ELECTRONIC DEVICE AND METHOD FOR PROCESSING USER INTERACTION INFORMATION

§103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amendment filed 27 February 2026 has been entered. Applicant amended claims 1, 9, and 14; and previously cancelled claims 6 and 14. Accordingly, claims 1-5, 7-13, and 15-20 remain pending. As a result of Applicant’s amendment to the claims, the 35 USC 112(a) and (b) rejections 02 December 2025 are moot. Response to Arguments Applicant’s arguments, filed 27 February 2026, with respect to 35 USC 112(a) and 112(b) rejections of 02 December 2025 have been fully considered and are persuasive. The 35 USC 112(a) and 112(b) rejections of 02 December 2025 have been withdrawn. Regarding the 35 USC 103 Rejection: Applicant's arguments filed 27 February 2026 have been fully considered but they are not persuasive. Applicant’s remarks: Applicant respectfully submits that claim 1 is patentable because the proposed Pappachan-Fleck-Zhang combination fails to disclose or suggest each and every element of the claim. For example, Applicant respectfully submits that the proposed Pappachan-Fleck-Zhang combination fails to disclose or suggest "instantiating an object of the application, the instantiated object being recompiled to process only graphic-based reactions," as claimed. Applicant’s support: Pappachan discloses executing an application within a secure environment that exchanges encrypted information with a user interface executing outside of the secure environment, and that the user interface presents decrypted information based on changes to the view of the secure application and provides encrypted information to the application based on user inputs. Nowhere, however, does Pappachan disclose or suggest "instantiating an object of the application recompiled to process only graphic-based reactions," as recited in claim 1. Consequently, Pappachan does not disclose or suggest at least the cited features recited in claim 1. Examiner’s remarks: This is not persuasive. The limitation of “instantiating an object of the application, the instantiated object being recompiled to process only graphic based reaction” is presented at a level of generality and does not prevent the prior art of record. Accordingly to paragraphs 27-28 of Pappachan, the instantiating an object of the application corresponds to the application that utilizes the user input interface 300. The input data via user interface/ instantiated object is recompiled/processed again via OS input interface 302. The encrypted input information is provided to OS input interface 304 in encrypted form to protect its contents. The OS input interface processed only graphic based reactions/which is the input information from the user interface/GUI that becomes encrypted. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. Claims 1-5, 7-13 and 15-20 are rejected under 35 U.S.C. 112(a) as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. The amended claims 1, 9, and 16 contain the following limitations that are not fully supported in the original disclosure and these limitations were determined to be new matter: “the instantiated objected being recompiled to process only graphic based reaction”. The examiner does not find the specification disclosing “the instantiated objected being recompiled to process only graphic based reaction”. Instead, paragraph 148 of Applicant’s specification reveals calling back a pseudo event handler in order to process a pseudo-event for the second object compiled to process only a graphic reaction part in the first object, but the paragraph does not disclose recompiling the instantiated object. Paragraph 113 of Applicant’s specification also discloses perform a pseudo-event generation operation so as to process only a graphical reactive object among instantiated objects, but the paragraph does not disclose recompiling the instantiated object. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-2, 4, 8-10, 12, 16-17, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pappachan et al US 20140359305 (hereinafter Pappachan), in view of Fleck et al US 20190342314 (hereinafter Fleck), and in further view of Zhang et al US 20200234275 (hereinafter Zhang). As to claim 1, Pappachan teaches a method for processing user interaction information by an electronic device (abstract and Figures 1 and 3, wherein Figure 3 discloses modular implementation and communication flow of the system shown in Figure 1, see paragraph 5 and 7; abstract discloses an application integrity protection via secure interaction and processing), the method comprising: executing an application in an unsecure area of the electronic device (paragraph 15 discloses a computing device that executes applications. Paragraph 18 reveals a banking application is executed, an application with which a user may be able to get information about their personal banking bank accounts); instantiating an object of the application (paragraphs 18 and 27 disclose the user supplies access information to the banking application such as username, password, account numbers. This information is entered via user interface. Therefore, the information is input into a text field box/object that is a graphical user interface element. A text field is considered an instantiating object in the banking application. Paragraph 16 discloses user interface 104 may include, for example, any input and/or output apparatuses that may be employed by a user to input information into device 102 (e.g., type or speak information, point to objects on a display, etc.) or to comprehend information from device 102 (e.g., read text, see images, hear sound, feel tactile feedback, etc.) from device 102. User interface 104 may also include any software resources such as, for example, processing resources that are needed to operate the input or output apparatuses. Paragraph 23 further discloses the user interface module may include equipment and software corresponding to that described in regard to user interface 104 in FIG. 1. This equipment and software may be configured to allow users to interact with device 102 such as, for example, various input mechanisms (e.g., microphones, switches, buttons, knobs, keyboards, speakers, touch-sensitive surfaces, one or more sensors configured to capture images and/or sense proximity, distance, motion, gestures, orientation, etc.)), the instantiated object being recompiled to process only graphic-based reaction (paragraphs 27-28, wherein the instantiating an object of the application corresponds to the application that utilizes the user input interface 300. The input data via user interface/ instantiated object is recompiled/processed again via OS input interface 302. The encrypted input information is provided to OS input interface 304 in encrypted form to protect its contents. The OS input interface processed only graphic based reactions/which is the input information from the user interface/GUI that becomes encrypted); recognizing a user interface of the application, converting a user reaction between a pseudo-event and the instantiated object into data (paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and converts/encrypts as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key) , and transmitting the data to a secure area of the electronic device (paragraphs 18 and 27-28 disclose the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1); mirroring the application to the secure area by using the data (paragraphs 18 and 27-28 disclose [mirror] application 114 that is in the secure processing environment 112 in Figures 1 that receives the encrypted information. Figure 3 shows a more detailed view of the application which includes secure controller 306, secure model 308, and secure view 310 and PAVP 312 ); based on a user input being detected, inferring an event to be recognized by a graphical user interface (GUI) framework of the electronic device using the data (paragraphs 16 and 18 reveal the system 100 shown in Figures 1 and 3 receives/recognizes the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key. Therefore, based on the detected user input, the system infer an event of encryption using keystroke encryption that is to be recognized by the user interface); and interpreting, in the secure area, the user reaction to the instantiated object corresponding to the inferred event (paragraph 18 discloses the encrypted input information may only be decrypted/interpreted once received within secure processing environment 112, providing protection for its content and also the execution of application 114 which may access to databases to find account balances, process financial transactions (e.g., pay bills, transfer funds, etc.)). Pappachan does not teach mirroring a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data; wherein the mirroring of the rendered image of the application comprises: generating the pseudo-event while traversing a reaction list of the instantiated object; generating virtual user reactions to graphical reactive objects included in the application; and triggering a simulated response to the graphical reactive objects. Fleck teaches mirroring a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data (paragraph 83 discloses the client application can include one or more components such as an embedded browser, a remote session agent, and a secure container (secure area); paragraphs 94-95 disclose the client application can include a secure container (228 of Figure 2) which corresponds to a secure cache, wherein the secure container relates to or involves the use of a secure browser (e.g., embedded browser or secure browser ). Network applications are accessed by the secure browser and these network applications can be considered to be contained within the secure container. Paragraph 118 discloses the network application is rendered at the hosted secure browser and the rendered data is conveyed or mirrored to the secure browser plug-in and/or client agent for processing and/or display. The client agent can execute within in the web browser and/or the secure browser plug-in. Paragraph 44 disclose the secure applications may accessed data stored in the unsecure data container on the unmanaged partition of the client device; paragraph 93 disclose the remote session agent (HDX engine) include features of the client agent as discussed in Figure 2. The remote session agent can establish a remote desktop session and/or remote application session in accordance to any variety of protocols such as remote frame buffer protocol, where the remote session agent can establish a remote application session for a user of the client device to access an enterprise network application. Figure 2 and paragraph 42 disclose the secure applications of Figure 2 may be web browsing applications, email applications, and the like. The client application can include a secure application launcher and the secure applications may be secure native applications, secure remote applications executed by the secure application launcher. The secure remote applications executed by a secure application launcher may be executed within the secure application launcher application). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction with Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area such that a client application can provide improved control/operation/functionality associated with the network application in accordance with security policy (paragraph 9 of Fleck). PNG media_image1.png 424 683 media_image1.png Greyscale Figure 1 of Zhang The combination of Pappachan in view of Fleck does not teach, but Zhang teaches wherein the mirroring of the rendered image of the application comprises: generating pseudo-event while traversing a reaction list of the instantiated object (paragraph 5 and Figure 1 disclose when a user enters for transfer request (instantiated object) and verifies a PIN code (reaction), the rich execution environment (REE) application invokes the secure display/input on a trusted execution environment (TEE). The secure display/input of the trusted user interface is the pseudo-event of the reaction input. The instantiated object is the transfer request); generating virtual user reactions of graphical reactive objects of the instantiated objects included in the application and triggering a simulated response to the graphical reactive objects (Figure 1 and paragraph 5 further reveal that the user is prompt to enter UKEY password (graphical reactive object) for the transfer request(instantiated object) on the trusted user interface of the TEE (pseudo-event), and this trigger a virtual reaction response of a screen display (simulated response) is return to the REE). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area with Zhang’s further teachings of mirroring of the rendered image to prevent information leakage and malware transmission while satisfying requirement of the mobile payment security (paragraph 3 of Zhang). As to claim 2, the combination of Pappachan in view of Fleck and Zhang teaches further comprising: generating input data based on the interpreted user reaction (Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1); and encrypting the input data in the secure area (Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1). As to claim 4, the combination of Pappachan in view of Fleck and Zhang teaches wherein the transmitting the data to the secure area comprises recognizing the user interface and extracting the data from a physical interface corresponding to a valid event (Pappachan: paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognizes the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key; paragraphs 18 and 27-28 further discloses the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1). As to claim 8, the combination of Pappachan in view of Fleck and Zhang teaches wherein the application is developed by using a software development kit (SDK) comprising an oblivious event receipt (OER) function (Pappachan: paragraph 25 discloses the application in the secure processing environment can be a trusted executed environment/secure enclave technology. TEE SDK are specifically designed for developing application such as application 114 within a TEE. TEE utilizes an SDK to create applications that run in the secure processing environment. Paragraphs 46-47 reveal the output information for presentation is encrypted using third encryption protocol. This third encryption protocol is the OER function. Third encryption protocol can include homomorphic encryption). As to claim 9, Pappachan teaches an electronic device (paragraph 19 and Figure 2 disclose a configuration for electronic device 102) comprising: a display (paragraph 23 and Figure 2 reference number 208 discloses user interface module that include equipment and software, and include a display); memory, including one or more storage media, configured to store instructions, an application, and an operating system (paragraph 37 discloses non-transitory computer readable storage medium, wherein instructions sets of a software package are stored on the non-transitory computer readable storage medium. Paragraphs 20 and 22 disclose the device 102 includes memory module that store instructions and information relating to performing activities related to reading data, writing data, processing data, formulating data, converting data, transforming data. Claim 40 recites the storage medium include storing instructions involving OS interface); and at least one processor, including processing circuitry, configured to execute the application and the operating system stored in the memory and operate while distinguishing between a secure area and a normal area (paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data. Paragraph 15 discloses computing/electronic device that executes applications. Paragraph 18 reveals a banking application is executed, an application with which a user may be able to get information about their personal banking bank accounts ), wherein the instructions, when executed by the at least one processor individually or collectively, cause the electronic device to (paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data ) configured to: control to execute the application (paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data. Paragraph 15 discloses computing/electronic device that executes applications. Paragraph 18 reveals a banking application is executed, an application with which a user may be able to get information about their personal banking bank accounts. Paragraph 28 further reveal secure processing environment contains secure controller); instantiate an object of the application (paragraphs 18 and 27 disclose the user supply access information to the banking application such as username, password, account numbers. This information is entered via user interface. Therefore, the information is input into a text field box that is a graphical user interface element. A text field is considered an instantiating object in the banking application. Paragraph 16 discloses user interface 104 may include, for example, any input and/or output apparatuses that may be employed by a user to input information into device 102 (e.g., type or speak information, point to objects on a display, etc.) or to comprehend information from device 102 (e.g., read text, see images, hear sound, feel tactile feedback, etc.) from device 102. User interface 104 may also include any software resources such as, for example, processing resources that are needed to operate the input or output apparatuses. Paragraph 23 further discloses the user interface module may include equipment and software corresponding to that described in regard to user interface 104 in FIG. 1. This equipment and software may be configured to allow users to interact with device 102 such as, for example, various input mechanisms (e.g., microphones, switches, buttons, knobs, keyboards, speakers, touch-sensitive surfaces, one or more sensors configured to capture images and/or sense proximity, distance, motion, gestures, orientation, etc.)), the instantiated object being recompiled to process only graphic-based reaction (paragraphs 27-28 reveal the instantiating an object of the application corresponds to the application that utilizes the user input interface 300. The input data via user interface/ instantiated object is recompiled/processed again via OS input interface 302. The encrypted input information is provided to OS input interface 304 in encrypted form to protect its contents. The OS input interface processed only graphic based reactions/which is the input information from the user interface/GUI that becomes encrypted); recognize a user interface of the application, convert a user reaction between a pseudo-event and the instantiated object into data (paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key), and transmit the data to the secure area (paragraphs 18 and 27-28 disclose the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1); mirror the application to the secure area by using the data (paragraphs 18 and 27-28 disclose [mirror] application 114 that is in the secure processing environment 112 in Figures 1. Figure 3 shows a more detailed view of the application which includes secure controller 306, secure model 308, and secure view 310 and PAVP 312 ); based on a user input being detected, infer an event to be recognized by a graphical user interface (GUI) framework (paragraphs 16 and 18 reveal the system 100 shown in Figures 1 and 3 receives/recognizes the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key. Therefore, based on the detected user input, the system infer an event of encryption using keystroke encryption that is to be recognized by the user interface); and interpret, in the secure area, the user reaction to the instantiated object corresponding to the inferred event (paragraph 18 discloses the encrypted input information may only be decrypted/interpreted once received within secure processing environment 112, providing protection for its content and also the execution of application 114 which may access to databases to find account balances, process financial transactions (e.g., pay bills, transfer funds, etc.)). Pappachan does not teach generate the pseudo-event while traversing a reaction list of the instantiated object; generate virtual user reactions to graphical reactive objects included in the application and trigger a simulated response to the graphical reactive objects; mirror a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data. Fleck teaches mirror a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data (paragraph 83 discloses the client application can include one or more components such as an embedded browser, a remote session agent, and a secure container (secure area); paragraphs 94-95 disclose the client application can include a secure container (228 of Figure 2) which corresponds to a secure cache, wherein the secure container relates to or involves the use of a secure browser (e.g., embedded browser or secure browser ). Network applications are accessed by the secure browser and these network applications can be considered to be contained within the secure container. Paragraph 118 discloses the network application is rendered at the hosted secure browser and the rendered data is conveyed or mirrored to the secure browser plug-in and/or client agent for processing and/or display. The client agent can execute within in the web browser and/or the secure browser plug-in. Paragraph 44 disclose the secure applications may accessed data stored in the unsecure data container on the unmanaged partition of the client device; paragraph 93 disclose the remote session agent (HDX engine) include features of the client agent as discussed in Figure 2. The remote session agent can establish a remote desktop session and/or remote application session in accordance to any variety of protocols such as remote frame buffer protocol, where the remote session agent can establish a remote application session for a user of the client device to access an enterprise network application. Figure 2 and paragraph 42 disclose the secure applications of Figure 2 may be web browsing applications, email applications, and the like. The client application can include a secure application launcher and the secure applications may be secure native applications, secure remote applications executed by the secure application launcher. The secure remote applications executed by a secure application launcher may be executed within the secure application launcher application). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction with Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area such that a client application can provide improved control/operation/functionality associated with the network application in accordance with security policy (paragraph 9 of Fleck). The combination of Pappachan in view of Fleck does not teach, but Zhang teaches generate the pseudo-event while traversing a reaction list of the instantiated object (paragraph 5 and Figure 1 disclose when a user enters (instantiated object) and verifies a code (reaction), the REE application invokes the secure display/input on a TEE. The secure display/input of the trusted user interface is the pseudo-event of the reaction. The instantiated object is the transfer request icon); generate virtual user reactions to graphical reactive objects included in the application and trigger a simulated response to the graphical reactive objects (Figure 1 and paragraph 5 further reveal that the user is prompt to enter UKEY password (graphical reactive object) for the transfer request(instantiated object) on the trusted user interface of the TEE (pseudo-event), and this trigger a response screen display (simulated response) is return to the REE). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area with Zhang’s further teachings of mirroring of the rendered image to prevent information leakage and malware transmission while satisfying requirement of the mobile payment security (paragraph 3 of Zhang). As to claim 10, the combination of Pappachan in view of Fleck and Zhang teaches wherein the instructions, when executed by the at least one processor individually or collectively, further cause the electronic device to (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data ): generate input data based on the interpreted user reaction (Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1); and encrypt the input data in the secure area (Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1). As to claim 12, the combination of Pappachan in view of Fleck and Zhang teaches wherein the instructions, when executed by the at least one processor individually or collectively, further cause the electronic device to (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data) recognize the user interface and extract the data from a physical interface corresponding to a valid event (Pappachan: paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognizes the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface). The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key; paragraphs 18 and 27-28 further discloses the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1). As to claim 16, Pappachan teaches a non-transitory computer-readable storage medium storing computer- executable instructions (paragraph 37 discloses non-transitory computer readable storage medium, wherein instructions sets of a software package are stored on the non-transitory computer readable storage medium ) for processing user interaction information that (abstract and Figures 1 and 3 (wherein Figure 3 disclose modular implementation and communication flow of the system shown in Figure 1, see paragraph 5 and 7) discloses application integrity protection via secure interaction and processing), when executed by at least one processor of an electronic device, cause the electronic device (paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data ) to: execute an application in an unsecure area of the electronic device (paragraph 15 discloses computing device that executes applications. Paragraph 18 reveals a banking application, an application with which a user may be able to get information about their personal banking bank accounts); instantiate an object of the application (paragraphs 18 and 27 disclose the user supply access information to the banking application such as username, password, account numbers. This information is entered via user interface. Therefore, the information is input into a text field box that is a graphical user interface element. A text field is considered an instantiating object in the banking application. Paragraph 16 discloses user interface 104 may include, for example, any input and/or output apparatuses that may be employed by a user to input information into device 102 (e.g., type or speak information, point to objects on a display, etc.) or to comprehend information from device 102 (e.g., read text, see images, hear sound, feel tactile feedback, etc.) from device 102. User interface 104 may also include any software resources such as, for example, processing resources that are needed to operate the input or output apparatuses. Paragraph 23 further discloses the user interface module may include equipment and software corresponding to that described in regard to user interface 104 in FIG. 1. This equipment and software may be configured to allow users to interact with device 102 such as, for example, various input mechanisms (e.g., microphones, switches, buttons, knobs, keyboards, speakers, touch-sensitive surfaces, one or more sensors configured to capture images and/or sense proximity, distance, motion, gestures, orientation, etc.)), the instantiated object being recompiled to process only graphic-based reaction (paragraphs 27-28 reveal the instantiating an object of the application corresponds to the application that utilizes the user input interface 300. The input data via user interface/ instantiated object is recompiled/processed again via OS input interface 302. The encrypted input information is provided to OS input interface 304 in encrypted form to protect its contents. The OS input interface processed only graphic based reactions/which is the input information from the user interface/GUI that becomes encrypted); recognize a user interface of the application, convert a user reaction between a pseudo-event and the instantiated object into data (paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognizes the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key), and transmit the data to a secure area of the electronic device (paragraphs 18 and 27-28 disclose the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1); mirror the application to the secure area by using the data (paragraphs 18 and 27-28 disclose the comprises [mirror] application 114 that is in the secure processing environment 112 in Figures 1. Figure 3 shows a more detailed view of the application which includes secure controller 306, secure model 308, and secure view 310 and PAVP 312 ); based on a user input being detected, infer an event to be recognized by a graphical user interface (GUI) framework of the electronic device (paragraphs 16 and 18 reveal the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key. Therefore, based on the detected user input, the system infer an event of encryption using keystroke encryption that is to be recognized by the user interface); and interpret, in the secure area, the user reaction to the instantiated object corresponding to the inferred event (paragraph 18 discloses the encrypted input information may only be decrypted/interpreted once received within secure processing environment 112, providing protection for its content and also the execution of application 114 which may access to databases to find account balances, process financial transactions (e.g., pay bills, transfer funds, etc.)). Pappachan does not teach generate the pseudo-event while traversing a reaction list of the instantiated object; generate virtual user reactions to graphical reactive objects included in the application and trigger a simulated response to the graphical reactive objects; mirror a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data. Fleck teaches mirror a rendered image of the application from an auxiliary frame buffer of the unsecure area to a secure buffer of the secure area by using the data (paragraph 83 discloses the client application can include one or more components such as an embedded browser, a remote session agent, and a secure container (secure area); paragraphs 94-95 disclose the client application can include a secure container (228 of Figure 2) which corresponds to a secure cache, wherein the secure container relates to or involves the use of a secure browser (e.g., embedded browser or secure browser ). Network applications are accessed by the secure browser and these network applications can be considered to be contained within the secure container. Paragraph 118 discloses the network application is rendered at the hosted secure browser and the rendered data is conveyed or mirrored to the secure browser plug-in and/or client agent for processing and/or display. The client agent can execute within in the web browser and/or the secure browser plug-in. Paragraph 44 disclose the secure applications may accessed data stored in the unsecure data container on the unmanaged partition of the client device; paragraph 93 disclose the remote session agent (HDX engine) include features of the client agent as discussed in Figure 2. The remote session agent can establish a remote desktop session and/or remote application session in accordance to any variety of protocols such as remote frame buffer protocol, where the remote session agent can establish a remote application session for a user of the client device to access an enterprise network application. Figure 2 and paragraph 42 disclose the secure applications of Figure 2 may be web browsing applications, email applications, and the like. The client application can include a secure application launcher and the secure applications may be secure native applications, secure remote applications executed by the secure application launcher. The secure remote applications executed by a secure application launcher may be executed within the secure application launcher application). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction with Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area such that a client application can provide improved control/operation/functionality associated with the network application in accordance with security policy (paragraph 9 of Fleck). The combination of Pappachan in view of Fleck does not teach, but Zhang teaches generate the pseudo-event while traversing a reaction list of the instantiated object (paragraph 5 and Figure 1 disclose when a user enters (instantiated object) and verifies a code (reaction), the REE application invokes the secure display/input on a TEE. The secure display/input of the trusted user interface is the pseudo-event of the reaction. The instantiated object is the transfer request icon); generate virtual user reactions to graphical reactive objects included in the application and trigger a simulated response to the graphical reactive objects (Figure 1 and paragraph 5 further reveal that the user is prompt to enter UKEY password (graphical reactive object) for the transfer request(instantiated object) on the trusted user interface of the TEE (pseudo-event), and this trigger a response screen display (simulated response) is return to the REE). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teaching of processing user interaction in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area with Zhang’s further teachings of mirroring of the rendered image to prevent information leakage and malware transmission while satisfying requirement of the mobile payment security (paragraph 3 of Zhang). As to claim 17, the combination Pappachan in view of Fleck and Zhang teaches wherein the computer-executable instructions, when executed by the at least one processor, further cause the electronic device (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data ) to: generate input data based on the interpreted user reaction ( Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1); and encrypt the input data in the secure area (Pappachan: paragraphs 18 and 28 disclose output information is generated (e.g., financial reports, transaction confirmations, etc.), the output may be encrypted prior to transmission back as input data to OS interface 108 as shown at 110 of Figure 1). As to claim 19, the combination Pappachan in view of Fleck and Zhang teaches wherein to transmit the data to the secure area comprises recognizing the user interface and extracting the data from a physical interface corresponding to a valid event (Pappachan: paragraph 18 reveals the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key; paragraphs 18 and 27-28 further discloses the converted/encrypted input information is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1). Claim(s) 3, 7, 11, 15, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pappachan et al US 20140359305 (hereinafter Pappachan), in view of Fleck et al US 20190342314 (hereinafter Fleck), in further view of Zhang et al US 20200234275 (hereinafter Zhang), and in further view of Smith et al US 20150170197 (hereinafter Smith). As to claim 3, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 1-2 above, and further teaches wherein the encrypting the input data comprises encrypting the input data by using a [third encryption protocol] (Pappachan: paragraphs 46-47 reveal the output information from the secure processing environment for presentation which becomes input data to the OS interface is encrypted using third encryption protocol. Third encryption protocols include homomorphic encryption). The combination of Pappachan in view of Fleck and Zhang does not teach wherein the encrypting uses a homomorphic encryption system. Smith teaches wherein the encrypting uses a homomorphic encryption system (abstract discloses secure processing environment that encrypt vector data using homomorphic encryption). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s third encryption protocol performed in a secure processing environment in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image with Smith’s homomorphic encryption performed in a secured processing environment such that information is protected from disclosure to unauthorized parties such as malware and hackers (paragraph 30 of Smith). As to claim 7, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claim 1 above and further teaches wherein the inferring the event to be recognized by the GUI framework comprises inferring the event to be recognized by the GUI framework by using a [key-data] in the secure area (Pappachan: paragraphs 16 and 18 reveal the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key. Therefore, based on the detected user input, the system infer an event of encryption using keystroke encryption that is to be recognized by the user interface. Paragraphs 46-47 reveal the output information from the secure processing environment for presentation which becomes input data to the OS interface is encrypted using third encryption protocol. Third encryption protocols include homomorphic encryption. Paragraphs 18 and 29 disclose the encrypted output information may then be sent to a user interface and decrypted for presentation [as an image] to the user. Paragraph 30 reveals secure module can be account information records stored on dedicated memory in the bank server on which the secure controller component may act in response to input from the user, and from which secure view component generate output information). The combination of Pappachan in view of Fleck and Zhang does not teach, but Smith teaches using a key-data pair in the secure area (abstract discloses secure processing environment that encrypt vector data using homomorphic encryption. Homomorphic encryption utilizes a key pair). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s third encryption protocol performed in a secure processing environment in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image with Smith’s homomorphic encryption performed in a secured processing environment such that information is protected from disclosure to unauthorized parties such as malware and hackers (paragraph 30 of Smith). As to claim 11, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 9-10 above, and further teaches wherein the instructions, when executed by the at least one processor individually or collectively, further cause the electronic device to (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data. Paragraph 15 discloses computing/electronic device that executes applications). The combination of Pappachan in view of Fleck and Zhang does not teach wherein the encrypting uses a homomorphic encryption system. Smith teaches wherein the encrypting uses a homomorphic encryption system (abstract discloses secure processing environment that encrypt vector data using homomorphic encryption). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s third encryption protocol performed in a secure processing environment in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image with Smith’s homomorphic encryption performed in a secured processing environment such that information is protected from disclosure to unauthorized parties such as malware and hackers (paragraph 30 of Smith). As to claim 15, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claim 9 above and further teaches wherein the application is developed by using a software development kit (SDK) comprising an oblivious event receipt (OER) function (Pappachan: paragraph 25 discloses the application in the secure processing environment can be a trusted executed environment/secure enclave technology. TEE SDK are specifically designed for developing application such as application 114 within a TEE. TEE utilizes an SDK to create applications that run in the secure processing environment. Paragraphs 46-47 reveal the output information for presentation is encrypted using third encryption protocol. This third encryption protocol is the OER function. Third encryption protocol can include homomorphic encryption) and wherein the instructions, when executed by the at least one processor individually or collectively, further cause the electronic device to (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data. Paragraph 15 discloses computing/electronic device that executes applications) infer the event to be recognized by the GUI framework comprises inferring the event to be recognized by the GUI framework by using a [key-data] in the secure area (Pappachan: paragraphs 16 and 18 reveal the system 100 shown in Figures 1 and 3 receives/recognize the sensitive input information via the user interface of the banking application and convert/encrypt as it is entered via user interface. The input information from the user interacting with text field box(instantiated object) is encrypted using keystroke encryption/pseudo-event. This encryption algorithm uses pseudo-random key. Therefore, based on the detected user input, the system infer an event of encryption using keystroke encryption that is to be recognized by the user interface. Paragraphs 46-47 reveal the output information from the secure processing environment for presentation which becomes input data to the OS interface is encrypted using third encryption protocol. Third encryption protocols include homomorphic encryption. Paragraphs 18 and 29 disclose the encrypted output information may then be sent to a user interface and decrypted for presentation [as an image] to the user. Paragraph 30 reveals secure module can be account information records stored on dedicated memory in the bank server on which the secure controller component may act in response to input from the user, and from which secure view component generate output information). The combination of Pappachan in view of Fleck and Zhang does not teach, but Smith teaches using a key-data pair in the secure area (abstract discloses secure processing environment that encrypt vector data using homomorphic encryption. Homomorphic encryption utilizes a key pair). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s third encryption protocol performed in a secure processing environment in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image with Smith’s homomorphic encryption performed in a secured processing environment such that information is protected from disclosure to unauthorized parties such as malware and hackers (paragraph 30 of Smith). As to claim 18, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 16-17 above, and further teaches wherein to encrypt the input data comprises encrypting the input data by using a [third encryption protocol] (Pappachan: paragraphs 46-47 reveal the output information from the secure processing environment for presentation ) which becomes input data to the OS interface is encrypted using third encryption protocol. Third encryption protocols include homomorphic encryption). The combination of Pappachan in view of Fleck and Zhang does not teach wherein the encrypting uses a homomorphic encryption system. Smith teaches wherein the encrypting uses a homomorphic encryption system (abstract discloses secure processing environment that encrypt vector data using homomorphic encryption). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s third encryption protocol performed in a secure processing environment in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image with Smith’s homomorphic encryption performed in a secured processing environment such that information is protected from disclosure to unauthorized parties such as malware and hackers (paragraph 30 of Smith). Claim(s) 5, 13, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pappachan et al US 20140359305 (hereinafter Pappachan), in view of Fleck et al US 20190342314 (hereinafter Fleck), in further view of Zhang et al US 20200234275 (hereinafter Zhang), and in further view of Chuang et al US 20160191240 (hereinafter Chuang). As to claim 5, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 1 and 4 above and further teaches wherein the transmitting the data to the secure area further comprises generating [key-data] of the physical interface corresponding to the user reaction corresponding to the instantiated object (Pappachan: paragraphs 18 and 27-28 disclose the converted/encrypted input information using keystroke encryption is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1. The keystroke encryption is associated with the user password/access information. Keystroke encryption utilizes a key). The combination of Pappachan in view of Fleck and Zhang does not teach generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object. Chuang teaches generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object (abstract, claim 8, and paragraph 12 disclose data from user input/user reaction to an interface/key data field is generated and public and private key pair is also generated). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teachings of keystroke encryption in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image and add Chuang’s teachings of generated key-data pair and further encrypting the keystroke encrypted data prior to transmission to enhance the security of the data during transmission of the data (paragraph 3 of Chuang). As to claim 13, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 9 and 12 above and further teaches wherein the instructions, when executed by the at least one processor individually or collectively, further cause the electronic device (Pappachan: paragraphs 20-21 and 22 disclose the electronic device includes processing module that comprise one or more processors. Processing module is configured to execute/perform various instructions such as reading data, writing data, processing data, formulating data, converting data, transforming data )to generate [key-data] of the physical interface corresponding to the user reaction corresponding to the instantiated object (paragraphs 18 and 27-28 disclose the converted/encrypted input information using keystroke encryption is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1. The keystroke encryption is associated with the user password/access information. Keystroke encryption utilizes a key). The combination of Pappachan in view of Fleck and Zhang does not teach generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object. Chuang teaches generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object (abstract, claim 8, and paragraph 12 disclose data from user input/user reaction to an interface/key data field is generated and public and private key pair is also generated). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teachings of keystroke encryption in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image and add Chuang’s teachings of generated key-data pair and further encrypting the keystroke encrypted data prior to transmission to enhance the security of the data during transmission of the data (paragraph 3 of Chuang). As to claim 20, the combination of Pappachan in view of Fleck and Zhang teaches all the limitations recited in claims 16 and 19 above and further teaches wherein to transmit the data to the secure area further comprises generating [key-data] of the physical interface corresponding to the user reaction corresponding to the instantiated object (Pappachan: paragraphs 18 and 27-28 disclose the converted/encrypted input information using keystroke encryption is provided to OS input interface 108/304. The encrypted information is transmitted to secure processing environment 112 which comprises [mirror] application 114 in Figures 1. The keystroke encryption is associated with the user password/access information. Keystroke encryption utilizes a key). The combination of Pappachan in view of Fleck and Zhang does not teach generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object. Chuang teaches generating key-data pair data of the physical interface corresponding to the user reaction corresponding to the instantiated object (abstract, claim 8, and paragraph 12 disclose data from user input/user reaction to an interface/key data field is generated and public and private key pair is also generated). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Pappachan’s teachings of keystroke encryption in view of Fleck’s teachings of rendering an image/data of the application from an unsecure area to a secure area and Zhang’s further teachings of mirroring of the rendered image and add Chuang’s teachings of generated key-data pair and further encrypting the keystroke encrypted data prior to transmission to enhance the security of the data during transmission of the data (paragraph 3 of Chuang). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30am-4:00pm (EST). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at (571)270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /F.F/Examiner, Art Unit 2437 /ALI S ABYANEH/Primary Examiner, Art Unit 2437