EXAMINER'S AMENDMENT

Continued Examination Under 37 CFR 1.114

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 27 July 2022 has been entered.
By the above submission, Claims 14, 15, 20, 22-24, 31, and 32 have been amended.  Claims 19 and 28 have been canceled.  No new claims have been added.  Claims 14-18, 20-27, and 30-32 are currently pending in the present application.

Response to Amendment

As per the request for continued examination, the after-final amendment filed 07 June 2022 has not been entered.

Examiner’s Amendment

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
The application has been amended as follows: 


IN THE CLAIMS:
Please REPLACE Claim 24 with the following amended claim:

24.	A method for accessing data stored in a memory of a user terminal that integrates a secure element, the secure element being a chip or a smart card integrated in the user terminal, the secure element including a specific microprocessor and one or more memories, the user terminal and the secure element communicating with each other using a secure element reader, the method comprising:
encrypting, by an operating system of the user terminal, data using a secret key stored in the secure element, the secret key being obtained by diversification of a master key using a unique identifier of the user terminal; and
storing the encrypted data in the memory of the user terminal,
the method further comprising, in an access device:
performing mutual authentication with the secure element, the mutual authentication establishing, between the secure element and the access device, a communication channel secured by a session key;
sending, to the secure element, a request to access the data that are stored in the user terminal and encrypted by the operating system of the user terminal using the secret key stored in the secure element; and
in response to the request, receiving, from the secure element via the secure communication channel, the data having been decrypted and then encrypted by the session key.

Allowable Subject Matter

Claim 24 has been amended to correct an issue of antecedent basis and to conform with corresponding independent Claims 31 and 32.
The objection to the specification for failure to provide proper antecedent basis for the claimed subject matter and the rejection under 35 U.S.C. 112(a) are withdrawn in light of the amendments to the claims and Applicant’s remarks more clearly pointing out support for the amended claims (pages 12-13 and 14-15 of the present response).  The objection to the claims for informalities and the rejection under 35 U.S.C. 112(b) are withdrawn in light of the amendments to the claims.
Claims 14-18, 20-27, and 30-32 are allowed.
The following is an examiner’s statement of reasons for allowance:
Independent Claims 14 and 24 are directed to methods that include encrypting data by an operating system of a user terminal using a secret key stored in a secure element, where the secret key is obtained by diversification of a master key using a unique identifier of the user terminal, where the user terminal integrates the secure element which is a chip or smart card and includes a microprocessor and memory and which communicates with the terminal using a reader.  The method of Claim 14 further includes the secure element performing mutual authentication with an access device to establish a communication channel secured by a session key, and in response to a request to access the encrypted data stored in the user terminal, recovering the stored encrypted data from the user terminal, converting the encryption of the recovered data by the secret key into an encryption by the session key and transmitting the re-encrypted data via the communication channel.  The corresponding method of Claim 24 further includes the access device performing mutual authentication with the secure element to establish the communication channel secured by the session key, sending a request to the secure element to access the encrypted data stored in the user terminal, and receiving the data that were decrypted using the secret key and encrypted by the session key.  Independent Claims 22 and 31 are directed to software implementations of the methods of Claims 14 and 24, respectively; independent Claim 23 is directed to the user terminal and secure element that perform the method of Claim 14; and independent Claim 32 is directed to the access device that performs the method of Claim 24.
The closest prior art, Lee and Malville, generally discloses methods that include performing mutual authentication that establishes a communication channel between a secure element and an access device secured by a session key, and in response to a request to access data stored in the user terminal that are encrypted using a secret key, recovering the encrypted data, converting the encryption of the recovered data into an encryption by the session key, and transmitting the data to the access device via the channel.  The cited art also generally discloses diversification of a master key using an identifier of a terminal.  Additional prior art references are relevant to the claims as amended, such as Di Luoffo et al, US Patent 7380125, which generally discloses methods that include mutual authentication using a smart card connected by a reader to a server and terminal, and Montemayor et al, US Patent 7805611, which generally discloses methods including mutual authentication to establish a secure channel between a chip card and a server through a reader.  However, none of the cited references, alone or in combination, clearly teaches or suggests that the secure element is a chip or smart card integrated in the terminal, where the secure element stores the secret key and the encrypted data is stored in a memory of the terminal, where the mutual authentication is performed between the access device and the secure element within the terminal, in combination with the other claimed limitations.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:30am-6:00pm, Eastern Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Zachary A. Davis/Primary Examiner, Art Unit 2492