DETAILED ACTION
This Office Action is in response to the application 16/987,729 filed on 08/07/2020.
Claims 1-10 have been examined and are pending. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This Action is made Non-FINAL.
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 12/09/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements have been considered by the examiner.
Priority
The present application claim priority to TW Patent Application NO.: 109118392, filed on 06/02/2020. 
Claim Objection 
Claims 1-4 are objected to because of the following informalities:
Regarding Claim 1, claim 1 recites the limitation “utilizing the processing module of the secure device to generate a match information” and “with the display unit presenting the match information,” in lines 8-10, page 57.  For better clarity, it’s suggested that the aforementioned limitations be further amended to “generating a match information, by utilizing the processing module of the secure device” and “presenting, by the display unit, the match information,” respectively.  
Similarly, it’s suggested that the limitations:
“utilizing the processing module of the secure to device to substitute,” recited in lines 1-2, page 58 be further amended to “substituting, by the processing module of the secure device;” 
“the processing module defines M,” recited in lines 4, page 58 be further amended to “defining, by the processing module, M;” 
“the unsecure device [] presents, … determines, … and generates …” recited in limes 7-10, page 58, be further amended to “presenting, by the unsecure device …; determining by the unsecure device …. ; generating, by the unsecure device…;”
		“when the processing module of the secure device determines that M… the secure device transmits a verification-successful information …” be further amended to “determining, by the processing module of the secure device, M … ; transmitting, by the secure device, a verification-successful information...” 
		 “when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device” recited in line 22-25, page 58 be further amended to “determining, by the processing module of the secure device, M of the to-be-verified password data do not match with M of the password data; and transmitting, by the secure device, a verification-failed information to the unsecure device.” 
Regarding claim 2, claim 2 recites the limitations “the display unit of the secure device presents each of the first verification data” and “the display unit of the secure device presents each of the second verification data.” It’s suggested that said limitations be further amended to “presenting, by the display unit of the secure device, each of the first verification data” and “presenting, by the display unit of the secure device, each of the second verification data,” respectively.
Regarding claim 3, claim 3 recites “utilizing a display unit of the unsecure device to present P…,” “utilizing a processing module of the unsecure device to determine which of the second verification data…,” and “generating M of the input data...” It’s suggested that the aforementioned claim phrase be further amended to “presenting, by utilizing a display unit of the unsecure device, P …,” “determining, by utilizing a processing module of the unsecure device, which of the second verification data…,” and generating, by utilizing the processing module of the unsecure device, M of the input data…” 
Regarding claim 4, claim 4 recites  “the secure device receives M of the password data that is transmitted by the unsecure device and stores the password data in a storing unit of the secure device,” “ the secure device receives M of the password data that is transmitted by an external device of the unsecure device and stores the password data in the storing unit of the secure device,”  “the processing module of the secure device, according to an operation of the user with respect to the secure device, , generates M of the corresponding password data, and stores the password data in the storing unit of the secure device.” It is suggested that the aforementioned claim phrase be further amended to “receiving, by the secure device, M of the password from the unsecure device and storing, by the secure device, the password data in a storage unit,” “receiving, by the secure device, M of the password data from an external device of the unsecure device and storing, by the secure device, the password data in the storing unit,” “ generating, by the processing module of the secure device according to an operation of the user with respect to the secure device, M of the corresponding password data, and storing, by the secure device, the password data in the storing unit of the secure device.” Furthermore, a double application of comma “,,” (line 24, page 59) should be corrected. 
The Applicant is also requested to make similar changes (clearly recite active steps) for each of the other claims 5-10. 
				Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-7 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (“Smith,” US 20160314468, published Oct. 27, 2016) in view of Yang et al. (“Yang,” US 20170286028, published Oct. 5, 2017). 
Regarding claim 1, Smith discloses A verification method that is applicable for a secure device and an unsecure device (Smith FIG. 1, [0011]- [0012]. FIG. 1 includes a user 102 and a secure server 104. The user 102 may have one or more personal devices on his or her person, such as smart glasses 106. Personal devices include, but are not limited to smart glasses, Smartwatches, Smartphones, personal digital assistants, notepads. The secure server 104 may include an automatic teller machine (ATM).), 
the secure device including a display unit and a processing module, the unsecure device being capable of generating an input information according to an operation of a user, and the processing module of the secure device receiving the input information that is transmitted by the unsecure device (Smith FIG. 1, [0011], [0015], [0050]. FIG. 1 includes a user 102 and a secure server 104. The user 102 may have one or more personal devices on his or her person, such as [ ]  smart glasses, smartwatches, smartphones, personal digital assistants, notepads. A user 102 wearing or holding a personal device (e.g., smartglasses 106) may approach a secure server 104 or an access point controlled by a secure server 104. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad [to be pressed by the user]. The computer system 500 [which may refer to a smartphone and/or the ATM, or both, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.), the verification method comprising: 
a verification code presenting step: 
utilizing the processing module of the secure device to generate a match information, with the display unit presenting the match information; wherein the match information includes N of first verification data that are different from one another and N of second verification data that are different from one another, and one-to-one substitution relations between each of N of the first verification data and each of N of the second verification data are presented on the display unit by the match information; wherein the one-to-one substitution relations between each of N of the first verification data and each of N of the second verification data are not entirely identical each time the one-to-one substitution relations are generated by the processing module (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); and 
executing, when the secure device receives the input information [within a predetermined period of time] after the match information is presented on the display unit, the following steps: a verification step: utilizing the processing module of the secure device to substitute M of the first verification data for M of input data of the input information according to the match information; wherein the processing module defines M of the first verification data generated through the substitution as M of to-be-verified password data according to the match information, the unsecure device presents P of the second verification data, and the unsecure device, according to an operation of the user, determines which of the second verification data are selected by the user, and generates M of the corresponding input data; wherein N is a positive integer greater than 1, and M is a positive integer; and utilizing the processing module of the secure device to determine whether or not M of the to-be-verified password data match with M of password data that are stored in the secure device in advance (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); 
when the processing module of the secure device determines that M of the to-be-verified password data match with M of the password data, the secure device transmits a verification-successful information to the unsecure device (Smith [0015]. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad. The randomized keypad configuration is a remapped keypad with the keys randomly reassigned to different positions than would be conventionally found. The user 102 may then input their memorized PIN, but with the positions of the keys as represented in the reassigned key pad. Thus, for example, the user's PIN may be the sequence of numbers “1, 2, 3, which may typically represent the first row of buttons on a conventional keypad layout. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN and grant access, dispense money, or otherwise authorize an activity.). 
Smith does not explicitly disclose:  executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit; when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device.
However, in an analogous art, Yang teaches a method comprising the steps of: 
executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit (Yang FIGs 3, 4A-4B, [0067] – [0068]. Upon receiving the pairing request from the information processing apparatus 101 , the communication apparatus 151 starts the pairing process. Upon receiving the pairing request , the communication apparatus 151 displays a PIN code display screen 400 as shown in FIG . 4A.  Further , an expiration date may be set for the issued PIN code. If sending the pairing request to the communication apparatus 151 as described above , the information processing apparatus 101 displays , in the display unit 108 , a PIN code input screen 410 as shown in FIG . 4B . The user inputs a PIN code ( “ 1111 ” in the example of FIG . 4A ) issued by the communication apparatus 151 in a PIN code input area 411 of the PIN code input screen 410 and selects an OK button 412 .) ; 
when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device (Yang FIG. 3, [0056], [0057], [0059]. In step S310, the communication apparatus 151 determines whether the password included in the request received from the information processing apparatus 101 is valid. In step S311 , the communication apparatus 151 sends a determination result in step S310 to the information processing apparatus 101 as a response to the request to display the remote UI. In step S314 , the information processing apparatus 101 presents the error that the password is invalid ( authentication failure ) to the user via the Web browser or the like and waits until the next process arrives.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Yang and Smith to include the steps of: executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit; when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device. One would have been motivated to provide users with a means for adapting the virtual keyboard overlay to a device pairing process and to enhance the security of a device pairing process.  (See Yang [0068].) 
Regarding claim 2, Smith and Yang disclose the method of claim 1. Smith further discloses wherein the display unit of the secure device presents each of the first verification data in a form of a character string, the display unit of the secure device presents each of the second verification data in a form of a picture, and the unsecure device includes N buttons, wherein each of the N buttons respectively has corresponding pictures of N of the second verification data presented on the display unit of the secure device (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 [i.e., a pictorial image, see [0022] for JPEG image] is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.). 
Regarding claim 3, Smith and Yang disclose the method of claim 1. Smith further discloses wherein before utilizing the processing module of the secure device to substitute M of the first verification data for M of the input data, the verification step further includes a presenting step: utilizing a display unit of the unsecure device to present P of the second verification data, utilizing a processing module of the unsecure device to determine which of the second verification data are selected by the user, and generating M of the input data correspondingly (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 [i.e., a pictorial image, see [0022] for JPEG image] is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.). 
Regarding claim 4, Smith and Yang disclose the method of claim 1. Smith further discloses wherein a password pre- storing step is further included before the verification step: storing M of the password data in the secure device (Smith [0029], [0044]. The user 102 knows or is able to access a previously determined PIN.  In an embodiment, verifying that the series of key presses correspond to the access code comprises mapping the randomized keypad representation to the initial keypad representation to obtain a cipher, obtaining a mapped access code based on the series of key presses, deciphering the mapped access code to obtain a deciphered access code, comparing the deciphered access code to the access code.); 
wherein in the password pre-storing step, the secure device receives M of the password data that is transmitted by the unsecure device and stores the password data in a storing unit of the secure device, or, 
the secure device receives M of the password data that is transmitted by an external device of the unsecure device and stores the password data in the storing unit of the secure device, or,
 the processing module of the secure device, according to an operation of the user with respect to the secure device, , generates M of the corresponding password data, and stores the password data in the storing unit of the secure device (Smith [0015], [0044]. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN and grant access, dispense money, or otherwise authorize an activity. At 410, the series of key presses are verified that they correspond to the access code. In an embodiment, verifying that the series of key presses correspond to the access code comprises mapping the randomized keypad representation to the initial keypad representation to obtain a cipher, obtaining a mapped access code based on the series of key presses, deciphering the mapped access code to obtain a deciphered access code, comparing the deciphered access code to the access code.). 
Regarding claim 5, Smith discloses A verification method that is applicable for a secure device and an unsecure device, the secure device including a display unit and a processing module, the unsecure device being capable of generating an input information according to an operation of a user, and the processing module of the secure device being capable of receiving the input information that is transmitted by the unsecure device (Smith FIG. 1, [0011], [0015], [0050]. FIG. 1 includes a user 102 and a secure server 104. The user 102 may have one or more personal devices on his or her person, such as [ ]  smart glasses, smartwatches, smartphones, personal digital assistants, notepads. A user 102 wearing or holding a personal device (e.g., smartglasses 106) may approach a secure server 104 or an access point controlled by a secure server 104. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad [to be pressed by the user]. The computer system 500 [which may refer to a smartphone as well as an ATM server with touch-screen, see [0032], [0049]-[0050] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.), the verification method comprising: 
a verification code presenting step: utilizing the processing module of the secure device to generate a match information; wherein the match information includes N of first verification data that are different from one another and N of second verification data that are different from one another, and one-to-one substitution relations between each of N of the first verification data and each of N of the second verification data are presented on the display unit by the match information; wherein the one-to-one substitution relations between each of N of the first verification data and each of N of the second verification data are not entirely identical each time the one-to-one substitution relations are generated by the processing module (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); and 
executing, when the secure device receives the input information [within a predetermined period of time] after the match information is presented on the display unit, the following steps: a verification step: utilizing the processing module of the secure device to substitute M of the first verification data for M of input data of the input information according to the match information; wherein the processing module defines M of the first verification data generated through the substitution as M of to-be-verified password data according to the match information, the unsecure device presents P of the second verification data, and the unsecure device, according to an operation of the user, determines which of the second verification data are selected by the user, and generates M of the corresponding input data; wherein N is a positive integer greater than 1, and M is a positive integer; and utilizing the processing module of the secure device to determine whether or not M of the to-be-verified password data match with M of password data of the input information (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); 
when the processing module of the secure device determines that M of the to-be-verified password data match with M of the password data, the secure device transmits a verification-successful information to the unsecure device (Smith [0015]. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad. The randomized keypad configuration is a remapped keypad with the keys randomly reassigned to different positions than would be conventionally found. The user 102 may then input their memorized PIN, but with the positions of the keys as represented in the reassigned key pad. Thus, for example, the user's PIN may be the sequence of numbers “1, 2, 3, which may typically represent the first row of buttons on a conventional keypad layout. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN and grant access, dispense money, or otherwise authorize an activity.). 
Yang further discloses: 
executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit, (Yang FIGs 3, 4A-4B, [0067] – [0068]. Upon receiving the pairing request from the information processing apparatus 101 , the communication apparatus 151 starts the pairing process. Upon receiving the pairing request , the communication apparatus 151 displays a PIN code display screen 400 as shown in FIG . 4A.  Further , an expiration date may be set for the issued PIN code. If sending the pairing request to the communication apparatus 151 as described above , the information processing apparatus 101 displays , in the display unit 108 , a PIN code input screen 410 as shown in FIG . 4B . The user inputs a PIN code ( “ 1111 ” in the example of FIG . 4A ) issued by the communication apparatus 151 in a PIN code input area 411 of the PIN code input screen 410 and selects an OK button 412 .); 
when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device (Yang FIG. 3, [0056], [0057], [0059]. In step S310, the communication apparatus 151 determines whether the password included in the request received from the information processing apparatus 101 is valid. In step S311 , the communication apparatus 151 sends a determination result in step S310 to the information processing apparatus 101 as a response to the request to display the remote UI. In step S314 , the information processing apparatus 101 presents the error that the password is invalid ( authentication failure ) to the user via the Web browser or the like and waits until the next process arrives.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Yang and Smith to include the steps of: executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit; when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device. One would have been motivated to provide users with a means for adapting the virtual keyboard overlay to a device pairing process and to enhance the security of a device pairing process.  (See Yang [0068].) 
Regarding claim 6, Smith and Yang disclose the method of claim 5. Smith further discloses wherein the display unit of the secure device presents each of the first verification data in a form of a character string, the display unit of the secure device presents each of the second verification data in a form of a picture, and the unsecure device includes N buttons, wherein each of the N buttons respectively has corresponding pictures of N of the second verification data presented on the display unit of the secure device (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 [i.e., a pictorial image, see [0022] for JPEG image] is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.).
Regarding claim 7, Smith and Yang disclose the method of claim 5. Smith further discloses wherein before utilizing the processing module of the secure device to substitute M of the first verification data for M of the input data, the verification step further includes a presenting step: utilizing a display unit of the unsecure device to present P of the second verification data and K of encoded data, utilizing a processing module of the unsecure device to determine which of the second verification data are selected by the user, and generating M of the input data correspondingly; wherein M of K of the encoded data are defined as the password data, and K is a positive integer greater than or equal to M (Smith [0021]-[0022].  In an embodiment, to transmit the randomized keypad representation, the communication module 108 is to transmit locations of keys to the personal device to use when displaying the randomized keypad representation. For example, a matrix may be predetermined, such as m:n, where m refers to the row and n refers to the column. In this example, 1:1 would refer to row 1, column 1, and 1:2 would refer to row 1, column 2, etc. Thus, the secure server 104 may transmit a message with “1:1:9; 1:2:3; . . . ” where the message is formatted as m:n:y, with m being the row, n being the column, and y being the numeral to display at the position m:n. In an embodiment, to transmit the randomized keypad representation, the communication module 108 is to transmit an image to the personal device for presentation in a heads-up display. The image may be a compressed image, such as a JPEG (Joint Photographic Expert Group), GIF (Graphics Interchange Format), or PNG (Portable Network Graphics) file. The image may be displayed in a micro display of the smartglasses 104. Using the front-facing camera, the image may be stabilized, scaled, and oriented over the existing physical keypad. Thus, according to an embodiment, the presentation in the heads-up display is overlaid on the keypad of the secure server [see [0044] for receiving user key strokes, and decipher the key strokes according to the pre-determined random mapping of keyboard for PIN verification.]). 
Claims 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (“Smith,” US 20160314468, published Oct. 27, 2016) in view of Yang et al. (“Yang,” US 20170286028, published Oct. 5, 2017) and Huang et al. (“Huang,” US 20070106895, published May 10, 2007). 
Regarding claim 8, Smith discloses A transaction verification method that is applicable for a secure device and an unsecure device, the secure device including a first display unit and a first processing module, the unsecure device including a second display unit, a second processing module, and an input unit (Smith FIG. 1, [0011], [0015], [0050]. FIG. 1 includes a user 102 and a secure server 104. The user 102 may have one or more personal devices on his or her person, such as [ ]  smart glasses, smartwatches, smartphones, personal digital assistants, notepads. A user 102 wearing or holding a personal device (e.g., smartglasses 106) may approach a secure server 104 or an access point controlled by a secure server 104. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad [to be pressed by the user]. The computer system 500 [which may refer to a smartphone and/or the ATM, or both, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.), the transaction verification method comprising:
 a transaction information inputting step: utilizing, according to an operation of the input unit by a user, the second processing module of the unsecure device to generate a corresponding transaction data (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); 
utilizing the second processing module of the unsecure device to execute a R-bit based transfer encoding algorithm that converts the transaction data into an encoded information that is R-bit based, and controlling the second display unit to present K characters of the encoded information; wherein R is a positive integer greater than 1; wherein M characters of the encoded information presented by the second display unit are defined as M of the password data; wherein K is a positive integer greater than or equal to M (Smith FIG. 2, [0021] - [0022]. In an embodiment, to transmit the randomized keypad representation, the communication module 108 is to transmit locations of keys to the personal device to use when displaying the randomized keypad representation. For example, a matrix may be predetermined, such as m:n, where m refers to the row and n refers to the column. In this example, 1:1 would refer to row 1, column 1, and 1:2 would refer to row 1, column 2, etc. Thus, the secure server 104 may transmit a message with “1:1:9; 1:2:3; . . . ” where the message is formatted as m:n:y, with m being the row, n being the column, and y being the numeral to display at the position m:n. In an embodiment, to transmit the randomized keypad representation, the communication module 108 is to transmit an image to the personal device for presentation in a heads-up display. The image may be a compressed image, such as a JPEG (Joint Photographic Expert Group), GIF (Graphics Interchange Format), or PNG (Portable Network Graphics) file [Note that JPEG is a R-bit based encoding of photo or image pixels. See Fhurmann et al., 1995, Experimental evaluation of psychophysical distortion metrics for JPEG encoded images, Journal of Electronic Image 4(4), p. 404.] The image may be displayed in a micro display of the smartglasses 104. Using the front-facing camera, the image may be stabilized, scaled, and oriented over the existing physical keypad. Thus, according to an embodiment, the presentation in the heads-up display is overlaid on the keypad of the secure server.); 
a transaction [signature] request step: transmitting, after the second display unit of the unsecure device presents M of the password data, a transaction [signature] request information to the secure device through the unsecure device (Smith FIG. 4, [0043]. At 408, a series of key presses is received from the user at a keypad of the secure server, the key presses corresponding to the access code based on the randomized keypad representation. In an embodiment, the keypad of the secure server is a numeric keypad. In an embodiment, the keypad of the secure server is an alphanumeric keypad. [See [0049] –[0050] for a user smartphone having touch-display acting as a keypad and transmitting the key button presses to the secure server for authentication and requesting account access (e.g., [0029])]); 
a transaction verification code presenting step: utilizing the secure device to receive the transaction [signature] request information that is transmitted by the unsecure device; controlling the first processing module of the secure device to generate a match information, with the first display unit presenting the match information; wherein the match information includes N of first verification data that are different from one another and N of second verification data that are different from one another, and one-to-one substitution relations between each of N of the first verification data and each of N of the second verification data are presented on the first display unit by the match information; wherein N is a positive integer that is greater than or equal to 1, and M is a positive integer; wherein the one-to- one substitution relations between each of N of the first verification data and each of N of the second verification data are not identical each time the one-to-one substitution relations are generated by the first processing module (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An [random] overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); and
 [executing a signature step,] when the secure device receives [a to-be- signed] information that is transmitted by the unsecure device, [within a predetermined period of time] after the first display unit presents the match information: wherein the input unit presents P of the second verification data, and the second processing module of the unsecure device determines which of the second verification data are selected by the user through the input unit, and then generates M of the corresponding input data; wherein the second processing module integrates M of the input data and the encoded information into the to-be-signed information (Smith FIG. 2, [0029], [0050]. The user 102 knows or is able to access a previously determined PIN. In the example shown in FIG. 2, the PIN is the value 9876. An overlay 200 is presented to the user 102 by the smartglasses. The overlay 200 may be presented approximately over a physical keypad 202. The overlay 200 may include some or all of the keys on the physical keypad 202 and may be in approximately the same configuration, spacing, and size as the physical keypad 202. The user 102, knowing the PIN, enters the PIN on the physical keypad 202, but using the key positions of the overlay 200. Thus, in this example, the physical keypad registers the keys 2, 3, 9, and 8 being pressed. A cipher 204 was created prior to the overlay 200 being presented. The cipher 204 maps the original key values to the enciphered key values. To decipher or decode the actual input from the user 102, a system may use the cipher in reverse. Thus, the result of the physical keypad presses of 2, 3, 9, and 8, a decoded PIN number is identified as '9876 and the user 102 is provided access to the secure resource (e.g., door, bank account, computing resource, etc.). The computer system 500 [which may refer to a smartphone, see [0049] ] may further include [ ] an alphanumeric input device 512 (e.g., a keyboard) [ ] incorporated into a touch screen display.); 
[the signature step including]: utilizing the first processing module of the secure device, to substitute M of the first verification data for M of the input data of the to-be-signed information according to the match information; wherein the first processing module defines M of the first verification data generated through the substitution as M of to-be- verified password data according to the match information; utilizing the first processing module to determine whether or not M of the to-be-verified password data match with M of the password data (Smith [0015]. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad. The randomized keypad configuration is a remapped keypad with the keys randomly reassigned to different positions than would be conventionally found. The user 102 may then input their memorized PIN, but with the positions of the keys as represented in the reassigned key pad. Thus, for example, the user's PIN may be the sequence of numbers “1, 2, 3, which may typically represent the first row of buttons on a conventional keypad layout. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN and grant access, dispense money, or otherwise authorize an activity.); 
when the first processing module of the secure device determines that M of the to-be-verified password data match with M of the password data, the first processing module [digitally signs] the encoded information, and then transmits the [digitally signed] encoded information back to the unsecure device (Smith [0015]. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad. The randomized keypad configuration is a remapped keypad with the keys randomly reassigned to different positions than would be conventionally found. The user 102 may then input their memorized PIN, but with the positions of the keys as represented in the reassigned key pad. Thus, for example, the user's PIN may be the sequence of numbers “1, 2, 3, which may typically represent the first row of buttons on a conventional keypad layout. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN and grant access, dispense money, or otherwise authorize an activity.); 
Smith does not explicitly disclose:  when the secure device receives [a to-be- signed] information that is transmitted by the unsecure device, within a predetermined period of time after the first display unit presents the match information; when the first processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the first processing module transmits a signature-failed information to the unsecure device.
However, in an analogous art, Yang teaches a method comprising the steps of: 
when the secure device receives [a to-be- signed] information that is transmitted by the unsecure device, within a predetermined period of time after the first display unit presents the match information (Yang FIGs 3, 4A-4B, [0067] – [0068]. Upon receiving the pairing request from the information processing apparatus 101 , the communication apparatus 151 starts the pairing process. Upon receiving the pairing request , the communication apparatus 151 displays a PIN code display screen 400 as shown in FIG . 4A.  Further , an expiration date may be set for the issued PIN code. If sending the pairing request to the communication apparatus 151 as described above , the information processing apparatus 101 displays , in the display unit 108 , a PIN code input screen 410 as shown in FIG . 4B . The user inputs a PIN code ( “ 1111 ” in the example of FIG . 4A ) issued by the communication apparatus 151 in a PIN code input area 411 of the PIN code input screen 410 and selects an OK button 412 .) ; 
when the first processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the first processing module transmits a [signature] -failed information to the unsecure device (Yang FIG. 3, [0056], [0057], [0059]. In step S310, the communication apparatus 151 determines whether the password included in the request received from the information processing apparatus 101 is valid. In step S311 , the communication apparatus 151 sends a determination result in step S310 to the information processing apparatus 101 as a response to the request to display the remote UI. In step S314 , the information processing apparatus 101 presents the error that the password is invalid ( authentication failure ) to the user via the Web browser or the like and waits until the next process arrives.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Yang and Smith to include the steps of: executing, when the secure device receives the input information within a predetermined period of time after the match information is presented on the display unit; when the processing module of the secure device determines that M of the to-be-verified password data do not match with M of the password data, the secure device transmits a verification-failed information to the unsecure device. One would have been motivated to provide users with a means for adapting the virtual keyboard overlay to a device pairing process and to enhance the security of a device pairing process.  (See Yang [0068].) 
Smith and Yang do not explicitly disclose requesting and generating a signature. 
However, in an analogous art, Huang discloses a method comprising the step of: 
when the first processing module of the secure device determines that M of the to-be-verified password data match with M of the password data, the first processing module digitally signs the encoded information, and then transmits the digitally signed encoded information back to the unsecure device (Huang FIG. 3, [0032]. Operation 312 continues with comparing 610 the session biometric feature with the golden biometric feature 226. A hash is generated to reduce overall message size. Once the hash is generated, operation 312 continues with signing 616 a hash of the token data with biometric private key 228, and appending 618 the signed hash to the transaction request to generate an authenticated transaction request [for granting a transaction].). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Huang with the teachings of Smith and Yang to include the steps of: when the first processing module of the secure device determines that M of the to-be-verified password data match with M of the password data, the first processing module digitally signs the encoded information, and then transmits the digitally signed encoded information back to the unsecure device. One would have been motivated to provide users with a means for improving the security of pairing devices through a digital signature based validation protocol. (See Huang [0032].)
Regarding claim 9, Smith, Yang and Huang disclose the method of claim 8. Smith further discloses wherein a user verification step is further included before the transaction information inputting step or before the verification code presenting step: executing the verification method as claimed in claim 1, and when the unsecure device receives the verification-successful information from the secure device, the unsecure device then executes the transaction information inputting step or the transaction verification code presenting step (Smith [0027]-[0028]. In an embodiment, the security module 112 is to authenticate the user of the personal device before transmit ting the randomized keypad representation. By allowing the personal device to authenticate the user 102, user biometrics and other identifying information may be kept safely at the user's personal device. In other embodiments, the secure server 104 may authenticate the user's identity with biometric sensors.). 
Regarding claim 10, Smith, Yang and Huang disclose the method of claim 8. Smith further discloses The transaction verification method according to claim 8, wherein the first display unit of the secure device presents each of the first verification data in a form of a character string, the first display unit of the secure device presents each of the second verification data in a form of a picture, and the unsecure device includes N buttons, wherein each of the N buttons respectively has corresponding pictures of N of the second verification data that are presented on the first display unit of the secure device; wherein in the transaction information inputting step, the second processing module of the unsecure device is utilized to execute a [hash] algorithm, and then execute the R-bit based transfer encoding algorithm, so as to convert the transaction information into the encoded information that is R-bit based (Smith FIG. 2, [0015] , [0022]. The Secure server 104 may generate a temporary randomized keypad configuration and transmit it to the personal device. In the case of Smartglasses 106, the temporary randomized keypad configuration may be an overlay to present via a HUD over the physical keypad. The randomized keypad configuration is a remapped keypad with the keys randomly reassigned to different positions than would be conventionally found. But, after reassignment, the user 102 may press “1, 2, 3’ based on the reassigned keypad that is overlaid on the physical keypad, but actually press the sequence “8, 4, 1 on the physical keypad. The secure server 104 receives the sequence of physical keypad actuations and then based on the reassigned keypad layout and the user's PIN from a backend server, the secure server 104 may validate that the user 102 input the correct PIN. In an embodiment, to transmit the randomized keypad representation, the communication module 108 is to transmit an image to the personal device for presentation in a heads-up display. The image may be a compressed image, such as a JPEG (Joint Photographic Expert Group), GIF (Graphics Interchange Format), or PNG (Portable Network Graphics) file [Note that JPEG is a R-bit based encoding of photo or image pixels. See Fhurmann et al., 1995, Experimental evaluation of psychophysical distortion metrics for JPEG encoded images, Journal of Electronic Image 4(4), p. 404.].).  
Huang further discloses encoding with a hash algorithm(Huang FIG. 3, [0032]. Operation 312 continues with comparing 610 the session biometric feature with the golden biometric feature 226. A hash is generated to reduce overall message size. Once the hash is generated, operation 312 continues with signing 616 a hash of the token data with biometric private key 228, and appending 618 the signed hash to the transaction request to generate an authenticated transaction request [for granting a transaction].). 
The motivation is the same as that of claim 8 above. 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD LONG whose telephone number is (571)272-8961.  The examiner can normally be reached on Monday to Friday, 9 AM - 6  PM EST (Alternate Fridays).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/EDWARD LONG/
Examiner, Art Unit 2439


/LUU T PHAM/            Supervisory Patent Examiner, Art Unit 2439