SECURING ELECTRONIC BALLOT SYSTEMS VIA SECURE MEMORY DEVICES WITH EMBEDDED HARDWARE SECURITY MODULES

§101 §103

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant's arguments filed 10/28/2025have been considered with respect to claim(s) 1-20, have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made. The rejection of pending claims 1-20 under 35 U.S.C. 101 as directed to an abstract idea without significantly more, is maintained in view of MPEP 2106.04(d). Applicant argument of the claims provide a technical improvement are not persuasive because the claims do not recite any improvements or enhancements to technology that is already implemented. Instead, the claims recites to managing and facilitating a voting process by receiving user information, verifying identification, and recording the user vote, which falls under the abstract idea of certain methods of organizing human activity. Under certain methods of organizing human activity is fundamental economic practices (mitigating risk) –which this claim is directed to. There is no improvement to the technology implemented, the claims are only managing and facilitating a voting process. Therefore, the mere implementation of the steps above does not integrate the abstract idea into a practical application. See remarks on page 5-11. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Subject Matter Eligibility Criteria – Step 1: Claims 1-7 are directed to a method (process), claims 8-14 are directed to an article of manufacture, and 15-20 are directed to a device. Therefore, these claims fall within the four statutory categories of invention. Subject Matter Eligibility Criteria – Step 2A – Prong One: Regarding Prong One of Step 2A of the Alice/Mayo test, the claim limitations are to be analyzed to determine whether, under their broadest reasonable interpretation, they “recite” a judicial exception or in other words whether a judicial exception is “set forth” or “described” in the claims. MPEP 2106.04(II)(A)(1). An “abstract idea” judicial exception is subject matter that falls within at least one of the following groups: a) certain methods of organizing human activity, b) mental processes, and/or c) mathematical concepts. MPEP 2106.04(a). Representative independents claims 1, 8, and 15 include limitations that recite at least one abstract idea. Claims 1, 8, and 15 are directed to the abstract idea of “receiving, by an electronic voting machine (EVM), user data from a user device, the user data including a unique code that incorporates verified user biometric data; presenting, by the EVM, an interface, the interface capable of receiving a vote; generating, by the EVM, a command based on the user data and the vote, wherein generating the command comprises computing a signing key using the verified user biometric data; determining, by the EVM, that the command is valid; encrypting, by the EVM, the vote and the user data; and writing, by the EVM, the vote to a secure memory.” Under its broadest reasonable interpretation, this claim is managing and facilitating a voting process by receiving user information, verifying identification, and recording the user vote, and hence falls under organizing human activity (i.e., as fundamental economic practices). Dependent Claims: Claims 2, 9, and 16 recites: wherein receiving user data comprises scanning a quick response (QR) code; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Claims 3, 10, and 17 recites: wherein receiving user data comprises recording an image of one or more text strings; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Claims 4, 11, and 18 recites: wherein generating a command comprises signing the command with a signing key, the signing key generated in part on the user data; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Claims 5, 12, and 19 recites: wherein the signing key is further generated in part on a root key stored in the secure memory of the EVM; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Claims 6, 13, and 20 recites: wherein determining if the command is valid comprises computing a hash of the user data and determining if a matching hash exists in the secure memory; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Claims 7 and 14 recites: further comprising writing the hash to the secure memory if a matching hash does not exist; further describes the abstract idea of organizing human activity (i.e., as fundamental economic practices). Subject Matter Eligibility Criteria – Step 2A – Prong Two: Claim 1, 8, and 15 recites to a user device as an additional element to the judicial exception in the preamble. Viewed individually and in combination, this additional element to the identified judicial exception of Step 2A.1, amounts to no more than mere instructions for managing and facilitating a voting process by receiving user information, verifying identification, and recording the user’s vote on a generic computer. Therefore, at Step 2A.2, these additional elements do not act in combination to integrate the abstract idea into a practical application. The additional elements of claims 1, 8, and 15 considered both individually and as an ordered combination, do not amount to significantly more than the judicial exception because the additional element of a generic computer does no more than “[s]imply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception, e.g., a claim to an abstract idea requiring no more than a generic computer to perform generic computer functions that are well-understood, routine and conventional activities previously known to the industry.” See MPEP 2106.05 (citing to Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 225 (2014)). Therefore claims 1, 8, and 15 is found ineligible under 35 U.S.C. 101. Step 2B: Viewed as a whole, instructions/method claims recite the concept of “organizing human activity” (i.e., as fundamental economic practices) in managing and facilitating a voting process by receiving user information, verifying identification, and recording the user’s vote is performed by a generic computer. The method claims do not, for example, purport to improve the functioning of the computer itself. Nor do they effect an improvement in any other technology or technical field. Instead, the claims at issue amount to nothing significantly more than an instruction to apply the abstract idea using some unspecified, generic computer. See Alice Corp. Pty. Ltd., 573 U.S. 208. Mere instructions to apply the exception using a generic computer component and limitations to a particular field of use or technological environment cannot integrate a judicial exception into a practical application at Step 2A or provide an inventive concept in Step 2B. The use of a computer server is to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1, 3, 6, 8, 10, 13, 15, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mugica et al. (US 9092922 B2) in view of Shiralkar et al. (US 10979225 B1), in view of Libon et al. (BE 1021435 B1), and further in view of Mitchell et al. (US 11449586 B2). 5. Regarding claims 1, 8, and 15, Mugica discloses a method, (a non-transitory computer-readable storage medium and , a device comprising: memory; and a processor, (Column 1/line 16 and Claim 45)) comprising: receiving, by an electronic voting machine (EVM), user data from a user device, (Abstract Section, Accordingly, various exemplary implementations of the broad principles described herein provide systems, methods, and programs, that allow for the secure compilation of vote data from electronic voting machines at a voting location and the secure electronic transmission of the vote data to a central location for tabulation; and Column 2/line 32, Various exemplary implementations provide a voter initialization function, wherein, after establishing a voter's identity, a voter authorization card may be initialized for the voter. After the authorization card is initialized, the voter may use the card to gain access to a voting machine. Finally, various exemplary implementations provide enhanced security by implementing systems, methods, and programs that manage a password-based authorization mechanism. Such security mechanism would operate at the voter initialization and at the vote consolidation levels. In each case, an input password is compared with the stored authorization password, and if the input password equals the stored password, the result will be that the intended function will be allowed: either a voter card that uniquely identifies a corresponding voter will be initialized, the voter card subsequently allowing access to a voting machine; or a data structure of the input vote data will be recognized, and based on the data structure of the vote data, the vote count data from the input vote data will be extracted, and the vote count data will be added to the vote tally data). Examiner interprets the term the user data including a unique code is analogous for the term voter card that uniquely identifies a corresponding voter will be initialized in the cited prior art. Mugica discloses presenting, by the EVM, an interface, the interface capable of receiving a vote, (Column 4/line 22, The card initialization circuit, routine, or application 170, for example, under control of the controller 120, may initialize data on a vote card in the vote card interface 110 by reading and or writing data onto the vote card. The data written onto the vote card may include, for example, unique information identifying the particular voter and/or information permitting access to a voting machine). Mugica discloses determining, by the EVM, that the command is valid; (Column 6/line 50, In step S340, it is determined whether a vote card initialization is required. For example, an election official (user) that has successfully entered a voter initialization authorization password may want to initialize a vote card for a voter. Accordingly, the user may insert a vote card into the vote card interface 110. Then, for example, to determine whether initialization is required, the controller 120 may determine whether a vote card has been inserted into the interface 110. If initialization is required (step S340=YES), e.g., a vote card has been entered into the interface 110, operation continues to step S360. Column 7/line7 In step S360, the vote card is read. For example, under control of the controller 120, the vote card is read by the interface 110. Then, in step S370 it is determined whether the card is valid, for example, whether it has been corrupted, tampered with, or is otherwise unsuitable for initialization. If the vote card is not valid (step S370=NO), operation continues to step S380 where an error is output and operation returns to step S340. For, example, under control of the controller 120, a message may be output on the output 130 indicating that the card is invalid. If the vote card is valid (step S370=YES), operation continues to step S390). Mugica discloses encrypting, by the EVM, the vote and the user data, (Column 4/line 44 Thus, in addition to one or more of the elements described above, the system 200 may physically, functionally, and/or conceptually include, for example, one or more memory interfaces 210, one or more communicators 230, a printer 240, a vote consolidating circuit, routine, or application 260, and/or an encryption/decryption circuit, routine, or application 270; and Column 5/line 54, The encryption/decryption circuit, routine, or application 270, for example, under control of the controller 120, may encrypt one or more of the maintenance authorization password, the software, the vote consolidation authorization password, the election identification information portion, the vote tally data, and/or the audit data stored in the memory 150, for secure transmission via the communicator(s) 230. Implementation of this encryption/decryption routine is equally feasible either in an independent circuit, or as part of application software. Said encryption/decryption circuit, routine, or application 270, for example, under control of the controller 120, may also decrypt one or more of a maintenance authorization password, software, a vote consolidation authorization password, election identification information, the vote tally data, and/or audit data, received via the communicator(s) 230 for storage in the memory 150 and/or for consolidation by the vote data consolidating circuit, routine, or application. Mugica does not explicitly disclose the user data including a unique code that incorporates verified user biometric data. However, Shiralkar teaches the user data including a unique code that incorporates verified user biometric data, (Column 3/line 15, A voter record 223 is a data structure representing information associated with a user 101 who is a potential voter in one or more matters. A voter record 223 may include an eligibility status 233 of a user 101 to vote in a specific matter, voter identification data 236, biometric data 239, a vote status 243, and one or more authentication factors 239 that the user 101 may rely upon to authenticate himself or herself when submitting a vote.; and Column 4 /line 8, The voter identification data 236 represents information that identifies a user 101 with respect to other users 101. For example, voter identification data 236 may include the legal name of a user 101, his or her date of birth, current place of residence, government-issued identification number (e.g., driver's license number, social security number, etc.), or similar uniquely identifying information. This information may be provided in advance by an entity that intends to use one or more embodiments of the present disclosure to facilitate voting in a particular matter…The authentication factors 239 represent information that identifies a user 101. Examples of authentication factors 239 include passwords, access tokens, one-time passwords (e.g. time-limited one-time passwords, hash-based message authentication code (HMAC)-based one-time passwords, etc.), cryptographic certificates, and similar authentication mechanisms. Biometric data may optionally be used in those embodiments (e.g., elections in certain jurisdictions) where voting is restricted to specific individuals. In those embodiments, biometric data may be used to ensure that a user 101 of a client device 103 submitting an encrypted vote 253 is in fact an eligible user 101 instead of ineligible user 101 who happens to be in possession or have access to the client device 103 of the user.) Examiner states that there is user data, such as, voter identification data and biometric data. That data includes a unique code for authentication. The unique code includes biometric data, such as, a face scan or fingerprint in the cited prior art. Under broad reasonable interpretation, the user data including a unique code that incorporates verified user biometric data is interpreted as a voter record 223 may include an eligibility status 233 of a user 101 to vote in a specific matter, voter identification data 236, biometric data 239, a vote status 243, and one or more authentication factors 239 and biometric data may be used to ensure that a user 101 of a client device 103 submitting an encrypted vote 253 is in fact an eligible user in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Shiralkar to the known invention of Mugica would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate command features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include the user data including a unique code that incorporates verified user biometric data results in an improved invention because applying said technique ensures that voters can efficiently submit their ballets with automatically generating commands based on the user’s data, thus improving the overall user convenience of the invention. Mugica as modified does not explicitly disclose writing, by the EVM, the vote to a secure memory. However, Libon teaches writing, by the EVM, the vote to a secure memory, (Claim 8. Method according to one of claims 4 to 6, characterized in that the token is at least temporarily stored in a second secure memory of a server forming part of the voting system (3) when it is processed in the system of vote (3).; and Abstract Section, Method for managing electronic voting which comprises authenticating the voter, in particular making use of an elD; the allocation to the voter of a ballot paper; generating a token that anonymizes the voter data and is presented to him; sending the token to a voting system dissociated from the authentication system, extracting the data to produce the ballot; recording and confirming the submission of the vote in the voting system, taking the confirmation back into the token, and sending it back to the voter; return the token to the authentication system, link the confirmation to the identity of the voter; record the validation in the token, and send it back to the voter.) The examiner states that writing, by the EVM, the vote to a secure memory is analogous for a token that anonymizes the voter data and is sent to the voting system to link the confirmation to the identity of the voter and record the validation and submission to the system in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Libon to the known invention of Mugica would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate secure memory features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include writing, by the EVM, the vote to a secure memory results in an improved invention because applying said technique ensures that votes are stored in a secure memory to mitigate the risk of unauthorized users accessing the data, thus improving the overall security of the invention. Mugica as modified does not explicitly disclose generating, by the EVM, a command based on the user data and the vote, wherein generating the command comprises computing a signing key directly from the verified user biometric data incorporated in the unique code. However, Mitchell teaches generating, by the EVM, a command based on the user data and the vote, wherein generating the command comprises computing a signing key directly from the verified user biometric data incorporated in the unique code, (Column 4/line 7,Using biometric key derivation, a cryptographic secret key is derived from the biometric data using a fuzzy extractor to ensure error resilience. This secret key is used to unlock private key operations of a public key cryptographic method on the secure credential store 156. Possible private key operations include encryption/decryption, digital signatures, and identification… In biometric key derivation, a user is first enrolled in which new credentials are generated in the secure credential store. The user would apply their finger to a biometric sensor and the fingerprint would be scanned. The newly generated credentials would be encrypted with a cryptographic key derived from their fingerprint. When the user later uses the system, their fingerprint scan is converted into the same cryptographic key. Fuzzy extraction techniques may be used to correct for errors in the image processing (e.g. finger slightly misaligned). The secure processor then attempts to decrypt the credentials in the secure credential store using the derived cryptographic key..; and Column 10/line 15, The secure processor then attempts to decrypt the credentials in the secure credential store using the derived cryptographic key. If the derived cryptographic key matches the cryptographic key derived during enrollment, those credentials can be decrypted and used for private key operations until the input button is released. Releasing the input button zeroizes the derived cryptographic key, effectively “locking” access to the secure credential store.) One of ordinary skill in the art would have recognized that applying the known technique of Mitchell to the known invention of Mugica as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate command features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include generating, by the EVM, a command based on the user data and the vote, wherein generating the command comprises computing a signing key directly from the verified user biometric data incorporated in the unique code results in an improved invention because applying said technique ensures that voters can efficiently submit their ballets with automatically generating commands based on the user’s data, thus improving the overall user convenience of the invention. 6. Regarding claims 3, 10, and 17; Mugica discloses wherein receiving user data comprises recording an image of one or more text strings, (Column 1/line 23, DRE voting systems that record votes by means of a ballot display provided with mechanical or electro-optical devices that can be actuated by the voter, that process the data by means of a computer program, and that record voting data and ballot images in memory devices, such as, for example, data cartridges, internal memories, or external memories. The disclosed DRE produces a tabulation of the voting data as a hard copy or stored in a removable memory device). 7. Regarding claims 6, 13, and 20; Mugica discloses wherein determining if the command is valid comprises computing a hash of the user data and determining if a matching hash exists in the secure memory, (In step 470, for example, when a cartridge or other type of memory is inserted into the memory interface 210, the controller 120 may unit first validate that the cartridge/memory structure is the proper structure depending on the type of cartridge/memory. If this structure validation is successful, then the controller 120 may, for example, perform a syntactic validation on a configuration file (e.g., an XML file) contained in the cartridge. The controller 120 may then, for example determine whether election identification information stored on the memory/cartridge data matches the election identification information stored in the election identification information portion 254. After one or more of these validations take place and are successful, the vote data may be considered valid). Examiner interprets the term hash of the user data is analogous for the term vote data in the cited prior art. 10. Claims 4-5, 7, 11-12, 14, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Mugica et al. (US 9092922 B2) in view of Shiralkar et al. (US 10979225 B1), and further in view of Libon et al. (BE 1021435 B1), in view of Mitchell et al. (US 11449586 B2), further in view of Kocher et al. (US 20210058387 A1). 11. Regarding claims 4, 11, and 18; Mugica as modified does not explicitly disclose wherein generating a command comprises signing the command with a signing key, the signing key generated in part on the user data. However, Kocher teaches wherein generating a command comprises signing the command with a signing key, the signing key generated in part on the user data, (Para. 0012, FIG. 5 is a flow chart of an exemplary method for generation of a root-signed block for commands signed by a root-authority system; and Para. 125] In a simple case not involving a delegate-signed block, the SM core in an SM-enabled IC receives commands from a root-authority system. The root-authority system public key may be built into the SM-enabled IC. FIG. 5 is a flow chart of an exemplary method for generation of a root-signed block including commands signed by the root-authority system. In step 500, the root-authority system receives one or more SM commands, e.g. from a signing request or an input file. The block of SM commands are then digitally signed (510) by the root-authority system using the root-authority system private key to create the RSB. In step 520, the completed RSB is provided by the root-authority system. The recipient of the RSB may be an SM core with which the root authority can communicate (e.g., via tester I/F 365), or the RSB may be passed via any number of entities (e.g., intermediaries, servers, components, applications, networks, storage locations/files, etc.) before ultimately being received by the SM core.) One of ordinary skill in the art would have recognized that applying the known technique of Kocher to the known invention of Mugica as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate command features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include generating a command comprises signing the command with a signing key, the signing key generated in part on the user data results in an improved invention because applying said technique ensures that the command was authenticated to reduce the risk of unauthorized users accessing voting data, thus improving the overall security of the invention. 12. Regarding claims 5, 12 and 19; Mugica as modified discloses the EVM, (Abstract Section, electronic voting machines) Mugica as modified does not explicitly disclose wherein the signing key is further generated in part on a root key stored in the secure memory. However, Kocher teaches wherein the signing key is further generated in part on a root key stored in the secure memory. (Para. 0065, Root authority 215 is an entity (e.g., security service 120) that manages SM programming capabilities and can assign subsets of capabilities to one or more delegate authorities 220. Root authority 215 is associated with root-authority system 217 that contains (or otherwise has access to) the cryptographic keys that manage the SM-enabled ICs 265 and SM-enabled devices 240, 245, 250, 255, and 260. Root-authority system 217 is configured to generate one or more root-signed blocks (“RSBs”). As discussed in detail below, a RSB can include one or more SM commands, command templates, one or more delegate permissions, one or more keys (e.g., a delegate-public key), or some combination thereof. The RSB contains at least one digital certificate signed by root-authority system 217 using a root-private key (e.g., an RSA private key) that corresponds to a public key in the SM core; and Para. 0126, the RSB generated in FIG. 5. In step 600, the RSB is received at the SM core. The SM core then acquires (610) the root-authority system public key, which for example may be stored in the SM-enabled IC and supplied as a hardware constant to the SM core, or may be stored in a secure memory (e.g., secure memory 310); and Para. 0102] System 300 may include processor 355. Processor 355 can, for example, be a single or multiple microprocessors, field programmable gate array (FPGA) elements, or digital signal processors (DSPs). Specific examples of processor 355 are, for example, an x86 processor, an ARM processor, a MIPS microprocessor, an 8051 microcontroller, etc. Processor 355 may be coupled to SM core 305, host memory 370, tester I/F 365, or some combination thereof, via bus 360. In some embodiments, processor 355 may be configured to directly communicate with SM core 305, read and program secure memory 310 via SM core 305, retrieve SM core 305 status and system state, send commands to SM core 305, receive from SM core 305 cryptographic hashes of software (such as boot routines, operating system components, applications, etc.) authorized for execution by processor 355, or some combination thereof. Additionally, there may a plurality of processors performing these accesses. Additionally, in some embodiments, processor 355 has the capability to run higher privileged code, for example, in Ring 0, using ARM TrustZone?, or in a secure virtual machine monitor (SVMM). Lower-privileged processor 355 or process may be blocked using some or all capabilities of SM core 305. Register interface 358 may be used to communicate the identity and privilege level of the request, and SM core 305 can take the privilege level of the requestor into account when accepting and processing SM commands received across register interface 358.). Examiner interprets the term root key is analogous for the term root-private key in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Kocher to the known invention of Mugica as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate root key into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include the signing key is further generated in part on a root key stored in the secure memory of the EVM in an improved invention because applying said technique ensures that the root key used to generated signing keys is securely stored in the secure memory of the device to prevent unauthorized users accessing voting data, thus improving the overall security of the invention. 13. Regarding claims 7 and 14, Mugica as modified does not explicitly disclose further comprising writing the hash to the secure memory if a matching hash does not exist. However, Kocher teaches further comprising writing the hash to the secure memory if a matching hash does not exist, (Para. 0149-0150, As an example, the SM-enabled IC may, while processing an SM command extracted from the RSB, write a value (e.g., product chip ID, or a random one-time challenge) to an intermediate storage location. When the SM core verifies the signature of the DSB, the SM core incorporates the contents of the intermediate storage in the cryptographic hashing operation involved in the signature verification process. For example, the value in the intermediate storage may be concatenated with the DSB commands when computing the cryptographic hash. If, when the SM-enabled IC verifies the DSB signature, the value in the intermediate storage is not the same as the value used by the delegate-authority system when producing the DSB, the computed hash will not match the signed hash and the SM core may then reject the DSB. Additionally, in some embodiments the RSB causes the SM core to restrict or modify the activity that may be performed by a DSB using an intermediate storage to hold one or more SM command(s). In this embodiment, SM command(s) in the RSB may cause data to be written to the intermediate storage. The SM core then verifies the DSB signature, and if valid, the SM core then treats the data written to immediate storage as a command, and executes the data). Examiner interprets the term writing the hash to the secure memory is analogous for the term intermediate storage to hold one or more SM (secure memory) commands in the cited prior art. Examiner interprets the term matching hash does not exist is analogous for the term the computed hash will not match the signed hash and the SM core may then reject the DSB in the cited prior art. One of ordinary skill in the art would have recognized that applying the known technique of Kocher to the known invention of Mugica as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate hash features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include the writing the hash to the secure memory if a matching hash does not exist results in an improved invention because applying said technique ensures that all the hashes of data are recorded to make sure all commands are not skipped over and to detect unauthorized users, thus improving the overall performance and security of the invention. 14. Claims 2, 9, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Mugica et al. (US 9092922 B2) in view of Shiralkar et al. (US 10979225 B1), and further in view of Libon et al. (BE 1021435 B1), in view of Mitchell et al. (US 11449586 B2), in view of Kocher et al. (US 20210058387 A1), and further in view of Reyes et al. (WO 2010096628 A2). 15. Regarding claims 2, 9, and 16; Mugica as modified does not explicitly disclose wherein receiving user data comprises scanning a quick response (QR) code. However, Reyes teaches wherein receiving user data comprises scanning a quick response (QR) code, (Description Section, The computing device 432 can further include a biometric reader 444 for obtaining at least one identifier in the form of biometric data, such as a fingerprint or iris scan. The biometric reader 444 can be any of various commercially available systems, including systems compliant with Live Scan, FBI, ANSI and/or NIST standards. The computing device 432 can further include a barcode scanner 446 for obtaining at least one identifier encoded in optical machine -readable representation of data, such as a UPC barcode symbol. The barcode scanner 446 can be any of various commercially available systems, including systems capable of reading various types of linear bar codes, such as UPC, EAN, or CODE39/128, and/or various types of matrix codes, such as PDF417, Micro PDF417, Semacode, or QR Code). One of ordinary skill in the art would have recognized that applying the known technique of Reyes n to the known invention of Mugica as modified would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate QR code features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the electronic voting device to include receiving user data comprises scanning a quick response (QR) code results in an improved invention because applying said technique allows for a quicker way for the voting machine to receive the user data, thus improving the overall efficiency of the invention. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Method For Processing Votes In Public Blockchain, Involves Electronically Transmitting Generated Voting Block To Nodes Associated With Blockchain By Transmitting Device Of Processing Server (US 20190213821 A1) teaches generating (502) an election reference and candidate references by a generation module of a processing server. An asymmetric cryptographic key pair comprised of a master private key and a master public key are generated (504) by an encryption module of the processing server. The registration block is generated (506) for addition to a blockchain by the generation module of the processing server. The generated registration block is electronically transmitted (508) to nodes associated with the blockchain by a transmitting device of the processing server. Multiple voting messages are received by a receiving device of the processing server. The voting block is generated for addition to the blockchain by the generation module of the processing server. The voting block is comprised of a block header and data values. The generated voting block is electronically transmitted to the nodes associated with the blockchain by the transmitting device of the processing server. A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. In addition to the foregoing, other aspects are described in the claims, drawings, and text. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Davida L. King whose telephone number is (571) 272-4724. The examiner can normally be reached M-F 8am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /D.L.K./Examiner, Art Unit 3699 /NEHA PATEL/Supervisory Patent Examiner, Art Unit 3699