PATIENT UNIQUE IDENTIFIER

§101 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Status of the Application Claims 1-3, 5-10, and 12-14 are currently pending in this case and have been examined and addressed below. This communication is a Final Rejection in response to the Amendment to the Claims and Remarks filed on 02/10/2026. Claims 4 and 11 remain cancelled and not considered at this time. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-3, 5-10, and 12-14 are rejected because the claimed invention is directed to an abstract idea without significantly more. Step 1 Claims 1-3 and 5-7 fall within the statutory category of an apparatus or system. Claims 8-10 and 12-14 fall within the statutory category of a process. Step 2A, Prong One As per Claims 1 and 8, the limitations of associate a tag with a patient, capture biometric data, encrypt the biometric data, and store the biometric data as well as the limitations of retrieving the indication of the identification of the patient and the encrypted biometric data, sending the encrypted biometric data to be decrypted and stored, accessing patient information based on the indication of the identification of the patient, and providing the information associated with the patient to a user, under its broadest reasonable interpretation, covers a method of organizing human activity but for the recitation of generic computer components. That is, other than reciting a system comprising a server, a database, a wearable device including sensors, an active radio-frequency identification (RFID) tag and a mobile computing device with RFID and barcode reading capability, nothing in the claim element precludes the step from being methods of organizing human activity. The steps of capturing biometric data, encrypting the biometric data, storing the encrypted data are activities done by people which amounts to managing personal behavior or interactions between people or a person and a computer. Similarly, the steps of retrieving the indication of the identification of the patient, retrieving encrypted biometric data, sending the encrypted biometric data to be decrypted and stored, accessing patient information stored in a database, and providing the information associated with the patient to a user are concepts which are management of patient data which are activities generally performed by a person such as healthcare personnel to manage healthcare data of a patient, which is personal behavior. If a claim limitation, under its broadest reasonable interpretation, covers managing personal behaviors or interactions between people or between a person and a computer, but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claims recite an abstract idea. Step 2A, Prong Two The judicial exception is not integrated into a practical application because the additional elements and combination of additional elements do not impose meaningful limits on the judicial exception. In particular, the claims recite the additional elements – a server, database, a wearable device including sensors, and a mobile computing device with RFID and barcode reading capability. The server, database, wearable device and mobile computing device are recited at a high-level of generality, such that they amount to no more than mere instructions to apply the exception using a generic computer component. The wearable device is recited as any of a wristband, armband, necklace, etc. (Specification [0030]). The mobile computing device is described as the reader device which may be a smart phone, tablet, smart watch, etc. (Specification [0033]). Accordingly, the additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claims also recite the additional elements of storing an encryption key at a server, writing the encryption key to an active RFID tag, storing patient information in the database, implementing the active RFID tag by the wearable device, storing an indication of an identification of the patient on the active RFID tag, and reading an RFID tag associated with a patient storing an indication of identification of a patient. The elements of storing an encryption key at a server and storing patient information in a database amounts to mere instructions to apply the exception. As per MPEP 2106.05(f)(2), storing data at a server or in a database is use of a computer in its ordinary capacity for tasks such as receiving, storing, transmitting data. The use of an active RFID reader, which is a general purpose computing component as described above, to write the encryption key and store an indication of patient identification amounts to collecting data which is mere instructions to apply the exception. The element of reading data associated with a patient including an indication of identification of a patient amounts to insignificant extra-solution activity, as in MPEP 2106.05(g), because the step of reading patient data is mere data gathering in conjunction with the abstract idea where the limitation amounts to necessary data gathering and outputting, (i.e., all uses of the recited judicial exception require such data gathering or data output). See Mayo, 566 U.S. at 79, 101 USPQ2d at 1968; OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1092-93 (Fed. Cir. 2015) (presenting offers and gathering statistics amounted to mere data gathering). The additional element of the wearable device implementing the active RFID tag does not impose meaningful limits on the claim such that it is not nominally or tangentially related to the invention and therefore are insignificant extra-solution activity. Because the additional elements do not impose meaningful limitations on the judicial exception, the claim is directed to an abstract idea. Step 2B The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as an ordered combination do not amount to significantly more than the abstract idea. As discussed above with the respect to integration of the abstract idea into a practical application, the additional elements of a server, database, wearable device including sensors, and a mobile computing device with RFID and barcode reading capability to perform the method of the invention amounts to no more than mere instructions to apply the exception using a generic computing component. As described above, the server, database, wearable device, and mobile computing device are recited at a high level of generality and are recited as generic computer components by reciting the wearable device as any of a wristband, armband, necklace, etc. (Specification [0030]) and the mobile computing device is described as the reader device as a smart phone, tablet, smart watch, etc. (Specification [0033]), which do not add meaningful limitations to the abstract idea beyond mere instructions to apply an exception. The storing of data on a server and in a database also amounts to mere instructions to apply the exception. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Storing data on an RFID tag based on the server writing the key to the tag is also mere instructions to apply the exception and therefore cannot provide an inventive concept for the same reasons as storing data on a database. The claims also include the additional element of reading the data from an RFID tag which is mere data gathering which is well-understood, routine and conventional computer functions in the field of data management because they are claimed at a high level of generality and include receiving or transmitting data over a network as well as storing and retrieving information from memory, which have been found to be well-understood, routine and conventional computer functions by the Court (MPEP 2106.05(d)(II)(i) Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network); but see DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1258, 113 USPQ2d 1097, 1106 (Fed. Cir. 2014) ("Unlike the claims in Ultramercial, the claims at issue here specify how interactions with the Internet are manipulated to yield a desired result‐‐a result that overrides the routine and conventional sequence of events ordinarily triggered by the click of a hyperlink." (emphasis added) and (iv) Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93). The claims also include the wearable device implementing the active RFID tag which is found to be insignificant extra-solution activity. A showing can be made that an additional element is well-understood, routine, and conventional, and therefore, does not amount to significantly more than the recited abstract idea by citing multiple prior publications that each or disclose the limitation (MPEP § 2106.07(a)(III)). In light of Yokota et al. (US 2011/0022851 A1) which teaches the use of an active RFID tag which has a power source on a wearable sensor ([0338] sensor tag measures data from a person who is wearing the tag/device, [0129] sensor tag is attached to the person being measured, [0012] the sensor tag uses power from a primary cell on the device, [0137] where the communication is RFID) and Mously (US 2016/0051153 A1) which teaches a wearable device for continuously monitoring a person using an active readable RFID tag with storage for storing physiological data ([0011-0012]). Therefore, the claim elements are found to be well-understood, routine, and conventional functions which do not provide significantly more than the abstract idea. Looking at the limitations as an ordered combination adds nothing that is not already present when looking at the elements taken individually. There is no indication that the combination of elements improves the functioning of the computer or improves another technology. The claims do not amount to significantly more than the underlying abstract idea. Dependent Claims 2-3, 5-7, 9-10, and 12-14 add further limitations which are also directed to an abstract idea. For example, Claims 2-3, 5-6, 9-10, and 12-13 recite elements which further specify or limit the elements of the independent claims, and hence are nonetheless directed towards fundamentally the same abstract idea as independent Claims 1 and 8. Claims 7 and 14 include receiving additional information associated with the patient, which amounts to mere data gathering similar to the independent claims. Claims 7 and 14 also recite sending additional information to the database to be stored, which similar to the independent claims amounts to mere instructions to apply the exception because storing data in a database is use of a computer in its ordinary capacity. Because the additional elements do not impose meaningful limitations on the judicial exception and the additional elements are well-understood, routine and conventional functionalities in the art, the claims are directed to an abstract idea and are not patent eligible. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claim(s) 1-4, 6-11, and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Hinkamp (US 2007/0046476 A10, hereinafter Hinkamp, in view of Yokota et al. (US 2011/0022851 A1), hereinafter Yokota, in view of Bazakos et al. (US 2006/0082438 A1), hereinafter Bazakos, in view of Shoarinejad et al. (US 2010/0007466 A1), hereinafter Shoarinejad, in view of Spencer et al. (US 9,980,140 B1), hereinafter Spencer. As per Claims 1 and 8, Hinkamp discloses a system for executing a method, comprising: a database storing patient information ([0009] integrated database stores further information about the person, [0029] database information includes patient ID number to match to reader data, also stores biometric identifiers in a table in the database); a wearable device worn by a patient ([0008]/[0022] transponder, i.e. RFID tag, attaches to person such as a wearable bracelet, wristwatch, etc.), wherein the wearable device stores the encrypted biometric data on the RFID tag, ([0007] RFID transponder which provides data, which can be the healthcare record of the person, [0024] transponder, i.e. tag of wearable associated with patient contains protected critical data which is protected via encryption technology, where the transponder also includes biometric verification data, [0033] transponder stores encoded data including biometric identifier of wearable’s owner), the RFID tag storing an indication of an identification of the patient ([0027] the health or bio-identification information is stored on a RFID tag band, [0028] RFID tag is a carrier of health/data record of the patient, [0029] data retrieved from transponder, i.e. RFID tag, includes ID number to identify patient, [0033] transponder stores critical data including owner identifier); a mobile computing device with RFID reading capability ([0007]/[0022] terminal or reader which reads the RFID transponder [0022] terminal or reader is part of a cellular phone, i.e. mobile computing device, [0025] reader terminal is part of a wireless communication device, see Fig. 1/Fig. 2, item 1 is reader terminal which is a mobile device with wireless connection to server/computer, also see [0029] where the terminal has RFID interface, i.e. RFID reading capability) configured to: read the RFID tag ([0007] device/terminal reads the RFID transponder, [0008] transponder, i.e. tag, is interrogated, i.e. read, by the reader device); retrieve, based on reading the RFID tag, the indication of the identification of the patient ([0008]/[0024] after reader interrogates transponder, supplies HIPPA protected, i.e. encrypted, critical data which includes name which is an indication of the patient’s identification, [0012] retrieval of pertinent healthcare identification information including ID number from the RFID transponder); retrieve, based on reading the RFID tag, the encrypted biometric data associated with the patient ([0008]/[0024] after reader interrogates transponder, supplies HIPPA protected, i.e. encrypted, critical data which includes biometric verification data), access patient information stored in the database based on the retrieved indication of the identification of the patient ([0009] reader device communicates with database with information about the person, [0023] terminal/reader activates software to allow it to access information for transfer from a remote database, [0029] reader terminal communicates with transponder to identify user with biometric identification information, [0038] After biometric data is verified/matched, transmitting medical and personal data); and provide the information associated with the patient to a user of the mobile computing device ([0038] the reader displays the received additional data, which is the medical and personal data, on the display screen). Hinkamp may not explicitly disclose the following which is taught by Yokota: the server being configured to write the at least one encryption key to an active radio-frequency identification tag (Abstract portable data sensor tag which receives and stores encryption key from an external terminal, the data sensor tag including a power source, i.e. active tag, [0034-0035] the data encryption device is a RFID tag, [0137] where the communication is RFID); the wearable device implementing the active RFID tag ([0338] sensor tag measures data from a person who is wearing the tag/device, [0129] sensor tag is attached to the person being measured, [0012] the sensor tag uses power from a primary cell on the device, [0137] where the communication is RFID) and associating the active RFID tag with the patient ([0263] sensor tag includes measured data with associated ID, where the ID can be a patient ID to match the patient which the device is given to), wherein the wearable device includes one or more sensors configured to capture biometric data associated with the patient (Abstract the data sensor tag includes a sensor circuit, [0018-0019] sensor circuit measure biological data of the user of the device, [0124] sensor tag measure biological information of the person such as body temperature, heart rate, etc.), encrypts the captured biometric data associated with the patient utilizing the at least one encryption key (Abstract the portable data sensor tag encrypts the measured data using the encryption key, see Fig. 13, S1208, [0019] using the encryption key, the encryption circuit functions to encrypt the measured biological data) wearable device stores the encrypted biometric data on the active RFID tag associated with a patient ([0019] once the measured biological data is encrypted, it is stored into the storage of the sensor tag); send the received encrypted biometric data to the server to be decrypted utilizing the at least one encryption key and stored in the database storing patient information ([0131] measured data reading device receives the encrypted measurement data and decrypts using the key to obtain the measured data, [0171-0172] measured data reading device includes a data communication unit for receiving data from the sensor tag, key storage, reading unit, and measured data accumulating unit, [0175] receive the data from the sensor tag, [0176] decrypt the encrypted measurement data using key, [0177] store the outputted measurement data in plaintext). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of a wearable device with an active RFID tag for measuring, encrypting, and storing biometric patient data from Yokota with the known wearable device for capturing and encrypting biometric data which is read using an RFID reader from Hinkamp in order to protect the confidentiality of health information of a user measured by the user (Yokota [0001]). Hinkamp and Yokota may not explicitly disclose the following which is taught by Bazakos: wherein the mobile computing device is not configured to decrypt the encrypted biometric data; send the received encrypted biometric data to the server to be decrypted utilizing the at least one encryption key and stored in the database storing patient information ([0018] data is not processed on the RFID tag reader but the data is sent to a computer to be decoded, data from tag is decrypted, [0014] face template which is represented by numerical codes, i.e. encrypted biometric data, is stored in a database, [0016] database is for storing personal information). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of decrypting and storing data on a database not resident on a mobile computing device from Bazakos with the known wearable device for capturing and encrypting biometric data to compare to stored biometric data to access patient information from Hinkamp and Yokota in order to provide security controls to protect personal health information using biometric verification (Bazakos [0003]). Hinkamp, Yokota, and Bazakos may not explicitly disclose the following which is taught by Shoarinejad: a server storing at least one encryption key ([0029] server stores plurality of encryption keys) and writing the encryption key to the RFID tag ([0030] the server generates the encryption key which is transmitted to the RFID tag). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of the encryption key being generated and received from a server to the RFID tag from Shoarinejad with the known wearable device for capturing and encrypting biometric data from Hinkamp, Yokota, and Bazakos in order to reduce the cost and increase security of information in systems with RFID tags (Shoarinejad [0004]). Hinkamp, Yokota, Bazakos, and Shoarinejad may not explicitly disclose the following which is taught by Spencer: a mobile computing device with RFID and barcode reading capability (see Fig. 2 barcode reader app and RFID reader app, Col. 15, line 62 – Col. 16, line 9 controller can detect RFID tag or a barcode from the device; Col. 16, line 47-50 the controller is a mobile computing device including a phone, tablet, etc.). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of the mobile computing device having the capability of reading RFID and a barcode from with the known mobile computing device which reads RFID devices from Hinkamp, Yokota, Bazakos, and Shoarinejad in order to enable secure communication between a plurality of devices (Spencer Col. 1, lines 17-19). As per Claims 2 and 9, Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer discloses the limitations of Claims 1 and 8. Hinkamp also discloses the patient information stored in the database includes one or more of: medical history information, biometric data information, medical test result information, or contact information associated with one or more respective patient ([0009] integrated database stores further information about the person, [0028] RFID tag is a carrier of health/data record of the patient, [0029] database information includes patient ID number to match to reader data, also stores biometric identifiers in a table in the database, [0035] tables in database store medical and other personal data, i.e. medical history). As per Claims 3 and 10, Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer discloses the limitations of Claims 1 and 8. Hinkamp also discloses the indication of the identification of the patient is an identification number or a string of characters unique to the patient ([0029] data retrieved from transponder, i.e. RFID tag, includes ID number to identify patient, [0033] transponder stores critical data including owner identifier). As per Claims 6 and 13, Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer discloses the limitations of Claims 1 and 8. Hinkamp also discloses providing the information associated with the patient to the user of the mobile computing device includes one or more of: displaying the information or generating an audio indication of the information ([0038] the reader displays the received additional data, which is the medical and personal data, on the display screen). As per Claims 7 and 14, Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer discloses the limitations of Claims 1 and 8. Yokota also discloses receive, from the user, additional information associated with the patient ([0020] device receive biological data from an external measuring device which is not the same as the sensor of the sensor tag, therefore, additional information for the patient); and send the additional information associated with the patient to the database to be stored ([0020] stores the encrypted additional biological data received from the external measuring device). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of receiving and storing additional information for the patient from Yokota with the known wearable device for capturing and encrypting biometric data which is read using a mobile computing device from Hinkamp in order to protect the confidentiality of health information of a user measured by the user (Yokota [0001]). Claim(s) 5 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Hinkamp (US 2007/0046476 A1), in view of Yokota (US 2011/0022851 A1), in view of Bazakos (US 2006/0082438 A1), in view of Shoarinejad (US 2010/0007466 A1), in view of Spencer et al. (US 9,980,140 B1), in view of Barto (WO 2017/042739 A1), hereinafter Barto. As per Claims 5 and 12, Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer discloses the limitations of Claims 1 and 8. Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer may not explicitly disclose the following which is taught by Barto: the mobile computing device is a head's up display (HUD) device ([0023-0024] scanner, i.e. reader device, implemented as a built-in option with the heads up display, where the scanner reads RFID tag). Therefore, it would have been obvious to a person of ordinary skill in the art before the date the invention was filed to combine the known concept of using a head’s up display device as the mobile computing device from Barto with the known mobile computing device for interacting with an RFID tag and presenting data to a user of Hinkamp, Yokota, Bazakos, Shoarinejad, and Spencer in order to provide a user a portable device that can be brought with the user to carry out functionality (Barto [0002]), where a head’s up display device is portable and allows for interfacing with system while being hands free to allow user to use hands for other important tasks. Response to Arguments Applicant’s arguments, see Pages 1-4, “Claim Rejections - 35 U.S.C. 101”, filed 02/10/2026 with respect to claims 1-3, 5-10, and 12-14 have been fully considered but they are not persuasive. Applicant argues that the claims do not recite a method of organizing human activity or a judicial exception. Applicant points to features such as the server being configured to write the at least one encryption key, the mobile computing device is not configured to decrypt the encrypted biometric data, and sending the received encrypted biometric data to the server to be decrypted utilizing the at least one encryption key, as those that are additional elements which recite specific improvement over prior art systems. Examiner respectfully disagrees. The elements of retrieving the encrypted biometric data associate with the patient and sending the received encrypted biometric data are exchange of information between entities which describe managing interactions between parties. This falls into the abstract idea of certain methods of organizing human activity, as per the rejection above. The server, which is configured to write the at least one encryption key is, is an additional element that has been shown to be a known computer component. The step of writing the encryption key is a step of storing data because the use of computer components in their ordinary capacity for tasks such as storing data amounts to mere instructions to apply the exception, as per MPEP 2106.05(f)(2). The claims include a description of the mobile computing device, which is described as a general computer, to not be configured to decrypt the encrypted biometric data. This is merely descriptive as there is no functionality provided. Examiner also notes that the element of “to be decrypted utilizing the at least one encryption key” is not positively recited in the claim, as it is merely the intended use of sending the received encrypted biometric data to the server. Because this is not positively recited, it cannot provide any integration into a practical application or provide significantly more than the abstract idea. Applicant argues that the claims are similar to Example 42 because they provide additional element which recite a specific improvement over prior art systems. Applicant further asserts that the specification points out that the PUID device and reader system provides for the necessary security and privacy for accessing and storing patient medical information. Examiner notes that providing security and privacy for accessing and storing data is a management of the exchange of data which falls into the abstract grouping of certain methods of organizing human activity. Applicant has not provided other specific reasoning why the claims would be analogous to Example 42, and Examiner does not see similarity to the example that would be persuasive. Applicant argues the present claims improve the processing efficiency of the system by performing encryption and decryption at a server rather than locally by an RFID device. Examiner respectfully disagrees. The present claims recite encrypting the captured biometric data using the wearable device and the mobile computing device sending the received encrypted biometric data to the server for the intended use of decrypting the data. However, the claims do not positively recite any encryption or decryption of the data at a server. Even if the claims recited the encryption and decryption functions occurring at a server, the functions of encrypting and decrypting the biometric data is part of the abstract idea itself and therefore cannot provide an integration of the abstract idea into a practical application by providing a technical improvement. The steps of encrypting and decrypting data are steps performed as part of patient data security and any improvement to the security of patient data is an improvement to the abstract idea itself and therefore lies in the realm of the abstract. Therefore, the rejection is maintained. Applicant’s arguments, see Pages 4-7, “Claim Rejections - 35 U.S.C. 103”, filed 02/10/2026 with respect to claims 1-3, 5-10, and 12-14 have been fully considered but they are not persuasive. Applicant argues that the references do not disclose, teach, or suggest the limitations of Claim 1. Specifically, Applicant argues that the references do not teach the server being configured to write the at least one encryption key. Examiner respectfully disagrees. Yokota teaches setting, on memory, the encryption key transmitted from the encryption key writing device. The BRI of the claim does not limit what writing the encryption key includes and therefore, the setting the key on memory reads on the BRI of the claim language. For further support of the structural element of the server, [0336] describes the server as holding the encryption key and setting the key which is obtained from the sensor. Additionally, Examiner points out that the Final rejection of 11/10/2025 goes on to show that Shoarinejad also teaches specifically the server storing at least one encryption key ([0029] server stores plurality of encryption keys) and writing the encryption key to the RFID tag ([0030] the server generates the encryption key which is transmitted to the RFID tag). Applicant argues that the references, and specifically Yokota, fails to teach, disclose, or suggest sending the received encrypted biometric data to the server to be decrypted utilizing at least one encryption key. Examiner respectfully disagrees. Applicant’s arguments suggest that the claims require a server receives encrypted biometric data to be decrypted utilizing the at least one encryption key. However, the claims recite that a mobile computing device is configured to send the received encrypted biometric data to the server to be decrypted utilizing the at least one encryption key. The claim does not positively recite the step of decrypting the received encrypted biometric data utilizing the at least one encryption key. This step is interpreted as the intended use of the limitation. The claim language requires, based on BRI of the claim, a mobile computing device sending the received encrypted biometric data to the server. Yokota teaches a measured reading device with a communication unit which receives data from the sensor tag and a reading unit which receives the encrypted measurement data from the sensor tag and outputs to the decrypting unit ([0171-0172], [0175]). For additional support that the units of Yokota read on an element of a server and thus being sent to the unit is analogous to being sent to a server, Yokota teaches the reading device/unit is connected to a server via the network ([0336]), which teaches that these units are all connected via a network. Therefore, the combination of the references teaches the limitations of the claims and the rejection is maintained. Conclusion All claims are identical to or patentably indistinct from, or have unity of invention with claims in the application prior to the entry of the submission under 37 CFR 1.114 (that is, restriction (including a lack of unity of invention) would not be proper) and all claims could have been finally rejected on the grounds and art of record in the next Office action if they had been entered in the application prior to entry under 37 CFR 1.114. Accordingly, THIS ACTION IS MADE FINAL even though it is a first action after the filing of a request for continued examination and the submission under 37 CFR 1.114. See MPEP § 706.07(b). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Evangeline Barr whose telephone number is (571)272-0369. The examiner can normally be reached Monday to Friday 8:00 am to 4:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Fonya Long can be reached at 571-270-5096. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /EVANGELINE BARR/Primary Examiner, Art Unit 3682