DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
CONTINUATION
This application is a continuation application of U.S. application no. 14/002,104 filed on September 9, 2013, now abandoned (“Parent Application”).  See MPEP §201.07.  In accordance with MPEP §609.02 A. 2 and MPEP §2001.06(b) (last paragraph), the Examiner has reviewed and considered the prior art cited in the Parent Application.  Also in accordance with MPEP §2001.06(b) (last paragraph), all documents cited or considered ‘of record’ in the Parent Application are now considered cited or ‘of record’ in this application.  Additionally, Applicant(s) are reminded that a listing of the information cited or ‘of record’ in the Parent Application need not be resubmitted in this application unless Applicants desire the information to be printed on a patent issuing from this application.  See MPEP §609.02 A. 2.  Finally, Applicants are reminded that the prosecution history of the Parent Application is relevant in this application.  See e.g., Microsoft Corp. v. Multi-Tech Sys., Inc., 357 F.3d 1340, 1350, 69 USPQ2d 1815, 1823 (Fed. Cir. 2004) (holding that statements made in prosecution of one patent are relevant to the scope of all sibling patents).
Information Disclosure Statement
The information disclosure statement (IDS) was submitted on May 13, 2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Interpretation
Claim 18 recites “…electronically countersigning the online account token at the electronic device; and transmitting the countersigned online account token from the electronic device…”  The term can be found at the written disclosure at paragraphs 0005, 0006, 0007, 0008, 0021 and 0057.  No explicit definition of the term is present within the written disclosure, nor is there any showing in the drawings of a countersign operation.  External definitions for the term “countersign” are presented here for the basis of establishing the plain meaning of the term countersign:

Definition of countersign
1: a signature attesting the authenticity of a document already signed by another
2: a sign given in reply to another
specifically : a military secret signal that must be given by one wishing to pass a guard
“Countersign.” Merriam-Webster.com Dictionary, Merriam-Webster, https://www.merriam-webster.com/dictionary/countersign. Accessed 28 Oct. 2022.

countersign
[ noun, verb koun-ter-sahyn; verb also koun-ter-sahyn ]SHOW IPA


See synonyms for countersign on Thesaurus.com
🎓 College Level
noun
a sign used in reply to another sign.
Military. a secret sign that must be given by authorized persons seeking admission through a guarded area.
a signature added to another signature, especially for authentication.
verb (used with object)
to sign (a document that has been signed by someone else), especially in confirmation or authentication.
DICTIONARY.COM UNABRIDGED BASED ON THE RANDOM HOUSE UNABRIDGED DICTIONARY, © RANDOM HOUSE, INC. 2022
countersign
 verb
/ˈkaʊntərˌsaɪn/
 
countersign something (technology)Verb Forms
 
to sign a document that has already been signed by another person, especially in order to show that it is valid
All orders must be countersigned by one of the directors.
© 2022 Oxford University Press
countersign
verb [ I or T ]
US 
 /ˈkaʊn.t̬ɚ.saɪn/ UK 
 /ˈkaʊn.tə.saɪn/
 
to write your name on a document that already has the signature (= name written) of another person, especially in order to show that you are certain that the first person is who they say they are:
I'm not prepared to countersign this report as it stands.
The application must be countersigned by a doctor or a suitably qualified nurse.
 More examples
The company introduced the travelers check, which had no value until it was countersigned.
The midwife produced a form of refusal of consent to blood transfusions which Miss T. signed and the midwife countersigned.
Internal auditors will have to countersign a copy of form BSD( 2).
With this account, a seventeen-year-old does not require an adult to countersign on any of their transactions.
(Definition of countersign from the Cambridge Advanced Learner's Dictionary & Thesaurus © Cambridge University Press)
From Patents and Patent Publications:
Liu et al, U.S. Patent Publication 2018/0082065, now U.S. patent 10,303,884, hereinafter referred to as Liu and assigned to Apple Inc., the assignee of the instant application:
[0018] The subject system allows a primary entity, such as a manufacturer of a multi-chip electronic device and/or a manufacturer associated with the software of a primary chip of a multi-chip device, to countersign, in addition to a secondary entity, such as the manufacturer of a secondary chip of a multi-chip device, updates to the software of the secondary chip. The secondary entity may provide a software update for the secondary chip to the primary entity, along with an authentication code for the update generated using a symmetric key corresponding to the secondary entity. The primary entity may inspect, test, or otherwise review the update for the secondary chip, e.g., to ensure that the update does not compromise the security of the device and/or impair interactions with or compromise the security of the primary chip. Upon approving the update, the primary entity may generate a manifest data item that includes, e.g., the authentication code for the update, and the primary entity may sign the manifest data item using a private key corresponding to the primary entity. The primary entity may provide the update with the signed data item responsive to a request for a software update from a multi-chip electronic device.
[0019] In a secondary chip, such as a secure element, implementing the subject system, a process to update the software of the secondary chip may fail when the software update is not transmitted with a manifest data item that can be verified as being signed by the primary entity and/or when the software update cannot be verified against an authentication code included in the manifest data item. Thus, the secondary chip may be preconfigured with a public key associated with the primary entity as well as the symmetric key associated with the secondary entity, such that the secondary chip can both verify the signed manifest data item and verify the software update against the authentication code included in the manifest data item. In this manner, the primary entity is able to control the software updates to the secondary chip, while still allowing the updates to be signed by the secondary entity.
[0039] In one or more implementations, one or more of the authentication codes 312, 314, 315, and 316 may be generated by respective secondary entity servers (that are providing the corresponding software updates) using their respective symmetric keys. For example, the secondary entity server 120 may provide an operating system update to the primary entity server 110 along with the operating system authentication code 312. The operating system authentication code may be generated by the secondary entity server 120 by applying, for example, a block cipher-based message authentication code algorithm to the bits of the operating system update and/or a hash of all or part of the operating system update using a secret key, or symmetric key. In one or more implementations, the secondary entity server 120 may utilize a Cipher-based Message Authentication Code (CMAC) algorithm to generate the authentication code from the operating system update or a hash thereof using a secret or symmetric key. In one or more implementations, the cipher used by the secondary entity server 120 may be an Advanced Encryption Standard (AES), such as an AES-128 cipher.
[0043] Thus, a secure element 210 receiving the manifest data item 300 depicted in FIG. 3, first verifies the digital signature 334 of the primary entity leaf public key 332 using the primary entity root public key 222, then verifies the digital signature 320 of the manifest body 310 using the primary entity leaf public key 332, and then can individually verify the one or more authentication codes 312, 314, 315, and 316 using the corresponding symmetric keys, such as the secondary entity symmetric key 224.
Billingsley (U.S. Patent 7,567,909):
(5:53-6:6) It will be appreciated that the security for each digital signature is dependent on the length of the signature information. With the invention, the liability at the time of signing lies with the signing party, and the onus is on the signing party to provide an appropriately secure signature to avoid increased liability. In other words, when an issuer (e.g. issuing bank) signs a blank value note to create an issued value note, the onus is on the bank to provide a signature which is sufficiently long to be undecodable for practical purposes. If the bank's signature is insufficiently long such that other parties can forge value notes, then the increased liability lies with the bank who will have to honor any value notes bearing a matching signature. Similarly, when a bearer signs a value note (for redemption), the onus is on the bearer to provide a sufficiently long signature information (for example the public key), to make the signature secure. If the signature is insufficiently long, other parties may be able to forge the bearer's signature. The increased liability therefore lies with the bearer, not the issuing bank, because the bank has only to honor the first presentation of a value note with a matching bearer signature.
(21:46-55) FIG. 18 illustrates the additional test steps carried out by the bank computer 10 when an option note is returned by a seller for redemption. These are additional to the date and authenticity tests shown in FIG. 8.  In step 120, the bank computer 10 first tests whether the option note conditions include a requirement for the buyer to countersign the option note. If not, the routine branches to step 124. If the buyer's countersignature is required, the routine proceeds to step 122 which tests whether the buyer's counter signature 114 has been included, and is valid.
Messing (U.S. Patent 7,039,805):
(5:48- 6:6) FIG. 5 depicts the mechanism for actually invoking the signature device, as viewed by the user. A simple button (no. 26) is clicked by the user, coupled with a clear warning (no. 27) of the consequences of clicking the signature button. Once the button is clicked, the electronic signature feature is enabled. This feature assures relying parties of the intent of the signer. Other means of user interaction with a machine besides the clicking of a button will be evident to one skilled in the art, and may include by way of examples a voice activated command, the pressing of a button on a keyboard, the use of a stylus or a finger on a screen, manipulation of an image or icon, or a button on the remote control device for a television.  If the email receipt containing the proof of signature is received by the signer, that individual optionally may be required to countersign the receipt digitally (preferably using asymmetric encryption) and then to return the resigned message back to the server computer for storage and as further proof of receipt and authentication. This receipt at the server computer proves that the user actually received the electronically signed message, and the digital signature can be stored at the server as a further guarantee of message authenticity. As one skilled in the art will realize, the example of email transmission is one of many possible ways of transmitting the signed proof of signature from the server to its destination.
Fukushima (U.S. Patent Publication 2006/0101026) 
(Abstract) In a network where host reachability is accomplished by relating a static identifier to a dynamic address, the live/death of a communication node and reachability are confirmed by using a sign and countersign.
[0115] Communication is performed at S206 using the previously agreed method from S-1 (2000) to the IP address of T (4100) obtained from the result of address verification (S202 and S204). (This communication is called a "sign.")
[0116] S208 determines whether or not there is a reply from S206. (The reply is called the "reply that should be made," and carrying the reply is called "countersign.") If present, the reply is passed to S210; if the reply is not present, processing passes to S216 which displays that T (4100) has been lost sight of.
It is clear from both the dictionary definitions and the cited patents that a countersign may be viewed as a second signature placed on a document that has been previously signed by another party which may or may not be cryptographic in nature or alternatively viewed as a response that is given as a reply to a communication.  The written disclosure of the instant application does not teach any form of signature being applied to the online account token either in written form or in electronic/cryptographic form.  Therefore Examiner deems that the term “countersign” cannot be viewed as placing a second signature over something that has been previously signed given that the written description does not provide any recitation that the online account token contains a signature provided by the website from which the token is being received.  Therefore for prior art purposes the broader definition regarding the countersign being a response provided as a reply to a first communication will be the interpretation used during examination.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 18-33 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 18 recites “…electronically countersigning the online account token at the electronic device; and transmitting the countersigned online account token”.  Claims 23, 24 and 28 contain similar recitations.  As noted in the claim interpretation section the term countersign can mean either applying a second signature to an object already containing a signature or alternatively replying to a first communication containing a “sign” with a response containing another sign.  Neither the claim nor the written disclosure recites any first signature in conjunction with the online account token such that another a signature against the online account token would be viewed as a second signature or countersign such that the “countersigned online account token” could be viewed as consistent with such a definition of the term countersign.  However the language “countersigned online account token” implies that some form of operation has been made to the online account token in order to transform it into a “countersigned online account token” in the transmitted response.  However the written disclosure does not describe any operation in its use of the term “countersigned” that would indicate the nature of this transformation.  It is known in the art that applying a second digital signature by a second party to an object that has been signed by a first part with a first digital signature can be a form of countersign.  However as such an operation is not being claimed nor is such an operation described in the written disclosure it is unclear what constitutes the operation of countersigning that is consistent with the claim and the written disclosure “An essential purpose of patent examination is to fashion claims that are precise, clear, correct, and unambiguous. Only in this way can uncertainties of claim scope be removed…”, In re Zletz,13 USPQ2d 1320 (Fed. Cir. 1989)” (MPEP § 2111.01 (III),(V)).  For purposes of claim interpretation the “countersign” operation will be viewed as the provision of a response to the receiving of the online account token with no particular transformation of the online account token.
Claim 19 recites “…wherein, the online account token is electronically countersigned with the user identifier data; and the countersigned online account token includes the user identifier data”.  Claims 25 and 33 contain similar recitations.  Similar to claim 18 the use of the word countersign is unclear as the claim does not use the word in a manner consistent with accepted definitions.  No initial signature is placed on the online account token such that a signature operation upon the online account token can be viewed as a countersign and the language “countersigned with the user identifier” appears to suggest that more is envisioned than simply responding to the receiving of the online account token with a reply however neither the claim nor the written disclosure describes any operation upon the online account token that could be viewed as fitting within the plain meaning of the term countersign regardless of which definition is being used (MPEP § 2111.01 (III),(V)); moreover it is unclear how the user identifier is to be applied to the online account token in order to make it a countersigned online account token.  For purposes of claim interpretation the “countersign” operation will be viewed as the provision of a response to the receiving of the online account token with no particular transformation of the online account token.
Claims 19-27 are also rejected as being dependent upon claim 18.
Claims 29-33 are also rejected as being dependent upon claim 28.
Allowable Subject Matter
Claims 34-37 are allowed.
The following is an examiner’s statement of reasons for allowance:
Buer (U.S. Patent Publication 2007/01118891) is the closest prior art and discloses a universal authentication token configured to securely acquire security credentials from other authentication tokens and devices (Abstract).  Buer discloses that the universal token can require a password (0038) or a biometric (0039) and may be used to perform a transaction (0017).  However Buer does not explicitly disclose receiving an approval to use the biometric sensing device for purchases at an online store or prompting the user to provide a biometric in response to obtaining the approval.  Similarly Wheeler et al. (U.S. Patent Publication 2007/0088950, now U.S. Patent 7,941,664, hereinafter referred to as Wheeler) discloses the use of multiple authentication factors (0006, 0148-0149) for use in online commerce (0300-0304).  However Wheeler also does not explicitly disclose receiving an approval to use the biometric sensing device for purchases at an online store or prompting the user to provide a biometric in response to obtaining the approval and therefore exhibits the same deficiency as Buer.  Examiner did find references that at least had some form of user consent with regard to use of a biometric such as Otake (U.S. Patent Publication 2009/0315674) at paragraph 0039 “If the image read by the scanner unit 200 includes copy restriction information, the CPU 101 performs control to display, on the LCD panel 401, an inquiry screen for asking a user whether to consent to face capturing (for obtaining biometric information) using the camera unit 500” however this is simply part of controlling access to a multifunction printer and does not involve purchases at an online store as is claimed.  Therefore Examiner does not see where one of ordinary skill would be drawn to the Otake reference to correct the deficiencies of Buer or Wheeler.  Kumar et al. (“Next Generation Electronic Passport Scheme using Cryptographic Authentication Protocols and Multiple Biometrics Technology”, I.J. Information Engineering and Electronic Business, 2013, 2, pp. 34-43, September 1, 2013) discloses an electronic passport employing biometrics but does not explicitly disclose receiving an approval to use the biometric sensing device for purchases at an online store or prompting the user to provide a biometric in response to obtaining the approval.  Yang et al. (“Consent Biometrics, IEEE, July 4, 2011, 6 pages) discloses the use of biometrics in order to determine whether a user is willingly attempting a transaction or is instead under duress.  Yang also does not explicitly disclose receiving an approval to use the biometric sensing device for purchases at an online store or prompting the user to provide a biometric in response to obtaining the approval.  Therefore as no prior art alone or in combination fairly teaches or suggests all of the elements of the claim.  As such claims 34-37 are held as being allowable over the prior art.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Statement Regarding the Prior Art on claims 18-33
The following is a statement of reasons for the indication of allowable subject matter:  
Claims 18-33 contain subject matter similar to that of claims 34-38 in that claim 28 explicitly requires the determination that the biometric sensing device is approved for use in completing a purchase from the online store which is not an operation found in the prior art.  Claim 18 does not explicitly claim this although claim 18 requires a particular sequence of operations regarding the transmitting a first user input to a website, receiving an online account token and then receiving a second user input before transmitting the token to the website.  MPEP § 2111.01 (II) describes situations where order of steps should not be read into method claims “…where, as a matter of logic or grammar, the language of the method claims did not impose a specific order on the performance of the method steps, and the specification did not directly or implicitly require a particular order”).  However here the claim is claiming a particular order and it is clear from Figure 4 and paragraphs 0047-0051 that there is a particular order of operations that is required in that the pass is entered, a token is received from the online store and in the event that the user approves use of the biometric sensing device the online account token and user identifier data are transmitted to a secure processing system in the electronic device which are also not found in the prior art.  Therefore if the rejection under section 112 is overcome claims 18-33 would also be in condition for allowance.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES D NIGH whose telephone number is (571)270-5486. The examiner can normally be reached 6:00 to 9:45 and 10:30 to 2:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAMES D NIGH/Senior Examiner, Art Unit 3685