DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This office action is in response to the claim amendments filed on November 17, 2025.
Claims 2, 10-25, 27 and 28 have been canceled.
Claims 1, 3-9, and 26 are pending.
Claims 1, 3-9, and 26 have been examined.
Response to Arguments
With respect to Claim Rejections - Double Patenting
Applicant stated a terminal disclaimer filed on November 17, 2025; however, the Office did not receive the terminal disclaimer. Applicant is advised to file an electronic terminal disclaimer. Accordingly, this ground of rejection will be maintained until an electronic terminal disclaimer is filed.
With respect to Claim Rejections - 35 USC § 103
Regarding claim(s) 1: Applicant is of the opinion prior art fails to disclose, see Applicant’s arguments pages 6-10.
Applicant’s arguments: Without acceding to the merits of the rejection, independent Claim 1 is amended to incorporate most of the features of Claim 2 and now recites, inter alia, "signing, by the first party, the first public key with the first private key,…” The Office Action asserted that the features of Claims 1 and 2 are disclosed or rendered obvious by the combination of Zhuang and Kim/Stanchfield.
Zhuang fails to disclose that the method comprises (i) generating a modified public key by signing each party's public key with its corresponding private key, (ii) verifying the modified public key at each subsequent party before further processing, (iii) sequentially concatenating the verified modified public key with the next party's signed public key to form a new modified public key, and (iv) ultimately returning and verifying the final modified public key at the first party.
Applicant’s arguments with respect to claim(s) 1 have been considered. The Examiner, however, respectfully disagrees. The independent claim 1 as amended incorporates most of the features of Claim 2 disclosed by Zhuang as was laid out in the Office Action Non-Final Rejection, dated 08/15/2025 (hereinafter, “Office Action”).
As indicate in the Office Action, Zhuang discloses generating modified public keys by signing the public keys.
generating, by a third party, a third private key and a third public key corresponding to each other (Zhuang [0008]: a third terminal separately generate a set of public key and private key corresponding to the user information), (see paragraphs [0008]-[0009]);
transmitting, from the [second party / first terminal] to the third party, the second modified public key (Zhuang [0035]: the second terminal 21 stores the second private key into the user database 212 and sends the user information and the second public key to the third terminal 22; [0037]: the first terminal 20 sends the transaction public key to the second terminal 21, the third terminal 22; [0042]: the first, second, and third terminal 20, 21, 22 separately combine the first public key, the second public key, and the third public key to form the transaction public key. And when the first, second, and third terminal 20, 21, 22 all have the transaction public key, the transaction public key generating step 11 is thus completed);
verifying, by the third party, the second modified public key, based on the second public key belonging to the second party (Zhuang [0038]: When the second terminal 21 receives the verification information, the second terminal 21 would confirm whether the verification information is consistent with the user information of verification database 211);
in response to successfully verifying the second modified public key, generating, by the third party, a third modified public key by concatenating:(a) the second modified public key; and (b) the third public key encrypted with the third private key (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out. When the memory 252 of the storage carrier 25 has the first public key, the second public key and the third public key stored therein, the microprocessor 251 of the storage carrier 25 combines the first public key, the second public key and the third public key to form a transaction public key with the digital currency; [0012]: the first terminal, the second terminal and the third terminal all separately combine the first public key, the second public key and the third public key to form the transaction public key);
Examiner’s Note: The Examiner considers (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out) to be the “in response to successfully verifying”.
transmitting, from the third party to the first party, the third modified public key; (Zhuang [0010]: sends the transaction public key to the second terminal and the third terminal; [0042]: separately combine the first public key, the second public key, and the third public key to form the transaction public key. And when the first, second, and third terminal 20, 21, 22 all have the transaction public key, the transaction public key generating step 11 is thus completed.); and
verifying, by the first party, the third modified public key based on the third public key belonging to the third party (see paragraphs [0008] [0038]-[0039] and Fig. 1).
Alternatively, Stanchfield discloses: generating, by the third party, a third modified public key by concatenating:(a) the second modified public key; and (b) the third public key encrypted with the third private key (Stanchfield [0041]: As schematically depicted in FIG. 4, first private key signature 404 is specifically configured to pair to first public key 406 for accessing first public key 406. Similarly, second private key signature 410 is specifically configured to pair with second public key 412 for accessing second public key 412. Also depicted in FIG. 4, first public key 406 is configured to be combined with second public key 412 to calculate and/or generate a multisignature public key 414).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang and KIM with Stanchfield to include well-known function such as adding/removing data inputs to generate a public key to enhance multi-signature verification process during a transaction.
Examiner’s Note: The Examiner would like to direct the Applicant’s attention that Mere duplication of parts has no patentable significance unless new and unexpected result is produced (see MPEP §2144.04 VI (B)). For example, claim 1 recites:
generating, by a second party, a second private key and a second public key corresponding to each other;
signing, by the first party, the first public key with the first private key, thereby generating a first modified public key;
transmitting, from the first party to the second party, the first modified public key;
verifying, by the second party, the first modified public key based on the first public key belonging to the first party;
in response to successfully verifying the first modified public key, generating, by the second party, a second modified public key by concatenating: (a) the first modified public key; and (b) the second public key signed with the second private key.
Claim 1 further recites:
generating, by a third party, a third private key and a third public key corresponding to each other;
transmitting, from the second party to the third party, the second modified public key verifying, by the third party, the second modified public key based on the second public key belonging to the second party;
in response to successfully verifying the second modified public key, generating, by the third party, a third modified public key by concatenating:(a) the second modified public key: and (b) the third public key signed with the third private key;
Therefore, the Examiner submits that, generating a first modified public key, generating, a second modified public key and generating, a third modified public key has no patentable significance because the generating a first modified public key predictable results as produced by generating, the second modified public key and/or generating, the third modified public key.
Accordingly, this ground of rejection is maintained.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1 and 4 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 and 5 of U.S. Patent No. US 11973887 B2. Although the claims at issue are not identical, they are not patentably distinct from each other.
Present Application
Patent No. US 11973887 B2
Claim 1:
A method comprising:
generating, by a first party, a first private key and a first public key corresponding to each other;
generating, by a second party, a second private key and a second public key corresponding to each other;
encrypting, by the first party, the first public key with the first private key, thereby generating a first modified public key;
transmitting, from the first party to a the second party, the first modified public key;
verifying, by the second party, the first modified public key based on the first public key belonging to the first party;
in response to successfully verifying the first modified public key, generating, by the second party, a second modified public key by concatenating:
a) the first modified public key and
b) the second public key encrypted with the second private key.
…
Claim 1:
A method comprising:
generating, by a user, a first private key and a first public key corresponding to each other;
generating, by a service provider, a second private key and a second public key corresponding to each other;
…
transmitting, from the user to the service provider, the first public key signed with the first private key;
verifying, by the service provider, the received first public key signed with the first private key;
in response to successfully verifying the received first public key signed with the first private key, generating, by the service provider, a level 2 key by concatenating the first public key signed with the first private key and the second public key signed with the second private key; and
transmitting, by the service provider, the level 2 key to the user, wherein a level of the key is visually displayed on a virtual representation of the user in a virtual environment or a metaverse.
Claim 4:
The method of claim 3,
wherein each of the first code, the second code, and the third code includes information associated with biometric data, information associated with unique identity information, information associated with an Internet of Things device, information associated with a QR code, information associated with an identity information, information associated with electronic money, information associated with a cryptographic hash function address, information associated with a crypto currency, information associated with digital cash, information associated with central bank digital currency (CBDC), information associated with blockchain, information associated with a decentralized identifier (DID), or any combination thereof.
Claim 5:
The method of claim 2,
wherein the first private key and the first public key are generated based on a first public key certificate in which a first code is inserted, and wherein the first code includes information associated with biometric data or a combination of pieces of biometric data, information associated with unique identity information, information associated with an Internet of Things device, information associated with a QR code, information associated with an identity information, information associated with electronic money, information associated with a cryptographic hash function address, information associated with a crypto currency, information associated with digital cash, information associated with central bank digital currency (CBDC), information associated with blockchain, information associated with a decentralized identifier (DID), information associated with metaverse, information associated with virtual property on metaverse, or any combination thereof.
However, it would have been obvious to a person of ordinary skill in the art to modify claim 1 of the U.S. Patent No. US 11973887 B2 by modifying/removing the additional limitations, resulting generally in the claims of the present application, since the claims of the present application and the claim recited in the Patent Document actually perform a similar function. It is well settled that the omission of an element and its function is an obvious expedient if the remaining elements perform the same function as before. In re Karison, 136 USPQ 184 (CCPA 1963). Also note Ex parte Rainu, 168 USPQ 375 (Bd. App. 1969). Thus, omission of a reference element whose function is not needed would be obvious to one of ordinary skill in the art.
Claim Rejections - 35 USC § 103
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 2, 10, 11 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Zhuang et al. (US 20200320527 A1, “Zhuang”) in view of KIM et al. (US 20100131763 A1 “KIM”) further in view of Darin Stanchfield (US 20150269538 A1, “Stanchfield”).
Regarding claim 1: Zhuang discloses: A method comprising:
generating, by a first party, a first private key and a first public key corresponding to each other (Zhuang [0034]: firstly a public key and private key generating step 10 is carried out), (see Fig. 1);
generating, by the second party, a second private key and a second public key corresponding to each other (Zhuang [0034]: the second terminal 21 further generates a second private key for authorizing the transfer of the digital currency and a second public key corresponding to the second private key according to the user database 212), (see paragraphs [0008] and [0034] Fig. 1);
transmitting, from the first party to the second party, the [first public key] (Zhuang [0034]: the first terminal 20 sends the user information to the second terminal 21, so that the second terminal 21 creates a user database 212 stored in the second terminal 21 according to the user information and stores the user information into the verification database 211; [0036]: the first terminal 20 then sends the first public key to the storage carrier 25, the second terminal 21), (see paragraphs Fig. 1);
verifying, by the second party, the [first public key] based on the first public key belonging to the first party (Zhuang [abstract]: verification information is provided and compared to match the user information, such that one of the terminals obtains two or more electronic signatures; finally, the digital currency is transferred according to the transaction public key together with two or more electronic signatures. By doing so, the electronic signatures corresponding to the private keys need to be obtained from at least two terminals to transfer the digital currency of the transaction public key; [0038]: When the second terminal 21 receives the verification information, the second terminal 21 would confirm whether the verification information is consistent with the user information of verification database 211), (see paragraphs [0037]-[0038]);
in response to successfully verifying the [first public key] (Zhuang [0038]: When the second terminal 21 receives the verification information, the second terminal 21 would confirm whether the verification information is consistent with the user information of verification database 211), generating, by the second party, a second modified public key by concatenating: (a) the [first public key] and (b) [the second public key] (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out. When the memory 252 of the storage carrier 25 has the first public key, the second public key and the third public key stored therein, the microprocessor 251 of the storage carrier 25 combines the first public key, the second public key and the third public key to form a transaction public key with the digital currency; [0012]: the first terminal, the second terminal and the third terminal all separately combine the first public key, the second public key and the third public key to form the transaction public key).
Examiner’s Note: The Examiner considers (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out) to be the “in response to successfully verifying…generating, by the second party”.
generating, by a third party, a third private key and a third public key corresponding to each other (Zhuang [0008]: a third terminal separately generate a set of public key and private key corresponding to the user information), (see paragraphs [0008]-[0009]);
transmitting, from the [second party / first terminal] to the third party, the second modified public key (Zhuang [0035]: the second terminal 21 stores the second private key into the user database 212 and sends the user information and the second public key to the third terminal 22; [0037]: the first terminal 20 sends the transaction public key to the second terminal 21, the third terminal 22; [0042]: the first, second, and third terminal 20, 21, 22 separately combine the first public key, the second public key, and the third public key to form the transaction public key. And when the first, second, and third terminal 20, 21, 22 all have the transaction public key, the transaction public key generating step 11 is thus completed);
verifying, by the third party, the second modified public key, based on the second public key belonging to the second party (Zhuang [0038]: When the second terminal 21 receives the verification information, the second terminal 21 would confirm whether the verification information is consistent with the user information of verification database 211);
in response to successfully verifying the second modified public key, generating, by the third party, a third modified public key by concatenating:(a) the second modified public key; and (b) the third public key encrypted with the third private key (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out. When the memory 252 of the storage carrier 25 has the first public key, the second public key and the third public key stored therein, the microprocessor 251 of the storage carrier 25 combines the first public key, the second public key and the third public key to form a transaction public key with the digital currency; [0012]: the first terminal, the second terminal and the third terminal all separately combine the first public key, the second public key and the third public key to form the transaction public key);
Examiner’s Note: The Examiner considers (Zhuang [0037]: Subsequently, a transaction public key generating step 11 is carried out) to be the “in response to successfully verifying”.
transmitting, from the third party to the first party, the third modified public key (Zhuang [0010]: sends the transaction public key to the second terminal and the third terminal; [0042]: separately combine the first public key, the second public key, and the third public key to form the transaction public key. And when the first, second, and third terminal 20, 21, 22 all have the transaction public key, the transaction public key generating step 11 is thus completed.); and
verifying, by the first party, the third modified public key based on the third public key belonging to the third party (see paragraphs [0008] [0038]-[0039] and Fig. 1).
Examiner’s Note: The Examiner would like to direct the Applicant’s attention that Mere duplication of parts has no patentable significance unless new and unexpected result is produced (see MPEP §2144.04 VI (B)). For example, claim 1 recites:
generating, by a second party, a second private key and a second public key corresponding to each other;
signing, by the first party, the first public key with the first private key, thereby generating a first modified public key;
transmitting, from the first party to the second party, the first modified public key;
verifying, by the second party, the first modified public key based on the first public key belonging to the first party;
in response to successfully verifying the first modified public key, generating, by the second party, a second modified public key by concatenating: (a) the first modified public key; and (b) the second public key signed with the second private key.
Claim 1 further recites:
generating, by a third party, a third private key and a third public key corresponding to each other;
transmitting, from the second party to the third party, the second modified public key verifying, by the third party, the second modified public key based on the second public key belonging to the second party;
in response to successfully verifying the second modified public key, generating, by the third party, a third modified public key by concatenating:(a) the second modified public key: and (b) the third public key signed with the third private key;
Therefore, the Examiner submits that, generating a first modified public key, generating, a second modified public key and generating, a third modified public key has no patentable significance because the generating a first modified public key predictable results as produced by generating, the second modified public key and/or generating, the third modified public key.
As indicated above, Zhuang discloses generating public and private keys and obtain a transaction public key through combining of the first public key, the second public key and the third public key, and the transaction public key can authorize the transfer of the digital currency according to two or more of a first electronic signature corresponding to the first private key, a second electronic signature corresponding to the second private key and a third electronic signature corresponding to the third private key (see paragraph [0008]).
Zhuang doesn’t explicitly disclose, signing public keys; however, KIM discloses:
signing, by the first party, the first public key with the first private key, thereby generating a first modified public key (KIM [0012]: The public key receiver may further receive a signature data with respect to the public key along with the public key, and the mobile system may further include a public key authenticating unit to verify the signature data to authenticate the public key. The signature data may be generated by encrypting the public key using a private key in the service system, and the public key authenticating unit may decrypt the signature data using the public key and compare the decrypted signature data with the public key to authenticate the public key. [0017]: The system may further include a signature data generating unit to generate signature data by encrypting the public key using the private key), (see also paragraphs [0012] and [0037]);
transmitting, from the first party to the second party, the first modified public key (KIM [0017]: a signature data generating unit to generate signature data by encrypting the public key using the private key, wherein the public key transmitting unit transmits the signature data to the mobile system along with the public key), (see also paragraphs [0012] and [0047]);
verifying, by the second party, the first modified public key based on the first public key belonging to the first party (KIM [0047]: The mobile system 310 decrypts the signature data using the public key to compare the decrypted signature data with the public key, and thereby the public key is authenticated in the mobile system 310. That is, where the signature data decrypted using the public key and the public key are identical to each other, the mobile system 310 may determine that the public key is received from the service system 300), (see also paragraphs [0047], [0057] and [0065]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Zhuang with KIM include well-known function of cryptography, such as encrypting data (i.e., encrypting public keys) to enhance data security.
As indicated above, Zhuang discloses generating (e.g., using 3 inputs) the transaction public key by combining of the first public key, the second public key and the third public key. Thus, Zhuang disclose, generating (e.g., using 2 inputs) a first modified public key by concatenating the first public key and the second public key.
However, for compact prosecution, the Examiner cites Stanchfield to specifically disclose, generating (e.g., using 2 inputs) a second modified public key by concatenating the first public key and the second public key.
Alternatively, Stanchfield discloses: generating, by the second party, a second modified public key by concatenating: (a) the first modified public key; and (b) the second public key encrypted with the second private key (Stanchfield [0041]: As schematically depicted in FIG. 4, first private key signature 404 is specifically configured to pair to first public key 406 for accessing first public key 406. Similarly, second private key signature 410 is specifically configured to pair with second public key 412 for accessing second public key 412. Also depicted in FIG. 4, first public key 406 is configured to be combined with second public key 412 to calculate and/or generate a multisignature public key 414).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang and KIM with Stanchfield to include well-known function such as adding/removing data inputs to generate a public key to enhance multi-signature verification process during a transaction.
Claims 3 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Zhuang et al. (US 20200320527 A1, “Zhuang”) in view of KIM et al. (US 20100131763 A1 “KIM”) in view of Darin Stanchfield (US 20150269538 A1, “Stanchfield”) further in view of Russo et al. (US 20030115475 A1, “Russo”).
Regarding claim 3: Zhuang, KIM, Stanchfield and Le Saint, discloses the limitations of claim 1 above.
Zhuang does not specifically disclose; however, Russo discloses: The method of claim 2, wherein the first private key and the first public key are generated by the first party based on a protocol defined in a first public key certificate in which a first code is inserted (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3),
wherein the second private key and the second public key are generated by the second party based on a protocol defined in a second public key certificate in which a second code is inserted (Russo [0020]: In another aspect of the present invention, a method is provided for generating a biometrically enhanced certificate comprising obtaining a biometric data sample, processing said biometric data sample to yield processed biometric information, generating biometric certificate fields utilizing said compressed biometric information, and submitting certificate information including said biometric certificate fields to at least one third-party authority; [0021]: Some embodiments of the method further comprise generating a public/private key pair. Other embodiments further comprise receiving a signed certificate; [0061]: In another embodiment of the present invention, biometric information is provided as an X.509 attribute certificate. As defined in the relevant standards, an Attribute Certificate is very similar to a standard identity certificate with the main difference that an Attribute Certificate does not include the public key of the owner (as identity certificates do). Instead, an Attribute Certificate is uniquely linked to an identity certificate, which is then referred to as a base certificate. In addition, an Attribute Certificate is signed by an Attribute Authority that does not need to be the same entity as the Certificate Authority that signed the base certificate. FIG. 3 schematically depicts Attribute Certificate 114 containing biometric related fields--such as biometric hash value field 115, encrypted template fields 116 and 117, and enrollment field 118. Attribute certificate 114 further may include a variety of other fields--including version field 102, holder field 123, certificate issuer field 105, algorithm identifier field 104, and certificate serial number field 103), (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3), and
wherein the third private key and the third public key are generated by the third party based on a protocol defined in a third public key certificate in which a third code is inserted (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM and Stanchfield with Russo to include features of Russo, such as including biometrically enhanced digital certificates to enhance PKI standards to enhance transaction security.
Regarding claim 4: Zhuang, KIM, Stanchfield and Russo, discloses the limitations of claim 1 above.
Zhuang doesn’t explicitly discloses, however, Russo discloses: The method of claim 3, wherein each of the first code, the second code, and the third code includes information associated with biometric data, information associated with unique identity information, information associated with an Internet of Things device, information associated with a QR code, information associated with an identity information, information associated with electronic money, information associated with a cryptographic hash function address, information associated with a crypto currency, information associated with digital cash, information associated with central bank digital currency (CBDC), information associated with blockchain, information associated with a decentralized identifier (DID), or any combination thereof (Russo [0048]: it is desirable for servers (or other devices receiving a biometrically enhanced certificate) to receive an indication of a trust level for an original enrollment of biometric data. Under certain circumstances, it may be possible for imposters during enrollment to substitute their own biometric data for that of the certificate's intended owner, thereby causing a breach in the integrity of the biometrically enhanced certificate. Therefore, it is advantageous for embodiments of the present invention to provide biometrically enhanced certificates with an optional enrollment field providing an indication of the trustworthiness of a particular enrollment process. That is, biometric data that was enrolled in a less secure manner will generally receive a lower trust level, while more secure enrollment procedures will receive a higher trust level.), (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM and Stanchfield with Russo to include features of Russo, such as including biometrically enhanced digital certificates to enhance PKI standards to enhance transaction security.
Claims 5-9 are rejected under 35 U.S.C. 103 as being unpatentable over Zhuang et al. (US 20200320527 A1, “Zhuang”) in view of KIM et al. (US 20100131763 A1 “KIM”) in view of Darin Stanchfield (US 20150269538 A1, “Stanchfield”) in view of Russo et al. (US 20030115475 A1, “Russo”) further in view of Bartlett et al. (US 20200169460 A1, “Bartlett”).
Regarding claim 5: Zhuang, KIM, Stanchfield and Russo, discloses the limitations of claim 1 above.
Zhuang further discloses transferring funds between parties, as shown above.
Zhuang doesn’t explicitly disclose, however, Bartlett discloses: The method of claim 2, wherein the first party orders an item from the second party, and the third party delivers the item from the second party to the first party (see paragraphs [0287]-[0288] and Fig. 34 and related text).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield and Russo with Bartlett to include well-known generic function of eCommerce, such as ordering and receiving merchandise to enhance user experience.
Regarding claim 6: Zhuang, KIM, Stanchfield, Russo and Bartlett, discloses the limitations of claim 1 above.
Zhuang doesn’t explicitly discloses, however, Russo discloses: The method of claim 5, wherein the first private key and the first public key are generated based on a protocol defined in a first public key certificate in which a first code that corresponds to or is associated with biometric data or a combination of pieces of biometric data of a registered person and an Internet of Things (IoT) code that corresponds to or is associated with a registered Internet of Things (IoT) device are inserted (Russo [0048]: it is desirable for servers (or other devices receiving a biometrically enhanced certificate) to receive an indication of a trust level for an original enrollment of biometric data. Under certain circumstances, it may be possible for imposters during enrollment to substitute their own biometric data for that of the certificate's intended owner, thereby causing a breach in the integrity of the biometrically enhanced certificate. Therefore, it is advantageous for embodiments of the present invention to provide biometrically enhanced certificates with an optional enrollment field providing an indication of the trustworthiness of a particular enrollment process. That is, biometric data that was enrolled in a less secure manner will generally receive a lower trust level, while more secure enrollment procedures will receive a higher trust level), (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3),
wherein the second private key and the second public key are generated based on a protocol defined in a second public key certificate in which a second code that corresponds to or is associated with unique identity information or a combination of pieces of unique identity information of the second party is inserted (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3), and
wherein the third private key and the third public key are generated based on a protocol defined in a third public key certificate in which a third code that corresponds to or is associated with unique identity information of the third party is inserted (see abstract and paragraphs [0020]-0021], [0023], [0028], [0041] and [0061] and Fig. 3).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, kim, Stanchfield and Bartlett with Russo to include features of Russo, such as including biometrically enhanced digital certificates to enhance PKI standards to enhance transaction security.
Zhuang does not specifically disclose: Internet of Things (IoT) devices.
However, Bartlett discloses: Internet of Things (IoT) devices (Bartlett [0102]: IoT device 101 or SIM 401 may be packaged with a barcode or QR code 701 uniquely identifying the IoT device 101 and/or SIM 701. In one embodiment, the barcode or QR code 801 comprises an encoded representation of the public key for the IoT device 101 or SIM 1001. Alternatively, the barcode or QR code 801 may be used by the IoT hub 110 and/or IoT service 120 to identify or generate the public key (e.g., used as a pointer to the public key which is already stored in secure storage). The barcode or QR code 601 may be printed on a separate card (as shown in FIG. 8A) or may be printed directly on the IoT device itself. Regardless of where the barcode is printed, in one embodiment, the IoT hub 110 is equipped with a barcode reader 206 for reading the barcode and providing the resulting data to the security logic 1012 on the IoT hub 110 and/or the security logic 1013 on the IoT service 120).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield and Russo with Bartlett to include Internet of Things (IoT) devices to allow performing tasks/transactions to enhance user experience.
Regarding claim 7: Zhuang, KIM, Stanchfield, Russo and Bartlett, discloses the limitations of claim 1 above.
Zhuang further discloses: The method of claim 6, wherein the [terminal] device is configured to authenticate the third party in response to verifying the second public key based on the third public key (see paragraphs [0008]-[0010] and [0040]-[0041] and Fig. 1).
Zhuang does not specifically disclose: Internet of Things (IoT) devices.
However, Bartlett discloses: Internet of Things (IoT) devices (Bartlett [0102]: IoT device 101 or SIM 401 may be packaged with a barcode or QR code 701 uniquely identifying the IoT device 101 and/or SIM 701. In one embodiment, the barcode or QR code 801 comprises an encoded representation of the public key for the IoT device 101 or SIM 1001. Alternatively, the barcode or QR code 801 may be used by the IoT hub 110 and/or IoT service 120 to identify or generate the public key (e.g., used as a pointer to the public key which is already stored in secure storage). The barcode or QR code 601 may be printed on a separate card (as shown in FIG. 8A) or may be printed directly on the IoT device itself. Regardless of where the barcode is printed, in one embodiment, the IoT hub 110 is equipped with a barcode reader 206 for reading the barcode and providing the resulting data to the security logic 1012 on the IoT hub 110 and/or the security logic 1013 on the IoT service 120).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield, and Russo with Bartlett to include Internet of Things (IoT) devices to allow performing tasks/transactions to enhance user experience.
Regarding claim 8: Zhuang, KIM, Stanchfield, Russo and Bartlett, discloses the limitations of claim 1 above.
Zhuang doesn’t explicitly discloses, however, Bartlett discloses: The method of claim 6, wherein, in response to successfully verifying the third party, the registered IoT device is configured to perform a predetermined action to receive the item, and wherein the predetermined action includes opening a door, opening a trunk of a car, opening a container of a delivery robot or a self-driving shuttle, opening a locked delivery box, allowing use of a charging station, approving landing of a delivery drone, or any combination thereof. (Bartlett [0216]: For example, if the GET command is being sent to IoT device 101 illustrated in FIG. 19, the attribute ID may be used to identify the particular application-specific value being requested. Returning to the above example, the GET command may be directed to an application-specific attribute ID such as power status of a lighting system, which comprises a value identifying whether the lights are powered on or off (e.g., 1=on, 0=off). If the IoT device 101 is a security apparatus associated with a door, then the value field may identify the current status of the door (e.g., 1=opened, 0=closed). In response to the GET command, a response may be transmitting containing the current value identified by the attribute ID), (see paragraphs [0255]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield and Russo with Bartlett to include Internet of Things (IoT) devices to allow performing tasks/transactions to enhance user experience.
Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Zhuang et al. (US 20200320527 A1, “Zhuang”) in view of KIM et al. (US 20100131763 A1 “KIM”) in view of Darin Stanchfield (US 20150269538 A1, “Stanchfield”) in view of Russo et al. (US 20030115475 A1, “Russo”) in view of Bartlett et al. (US 20200169460 A1, “Bartlett”) further in view of MAKOTO SHIOMI (US 20180261120 A1, “SHIOMI”).
Regarding claim 9: Zhuang, KIM, Stanchfield, Russo and Bartlett, discloses the limitations of claim 1 above.
Zhuang doesn’t explicitly discloses, however, SHIOMI discloses: The method of claim 8, wherein the third party is configured to perform removal of wrapping material, assembly of product, collection of old product, collection of wrapping material, presentation of instruction on product assembly and/or use, or any combination thereof, which is performed by an avatar or a hologram (SHIOMI [0056]: The video generating device 2 generates a trainee image containing an avatar performing a motion that corresponds to the motion of the trainee and that is detected in synchronism with the display of the environment video. The video generating device 2 then generates a composite video of the trainee image and a third-person environment video, which is an image of the environment as viewed by the trainer).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield, Russo and Bartlett with SHIOMI to include avatar or a hologram to allow performing tasks/transactions to enhance user experience.
Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Zhuang et al. (US 20200320527 A1, “Zhuang”) in view of KIM et al. (US 20100131763 A1 “KIM”) in view of Darin Stanchfield (US 20150269538 A1, “Stanchfield”) in view of Russo et al. (US 20030115475 A1, “Russo”) in view of Bartlett et al. (US 20200169460 A1, “Bartlett”) in view of MAKOTO SHIOMI (US 20180261120 A1, “SHIOMI”) further in view of Haller et al. (US 6026379 A, “Haller”).
Regarding claim 26: Zhuang, KIM, Stanchfield, Russo and Bartlett, discloses the limitations of claim 1 above.
Zhuang doesn’t explicitly disclose; however, Haller discloses: The method of claim 5, wherein the third party terminates delivery of the item in response to receiving a kill public key.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhuang, KIM, Stanchfield, Russo, Bartlett and SHIOMI with Haller to include well-known public key infostructure, such as key validation process to enhance transactions security.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAHED ALI whose telephone number is (571)270-1085. The examiner can normally be reached 8:00 - 5:00 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAHED ALI/Examiner, Art Unit 3699
/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3699