DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on 06/18/2021.
Claims 1-20 are submitted for examination.
Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Examiner’s Note
Examiner has interpreted Claim 13 for 35 U.S.C. 112(f). Examiner suggest adding a hardware element into the claims, should applicant decide to amend the claim to avoid 35 U.S.C. 112(f) interpretation. The hardware element will make claim compliant for 35 U.S.C. 101 software per se.
Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 19 July 2021.
Claim Objections
Claims 1, 13, 14 and 20 are objected to because of the following informalities:  Claim 1 recites a limitation, “…and if the credential is valid”, Claim 13 recites a limitation, “…and if the credential is valid”, Claim 14 recites a limitation, “…..and if the credential is valid”, Claim 20 recites a limitation, “….creating the assigned profile of the user if both the credential of the authoring party and the credential of the user are valid,,,,”.  Examiner suggest replacing “if” with “when” or “in response to”. Appropriate correction is required.
Claim Analysis - 35 USC § 112  
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “wherein the digital identity system is configured to enable the authoring party to modify or cancel the assigned profile” in claim 2, “wherein the device of the user is configured to cause the credential of the user to be rendered available to the authoring party” in claim 13.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation:
“digital identity system” is interpreted as Fig. 1. The digital identity system has In-memory which may for example be implemented, at the hardware level, in volatile electronic storage as per paragraph 84 of PGPUB. The memory recites a sufficient structure.
“A user device” is interpreted as Fig. 24. The user device has a display which recites a sufficient structure.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. 
Independent Claim 1 recites, “A digital identity system comprising: …”. However, the body of the claim lacks definite structure indicative of a physical product. Therefore, the claim as a whole appears to be nothing more than computer software, and software per se does not fall within a statutory category. Examiner submits that a processor can be a virtual processor. Examiner suggest adding a hardware processor and/or memory to the claim elements in order to be patent-eligible under 35 U.S.C. 101.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-2, 4-5, 8 and 12-17 are rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”).

Referring to Claims 1 and 14:
Regarding Claim 1, Nguyen teaches,
A digital identity system comprising: 
a network interface configured to send and receive electronic messages; (Fig. 23(2316), ¶113, “Electronic system 2300 may retrieve and/or receive information, e.g. via the network interface 2316”) and 
at least one processor configured to perform operations comprising: (Fig. 23(2312),  ¶109)
receiving in a message, from a device of an authoring party, [a data item of a user] with a credential of the user; (¶64, “the user authentication request may include a user identifier and a password”, ¶66, “the server 240C may securely transmit the login credentials of the user, such as the user identifier and a password, to the external authentication system”, i.e. Examiner submits that server 240C is considered as authoring party that transmit user credentials and a user identifier)
validating the credential, (¶68, “the server 240C may securely transmit the login credentials of the user, such as the user identifier and a password, to an external authentication system. If the server 240C authenticates users through multiple external authentication systems”, ¶69, “the server 240C determines that the authentication of the user was successful”, i.e. user is authenticated) and if the credential is valid, creating an assigned profile for the user, (¶77, “the user management service may create profiles for the users retrieved from the external authentication system in the user tables”, i.e. user profile is created) [the assigned profile comprising the data item]; and 
Nguyen does not teach explicitly,
[receiving in a message, from a device of an authoring party], a data item of a user [with a credential of the user];
[validating the credential, and if the credential is valid, creating an assigned profile for the user], the assigned profile comprising the data item;
issuing, to a device of the user, a token bound to the assigned profile, wherein presentation of the token to the digital identity system causes the assigned profile to be rendered available to a presenting entity.
However, Gorman teaches,
[receiving in a message, from a device of an authoring party], a data item of a user (¶67,  “the enrollment platform 10 for creation of an attendee profile 14 may include qualification attributes 16 such as: a photo, a name, a social security number, a street address, a company affiliation, a professional certification, a local certification, a state certification, a federal certification, a professional license, a degree, a permit, a skill or a specific piece of equipment”, i.e. attribute is considered as a data item) [with a credential of the user];
[validating the credential, and if the credential is valid, creating an assigned profile for the user], the assigned profile comprising the data item; (Abstract, “The profile includes the participant's attributes which are vetted automatically or by social networking means”, ¶10, “Each participant profile may include one or more attributes”, ¶67, “the enrollment platform 10 for creation of an attendee profile 14 may include qualification attributes 16 such as: a photo, a name, a social security number, a street address, a company affiliation, a professional certification, a local certification, a state certification, a federal certification, a professional license, a degree, a permit, a skill or a specific piece of equipment”, i.e. attribute (data item) is included in profile).
issuing, to a device of the user, a token bound to the assigned profile, (Abstract, “A token is assigned to each profile which enables access to the profiles”, ¶77, “The profile 14 may be associated with a unique identifier 30”, “The identifier 30 may comprise a bar code, a Quick Response (QR) code, or some other displayable or transmittable code or symbol that may be presented for access to the profile 14”, Claim 1, i.e. a token associated with profile is provided to user device) wherein presentation of the token to the digital identity system causes the assigned profile to be rendered available to a presenting entity. (Abstract, “Access to the event involves scanning the token, accessing a participant's profile and testing attributes in the profile relative to the access control rules”, ¶77, “The QR code 30 may be scanned by the computing or communication device 40 which may comprise a smart phone or a laptop, for example. A mobile application on the smart phone 40 may use the internet address from the QR code to access the profile 14 and may verify that the participant 42 has proper credentials for accessing the event”, ¶97, “City designates an event sentry 40 to scan user QR codes and to access online profiles to verify that access control requirements are met”, i.e. QR code (token) is presented to an authority. The authority is able to access the profile).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Gorman with the invention of Nguyen.
Nguyen teaches, creating a profile of a user after validating credentials. Gorman teaches, associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Therefore, it would have been obvious to have  associating a token with a user profile and providing the token to a user to access user profile by a presenting entity of Gorman with creating a profile of a user after validating credentials of Nguyen for tighter access controls for an event or a proprietary areas. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 14, it is a non-transitory computer-readable storage medium Claim of above system Claim 1 and therefore Claim 14 is rejected with the same rationale as applied against Claim 1 above. In addition Nguyen teaches, not-transitory computer readable storage medium in paragraph 115.

Regarding Claim 13, Nguyen teaches,
A system comprising: 
a digital identity system comprising: 
a network interface configured to send and receive electronic messages; (Fig. 23(2316), ¶113, “Electronic system 2300 may retrieve and/or receive information, e.g. via the network interface 2316”) and 
at least one processor configured to perform operations comprising: (Fig. 23(2312),  ¶109)
receiving in a message, from a device of an authoring party, [a data item of a user] with a credential of the user; (¶64, “the user authentication request may include a user identifier and a password”, ¶66, “the server 240C may securely transmit the login credentials of the user, such as the user identifier and a password, to the external authentication system”, i.e. Examiner submits that server 240C is considered as authoring party that transmit user credentials and a user identifier)
validating the credential, (¶68, “the server 240C may securely transmit the login credentials of the user, such as the user identifier and a password, to an external authentication system. If the server 240C authenticates users through multiple external authentication systems”, ¶69, “the server 240C determines that the authentication of the user was successful”, i.e. user is authenticated) and if the credential is valid, creating an assigned profile for the user, (¶77, “the user management service may create profiles for the users retrieved from the external authentication system in the user tables”, i.e. user profile is created) [the assigned profile comprising the data item]; and 
said device of the user, wherein the device of the user is configured to cause the credential of the user to be rendered available to the authoring party, (¶64, “the user authentication request may include a user identifier and a password. For example, the server 240C may provide a user login interface to a user interacting with the management console application 246 “, i.e. user device provides credentials to the server) [receive the token from the digital identity system, and display the token on a display of the user device for capturing by the presenting entity].
Nguyen does not teach explicitly,
[receiving in a message, from a device of an authoring party], a data item of a user [with a credential of the user];
[validating the credential, and if the credential is valid, creating an assigned profile for the user], the assigned profile comprising the data item; and
issuing, to a device of the user, a token bound to the assigned profile, wherein presentation of the token to the digital identity system causes the assigned profile to be rendered available to a presenting entity; and 
[said device of the user, wherein the device of the user is configured to cause the credential of the user to be rendered available to the authoring party], receive the token from the digital identity system, and display the token on a display of the user device for capturing by the presenting entity.
However, Gorman teaches,
[receiving in a message, from a device of an authoring party], a data item of a user (¶67,  “the enrollment platform 10 for creation of an attendee profile 14 may include qualification attributes 16 such as: a photo, a name, a social security number, a street address, a company affiliation, a professional certification, a local certification, a state certification, a federal certification, a professional license, a degree, a permit, a skill or a specific piece of equipment”, i.e. attribute is considered as a data item) [with a credential of the user];
 [validating the credential, and if the credential is valid, creating an assigned profile for the user], the assigned profile comprising the data item; (Abstract, “The profile includes the participant's attributes which are vetted automatically or by social networking means”, ¶10, “Each participant profile may include one or more attributes”, ¶67, “the enrollment platform 10 for creation of an attendee profile 14 may include qualification attributes 16 such as: a photo, a name, a social security number, a street address, a company affiliation, a professional certification, a local certification, a state certification, a federal certification, a professional license, a degree, a permit, a skill or a specific piece of equipment”, i.e. attribute (data item) is included in profile)  and
issuing, to a device of the user, a token bound to the assigned profile, (Abstract, “A token is assigned to each profile which enables access to the profiles”, ¶77, “The profile 14 may be associated with a unique identifier 30”, “The identifier 30 may comprise a bar code, a Quick Response (QR) code, or some other displayable or transmittable code or symbol that may be presented for access to the profile 14”, Claim 1, i.e. a token associated with profile is provided to user device) wherein presentation of the token to the digital identity system causes the assigned profile to be rendered available to a presenting entity; (Abstract, “Access to the event involves scanning the token, accessing a participant's profile and testing attributes in the profile relative to the access control rules”, ¶77, “The QR code 30 may be scanned by the computing or communication device 40 which may comprise a smart phone or a laptop, for example. A mobile application on the smart phone 40 may use the internet address from the QR code to access the profile 14 and may verify that the participant 42 has proper credentials for accessing the event”, ¶97, “City designates an event sentry 40 to scan user QR codes and to access online profiles to verify that access control requirements are met”, i.e. QR code (token) is presented to an authority. The authority is able to access the profile).
 and 
[said device of the user, wherein the device of the user is configured to cause the credential of the user to be rendered available to the authoring party], receive the token from the digital identity system, and display the token on a display of the user device for capturing by the presenting entity. (Fig. 4(418, 420), ¶84, “the user 42 may receive unique identification information, such as a QR code that may be printed or downloaded to a smart phone. In step 420, an event sentry 40 may scan the QR code and may gain access to all or a portion of the participant's 42 profile 14 and may grant or deny access to the event to the participant 42”, i.e. QR code (token) is received and presented to the presenting entity).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Gorman with the invention of Nguyen.
Nguyen teaches, creating a profile of a user after validating credentials. Gorman teaches, associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Therefore, it would have been obvious to have  associating a token with a user profile and providing the token to a user to access user profile by a presenting entity of Gorman with creating a profile of a user after validating credentials of Nguyen for tighter access controls for an event or a proprietary areas. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Referring to Claims 2 and 15:
Regarding Claim 2, rejection of Claim 1 is included and for the same motivation Nguyen teaches,
The digital identity system of claim 1, wherein the digital identity system is configured to enable the authoring party to modify or cancel the assigned profile.(¶107, “The administrative user may modify a selected user's profile, or a new user's profile in the user information section 2230”).
Regarding Claim 15, rejection of Claim 14 is included and Claim 15 is rejected with the same rationale as applied against Claim 2 above.

Referring to Claims 4 and 16:
Regarding Claim 4, rejection of Claim 1 is included and for the same motivation Nguyen teaches,
The digital identity system according to claim 1, wherein the operations further comprise generating the credential of the user for providing to the authoring party device. (¶64, “a user attempting to access the management console application 246. In one or more implementations, the user authentication request may include a user identifier and a password”, i.e. a user is attempting to access a controlled application using credentials indicates that the credentials are generated and provided to the user).

Regarding Claim 16, rejection of Claim 14 is included and Claim 16 is rejected with the same rationale as applied against Claim 4 above.

Referring to Claims 5 and 17:
Regarding Claim 5, rejection of Claim 4 is included and for the same motivation Nguyen teaches,
The digital identity system according to claim 4, wherein the operations further comprise rendering available, to the authoring party, identity data of the user. (¶64, “a user attempting to access the management console application 246. In one or more implementations, the user authentication request may include a user identifier and a password”, i.e. Examiner submits that user identifier is considered as user identification data).

Regarding Claim 17, rejection of Claim 16 is included and Claim 17 is rejected with the same rationale as applied against Claim 5 above.

Regarding Claim 8, rejection of Claim 1 is included and for the same motivation Nguyen does not teach explicitly,
The digital identity system of claim 1, wherein the token is associated with a visual image of the user that is rendered available to the presenting entity when the token is presented.
However, Gorman teaches,
The digital identity system of claim 1, wherein the token is associated with a visual image of the user that is rendered available to the presenting entity when the token is presented. (Abstract, “The profile includes the participant's attributes which are vetted automatically or by social networking means. A token is assigned to each profile which enables access to the profiles”, ¶19, “a qualification attribute in the enrolling step is a photo”, ¶67, Fig. 4(418, 420), ¶84, “the user 42 may receive unique identification information, such as a QR code that may be printed or downloaded to a smart phone. In step 420, an event sentry 40 may scan the QR code and may gain access to all or a portion of the participant's 42 profile 14 and may grant or deny access to the event to the participant 42”, i.e. token is associated with a profile. The profile includes a photo which is available to presenting entity when the token is presented for a scan). 

Regarding Claim 12, rejection of Claim 1 is included and for the same motivation Nguyen does not teach explicitly,
The system of claim 1, wherein the device of the user is configured to display the token as a barcode or QR code.
However, Gorman teaches,
The system of claim 1, wherein the device of the user is configured to display the token as a barcode or QR code. (Fig. 4(418, 420), ¶84, “the user 42 may receive unique identification information, such as a QR code that may be printed or downloaded to a smart phone. In step 420, an event sentry 40 may scan the QR code and may gain access to all or a portion of the participant's 42 profile 14 and may grant or deny access to the event to the participant 42”, i.e. QR code (token) is received and presented to the presenting entity).

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Kalman Csaba Toth (US PGPUB. # US 2015/0095999, hereinafter “Toth”).

Regarding Claim 3 rejection of Claim 1 is included and combination of Nguyen and Gorman does not teach explicitly,
The digital identity system of claim 1, wherein details of the authoring party are provided to the presenting entity.
However, Toth teaches,
The digital identity system of claim 1, wherein details of the authoring party are provided to the presenting entity. (Fig. 2, ¶414, “FIG. 2 also illustrates other users 290, having personal identity devices and e-credentials, respectively affixing digital seals 291 and 292 to e-credentials 220 and an electronic document 245, thereby creating cryptographic bindings between the e-credentials of other users (issuers) 290”,¶81, “ relying parties, knowing that the issuer is strongly bound to credentials they issue, will be proportionately assured as to the relative assurance level of the subject's credential”,  ¶106, i.e. issuer (authoring party) information is provided in a digital seal to a relying party),
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Toth with the invention of Nguyen in view of Gorman.
Nguyen in view of Gorman teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Toth teaches, including issuer’s information in a digital seal. Therefore, it would have been obvious to have  including issuer’s information in a digital seal of Toth with invention of Nguyen in view of Gorman so relying parities assured as to the relative assurance lever of the subject’s credential. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 


Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Linn et al. (US PGPUB. # US 2014/0244296, hereinafter “Linn”).

Regarding Claim 11 rejection of Claim 1 is included and combination of Nguyen and Gorman does not teach explicitly,
The digital identity system according to claim 1, wherein the assigned profile contains medical information.
However, Linn teaches,
The digital identity system according to claim 1, wherein the assigned profile contains medical information. (¶42, “The data from patient 104 is not restricted to longitudinal patient data 112 but may include any health metrics recorded through their device and the data from the prescriber 106 could include a similar range of measures, recorded through their EMR system, as well as lab results or images”, ¶44, ¶50, “the data processing module 118 may create profiles for each patient, prescriber, and retail pharmacy outlet for which data is received”, ¶51, “data processing module 118 would add information contained in the received longitudinal patient data 112 into profiles associated with the patient”, i.e. profile contains medical data).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Linn with the invention of Nguyen in view of Gorman.
Nguyen in view of Gorman teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Linn teaches, a user profile includes a medical data. Therefore, it would have been obvious to have  a user profile including a medical data of Lynn with invention of Nguyen in view of Gorman for allowing a doctor to gather and analyze information to treat patients more effectively while respecting privacy of their patients. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claims 6 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Vysogorets et al. (US PGPUB. # US 2010/0199089, hereinafter “Vysogorets”).
Referring to Claims 6 and 18:
Regarding Claim 6, rejection of Claim 4 is included and combination of  Nguyen and Gorman does not teach explicitly,
The digital identity system according to claim 4, wherein each of the user and the authoring party is associated with a respective code unique to that entity, wherein the operations further comprise generating and rendering available, to the authoring party, a unique composite code, by combining the code of the user with the code of the authoring party, wherein neither of the codes is derivable from the composite code alone.
However, Vysogorets teaches,
The digital identity system according to claim 4, wherein each of the user and the authoring party is associated with a respective code unique to that entity, wherein the operations further comprise generating and rendering available, to the authoring party, a unique composite code, by combining the code of the user with the code of the authoring party, wherein neither of the codes is derivable from the composite code alone. (Abstract, “the at least two data input elements including the user ID of the user and a service provider ID of the service provider”, ¶97, “The Service Provider FE 208 links both User and Service Provider Agent IDs and asks the Distributed Data Storage Management engine 210 for the user data that corresponds to this pair”, ¶112, “this resource identifier is derived by using the User Id and Service Provider ID as inputs to a one-way function (Obf(UserID, SP ID)) as described above”, i.e. user id and service provider id are unique code of user and service provider (authoring party) which are combined with one way indicates that neither of the code is derivable from the composite code).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Vysogorets with the invention of Nguyen in view of Gorman.
Nguyen in view of Gorman teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Vysogorets teaches, combining user identification code and service provider identification code to retrieve resource data. Therefore, it would have been obvious to have  combining user identification code and service provider identification code to retrieve resource data of Vysogorets with invention of Nguyen in view of Gorman for allowing a doctor to gather and analyze information to provide strong authentication and maintaining privacy of the user data. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 18, rejection of Claim 16 is included and Claim 18 is rejected with the same rationale as applied against Claim 6 above.

Claims 7 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Bruce Ross (US PGPUB. # US 2013/0138570, hereinafter “Ross”).

Referring to Claims 7 and 19:
Regarding Claim 7, rejection of Claim 1 is included and combination of  Nguyen and Gorman does not teach explicitly,
The digital identity system of claim 1, wherein the operations further comprise issuing the token in response to an electronic sharing token request received from the user device, the assigned profile in the form of one or more attributes selected at the user device when requesting the sharing token.
However Ross teaches,
The digital identity system of claim 1, wherein the operations further comprise issuing the token in response to an electronic sharing token request received from the user device, the assigned profile in the form of one or more attributes selected at the user device when requesting the sharing token. (¶7, Fig. 1(102), ¶63, “a user may provide user information, such as a driver's license, passport, or other user-provided identification document, to an issuer”, ¶67, Fig. 1(108), ¶68, i.e. Examiner submits that a fresh one-time credential (sharing token) is provided in response to a request).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ross with the invention of Nguyen in view of Gorman.
Nguyen in view of Gorman teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Ross teaches, requesting a sharing token along with user attributes. Therefore, it would have been obvious to have  requesting a sharing token along with user attributes of Ross with invention of Nguyen in view of Gorman for allowing growth of electronic commerce and reducing electronic fraud. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 19, rejection of Claim 14 is included and Claim 19 is rejected with the same rationale as applied against Claim 7 above.

Claims 9 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Himalesh Cherukuvada Kumar (WIPO PUB. # WO 2014/028516, hereinafter “Kumar”).
Referring to Claims 9 and 20:
Regarding Claim 9 rejection of Claim 1 is included and Nguyen teaches,
The digital identity system of claim 1, [wherein the message received from the device of the authoring party further comprises a credential of the authoring party, wherein the operations further comprise: validating the credential of the authoring party], and creating the assigned profile of the user (¶77, “the user management service may create profiles for the users retrieved from the external authentication system in the user tables”, i.e. user profile is created) [if both the credential of the authoring party and the credential of the user are valid].
Combination of Nguyen and Gorman does not teach explicitly,
The digital identity system of claim 1, wherein the message received from the device of the authoring party further comprises a credential of the authoring party, wherein the operations further comprise: validating the credential of the authoring party, [and creating the assigned profile of the user] if both the credential of the authoring party and the credential of the user are valid.
However, Kumar teaches,
The digital identity system of claim 1, wherein the message received from the device of the authoring party further comprises a credential of the authoring party, wherein the operations further comprise: validating the credential of the authoring party, [and creating the assigned profile of the user] if both the credential of the authoring party and the credential of the user are valid. (Fig. 3, ¶259, “At block 330, at the authentication server, the password and the web portal identifier are authenticated based on the user identifier and the third party identifier”, “At block 360, a transaction corresponding to the requested transaction type is performed for the user using a payment source corresponding to the payment source identifier”, i.e. Examiner submits that both user password and third party identifier (authoring party) are verified and transaction is performed).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Kumar with the invention of Nguyen in view of Gorman.
Nguyen in view of Gorman teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity. Kumar teaches, performing a transaction after authentication of user password and third party identifier. Therefore, it would have been obvious to have  performing a transaction after authentication of user password and third party identifier of Kumar with invention of Nguyen in view of Gorman for secure, reliable, and accurate electronic ID systems and methods that meet current consumer needs as well as the demands of novel identification techniques, secure transactions, and usages for the future. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 20, rejection of Claim 14 is included and Claim 20 is rejected with the same rationale as applied against Claim 9 above.
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Nguyen et al. (US PGPUB. # US 2014/0317727, hereinafter “Nguyen”), and further in view of Gorman et al. (US PGPUB. # US 2013/0325704, hereinafter “Gorman”), and further in view of Himalesh Cherukuvada Kumar (WIPO PUB. # WO 2014/028516, hereinafter “Kumar”), and further in view of Quast et al. (US PGPUB. # US 2015/0169284, hereinafter “Quast”).

Regarding Claim 10 rejection of Claim 9 is included and combination of Nguyen, Gorman and Kumar does not teach explicitly,
The digital identity system of claim 9, wherein the operations further comprise determining authorizations attached to the credential of the authoring party, and confirming that the authoring party is allowed to assign profiles to users of the digital identity system.
However, Quast teaches,
The digital identity system of claim 9, wherein the operations further comprise determining authorizations attached to the credential of the authoring party, and confirming that the authoring party is allowed to assign profiles to users of the digital identity system. (¶55, “the system may receive a request from one device executing a virtual assistant (e.g., the user's smart phone) to access at least some information in the user's profile and provide the device with access to the requested information (if it is determined that the device has permission to have such access) “, ¶87, “Server 110 may determine whether a computing device requesting access to a user's profile has permission to access at least some information in the user's profile and, when server 110 determines that the computing device has permission to access at least some information in the user's profile, server 110 may provide the computing device with access to the information”, Fig. 4, ¶144-¶145, Fig. 5, ¶153, “This determination may be made based on information in the received requested in any suitable way. As one non-limiting example, information in the request identifying the user (e.g., login and password information, biometric information, and/or any other suitable identifying information)”, i.e. determines if the user (authoring party) is allowed to access the user profile based on credentials).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Quast with the invention of Nguyen in view of Gorman and Kumar.
Nguyen in view of Gorman and Kumar teaches, creating a profile of a user after validating credentials and associating a token with a user profile and providing the token to a user to access user profile by a presenting entity and performing a transaction after authentication of user password and third party identifier. Quast teaches, determining that a user is authorized to access a user profile based on the received credential. Therefore, it would have been obvious to have  determining that a user is authorized to access a user profile based on the received credential of Quast with invention of Nguyen in view of Gorman and Kumar to protect user profile and allow an authorized user to customize the profile for better user experience. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Engan et al. (WO # 2015/089444) discloses, an access management account that includes an access identifier may be used to control access to telecommunications services or applications. An access identifier is designated for obtaining access to multiple telecommunications services or applications, in which the multiple telecommunications services or applications are accessible to a user through multiple user accounts that are protected by account credentials. Once the access credential is designated, the access credential may be used to determine whether access to the one or more telecommunications services or applications is to be granted instead of using the account credentials of the multiple user accounts.
Purves et al. (US # 2013/0346302) discloses, obtaining a bill payment transaction request from a bill payment component instantiated within a hosting portal site, said bill payment component being operated independent of a billing party, said bill payment transaction request includes bill information of a bill issued by the biller and payer identifying information; determining a type of the bill payment component; verifying the obtained bill information including a payment amount based on the type of the bill payment component; retrieving payer account information based on the obtained payer identifying information; and transferring an approved amount of funds to the biller's account from the payer account.
Sundaram et al. (WO # 2013/183061) discloses, a method for performing a secure financial transaction using the payment card. The payment card comprises a biometric sensor, an input means, a display screen, a processor unit, a memory unit, a communication means, a power source and a mini USB. The method comprises of programming the payment card with a plurality of pre-set information, verifying authenticity of the user, activating the payment card on successful authentication, inputting an unique authorization code, validating the user for the financial transaction by comparing the input unique authorization code with a unique identification number stored within the payment card, defining a maximum threshold of an amount to be charged on the payment card and deducting the preset amount from the card at a retailer end.
Stiles et al. (US # 2013/0262204) discloses, an integrated, online approach to handling aspects of customer promotions can include a promotional management module for use by a client vendor. The promotional management module can integrate with the client vendor's existing online commerce portal and/or with a social networking service or the like to provide a user with an enhanced shopping experience by presenting one or more offers that the user can redeem via e-commerce (e.g. online selection and payment), in-person (e.g. at a physical location of the client vendor, or via other approaches.
Hellman et al. (US # 2012/0053965) discloses, a method allowing a professional service provider to access client data stored in an online account without storing confidential account information by the professional service provider. In particular, the service provider may register the relationship with the client in a third party information transfer framework where the client approves such registration and download the data from the online account using the confidential account information in a temporary manner. The client data may be stored in a repository available to the service provider based on the relationship registration. In an example, a professional tax preparation software may include functionality to check for newly downloaded client data within the third party information transfer framework, notifying a tax accountant (i.e., the service provider), and may provide a one click access to import the client data directly into the client tax return.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498