-key cryptography. Specifically, communication partners share a secret cryptography key. One party proves knowledge of the secret key by encrypting a piece of information, the other by decrypting the encrypted information and verifying the validity of the information. The secret key for the communication is distributed by a Kerberos key distribution center (KDC) 106, which functions as a trusted entity in this authentication scheme. The KDC 106 is a service that runs on a physically secured server.
SWIFT at 0033.
1.3		in response to establishing the trusted relationship, associating, by the proxy device, each of the electronic devices with an access credential comprising a payment token;
SWIFT at 0030.
1.4		storing, by the proxy device, the access credential associated with each of the electronic devices;
SWIFT at 0028 (“the proxy authorization data 82 are stored by the trusted security server 80 in its database”).
1.5		receiving, by the proxy device, from one of the electronic devices in the electronic devices, a request to conduct a transaction, the request encrypted using the encryption key;
SWIFT at 0029 (“When the proxy client 74 acting as a proxy of the user 70 needs to access the target service 76, it first sends a proxy access request 84 to the trusted security server 80.”); SWIFT at 0030 (“For instance, the proxy authentication data structure may be in the form of a "ticket" containing data encrypted with a secret key of the target service as in a preferred embodiment, or in other forms that may be commonly referred to as "certificates" or ‘capabilities.’”); SWIFT at 0034 (“Since the KDC is itself a server, the client has to obtain a session key and a session ticket for transactions with the KDC before it can request for session keys and tickets for other services. To that end, the user of the client has to be authenticated based on her password. When a user 70 logs on, the Kerberos client 100 on her computer accepts her password and converts it into a cryptographic key by passing the text of the password through a one-way hash function. The result is the user's long-term key.”).
1.6		identifying, by the proxy device, the access credential associated with the one of the electronic devices stored by the proxy device;
SWIFT at 0028 (“the trusted security server 80 retrieves the proxy authorization data of the specified user and determines whether the proxy access request should be allowed”);
1.7		and initiating, by the proxy device via the communication network connection, the transaction on behalf of the electronic device using the access credential. 
SWIFT at 0030 e.g. (“proxy authentication data structure may be given to the target service 76, which stores it for authenticating the proxy client when the proxy client attempts to access the target service”)
	However, SWIFT does not explicitly disclose: at (1.1) detecting, by a proxy device . . . a plurality of electronic devices within a vicinity of the proxy device, and (1.3) an access credential comprising a payment token.
	GUEDALIA discloses with respect to the remaining limitations:
1.1		detecting, by a proxy device having access to a communication network connection, a plurality of electronic devices within a vicinity of the proxy device, each of the plurality of electronic devices lacking direct access to the communication network connection, the proxy device connected to a processing server via the communication network connection;
GUEDALIA at 0086, Fig. 1D (“a supervisor device associated with the IoT network may detect and register one or more IoT devices, one or more non-IoT devices, and/or other suitable physical objects that are coupled to otherwise used in the controlled loT network”); GUEDALIA at 0040 (“the supervisor device 130 may generally observe, monitor, control, or otherwise manage the various other components in the wireless communications system 100B”); and GUEDALIA at 0062 Figs. 1B, 3 (disclosing “a processor”).
	In view of the above references, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to implement the functions of SWIFT on the supervisor device of GUEDALIA, because these functions can be performed to establish authenticated trust with detected devices, to a predictable result, so that the supervisor device may act as a proxy of the user, as in  SWIFT.
However, the combination of SWIFT and GUEDALIA do not explicitly disclose at (1.3) an access credential comprising a payment token.
SVIGALS discloses an access credential comprising a payment token and further discloses a client device in communication with a proxy device for performing a transaction:
1.1		detecting, by a proxy device having access to a communication network connection, a plurality of electronic devices within a vicinity of the proxy device, each of the plurality of electronic devices lacking direct access to the communication network connection, the proxy device connected to a processing server via the communication network connection;
The security device (104) is a device separate and apart from the Smart Device (102), and works in conjunction with the Smart Device (102) to securely process Smart Device (102) transactions, without the need for encryption, PINs, or passwords. In an embodiment of the invention, Smart Device (102) is not allowed to communicate directly with external networks (506), but rather must do so via SSD (104). This removes the security burden from Smart Device (102), speeding and simplifying transaction.
SVIGALS at 0008.  SVIGALS at 0048 (“Communication system 100 includes an Application Controlling Institution (ACI) 101, a Smart Device (SD) 102, and a SPARC (Smart Process for Applications and Remote Control) Security Device (SSD) 104. The SPARC Security device (SSD) 104 is provided by the Application Controlling Institution (ACI) 101.”); SVIGALS at 0049 (“Application Controlling Institution (ACI) 101 communicates bi-directionally with Smart Device (SD) 102 via a communication channel 108. Smart Device (SD) 102 communicates bi-directionally with SPARC Security Device (SSD) 104 via a communication channel 106.”); SVIGALS at 0051 (“Smart Device (SD) 102 receives, transmits, and processes information. Examples of Smart Devices 102 include smart phones, cellular phones, tablet computers, tokens, automated teller machines (ATM), point of sale (POS) devices, transaction devices, networks such as those belonging to Visa and MasterCard, and PayPal.”).
1.3		in response to establishing the trusted relationship, associating, by the proxy device, each of the electronic devices with an access credential comprising a payment token;
SVIGALS at 0066 (disclosing the payment token as the “replace the identification portion (typically, the user's account number) of transaction information used . . . for just a single transaction”).
	In view of the disclosure of the above cited prior art, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to implement the functions of SWIFT on the supervisor device of GUEDALIA, such that the access credential is the payment token of SVIGALS.  This substitution is obvious because the device of GUEDALIA can perform the functions performed by SWIFT, where the client devices does not have direct access to the payment network, as in SVIGALS.
	Therefore independent claims 1 and 7 are rendered obvious by SWIFT, in view of GUEDALIA, and in further view of SVIGALS.

	Regarding claim(s) 2 SWIFT discloses:  The method of claim 1, wherein the proxy device is in communication with a server and initiating the transaction comprises 
2.1		causing the server to generate an authorization request message with the access credential.  
SWIFT at 0030 (“For instance, the proxy authentication data structure may be in the form of a "ticket" containing data encrypted with a secret key of the target service as in a preferred embodiment, or in other forms that may be commonly referred to as "certificates" or ‘capabilities.’”);
	Therefore claim(s) 2 is rendered obvious by SWIFT, in view of GUEDALIA, and further in view of SVIGALS.

	Regarding claim(s) 3 SWIFT discloses:  The method of claim 1, further comprising 
3.1		determining that the transaction is in compliance with one or more transaction protocols maintained in association with the electronic device.  
SWIFT at 0029 (“After receiving the proxy access request 78, the trusted security server 80 retrieves the proxy authorization data of the specified user and determines whether the proxy access request should be allowed. In doing so, the trusted security server 80 considers, for example, whether the client 74 or a group that includes the client is identified in the authorization data, whether restrictions specified in the authorization data apply to the client or the target service 76, and whether the term of the proxy authorization has expired.”).
	Therefore claim(s) 3 is rendered obvious by SWIFT, in view of GUEDALIA, and further in view of SVIGALS.

	Regarding claim(s) 5 SWIFT discloses:  The method of claim 1, further comprising 
5.1		authenticating that a user of each of the electronic devices is also a user of the proxy device prior to establishing the trusted relationship.  
SWIFT at 0041 ("The proxy authentication procedure begins when the user 70 sends a proxy registration request 78 to a directory service 140 to create a proxy entry. The request 78 contains information to be included in the proxy entry to specify who is allowed to be a proxy and what the proxy is allowed to do."); further SWIFT at 0051 ("After receiving the request, the KDC 106 creates the proxy entry 142 using the information in the request and stores the proxy entry in encrypted form under the requesting user's account in its directory.").
	Therefore claim(s) 5 is rendered obvious by SWIFT, in view of GUEDALIA, and further in view of SVIGALS.

	Regarding claim(s) 6 SWIFT discloses:  The method of claim 5, wherein authenticating that the user of each of the electronic devices is also the user of the proxy device comprises 
6.1		requiring that the user enter a passcode at each of the electronic devices.  
SWIFT at 0051 ("[T]he authentication process by the KDC 106 on the user that sent the request ensures that the purported user making the request is in possession of his or her password. The authentication of the requesting user further prevents a user from maliciously granting herself proxy permissions on another user's account.").
	Therefore claim(s) 6 is rendered obvious by SWIFT, in view of GUEDALIA, and further in view of SVIGALS.

	Regarding claim(s) 8, SWIFT, in view of GUEDALIA, and further in view of SVIGALS teaches limitations of claim 7, SWIFT does not specifically disclose, however GUEDALIA teaches 
8.1		wherein the short range communication means is one of a WiFi interface, a Bluetooth interface, a ZigBee interface, a near field communication (NFC) interface, or a radio frequency (RF) interface.  
GUEDALIA at 0036 ("For example, if the air interface 108 corresponds to a Wi-Fi interface, one or more of the IoT devices 110-120 may have Bluetooth or NFC interfaces for communicating directly with each other or other Bluetooth or NFC-enabled devices.").
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to implement the communication means of SWIFT as Bluetooth or NFC interfaces as disclosed by GUEDALIA to implement Kerberos authentication protocol wirelessly between electronic devices of SWIFT. 

	Regarding claim(s) 9:  SWIFT, in view of GUEDALIA, and further in view of SVIGALS teaches limitations of claim 7, SWIFT does not specifically disclose, however SVIGALS teaches 
9.1		wherein the request to conduct the transaction is a request to purchase a resource.  
SVIGALS at 0108 ("Let us assume that an application associated with Smart Device 102 wishes to request a transaction with Application Controlling Institution 101. Non-limiting examples of information communicated from Smart Device 102 to Application Controlling Institution 101 include an account identifier, an Application Controlling Institution 101 designation, transaction type, fund type requested, requested fund amount, currency type (e.g., U.S. dollars), Smart Device 102 communications address, and a transaction password for routine security.")
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to use transaction processing apparatus disclose by SWIFT to be use to authenticate the transaction of requesting as purchase resource as disclosed by SVIGALS to facilitate secure transaction of requesting as purchase. 

	Regarding claim(s) 10: SWIFT, in view of GUEDALIA, and further in view of SVIGALS teaches limitations of claim 7, SWIFT does not specifically disclose, however SVIGALS teaches
10.1		wherein the request to conduct the transaction is a request to pay for resources consumed.  
SVIGALS at 0108.
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to use transaction processing apparatus disclose by SWIFT to be use to authenticate the transaction of request to pay for resources consumed as disclosed by SVIGALS to facilitate secure payment processing.

	Regarding claim(s) 11 SWIFT, in view of GUEDALIA, and further in view of SVIGALS teaches limitations of claim 7, SWIFT does not specifically disclose, however SVIGALS teaches
11.1		wherein the instructions further cause the apparatus to determine, based at least in part on the request to conduct the transaction, a transaction server associated with the request, the transaction server controlling access to a resource of the request.  
SVIGALS at 0050 ("Application Controlling Institution (ACI) 101 receives, transmits, and processes information. As non-limiting examples, Application Controlling Institution (ACI) 101 may be a financial institution, an independent service, or an industry group such as MasterCard or VISA.").
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to use transaction processing apparatus disclose by SWIFT to incorporate the transaction server controlling access to a resource of the request based at least in part on the request to conduct the transaction as disclosed by SVIGALS to facilitate secure payment processing.

	Regarding claim(s) 12 SWIFT, in view of GUEDALIA, and further in view of SVIGALS teaches limitations of claim 7, SWIFT does not specifically disclose, however SVIGALS teaches The apparatus of claim 11, wherein initiating the transaction on behalf of the electronic device using the access credential comprises: 
12.1		generating a transaction request including one or more transaction details and the access credential;
SVIGALS at 0108 ("Non-limiting examples of information communicated from Smart Device 102 to Application Controlling Institution 101 include . . . a transaction password for routine security.")
12.2		and providing the transaction request to the transaction server.  
SVIGALS at 0113 ("At step 318, ACI 101 receives and processes this information. ACI 101 uses the SPARC Security Device 104 unit identifier for retrieving information from its database indexed by the SSD 104 unit identifier.")
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to use transaction processing apparatus disclose by SWIFT to incorporate generating a transaction request including one or more transaction details and the access credential as disclosed by SVIGALS to facilitate secure payment processing.

	
Regarding claim(s) 13 SWIFT discloses:  The apparatus of claim 7, 
13.1		wherein each of the plurality of electronic devices is associated with a different access credential.  
SWIFT at 0041 ("The proxy authentication procedure begins when the user 70 sends a proxy registration request 78 to a directory service 140 to create a proxy entry. The request 78 contains information to be included in the proxy entry to specify who is allowed to be a proxy and what the proxy is allowed to do."); further SWIFT at 0051 ("[T]he authentication process by the KDC 106 on the user that sent the request ensures that the purported user making the request is in possession of his or her password. The authentication of the requesting user further prevents a user from maliciously granting herself proxy permissions on another user's account.").
	Therefore claim(s) 13 is rendered obvious by SWIFT, in view of GUEDALIA, and further in view of SVIGALS.

Relevant Prior Art Not Relied Upon
	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
HERRON US 20130090064 A1 [Abstract] The claimed subject matter provides for systems and/or methods for a dynamic range wireless access point to initiate deliberate and/or selective communications with one or more wireless devices over a short range radio path. One embodiment of an access point system comprises a processor that transfers one or more wireless devices to a long range radio path once a transition condition has been met. In another embodiment, an access point system may affect transactions between user/customer's smart devices and a commercial place of business where the access point system and the smart devices initiate communications when the smart devices are deliberately placed within the proximity of the access point antenna and/or the smart devices are brought within the vicinity of the access point antenna such as by passing through the entrance or exit to the place of business.
KUANG US 20150172292 A1 [0201] In FIG. 5A, the customer's network is reduced to a single computer 101A, operably connected to the Web 402. The customer's computer 100 contains the security proxy 502 software stored in a memory of the computer 100, and is operably connected to the Portable security device 604, which together become the trusted computing unit 101 which is connected via a modem or router (not shown) to the web 402, and thereby carry out transactions with the Transaction Server 120, and interact with the TRP server 503 and a message generating unit 504 comprising computer readable instructions stored in a computer readable storage medium for execution by a processor. [0202] In FIG. 5B, the customer's Portable Computer-based device 102, such as cell phone, smart phone or similar device having a processor and a computer readable storage medium, is used to access the Security Proxy 502 (and hence the Trusted Computing Unit 101), and thereby carry out transactions with the Transaction Server computer 120 having a processor and memory, to be also referred to as Transaction server 120, and interact with the TRP server 503 and the message generating unit 504 over the web 402.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEFFREY L LICITRA whose telephone number is (571)272-5340. The examiner can normally be reached 9:00AM-5:00PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 571-270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

J.L.L.
Examiner
Art Unit 3685



/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3685