Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible
for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has
been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37
CFR 1.114. Applicant's submission filed on 07/26/2022 has been entered.

	

Response to Amendment
This communication is in response to the RCE and amendment filed on 08/17/2022 and 07/26/2022, respectively. The Examiner acknowledges amended claims 1-2, 4-6, 8-18, and 20-23. Claims 3, 7 and 19 have been canceled. Claims 1-2, 4-6, 8-18, and 20-23 are pending and claims 1-2, 4-6, 8-18, and 20-23 are rejected.  Claims 1 and 17 is/are independent. 

Response to Arguments
Applicant's arguments filed 08/17/2022 have been fully considered.  Applicant argues (see Remarks, page 7, 2nd to bottom paragraph to page 8, bottom paragraph) that the references cited in the previous rejection fail to disclose the newly amended claim features.  This argument is persuasive. Therefore, the rejections are withdrawn. However, upon further consideration, a new ground of rejection is made in view of Von Mueller et al. U.S. Publication 20140344580 (hereinafter “Von Mueller”) in view of Fetkovich et al. U.S. Publication 20030131251 (hereinafter “Fetkovich”).
Fetkovich teaches that different keys are associated with different functions (para. 10, 12, 41, 49, 57). The combination of Von Mueller and Fetkovich discloses the amended limitations of claim 1.
Independent claim 17 recites limitations analogous to the limitations of claim 1 and are also rejected for similar reasons. Regarding applicant’s arguments with respect to the dependent claims 2, 4-6, 8-16, 18, and 20-23, applicant’s amendments to the independent claims have necessitated a new ground of rejection with respect to the independent claims from which the dependent claims depend, thereby requiring new grounds of rejection for the dependent claims also. 
Accordingly, Applicant's argument is persuasive, the rejection is withdrawn, and new ground(s) of rejection are presented herein.
Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-2, 4, 8-9, 11-13, 16-18, 20 and 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller et al. U.S. Publication 20140344580 (hereinafter “Von Mueller”) in view of Fetkovich et al. U.S. Publication 20030131251 (hereinafter “Fetkovich”).

As per claim 1, Von Mueller discloses 
a system comprising: 
a storage; and 
a hardware processor configured to: 
receive an encrypted data packet without receiving an explicit instruction to perform a definite task to the data packet; 
[
receive an encrypted data packet without receiving an explicit instruction to perform a definite task to the data packet =’ token data that has been encrypted…is received by a transaction processing entity. For example, it can be received by gateway 120’ Von Mueller [0241]; only the Von Mueller token data has been received and no instruction is received as to what to do to the Von Mueller token data
receive a data packet= received by gateway 120 Von Mueller [0241]
In Von Mueller token data stream is sent using data packet; Von Mueller [0210] 
]
(See Von Mueller 
[0635] Computing system 9001 can also include a main memory 908, …….
instructions to be executed by processor 904.  ….. can likewise includes a read only memory ("ROM") or other static storage device 
Von Mueller [0633] Various embodiments are described in terms of this example computing system 
900.  
Von Mueller [0138] Gateways can be implemented using hardware software or a combination thereof.  …….gateway functionality can also include 
hardware or software modules used to perform these encryption, decryption or 
other functions as well.
Von Mueller Para.  [0138] ’ gateway 120 is implemented as one or more processing devices configured to run software applications for the gateway functionality. ….. functions such as encryption, decryption, key storage…….being performed at or by a gateway.’
Von Mueller [0137] ‘…..FIG. 1, ……. "gateway" ….. such as a server or other processing system, in the transaction stream that can be included to perform functions such as, for example, routing, interfacing, format or protocol conversion, storage,’
Von Mueller [0210] ‘….. signature data may bypass data packaging control logic 170 and sent to terminal 114 or other downstream apparatus in a separate packet or other package from the token data stream’. 
Von Mueller [0241]
‘……token data that has been encrypted ;(for example, by an encryption module 132 in a data capture device 113) is received by a transaction processing entity. For example, it can be received by gateway 120, a designated entity in a transaction processing network 123 or other transaction processor. This is the entity that is designated as performing the decryption to recover the card data…...’
)
perform a plurality of potential decryption mechanisms on the data packet, wherein only a first potential decryption mechanism in the plurality of potential decryption mechanisms is capable of successfully decrypting the data packet, the first potential decryption mechanism corresponding to a first system function; and 
perform the first system function.
[
perform is interpreted as applying or using
plurality of potential decryption mechanisms= all the Von Mueller keys that fail to decipher correctly plus the one key that deciphers correctly Von Mueller Para. [0027]
perform a plurality of potential decryption mechanisms on the data packet,=
‘ the received information can be decrypted using a plurality of keys available to the transaction processor until a valid data set is deciphered’ (Von Mueller para. 27)
a first potential decryption mechanism= the Von Mueller key that successfully deciphers
 a first system function= ‘trace back to the source of the fraudulent data’(Von Mueller para. 27)
perform the first system function= ‘trace back to the source of the fraudulent data’(Von Mueller para. 27)
]
 (See Von Mueller Para. [0027] For example, consider a scenario where encrypted token data is received and the designated key fails to properly decrypt the token data. In such a scenario, the received information can be decrypted using a plurality of keys available to the transaction processor until a valid data set is deciphered. Once a valid data set is deciphered, the key can be used to trace back to the source of the fraudulent data. Likewise, tagging the information with time and location data can be used to perform checks such as checks for duplicate transactions and checks to verify that the location from which the data originated is a designated location for the given terminal.
)
However, Von Mueller does not expressly disclose 
wherein each of the plurality of potential decryption mechanisms is associated with a different system function.
Fetkovich discloses different keys are associated with different functions
Fetkovich [0010] It is another object of the present invention to provide a system and method which controls access to digital information in accordance with a plurality of decryption keys, wherein one key causes the digital information to be reproduced by a media player application with degraded quality and another key, subsequently received, causes the digital information to be reproduced without quality degradation. 
Fetkovich [0012] This access control is performed based on a plurality of types of decryption keys sent from the provider to the user, and a media player application which is able to recognize each type of decryption key sent from the provider.	Fetkovich [0041] The above table indicates that if a type A decryption key is sent with the media file, the media player application will progressively degrade the reproduction quality of the file after the file is played. If a type B decryption key is sent with the media file, the media player will not degrade the quality of reproduction until a time condition has been satisfied. 
Fetkovich [0049] If the key is available or once the key is acquired, steps are performed to determine what type of decryption key is associated with the file. (Block 310). If the media player application determines that the key is a type which permits the media file to be played without any reproduction quality degradation (e.g., type C above), the user may, for example, be prompted on a display of the host system to provide a new filename for the file. (Block 312). The file may then be decrypted and stored to the new filename, after which the file may be played and the application closed. Alternatively, the media player application may automatically play the file once it has been determined that the decryption key associated with the file is type C.
Fetkovich [0057] If the threshold conditions have not expired or been exceeded, the media player application determines the type and level of degradation to apply in the reproduction. (Block 406). This step is performed based on the type of decryption key detected and the control information stored in system memory corresponding to that type of decryption key. Decryption then takes place in accordance with the decryption key. (Block 407).


It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Von Mueller with the technique of associating different key types with different functions of Fetkovich to include 
wherein each of the plurality of potential decryption mechanisms is associated with a different system function.
One of ordinary skill in the art would have made this modification to improve the ability of the system to provide different functionality with each decryption key, so that the party providing the decryption key can control the function available using the decryption key. The system of the primary reference can be modified so that the various decryption keys are associated with different functions. A packet sent to the gateway can be encrypted so that the appropriate decryption key with the desired function is capable of decrypting the packet, thereby causing the performance of the function at the gateway.

As per claim 2, the rejection of claim 1 is incorporated herein. 
The combined teaching of Von Mueller and Fetkovich discloses wherein the processor is not operable to process operation codes
[processor is not operable to process operation codes= 'Gateways can be implemented using hardware’ Von Mueller [0138] gateway can be hardware configured
Based on identifying the key that resulted in the correct detection, the Von Mueller system performs an action (e.g., locate the source of the data) therefore the Von Mueller processor also does not process an operation code in the similar manner as described in the specification at paragraph 33 Von Mueller [0242]
]
 (See Von Mueller Para.  [0138] ’ gateway 120 is implemented as one or more processing devices ……’
Von Mueller [0242]
‘If the retrieved key does not result in a valid decryption, another key is retrieved and the process continues. This process is repeated until a valid decryption is detected at step 68. Once a valid decryption is detected, in a step 70 the key that resulted in the correct detection is identified in step 70 and that key is used to locate the source of the data   in step 72. For example, because the data was encrypted with the terminal ID, location of the correct key can be used to point back to the terminal that read the data and performed the encryption.’
Von Mueller [0138]
‘Gateways can be implemented using hardware software or a combination thereof. ‘
Von Mueller [0139]
‘ Such appliances can themselves be implemented using hardware software or a combination thereof, and can be coupled in communicative contact with the gateway.’
)

As per claim 4, the rejection of claim 1 is incorporated herein. 
	Von Mueller discloses  transmitting data in packets
[0210] sent to terminal 114 or other downstream apparatus in a separate packet or other package from the token data stream.

However, Von Mueller does not expressly disclose 
process the data packet in accordance with the first system function, the first system function being distinct from decryption of the encrypted data packet and the first system function being distinct from determining an originating source of the encrypted data packet.
Fetkovich discloses 
process the data packet in accordance with the first system function, the first system function being distinct from decryption of the encrypted data packet and the first system function being distinct from determining an originating source of the encrypted data packet.
[the first system function = reproduce with degraded quality or reproduce without quality degradation, etc. Fetkovich [0010]
]
Fetkovich [0010] It is another object of the present invention to provide a system and method which controls access to digital information in accordance with a plurality of decryption keys, wherein one key causes the digital information to be reproduced by a media player application with degraded quality and another key, subsequently received, causes the digital information to be reproduced without quality degradation. 
Fetkovich [0041] The above table indicates that if a type A decryption key is sent with the media file, the media player application will progressively degrade the reproduction quality of the file after the file is played. If a type B decryption key is sent with the media file, the media player will not degrade the quality of reproduction until a time condition has been satisfied. 
Fetkovich [0049] If the key is available or once the key is acquired, steps are performed to determine what type of decryption key is associated with the file. (Block 310). If the media player application determines that the key is a type which permits the media file to be played without any reproduction quality degradation (e.g., type C above), the user may, for example, be prompted on a display of the host system to provide a new filename for the file. (Block 312). The file may then be decrypted and stored to the new filename, after which the file may be played and the application closed. Alternatively, the media player application may automatically play the file once it has been determined that the decryption key associated with the file is type C.
Fetkovich [0057] If the threshold conditions have not expired or been exceeded, the media player application determines the type and level of degradation to apply in the reproduction. (Block 406). This step is performed based on the type of decryption key detected and the control information stored in system memory corresponding to that type of decryption key. Decryption then takes place in accordance with the decryption key. (Block 407).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Von Mueller with the technique for processing received digital information according to the received key of Fetkovich to include
process the data packet in accordance with the first system function, the first system function being distinct from decryption of the encrypted data packet and the first system function being distinct from determining an originating source of the encrypted data packet.
One of ordinary skill in the art would have made this modification to improve the ability of the system to specify various functions to be performed by the receiving party using the key (or token) being sent. The system of the primary reference can be modified to send various types of keys or tokens, and depending on the key or token sent, the receiving party (e.g., gateway) will perform a corresponding action that is more than simply decrypting the data packet or determining the source.

As per claim 8, the rejection of claim 4 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein each potential decryption mechanism of the plurality of potential decryption mechanisms corresponds to a respective decryption key.
[
potential decryption mechanism  = decryption key
each potential decryption mechanism of the plurality of potential decryption mechanisms corresponds to a respective decryption key = ‘If the retrieved key does not result in a valid decryption, another key is retrieved and the process continues.’ Von Mueller [0242]
]
(See Von Mueller 

Von Mueller [0025] ‘……, the signature information and the token data can be packaged in a format compatible with downstream equipment, ….., signatures can be encrypted using keys different from the token data to allow authentication to occur independently of clearing the token data. ……….’.’
Von Mueller [0138] ’ gateway 120 is implemented as one or more processing devices ……’
Von Mueller [0210] ‘….. signature data may bypass data packaging control logic 170 and sent to terminal 114 or other downstream apparatus in a separate packet or other package from the token data stream’. 
Von Mueller [0242]
‘If the retrieved key does not result in a valid decryption, another key is retrieved and the process continues. [.]This process is repeated until a valid decryption is detected at step 68. Once a valid decryption is detected, in a step 70 the key that resulted in the correct detection is identified in step 70 and that key is used to locate the source of the data …… in step 72. For example, because the data was encrypted with the terminal ID, location of the correct key can be used to point back to the terminal that read the data and performed the encryption.’
)


As per claim 9, the rejection of claim 8 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein the storage has stored thereon one or more key-creation algorithms, and the processor is further configured to generate the respective decryption keys using the key-creation algorithm.
[storage has stored thereon one or more key-creation algorithms = where the merchant ID is used to create the encryption key, a similar algorithm can be provided at the gateway Von Mueller Para. [0162]
]
(See Von Mueller Para. 
[0162]
‘….. bank identification number was encrypted with a key based on the merchant ID. Thus, the gateway can use information about the merchant included with the transaction data to perform the decryption of the bank identification number as appropriate. For example, the gateway may be provided with a database of encryption keys indexed by merchant ID numbers. As such, the gateway can use the appropriate merchant ID to retrieve the appropriate decryption key from the table to perform the bank identification number decryption. In another example, where the merchant ID is used to create the encryption key, a similar algorithm can be provided at the gateway to generate the correct decryption key based on the merchant ID to perform the BIN decryption.’
See Von Mueller Para.  [0138] ’ gateway 120 is implemented as one or more processing devices configured to run software applications for the gateway functionality. ….. functions such as encryption, decryption, key storage…….being performed at or by a gateway.’
Von Mueller [0137] ‘…..FIG. 1, ……. "gateway" ….. such as a server or other processing system, in the transaction stream that can be included to perform functions such as, for example, routing, interfacing, format or protocol conversion, storage,’
)

As per claim 11, the rejection of claim 4 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein the processor is further configured to update associations of the potential decryption mechanisms to particular system functions.
[ 
update associations of the potential decryption mechanisms to particular system functions = ‘new keys can be sent to the decryption service (for example, to a secure transaction module) in a transaction like message and can include the terminal identifier, new key’ Von Mueller [0373]; The Von Mueller keys are being updated, which would update associations between keys and decryption functions, that is, the old keys are updated to use with trailing transactions, and the new keys for the current transactions; claim 4 does not limit what the particular system functions can be
particular system functions can also be disclosed by return clear text information Von Mueller [0029]
]
 (See
Von Mueller [0373]’…..where keys are generated at the data capture device or terminal, the new keys can be sent to the decryption service (for example, to a secure transaction module) in a transaction like message and can include the terminal identifier, new key  and a new sequence starting number (sequence numbers need not be continuous). The decryption service may store historical keys for use with trailing transactions.’
Von Mueller [0277] a decryption service can be included to provide decryption for settlement transactions between merchants (or other transacting entities) and institutions or other transaction processors.
Von Mueller [0029] The secure transaction module can be configured to obtain the correct key, decrypt encrypted records and return clear text information for settlement processing. Clear text transactions can then be processed for appropriate settlement
)

As per claim 12, the rejection of claim 11 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein updating the associations comprises reassigning potential decryption mechanisms of the plurality of potential decryption mechanisms to different system functions.
[reassigning potential decryption mechanisms of the plurality of potential decryption mechanisms to different system functions can be disclosed by para. 373 in which old keys are reassigned to trailing transactions and new keys are for performing decryption of incoming transactions
different system functions can also be disclosed by ‘return clear text information’ Von Mueller [0029]
]
(See
Von Mueller [0373]’…..where keys are generated at the data capture device or terminal, the new keys can be sent to the decryption service (for example, to a secure transaction module) in a transaction like message and can include the terminal identifier, new key and a new sequence starting number (sequence numbers need not be continuous). The decryption service may store historical keys for use with trailing transactions.’
Von Mueller [0372] for an update to keys, the updated set of keys can be transmitted to the transaction processing servers or secure transaction modules such that they have the correct keys to decrypt data that was encrypted by the data capture device.
Von Mueller [0029] The secure transaction module can be configured to obtain the correct key, decrypt encrypted records and return clear text information for settlement processing. Clear text transactions can then be processed for appropriate settlement
)


As per claim 13, the rejection of claim 11 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein each potential decryption mechanism of the plurality of potential decryption mechanisms corresponds to a respective decryption key, and the processor is configured to generate new decryption keys to replace the respective decryption keys.
[generate new decryption keys to replace the respective decryption keys.= ‘where keys are generated at the data capture device or terminal, the new keys can be sent to the decryption service’ Von Mueller Para. [0373]
each potential decryption mechanism can be disclosed by a key
]
(See Von Mueller Para. 
 [0373]’…..where keys are generated at the data capture device or terminal, the new keys can be sent to the decryption service (for example, to a secure transaction module) in a transaction like message and can include the terminal identifier, new key and a new sequence starting number (sequence numbers need not be continuous). The decryption service may store historical keys for use with trailing transactions.’
)

As per claim 16, the rejection of claim 11 is incorporated herein. 
Von Mueller in view of Fetkovich discloses wherein the processor is configured to update associations of potential decryption mechanisms in response to use of a particular potential decryption mechanism of the plurality of potential decryption mechanisms.
[
use of a particular potential decryption mechanism = where keys are generated at the data capture device or terminal, the new keys can be sent Von Mueller Para. [0373]
update associations of potential decryption mechanisms = store historical keys for use with trailing transactions Von Mueller Para. [0373]
]
(See Von Mueller Para. 
 [0373]’…..where keys are generated at the data capture device or terminal, the new keys can be sent to the decryption service (for example, to a secure transaction module) in a transaction like message and can include the terminal identifier, new key and a new sequence starting number (sequence numbers need not be continuous). The decryption service may store historical keys for use with trailing transactions.’
) 


As per claim 17, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 1, and is/are rejected for the reasons detailed with respect to claim 1.  

As per claim 18, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 2, and is/are rejected for the reasons detailed with respect to claim 2.  

As per claim 20, the claim(s) is/are directed to a method with limitations which correspond to limitations of claim 4, and is/are rejected for the reasons detailed with respect to claim 4.  

As per claim 23, the rejection of claim 1 is incorporated herein. 
The combined teaching of Von Mueller and Fetkovich discloses wherein the first system function is performed after the encrypted data packet is decrypted.
(See Von Mueller Para. [0027] For example, consider a scenario where encrypted token data is received and the designated key fails to properly decrypt the token data. In such a scenario, the received information can be decrypted using a plurality of keys available to the transaction processor until a valid data set is deciphered. Once a valid data set is deciphered, the key can be used to trace back to the source of the fraudulent data. Likewise, tagging the information with time and location data can be used to perform checks such as checks for duplicate transactions and checks to verify that the location from which the data originated is a designated location for the given terminal.
)

Claims 5-6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich, further in view of Forlenza et al. U.S. Publication 20050235163 (hereinafter “Forlenza”).
As per claim 5, the rejection of claim 4 is incorporated herein. 
Von Mueller discloses utilizing metadata included with the data packet.
[metadata included with the data packet = CRC of all preceding digits Von Mueller [0432]
metadata included with the data packet = the data is tagged with the epoch information Von Mueller 0246]
]
(See 
Von Mueller 0246]
‘FIG. 14 ….. using time stamp information to detect potentially fraudulent activities ……timing information is obtained, for example, from a clock or other data source. In a step 468, the data is tagged with the epoch information and sent for the transaction to be processed. In one embodiment, the time stamp data can also be encrypted.’
Von Mueller [0384]
Von Mueller [0432] ‘…. CRC of all preceding digits [0441] ……’
Von Mueller [0476] ‘The CRC is checked for valid command request, and if there is an error, the error is flagged and the routine exits. The expiration date is checked for a command type and the requested command is processed.’
)
However, the combination of Von Mueller and Fetkovich does not expressly disclose wherein the processor is further configured to identify the first potential decryption mechanism utilizing metadata included with the data packet.
Forlenza discloses identify the first potential decryption mechanism utilizing metadata included with the data packet.
[identify the first potential decryption mechanism utilizing metadata included with the data packet =  ‘If the string appears in the decrypted copy, then the key was correct and the decryption was successful’ Forlenza Para. [0044]
the Forlenza sectioning information of the document may be considered metadata; the encrypted data may also be considered metadata; the Forlenza known character string may be considered metadata; the Forlenza random character string may be considered metadata; these metadata are each used to help determine the correct key for decryption Forlenza Para. [0044] 
]
(See Forlenza Para. [0044] ……..decryption of the document using the known character string to verify the success of the decryption.  In step 910, one of the encrypted sections 
of the document is selected for decryption.  For purposes of this description, 
section A is the section for which decryption is desired.  Step 911 will select 
a key from the list of supplied keys to use in an attempt to decrypt this 
section A. Step 912 determines whether the decryption process was successful.  
Attempting to read the known character string does this determination.  If the 
string appears in the decrypted copy, then the key was correct and the 
decryption was successful.  If the string does not appear in the decrypted 
copy, then the decryption was not successful.  At this point, step 913 
determines whether the user has additional keys to use in an attempt to decrypt 
that section A of the document.  If the user has additional keys, the process 
returns to step 911 and repeats steps 911 and 912.  If in step 913, the user 
does not have additional keys and the decryption attempt was not successful, 
then that section of the document will not be decrypted for that user in step 
914.  Referring to step 912, if the decryption was successful, the process 
moves to step 915 where both the known character string and the random 
character string (if one was added) are removed from the text and the text is 
displayed for the user in step 916.  
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller and Fetkovich with the technique for determining the correct key for decryption using sectioning information, embedded character strings, ciphertext of Forlenza to include wherein the processor is further configured to identify the first potential decryption mechanism utilizing metadata included with the data packet.
One of ordinary skill in the art would have made this modification to improve the ability of the system to determine which key is appropriate for decrypting the data. The system of the primary reference can be modified to use the sectioning information, character strings, embedded character strings, ciphertext as taught in Forlenza to determine the correct key for decrypting. Furthermore, the Von Mueller CRC code is also metadata that may be received to determine data that should be discarded, thereby avoiding invalid data when determining the correct decryption key to use as taught in Von Mueller.  

As per claim 6, the rejection of claim 5 is incorporated herein. 
Von Mueller in view of Fetkovich, further in view of Forlenza discloses wherein the metadata comprises at least one from among error detecting code and error-correcting code. 
[metadata comprises at least one from among error detecting code and error-correcting code = ‘CRC of all preceding digits’ Von Mueller [0432]
Forlenza CRC is included in the transaction data as metadata in Von Mueller [0476]
The Von Mueller transaction data that includes commands may include CRC as metadata, so that the commands are checked for transmission errors at the receiving end, see Von Mueller para. [0384, 476]
] 
(See Von Mueller Para. 
 [0384]
‘FIG. 34 ….. receiving this command information at the transaction processing server. Referring now to FIG. 34, in a step 712, the transaction is received by the transaction processor. … may be a gateway 120 or other transaction processing entity.’
Von Mueller [0385]
‘ reception of the transaction, decrypting information as appropriate, and determining whether the transaction is a command transaction can take place as discussed with reference to steps 712 through 718.’
Von Mueller [0386]
‘In a step 724 command information included in the transaction is extracted. ….. where the command information is sent from the data capture device to the processing server, this step 724 extracts that command information from the transaction.’
Von Mueller [0407]
‘……give the merchant, gateway, or processor the flexibility to handle a plurality of different transaction types.. ‘
Von Mueller [0432] ‘…. CRC of all preceding digits [0441] ……’
Von Mueller [0476] ‘The CRC is checked for valid command request, and if there is an error, the error is flagged and the routine exits. The expiration date is checked for a command type and the requested command is processed.’
)


Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich in view of Bent et al. U.S. Patent No. 9374370 (hereinafter “Bent”).
As per claim 10, the rejection of claim 9 is incorporated herein. 
	However, the combination of Von Mueller and Fetkovich does not expressly disclose wherein the processor is further configured to generate the respective decryption keys based on a user-inputted code.
Bent discloses wherein the processor is further configured to generate the respective decryption keys based on a user-inputted code.
(See Bent Figure 11b, operation s1110, 3:28-31 ‘generating, by the secure enclave processor core, an invariant asymmetric private key using the 128-bit invariant code and the user password;’).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller and Fetkovich with the technique for generating private key based on the user password of Bent to include wherein the processor is further configured to generate the respective decryption keys based on a user-inputted code.
One of ordinary skill in the art would have made this modification to improve the ability of the system to generate a secure customized key. The user may provide the password which may help to make the generation process more secure. The gateway and/or terminal of the primary reference may be modified to receive the user password to generate a key.



Claim 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich in view of Suzuki et al. U.S. Publication 20050265546 (hereinafter “Suzuki”).
As per claim 14, the rejection of claim 11 is incorporated herein. 
	However, the combination of Von Mueller and Fetkovich does not expressly disclose wherein the processor is configured to update associations of potential decryption mechanisms to particular system functions based on a number of uses of a current set of potential decryption mechanisms.
Suzuki discloses wherein the processor is configured to update associations of potential decryption mechanisms to particular system functions based on a number of uses of a current set of potential decryption mechanisms.
(See Suzuki Para. [0311] ‘In such a configuration, recording of information on the optical disk 340 is conducted as follows. In other words, prescribed information is input for recording on the optical disk 340 rotated at a prescribed rotation number by a motor driven by the motor control circuit 364 under control of the CPU 390 and the information is then supplied to the encryption section 394, wherein the information is encrypted with a random number sequence based on a multiple-affine key system rewritten each time when the key is used a predetermined number of times. Further, the encrypted information is transmitted to the data generation circuit 374 and the information is replaced with laser light information for recording. Recording is performed using the optical header 365 on a specific recording area of the optical disk.’
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller and Fetkovich with the technique for rewriting the keys of Suzuki to include wherein the processor is configured to update associations of potential decryption mechanisms to particular system functions based on a number of uses of a current set of potential decryption mechanisms.
One of ordinary skill in the art would have made this modification to improve the ability of the system to maintain an up-to-date set of keys based on the uses of the keys. The terminal and/or server of the primary reference can be modified to change keys after a predetermined number of uses according to the technique of the Suzuki reference. 


Claim 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich in view of Ji et al. U.S. Publication 20050152305 (hereinafter “Ji”)
As per claim 15, the rejection of claim 11 is incorporated herein. 
However, the combination of Von Mueller and Fetkovich does not expressly disclose wherein the processor is configured to update associations of potential decryption mechanisms to particular functions on a periodic basis.
Ji discloses wherein the processor is configured to update associations of potential decryption mechanisms to particular functions on a periodic basis.
(See Ji Para. [0117] ‘When a current SNOWNET backbone node 302 leaves the backbone network 306, the MA 305 renews the group key. In addition, since not all node 302 departures are immediately known to the MA 305, the MA 305 will generate this new key on a periodic basis..’
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller and Fetkovich with the technique for generating key on periodic basis of Ji to include wherein the processor is configured to update associations of potential decryption mechanisms to particular functions on a periodic basis.
One of ordinary skill in the art would have made this modification to improve the ability of the system to periodically renew the key so that the keys do not become old and become vulnerable to malicious 3rd parties. The terminal and/or the server of the primary reference can be modified to periodically generate new key according to the technique taught in the Ji reference.

Claim 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich in view of Munguia et al. U.S. Publication 20080019517 (hereinafter “Munguia”).
As per claim 21, the rejection of claim 4 is incorporated herein. 
	However, the combination of Von Mueller and Fetkovich does not expressly disclose wherein the processor is further configured to attempt to decrypt the data packet utilizing the plurality of potential decryption mechanisms substantially simultaneously.
Munguia discloses wherein the processor is further configured to attempt to decrypt the data packet utilizing the plurality of potential decryption mechanisms substantially simultaneously. 
[plurality of potential decryption mechanisms = multiple processors Munguia Para. [0018]
]
(See Munguia Para. [0018] ‘Processor(s) 140 may be arranged to control the input and output of media information to/from memory 130 and/or security module 150 and/or key store 160. Processor(s) 140 may also be arranged to decrypt encrypted media information, before or after residing in memory 130, using a decryption key (or control word) from key store 160. Processor(s) 140 may include a general-purpose or special-purpose processor, as well as any ancillary circuitry needed to perform its various functions, such as decrypting information with control words. In some implementations, processor(s) 140 may include multiple processors configured to read control words from key store 160 in parallel and/or decrypt media information in parallel’
[0033] ‘ processor(s) 140 to decrypt and/or switch the context of more than one stream at the same time. Hence, key store 160 may have a number of output lines or ports through which control keys or control words may be read, simultaneously if needed.’
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller and Fetkovich with the technique for performing decryption in parallel of Munguia to include wherein the processor is further configured to attempt to decrypt the data packet utilizing the plurality of potential decryption mechanisms substantially simultaneously.
One of ordinary skill in the art would have made this modification to improve the ability of the system to efficiently perform the process of decrypting the data packet. The system of the primary reference can be modified to decrypt the data packet in parallel as taught in the Munguia reference.



Claim 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Von Mueller in view of Fetkovich, further in view of Roth et al. U.S. Patent No. 10148430 (hereinafter “Roth”), further in view of MacMillan et al. U.S. Publication 20130163753 (hereinafter “MacMillan”).
As per claim 22, the rejection of claim 4 is incorporated herein. 
Von Mueller discloses wherein the encrypted data packet is received from a remote system, and the processor is further configured to: 
[encrypted data packet is received from a remote system = token data that has been encrypted (for example, by an encryption module 132 in a data capture device 113) is received by a transaction processing entity. Von Mueller Para. [0241]
]
(See Von Mueller [0635] ‘Computing system 900 can also include a main memory 908, …….instructions to be executed by processor 904.‘
Von Mueller Para. [0241]
 ‘Referring now to FIG. 13, in a step 60 token data that has been encrypted (for example, by an encryption module 132 in a data capture device 113) is received by a transaction processing entity. For example, it can be received by gateway 120, a designated entity in a transaction processing network 123 or other transaction processor. This is the entity that is designated as performing the decryption to recover the card data. Remember, in this example scenario, fraudulent activity is suspected. Suspicion may arise based on, for example, the failure of the designated key to properly decrypt the data. Thus, to locate the source of the suspected fraudulent data, an encryption key is retrieved from the database in a step 64, the data decrypted in a step 66’,

	However, the combination of Von Mueller, Fetkovich does not expressly disclose 
replace the plurality of potential decryption mechanisms with a plurality of new potential decryption mechanisms, the replaced potential decryption mechanisms being historic encryption mechanisms, 
in response to determining that encrypted data packet may not be decrypted with the plurality of new potential decryption mechanisms, 
attempt to decrypt the encrypted data packet using the historic decryption mechanisms; 
decrypt the encrypted data packet using a first historic decryption mechanism of the historic decryption mechanisms; and 
encrypt a response message to the remote system using a stepped encryption mechanism, the stepped encryption mechanism being stepped from the first historic decryption mechanism.
Roth discloses 
encrypt a response message to the remote system using a stepped encryption mechanism, the stepped encryption mechanism being stepped from the first historic decryption mechanism.
[the stepped encryption mechanism being stepped from the first historic decryption mechanism = ‘function ReKey can take a first key K.sub.1, such as an old key previously used to encrypt data, and can produce both a second key, K.sub.2, and an upgrade key K.sub.12.’ Roth 6:15-27
encrypt a response message to the remote system using a stepped encryption mechanism = ciphertext can be encrypted with the upgrade (or "intermediate") key K.sub.12 Roth 6:15-27
encrypt a response message to the remote system = encrypt messages passing between two of the hosts Roth 4:50-53
]
(See
Roth 4:50-53, ‘a 128 bit encryption key, which can include a string of random characters, for example, can be used to encrypt messages passing between two of the hosts.   Each of the hosts can store a copy of the encryption key for use in encrypting and/or’
Roth 5:38-44 ‘enable the rotation and/or updating of secrets, such as encryption keys,
Roth 6:15-27 ‘A revocable stream cipher builds on this stream cipher by introducing another function, referred to herein as ReKey. The function ReKey can take a first key K.sub.1, such as an old key previously used to encrypt data, and can produce both a second key, K.sub.2, and an upgrade key K.sub.12 Given a ciphertext for a message encrypted with first key K.sub.1, the ciphertext can be encrypted with the upgrade (or "intermediate") key K.sub.12, such as by using an XOR cipher discussed above, which can result in the message being encrypted under the second key. . ‘
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller, and Fetkovich with the technique for generating an upgrade key and a second key and using an upgrade key to encrypt a message of Roth to include 
encrypt a response message to the remote system using a stepped encryption mechanism, the stepped encryption mechanism being stepped from the first historic decryption mechanism.
One of ordinary skill in the art would have made this modification to improve the ability of the system to encrypt a response message during communications and upgrading the keys. The system of the primary reference (e.g., gateway and/or terminal) can be modified to encrypt a message in response using an upgraded key.

	However, the combination of Von Mueller, Fetkovich, and Roth does not expressly disclose 
replace the plurality of potential decryption mechanisms with a plurality of new potential decryption mechanisms, the replaced potential decryption mechanisms being historic encryption mechanisms, 
[Roth describes replacing the key with an upgraded key at  Roth 6:15-27 but the replacement upgraded key is not used to attempt decryption as required in the combination of limitations of claim 22]
in response to determining that encrypted data packet may not be decrypted with the new potential decryption mechanisms, 
attempt to decrypt the encrypted data packet using the historic decryption mechanisms; 
decrypt the encrypted data packet using a first historic decryption mechanism of the one or more of the historic decryption mechanisms; and 
MacMillan discloses 
replace the plurality of potential decryption mechanisms with a plurality of new potential decryption mechanisms, the replaced potential decryption mechanisms being historic encryption mechanisms, 
in response to determining that encrypted data packet may not be decrypted with the plurality of new potential decryption mechanisms, 
attempt to decrypt the encrypted data packet using the historic decryption mechanisms; 
decrypt the encrypted data packet using a first historic decryption mechanism of the  historic decryption mechanisms; and 
[attempt to decrypt the encrypted data packet using the historic decryption mechanisms = decryption and validation process may be repeated MacMillan Para. [0073
decrypt the encrypted data packet using a first historic decryption mechanism of the historic decryption mechanisms = until either the data is decrypted by the correct cryptographic key
historic decryption mechanisms = available cryptographic keys are exhausted MacMillan Para. [0073
replace the plurality of potential decryption mechanisms with a plurality of new potential decryption mechanisms, the replaced potential decryption mechanisms being historic encryption mechanisms = ‘cryptographic key rotation that enables cryptographic keys’; this indicates plural keys are rotated MacMillan [0030]
]
(See 
MacMillan Para. [0073] In at least one of the various embodiments, if a rotated 
cryptographic key may be available, the cryptographic application may attempt 
to decrypt the received data with the rotated cryptographic key, again 
comparing the checksum included with the received decrypted data with the 
locally generated checksum.  In at least one of the various embodiments, if the 
checksum that was included in the received data again does not match the 
locally generated checksum, the cryptographic application may attempt to locate 
a previously rotated cryptographic key.  In at least one of the various 
embodiments, if an eligible rotated cryptographic key may be located and 
retrieved, the decryption and validation process may be repeated until either 
the data is decrypted by the correct cryptographic key [decrypt the encrypted data packet using a first historic decryption mechanism of the historic decryption mechanisms ]or all for at least a portion) of the available cryptographic keys are exhausted.[ historic decryption mechanisms]
MacMillan [0030] Briefly stated, various embodiments are directed towards secure 
cryptographic key rotation that enables cryptographic keys to be rotated 
).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Von Mueller, Fetkovich, and Roth with the technique for replacing keys and attempting to use older keys to decrypt when a newer key does not decrypt of MacMillan to include 
replace the plurality of potential decryption mechanisms with a plurality of new potential decryption mechanisms, the replaced potential decryption mechanisms being historic encryption mechanisms, 
in response to determining that encrypted data packet may not be decrypted with the plurality of new potential decryption mechanisms, 
attempt to decrypt the encrypted data packet using the historic decryption mechanisms; 
decrypt the encrypted data packet using a first historic decryption mechanism of the  historic decryption mechanisms; and 
One of ordinary skill in the art would have made this modification to improve the ability of the system to rotate keys for encryption, and to attempt use of the older keys when a newer key does not work to decrypt. The system (e.g. terminal and/or server) of the primary reference can be modified to rotate keys and attempt decryption according to the teaching of the MacMillan reference. As keys are rotated in, if a key is compromised, other keys are rotated in and this reduces the damage caused by compromised keys. When the key cannot work for decryption, the system may attempt to decrypt using older keys,

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                        
/THEODORE C PARSONS/Primary Examiner, Art Unit 2494                                                                                                                                                                                                        


    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 bold font added for emphasis