Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1.	This action is responsive to:  an original application filed on 22 June 2021 with acknowledgement that this application is a continuation of application 16/282,111 now patent 11,088,855 which is a continuation-in-part or a continuation of multiple patents and provisional applications with an earliest filing data of 29 July 2016.
2.	Claims 1-24 are currently pending.  Claims 1, 23, and 24, are independent claims. 
3.	The IDS submitted on 22 June 2021 has been considered. 
Double Patenting
4.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A statutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and  In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/.
 The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. 
 An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, please refer to - http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp
 
5.	Claims 1-24, are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-24 of application 16/282,111 now patent 11,088,855.  Although the conflicting claims are not identical, they are not patentably distinct from each other because all the elements/features of claimed method for enabling a relying party device associated with a relying party to verify an identity of a user exist in the patented applications in similar or different names, essentially performing the same tasks.  The main difference is that independent claims are slightly different from each other.  In the pending application limitations from the allowed patent dependent claim 2 are placed in the independent claim.  Other limitations in the allowed independent claim are placed in the dependent claims or removed from the claim set.  Below is a table comparing the pending claims to patent 11,088,855.  The claim limitations in the pending independent claim that are in the independent and dependent claims of the allowed patented claims are highlighted below.  The limitations missing from the independent claim of the pending claim are underlined.
PENDING APPLICATION
PATENT 11,088,855 Claims 1 & 2
1.   A system for enabling a relying party device associated with a relying party to verify a response of a user, comprising: a processor configured to: 
provide at least one cryptographic challenge to the user device, wherein the at least one cryptographic challenge includes or is derived from a pseudorandom value; receive a result of the at least one cryptographic operation as a cryptographic challenge response from the user device, wherein the result is derived from or includes the pseudorandom value; 
receive a signed response request generated by a sponsoring entity device associated with a sponsoring entity, wherein the signed response request comprises a response request digitally signed with a sponsoring entity private key to generate the signed response request; 
and provide the signed response request to a user device, wherein the user device generates an encrypted package encrypted using a sponsoring entity public key, wherein the encrypted package includes the response request populated with at least one response.
 1.   A processor-implemented method for enabling a relying party device associated with a relying party to verify a response of a user, the method comprising: receiving a signed response request generated by a sponsoring entity device associated with a sponsoring entity, wherein the signed response request comprises a response request digitally signed with a sponsoring entity private key to generate the signed response request; 
providing the signed response request to a user device, wherein the user device generates an encrypted package encrypted using a sponsoring entity public key, wherein the encrypted package includes the response request populated with at least one response and a pseudorandom identifier; receiving the encrypted package from the user device; determining that an identity of the user of the user device is verified; and in response to a determination that the identity of the user of the user device is verified, providing the encrypted package to the sponsoring entity device.
2. The processor-implemented method of claim 1, further comprising: providing at least one cryptographic challenge to the user device, wherein the at least one cryptographic challenge includes or is derived from a pseudorandom value, wherein the user device: generates, using a cryptographic processor on the user device, a first set of credentials comprising a public-private key pair associated with the user, wherein the public-private key pair comprises a user public key and a user private key, wherein the user private key is restricted to the cryptographic processor on the user device; verifies at least one of a biometric or a PIN code by comparing the at least one of the biometric or the PIN code with at least one of a previously registered biometric associated with the user or a previously registered PIN code associated with the user, and in response to the at least one of the biometric or the PIN code matching the at least one of the previously registered biometric associated with the user or the previously registered PIN code associated with the user, makes the user private key available for executing at least one cryptographic operation; and responds to the at least one cryptographic challenge by performing the at least one cryptographic operation on the cryptographic challenge using the user private key to form a result of the at least one cryptographic operation; and receiving the result of the at least one cryptographic operation as a cryptographic challenge response from the user device, wherein the result is derived from or includes the pseudorandom value; obtaining an identity token from an identity authority, wherein the identity authority possesses an identity authority signature key pair that comprises an identity authority public key and an identity authority private key, wherein the identity token comprises the user public key, a unique identifier of the identity token, and at least one identity attribute; securely signing the identity token with the identity authority private key, by an identity authority device associated with the identity authority; encrypting the identity token with the user public key, by the identity authority device, to obtain an encrypted identity token; and registering the identity authority public key with an internet certificate authority, by the identity authority device, wherein the identity token securely attests to at least one of an identity document, a verified legal identity, a government issued identity, or the at least one identity attribute.



Claim Rejections - 35 USC § 101
6.	35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

7.	Claim 24 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Independent claim 2 4 is directed to “a computer program product”, this claim is are rejected under 101 because computer program product can be interpreted as a signal, which is non-statutory subject matter.  
		In order to overcome the 101 rejection, the Examiner recommends that the language of the claim be modified to include "non-transitory" or "computer readable device".  Appropriate Correction is required.
Claim Rejections – 35 USC § 103
8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

9.	Claims 1, 17-21, and 23-24 are rejected under 35 U.S.C. 103 as being unpatentable over Chen U.S. Patent No. 9,397,980 (hereinafter ‘980) in view of Meriac et al. U.S. Patent Application Publication No. 2017/0222815 (hereinafter ‘815) in further view of Spanos et al. U.S. Patent Application Publication No. 2016/0027229 (hereinafter ‘229) in further view of London Shrader et al. U.S. Patent Application Publication No. 2002/0077887 (hereinafter ‘887).
As to independent claim 1, “A system for enabling a relying party device associated with a relying party to verify a response of a user, comprising: a processor configured to: provide at least one cryptographic challenge to the user device” is shown in ‘980 col. 20, lines 20-33;
the following is not explicitly taught in ‘980:
	“wherein the at least one cryptographic challenge includes or is derived from a pseudorandom value” however ‘815 teaches challenge communications are generated from a cryptographic nonce, which is generated using a pseudorandom-number generator in paragraphs 171-173;
	“receive a result of the at least one cryptographic operation as a cryptographic challenge response from the user device, wherein the result is derived from or includes the pseudorandom value” however ‘815 teaches in response to receiving the challenge, the cryptographic nonce is signed in paragraph 173;
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980 to include a means to utilize a pseudorandom-number generator to for challenges.  One of ordinary skill in the art would have been motivated to perform such a modification to establish trusted communications between devices & prevent/detect security risks see ‘815 paragraphs 1-2.
the following is not explicitly taught in ‘980 and ‘815:
	“receive a signed response request generated by a sponsoring entity device associated with a sponsoring entity, wherein the signed response request comprises a response request digitally signed with a sponsoring entity private key to generate the signed response request; and provide the signed response request to a user device” however ‘229 teaches signed voting data is passed to the blockchain client which broadcasts the data to the distributed network through the network interface in paragraph 63;
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, and ‘815 to include a means to utilize blockchain technology with voter systems.  One of ordinary skill in the art would have been motivated to perform such a modification to prevent fraud see ‘229 (Abstract, paragraphs 2, 6-7, and 33-34).
the following is not explicitly taught in ‘980, ‘815, and ‘229:
	"wherein the user device generates an encrypted package encrypted using a sponsoring entity public key, wherein the encrypted package includes the response request populated with at least one response” however ‘887 teaches “The entire ballot is encrypted with the public key of the voting tabulator (i.e. sponsoring entity)” in paragraph 61, note according to Applicant’s disclosure paragraph 22-2 3 the ‘sponsoring entity’ is where ballots (encrypted package) are sent.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘229 and ‘815 to include a means to encrypt a package using a sponsoring entities public key.  One of ordinary skill in the art would have been motivated to perform such a modification there remains a need for improvements to an electronic voting system see ‘887 paragraphs 23-29.
	As to dependent claim 17, “The system of claim 1, wherein the signed response request comprises a signed ballot, wherein a blockchain smart contract implements a registrar code in the blockchain smart contract, wherein the blockchain smart contract comprises: a voter table that is represented as an object, wherein each row of the voter table comprises at least one voter identifier; and the signed ballot obtained as an input from the sponsoring entity” is taught in ‘229 Abstract, paragraphs 2, 9, and 33, note using blockchain technology in a voting system.
	As to dependent claim 18, “The system of claim 17, wherein the response to the response request comprises a vote, wherein the registrar code specifies: sending the signed ballot to a registered voter for the signed ballot; verifying that the vote is received from the registered voter; and forwarding the vote to the sponsoring entity” shown in ‘229 Abstract, paragraphs 2, 9, 15, 33, and 63.

As to dependent claim 19, “The system of claim 1, wherein the signed response request is a signed ballot” is taught in ‘229 paragraph 63 and 90.
	As to dependent claim 20, “The system of claim 1, wherein the processor is further configured to: verify the signed response request with a list of eligible that is stored in a relying party device database to determine a first eligible responder, wherein the first eligible responder is the user, and wherein the first eligible responder is associated with the user device; communicate the signed response request to the user device associated with the first eligible responder; receive the encrypted package and an identity token of the user that attests to the verified identity of the user from the user device; verify that the response request is signed by the user by verifying the identity token of the user that attests to a verified identity of the user; and communicate an encrypted completed response request to the sponsoring entity device” is shown in ‘229 paragraphs 61, 66, and 83.
As to dependent claim 21, “The system of claim 1, wherein the processor is further configured to: receive, by the sponsoring entity device, the encrypted package from the relying party device; decrypt the encrypted package using the sponsoring entity private key; and publish the response request, the response, and a pseudorandom identifier associated with the response in a public database” is disclosed in ‘229 paragraphs 11-15, 71, and 77-78.
As to independent claim 23, “A processor-implemented method for enabling a relying party device associated with a relying party to verify a response of a user, the method comprising: providing at least one cryptographic challenge to the user device” is shown in ‘980 col. 20, lines 20-33;
the following is not explicitly taught in ‘980:
	“wherein the at least one cryptographic challenge includes or is derived from a pseudorandom value” ” however ‘815 teaches challenge communications are generated from a cryptographic nonce, which is generated using a pseudorandom-number generator in paragraphs 171-173;
“receiving a result of the at least one cryptographic operation as a cryptographic challenge response from the user device, wherein the result is derived from or includes the pseudorandom value” however ‘815 teaches in response to receiving the challenge, the cryptographic nonce is signed in paragraph 173;
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980 to include a means to utilize a pseudorandom-number generator to for challenges.  One of ordinary skill in the art would have been motivated to perform such a modification to establish trusted communications between devices & prevent/detect security risks see ‘815 paragraphs 1-2.
the following is not explicitly taught in ‘980 and ‘815:
“receiving a signed response request generated by a sponsoring entity device associated with a sponsoring entity, wherein the signed response request comprises a response request digitally signed with a sponsoring entity private key to generate the signed response request; and providing the signed response request to a user device” ” however ‘229 teaches signed voting data is passed to the blockchain client which broadcasts the data to the distributed network through the network interface in paragraph 63;
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, and ‘815 to include a means to utilize blockchain technology with voter systems.  One of ordinary skill in the art would have been motivated to perform such a modification to prevent fraud see ‘229 (Abstract, paragraphs 2, 6-7, and 33-34).
the following is not explicitly taught in ‘980, ‘815, and ‘229:
“wherein the user device generates an encrypted package encrypted using a sponsoring entity public key, wherein the encrypted package includes the response request populated with at least one response” however ‘887 teaches “The entire ballot is encrypted with the public key of the voting tabulator (i.e. sponsoring entity)” in paragraph 61, note according to Applicant’s disclosure paragraph 22-23 the ‘sponsoring entity’ is where ballots (encrypted package) are sent.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘229 and ‘815 to include a means to encrypt a package using a sponsoring entities public key.  One of ordinary skill in the art would have been motivated to perform such a modification there remains a need for improvements to an electronic voting system see ‘887 paragraphs 23-29.
	As to independent claim 24, this claim is directed to a computer program product executing the method of claim 23; therefore, it is rejected along similar rationale.

10.	Claims 2, 6-9, 12, and 22, are rejected under 35 U.S.C. 103 as being unpatentable over Chen U.S. Patent No. 9,397,980 (hereinafter ‘980) in view of Meriac et al. U.S. Patent Application Publication No. 2017/0222815 (hereinafter ‘815) in further view of Spanos et al. U.S. Patent Application Publication No. 2016/0027229 (hereinafter ‘229) in further view of London Shrader et al. U.S. Patent Application Publication No. 2002/0077887 (hereinafter ‘887) in further view of Acar et al. U.S. Patent Application Publication No. 2017015513 (hereinafter ‘513).
	As to dependent claim 2, “The system of claim 1, wherein the user device: generates, using a cryptographic processor on the user device, a first set of credentials comprising a public-private key pair associated with the user, wherein the public-private key pair comprises a user public key and a user private key” is taught in ‘980 col. 4, lines 35-40;
	“verifies at least one of a biometric or a PIN code by comparing the at least one of the biometric or the PIN code with at least one of a previously registered biometric associated with the user or a previously registered PIN code associated with the user, and in response to the at least one of the biometric or the PIN code matching the at least one of the previously registered biometric associated with the user or the previously registered PIN code associated with the user, makes the user private key available for executing at least one cryptographic operation” is disclosed in ‘980 col. 14, lines 8-20, col. 14, lines 40-55, and col. 20, lines 5-41;
	“and responds to the at least one cryptographic challenge by performing the at least one cryptographic operation on the cryptographic challenge using the user private key to form a result of the at least one cryptographic operation” is taught in ‘980 col. 20, lines 20-33;the following is not explicitly taught in ‘980, ‘815, 229, and ‘887:
“wherein the user private key is restricted to the cryptographic processor on the user device” however ‘513 teaches the private key is restricted to the trusted platform module (TPM) in paragraph 40, note the TPM is interpreted equivalent to cryptographic processor.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘815, 229, and ‘887 to include a means to restrict private keys to a cryptographic processor.  One of ordinary skill in the art would have been motivated to perform such a modification because people are using smartphones and other mobile devices to purchase goods and services therefore a method is needed to restrict access to security functionality by providing a trusted platform module (TPM) see ‘513 paragraphs 1-2.
As to dependent claim 6, “The system of claim 2, wherein the processor is further configured to: store a record on an alert database, wherein the record is signed using the user private key; and provide a transaction request on behalf of the user associated with the record on the alert database; send the cryptographic challenge response to the user device associated with the first set of credentials; and authorize the transaction request in response to the transaction request being signed using the first set of credentials” is disclosed in ‘513 paragraphs 4-5 and 15-17.
	As to dependent claim 7, “The system of claim 2, wherein providing the at least one cryptographic challenge comprises providing an encrypted pseudorandom value that is derived from the pseudorandom value by encrypting the pseudorandom value with the user public key from an identity token, wherein performing the at least one cryptographic operation on the at least one cryptographic challenge for responding to the at least one cryptographic challenge comprises decrypting the encrypted pseudorandom value, and wherein the result of the at least one cryptographic operation performed on the cryptographic challenge comprises the pseudorandom value that is received as the cryptographic challenge response” is taught in ‘815 paragraphs 171-173.
	As to dependent claim 8, “The system of claim 2, wherein providing the at least one cryptographic challenge comprises providing a pseudorandom value, wherein performing the at least one cryptographic operation on the at least one cryptographic challenge for responding to the at least one cryptographic challenge comprises encrypting the pseudorandom value, and wherein the result of the of the at least one cryptographic operation performed on the at least one cryptographic challenge comprises an encrypted pseudorandom value, wherein decrypting the encrypted pseudorandom value from the cryptographic challenge response obtains the pseudorandom value” is shown in ‘815 paragraphs 171-173.
	As to dependent claim 9, “The system of claim 2, wherein providing the at least one cryptographic challenge comprises providing a pseudorandom value, wherein performing the at least one cryptographic operation on the at least one cryptographic challenge for responding to the at least one cryptographic challenge comprises signing the pseudorandom value with the user private key, and wherein the result of the of the at least one cryptographic operation performed on the at least one cryptographic challenge comprises a signed pseudorandom value, wherein a signature of the pseudorandom value is verified from the cryptographic challenge response” is disclosed in ‘815 paragraphs 171-173.
	As to dependent claim 12, “The system of claim 2, wherein the at least one cryptographic challenge is communicated to the user device by uniquely identifying the user device based on a 1-1 mapping from the user public key to the user device” is taught in ‘980 col. 15, line 60 through col. 16, line 2.
	As to dependent claim 22, “The system of claim 2, wherein the processor is further configured to: extract an identity token from the electronic document, wherein the user device embeds the identity token into the electronic document and cryptographically signs the electronic document with the user private key, wherein the at least one cryptographic challenge is sent to the user device associated with the user public key to verify that the user public key associated with the identity token corresponds to the user private key used to sign the electronic document” is shown in ‘980 col. 7, lines 31-39 and col. 20, lines 16-41.

11.	Claims 3-5, 13,  are rejected under 35 U.S.C. 103 as being unpatentable over Chen U.S. Patent No. 9,397,980 (hereinafter ‘980) in view of Meriac et al. U.S. Patent Application Publication No. 2017/0222815 (hereinafter ‘815) in further view of Spanos et al. U.S. Patent Application Publication No. 2016/0027229 (hereinafter ‘229) in further view of London Shrader et al. U.S. Patent Application Publication No. 2002/0077887 (hereinafter ‘887) in further view of Acar et al. U.S. Patent Application Publication No. 2017015513 (hereinafter ‘513) in further view of UK Patent Application GB 2539430 (hereinafter ‘430).
	As to dependent claim 3, “The system of claim 2, wherein the processor is further configured to: receive the result of the at least one cryptographic operation as a cryptographic challenge response from the user device, wherein the result is derived from or includes the pseudorandom value” is taught in ‘815 paragraph 171-173;
	“obtain an identity token from an identity authority, wherein the identity authority possesses an identity authority signature key pair that comprises an identity authority public key and an identity authority private key, wherein the identity token comprises the user public key, a unique identifier of the identity token, and at least one identity attribute” is taught in ‘980 col. 12, lines 39-65 and col. 15, lines 26-40; 	
	“encrypt the identity token with the user public key, by the identity authority device, to obtain an encrypted identity token” is shown in ‘980 col. 5, lines 23-25, col. 5, lines 35-40, and col. 10, lines 47-50;
	“and register the identity authority public key with an internet certificate authority, by the identity authority device, wherein the identity token securely attests to at least one of an identity document, a verified legal identity, a government issued identity, or the at least one identity attribute” is disclosed in ‘980 col. 11, lines 64 through col. 12, line 20;
the following is not explicitly taught in ‘980, ‘513, ‘229, ‘887 and ‘815:
	“securely sign the identity token with the identity authority private key, by an identity authority device associated with the identity authority” however ‘430 teaches the server (i.e. identity authority digitally signs token with its private key in the Abstract, and paragraphs 18 and 25.
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘513, and ‘815 to include a means to sign tokens with a private key of an identity authority.  One of ordinary skill in the art would have been motivated to perform such a modification because when tokens are used as currency it is fundamental aspect of any currency system that parties of any transaction in which currency is exchanged must both believe in the authenticity of that currency see ‘430 (paragraphs 1-4). 
	As to dependent claim 4, “The system of claim 3, wherein the processor is further configured to: receive at least one of the verified legal identity, the government issued identity, or the at least one identity attribute that the identity token securely attests to from the user device, wherein the user device decrypts the encrypted identity token with the user private key to obtain the identity token; and verify with the internet certificate authority in response to the identity token being issued by the identity authority” is taught in ‘980 col. 11, line 64 through col. 12, line 20.
	As to dependent claim 5, “The system of claim 3, wherein the at least one identity attribute is selected from a photograph of the user, a video of the user, an information identifier in the identity document, an information identifier in the verified legal identity, and an information identifier in the government issued identity, wherein the identity document is selected from a student identity proof, an employment proof, or an insurance card, and the government issued identity is selected from a voter identity document or a passport” is shown in ‘980 col. 3, line 64 through col. 4, line 19.
	As to dependent claim 13, “The system of claim 2, wherein the processor is further configured to register the user public key on a public blockchain, or registering the user public key on a permissioned blockchain” is taught in ‘430 Abstract, Figure 5, [item 506], paragraphs 18, 20, and 25.

12.	Claims 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Chen U.S. Patent No. 9,397,980 (hereinafter ‘980) in view of Meriac et al. U.S. Patent Application Publication No. 2017/0222815 (hereinafter ‘815) in further view of Spanos et al. U.S. Patent Application Publication No. 2016/0027229 (hereinafter ‘229) in further view of London Shrader et al. U.S. Patent Application Publication No. 2002/0077887 (hereinafter ‘887) in further view of Acar et al. U.S. Patent Application Publication No. 2017015513 (hereinafter ‘513) in further view of Chandrasekhar et al. U.S. Patent Application Publication No. 2017/0357966 (hereinafter ‘966).
	As to dependent claim 10, “The system of claim 2, wherein an identity authority retains a copy of an identity token” is taught in ‘980 col. 5, lines 45-47;
the following is not explicitly taught in ‘980, ‘513, ’887, and ‘815: 
“and at least one identity attribute of the identity token is unpublished on a blockchain” however ‘966 teaches including a token identifier in a transaction message in a block chain in paragraphs 6-7.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘815, ‘887. and ‘513, to include a means to utilize the identity attributes of the token in a block chain.  One of ordinary skill in the art would have been motivated to perform such a modification because traditionally when a consumer conducts a payment transaction with a merchant it could take days, weeks, or even longer to reach settlement.  The use of a blockchain may enable transactions to be settled on an individual basis not limited by the payment network infrastructure see ‘966 paragraphs 1-3.
	As to dependent claim 11, “The system of claim 2, wherein the processor is further configured to: implement a blockchain smart contract that is written in a native programming language of the blockchain that verifies a digital signature that is generated on the user device with the cryptographic process of the user device using the user private key, wherein the first set of credentials enable the user to sign at least one transaction on the blockchain” is taught in ‘966 paragraphs 35, 52, and 60-61.

13.	Claims 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Chen U.S. Patent No. 9,397,980 (hereinafter ‘980) in view of Meriac et al. U.S. Patent Application Publication No. 2017/0222815 (hereinafter ‘815) in further view of Spanos et al. U.S. Patent Application Publication No. 2016/0027229 (hereinafter ‘229) in further view of London Shrader et al. U.S. Patent Application Publication No. 2002/0077887 (hereinafter ‘887) in further view of Acar et al. U.S. Patent Application Publication No. 2017015513 (hereinafter ‘513) in further view of Smith et al. U.S. Patent Application Publication No. 2018/0006826 (hereinafter ‘826).
As to dependent claim 14, the following is not explicitly taught in ‘980, ‘513, ‘887, and ‘815: “The system of claim 2, wherein the processor is further configured to: register a credential revocation list contract with a blockchain, wherein the credential revocation list contract enables the first set of credentials generated on the user device to be revoked by a second set of credentials generated on a second user device” however ‘826 teaches operations used to revoke a key on the blockchain in Figure 2paragraphs 38-40.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a credential management method taught in ‘980, ‘430, and ‘815 to include a means to register a revocation list contract on a blockchain.  One of ordinary skill in the art would have been motivated to perform such a modification because the current method for determining revocation status of a digital certificate is unwieldy and not positioned to scale for the Internet of Things (IoT) see ‘826 paragraphs 1-6.
	As to dependent claim 15, “The system of claim 14, wherein the credential revocation list contract comprises a revokee table that stores at least one public key of a revokee device and at least one public key of a corresponding authorized revoker device wherein if a registered authorized revoker device calls the credential revocation list contract to revoke credentials of the revokee device, a revocation transaction is digitally signed and recorded on the blockchain, and a revocation message is recorded against a public key address of the revokee device” is taught in ‘826 paragraphs 43-44.
	As to dependent claim 16, “The system of claim 2, wherein the processor is further configured to register an identity token revocation list contract with a blockchain, wherein an identity authority sends a message to a user public key address to which the identity token was issued, to revoke the identity token, wherein the message sent by the identity authority comprises a token id of the identity token” is shown in ‘826 paragraphs 47, 49, and 53.	

Conclusion
14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ellen Tran whose telephone number is (571) 272-3842.  The examiner can normally be reached from 7:30 am to 4:00 pm.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
		If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at (571) 272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ELLEN TRAN/Primary Examiner, Art Unit 2433                                                                                                                                                                                                        22 September 2022