Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsHewlett-Packard Development Company, L.P. › 18292206
Last updated: April 19, 2026
Application No. 18/292,206

SECURE LEDGER REGISTRATION

Final Rejection §101§103
Filed
Jan 25, 2024
Examiner
LEE, CLAY C
Art Unit
3699
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Hewlett-Packard Development Company, L.P.
OA Round
2 (Final)
54%
Grant Probability
Moderate
3-4
OA Rounds
4y 1m
To Grant
99%
With Interview

Interview Optional

+57.1% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 216 resolved cases, 2023–2026

Examiner Intelligence

LEE, CLAY C View full profile →
Grants 54% of resolved cases
54%
Career Allow Rate
117 granted / 216 resolved
+2.2% vs TC avg
Strong +57% interview lift
Without
With
+57.1%
Interview Lift
resolved cases with interview
Typical timeline
4y 1m
Avg Prosecution
60 currently pending
Career history
276
Total Applications
across all art units

Statute-Specific Performance

§101
32.7%
-7.3% vs TC avg
§103
45.9%
+5.9% vs TC avg
§102
8.2%
-31.8% vs TC avg
§112
10.5%
-29.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 216 resolved cases

Office Action

§101 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amendment filed September 12, 2025 has been entered. Claims 14, 16-21, and 23-29 remain pending in the application. Applicant’s amendments to the Claims have overcome each and every objections previously set forth in the Non-Final Office Action mailed June 17, 2025. Claim Objections Claims 16-21 and 23 are objected to because of the following informalities: In claim 16, line 9, “to access the secure ledger” should read --to access a secure ledger--. In claim 21, line 7, “to access the blockchain” should read --to access a blockchain--. In claim 23, line 1, “claim 22” should read --claim 21--. Claims 17-20 and 23 are further objected due to their dependency. Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 14, 16-21, and 23-29 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Under the Step 1 of the Section 101 analysis, Claims 14, 16-20, and 27-29 are drawn to a non-transitory computer-readable medium which is within the four statutory categories (i.e., a manufacture), Claims 21 and 23 are drawn to a method which is within the four statutory categories (i.e., a process), and Claims 24-26 are drawn to a system which is within the four statutory categories (i.e. a machine). Since the claims are directed toward statutory categories, it must be determined if the claims are directed towards a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea). Based on consideration of all of the relevant factors with respect to the claim as a whole, claims 14-26 are determined to be directed to an abstract idea. The rationale for this determination is explained below: Regarding Claim 14: Claim 14 is drawn to an abstract idea without significantly more. The claims recite “receive, from an authentication entity via a network, a certificate of authentication for storage in a storage device accessible by the processor, the certificate of authentication certifying that a user has been authenticated by the authentication entity and comprising: identification data associated to the user, data comprising a request to authorize the user to access a secure ledger, a cryptographically secure signature associated to the authentication entity, and data indicating a time period in which the certificate of authentication is valid; verify the certificate of authentication by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period; receive a cryptographic key associated to the user; generate a secure ledger transaction request, the transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication; sign the secure ledger transaction request with a private signing key; and communicate the transaction request to the secure ledger.” Under the Step 2A Prong One, the limitations, as underlined above, are processes that, under its broadest reasonable interpretation, cover Certain Methods Of Organizing Human Activity such as commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations). For example, but for the “network”, “storage device”, “processor”, “secure ledger”, “cryptographically secure signature”, and “cryptographic key” language, the underlined limitations in the context of this claim encompass the human activity. The series of steps belong to a typical sales activities or behaviors, because data or information such as certificate, key, and request are exchanged and processed for transactions. Under the Step 2A Prong Two, this judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements – “A non-transitory computer readable medium encoded with instructions which when executed by a processor, cause the processor to:”, “network”, “storage device”, “processor”, “secure ledger”, “cryptographically secure signature”, and “cryptographic key”. The additional elements are recited at a high-level of generality (i.e., performing generic functions of an interaction) such that it amounts no more than mere instructions to apply the exception using a generic computer component, merely implementing an abstract idea on a computer, or merely using a computer as a tool to perform an abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. Accordingly, these additional elements, individually or in combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. Under the Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements in the process amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible. Regarding Claim 16: Claim 16 is drawn to an abstract idea without significantly more. The claims recite “receive, from a blockchain authorizing entity, a first secure ledger transaction request, the first transaction request comprising a cryptographic key associated to a user, identification data associated to the user and a certificate of authentication certifying that the user has been authenticated by an authentication entity, wherein the certificate of authentication comprises: the identification data associated to the user, data comprising a request to authorize the user to access the secure ledger, a cryptographically secure signature associated to the authentication entity, and data comprising a time stamp and/or a time period in which the certificate of authentication is valid; validate the first transaction request by validating that the cryptographically secure signature and a signature of the first transaction request provided by the blockchain authorizing entity; and generate a secure ledger entry on the basis of the validation by computing a hash value by evaluating a hash function based on a payload of the first transaction request and previous entries on the secure ledger.” Under the Step 2A Prong One, the limitations, as underlined above, are processes that, under its broadest reasonable interpretation, cover Certain Methods Of Organizing Human Activity such as commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations). For example, but for the “blockchain”, “cryptographic key”, “secure ledger”, “cryptographically secure signature”, “secure ledger”, “computing a hash value”, and “hash function” language, the underlined limitations in the context of this claim encompass the human activity. The series of steps belong to a typical sales activities or behaviors, because data or information such as certificate, key, and request are exchanged and processed for transactions. Under the Step 2A Prong Two, this judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements – “A non-transitory computer readable medium encoded with instructions which when executed by a processor cause the processor to:”, “blockchain”, “cryptographic key”, “secure ledger”, “cryptographically secure signature”, “secure ledger”, “computing a hash value”, and “hash function”. The additional elements are recited at a high-level of generality (i.e., performing generic functions of an interaction) such that it amounts no more than mere instructions to apply the exception using a generic computer component, merely implementing an abstract idea on a computer, or merely using a computer as a tool to perform an abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. Accordingly, these additional elements, individually or in combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. Under the Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements in the process amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible. Regarding Claim 21: Claim 21 is drawn to an abstract idea without significantly more. The claims recite “access a certificate of authentication from a storage device, the certificate of authentication previously received from an authentication entity via network, certifying that a user has been authenticated by the authentication entity, and comprising: user identification information, a request to authorize the user to access the blockchain, data indicating a time period in which the certificate of authentication is valid, and a cryptographically secure signature associated to the authentication entity; validate the certificate of authentication by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period; access a cryptographic key associated to the user; generate a blockchain transaction request, the transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication; generate a cryptographic signature using a signing key to authenticate the blockchain transaction request; and transmit the transaction request with the cryptographic signature to a blockchain entity.” Under the Step 2A Prong One, the limitations, as underlined above, are processes that, under its broadest reasonable interpretation, cover Certain Methods Of Organizing Human Activity such as commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations). For example, but for the “storage device”, “blockchain”, “cryptographically secure signature”, “cryptographic key”, and “cryptographic signature” language, the underlined limitations in the context of this claim encompass the human activity. The series of steps belong to a typical sales activities or behaviors, because data or information such as certificate, key, and request are exchanged and processed for transactions. Under the Step 2A Prong Two, this judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements – “A computing system comprising a processor and memory, the memory to store instructions that when executed by the processor cause the processor to:”, “storage device”, “blockchain”, “cryptographically secure signature”, “cryptographic key”, and “cryptographic signature”. The additional elements are recited at a high-level of generality (i.e., performing generic functions of an interaction) such that it amounts no more than mere instructions to apply the exception using a generic computer component, merely implementing an abstract idea on a computer, or merely using a computer as a tool to perform an abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. Accordingly, these additional elements, individually or in combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. Under the Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements in the process amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible. Regarding Claim 24: Claim 24 is drawn to an abstract idea without significantly more. The claims recite “accessing a certificate of authentication, the certificate of authentication attesting that the user is authenticated and comprising: identification data associated to the user, data comprising a request to authorize the user to access the secure ledger, a cryptographically secure signature associated to the authentication entity, and data comprising a time stamp and/or a time period in which the certificate of authentication is valid; validating the certificate of authentication; receiving a cryptographic key from the user; generating a secure ledger transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication, wherein generating the secure ledger transaction request comprises generating a cryptographic signature using a signing key to authenticate the secure ledger transaction request; and transmitting the transaction request to the secure ledger.” Under the Step 2A Prong One, the limitations, as underlined above, are processes that, under its broadest reasonable interpretation, cover Certain Methods Of Organizing Human Activity such as commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations). For example, but for the “secure ledger”, “cryptographically secure signature”, “cryptographic key”, and “cryptographic signature” language, the underlined limitations in the context of this claim encompass the human activity. The series of steps belong to a typical sales activities or behaviors, because data or information such as certificate, key, and request are exchanged and processed for transactions. Under the Step 2A Prong Two, this judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements – “A method for authorizing a user to access a secure ledger, the method comprising:”, “secure ledger”, “cryptographically secure signature”, “cryptographic key”, and “cryptographic signature”. The additional elements are recited at a high-level of generality (i.e., performing generic functions of an interaction) such that it amounts no more than mere instructions to apply the exception using a generic computer component, merely implementing an abstract idea on a computer, or merely using a computer as a tool to perform an abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. Accordingly, these additional elements, individually or in combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. Under the Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements in the process amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible. Regarding Claims 17-20, 23, and 25-29: Dependent claims 19-20 and 28 only further elaborate the abstract idea and do not recite additional elements. Dependent claims 17-18, 23, and 25-29 include additional limitations, for example, “secure ledger” (Claim 17); “secure ledger” (Claims 18 and 26); “cryptographic data” and “cryptographically secure signature” (Claim 23); and “secure ledger” (Claim 25); “cryptographically secure signature” (Claim 27); “processor”, “network”, “user device”, and “cryptographic key” (Claim 29), but none of these limitations are deemed significantly more than the abstract idea because, as stated above, they require no more than generic computer structures or signals to be executed, and do not recite any Improvements to the functioning of a computer, or Improvements to any other technology or technical field. Thus, taken alone, the additional elements do not amount to significantly more than the above-identified judicial exception (the abstract idea). Furthermore, looking at the limitations as an ordered combination adds nothing that is not already present when looking at the elements taken individually. There is no indication that the combination of elements improves the functioning of a computer or improves any other technology, and their collective functions merely provide conventional computer implementation or implementing the judicial exception on a generic computer. Therefore, whether taken individually or as an ordered combination, claims 17-18, 23, and 25-29 are nonetheless rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 14, 16-17, 19-21, 23-25, and 27-29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chan (US 20200235926 A1; already of record in IDS) in view of Le Saint (US 20190305953 A1; already of record in IDS). Regarding Claim 14, Chan teaches A non-transitory computer readable medium encoded with instructions which when executed by a processor, cause the processor to (Chan: Abstract; Paragraph(s) 0077-0079): receive, from an authentication entity via a network, a certificate of authentication for storage in a storage device accessible by the processor, the certificate of authentication certifying that a user has been authenticated by the authentication entity (Chan: Paragraph(s) 0053 teach(es) the policy of the contract may determine the way that the key block-chain ledger is maintained; the centralized control may be a trusted node, such as a certificate authority, authorized to attest and sign the transaction blocks to validate them and validation by miners may not be needed) and comprising: identification data associated to the user, data comprising a request to authorize the user to access a secure ledger, a cryptographically secure signature associated to the authentication entity, and data indicating a time period in which the certificate of authentication is valid (Chan: Paragraph(s) 0033-0034, 0038, 0064 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc. The genesis block is signed with a signature that is cryptographically generated using information pertaining to the key; the amend data may indicate that an attempt was detected to cause a data dump on certain ciphered data associated with the key, but back-dated to a known time where the key was valid and the new key has been refreshed N times since the known time when the key was valid); verify the certificate of authentication … (Chan: Paragraph(s) 0050, 0053 teach(es) The immutable key can also be a quasi-immutable key, like a certificate authority (CA) issued key as an intermediary key with high longevity for use with a secure logger); receive a cryptographic key associated to the user (Chan: Abstract; Paragraph(s) 0002 teach(es) Key management is the management of cryptographic keys in an encrypted system and includes dealing with the generation, exchange, storage, use, destruction and replacement of keys. It typically includes cryptographic protocols, key servers, and user procedures; the key typically includes a cryptographic certificate to govern how the key is used, the agency that is attesting for the key, and lifecycle policies for the key); generate a secure ledger transaction request, the transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication (Chan: Paragraph(s) 0007, 0022 teach(es) the techniques involve detecting an attack on data or a system associated with the cryptographic key. This aspect further involves using metadata of the transaction blocks in the key block-chain ledger to trace the cryptographic key to a point of attack and determining transaction block corresponding to the point of attack); sign the secure ledger transaction request with a private signing key (Chan: Paragraph(s) 0033-0034 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc.; genesis block is signed with a signature derived from a key value for signing the key certificate and information pertaining to the key and key source information); and communicate the transaction request to the secure ledger (Chan: Abstract; Paragraph(s) 0022, 0026 teach(es) Certain examples trace the key block-chain ledger using the metadata in the transaction blocks to determine a point of attack and generate an alert by detecting an attack on data or a system associated with the cryptographic key, using metadata of the transaction blocks in the key block-chain ledger to trace the cryptographic key to a point of attack). However, Chan does not explicitly teach by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period. Le Saint from same or similar field of endeavor teaches by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period (Le Saint: Paragraph(s) 0036-0038 teach(es) The certificate may include one or more data fields, such as the legal name of the identity, a serial number of the certificate, a valid-from and valid-to date for the certificate, certificate-related permissions, etc.). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of Chan to incorporate the teachings of Le Saint for validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period. There is motivation to combine Le Saint into Chan because Le Saint s teachings of valid-from and valid-to date for the certificate would facilitate to control the certificates (Le Saint: Paragraph(s) 0036-0038). Regarding Claim 16, Chan teaches A non-transitory computer readable medium encoded with instructions which when executed by a processor cause the processor to (Chan: Abstract; Paragraph(s) 0077-0079): receive, from a blockchain authorizing entity, a first secure ledger transaction request, the first transaction request comprising a cryptographic key associated to a user, identification data associated to the user and a certificate of authentication certifying that the user has been authenticated by an authentication entity (Chan: Abstract; Paragraph(s) 0050, 0053, as stated above with respect to claim 14), wherein the certificate of authentication comprises: the identification data associated to the user, data comprising a request to authorize the user to access the secure ledger, a cryptographically secure signature associated to the authentication entity, and data comprising a time stamp and/or a time period in which the certificate of authentication is valid (Chan: Paragraph(s) 0033-0034, 0038, 0064 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc. The genesis block is signed with a signature that is cryptographically generated using information pertaining to the key; the amend data may indicate that an attempt was detected to cause a data dump on certain ciphered data associated with the key, but back-dated to a known time where the key was valid and the new key has been refreshed N times since the known time when the key was valid); validate the first transaction request …; and generate a secure ledger entry on the basis of the validation (Chan: Abstract; Paragraph(s) 0007, 0022, 0026, as stated above with respect to claim 14) by computing a hash value by evaluating a hash function based on a payload of the first transaction request and previous entries on the secure ledger (Chan: Abstract; Paragraph(s) 0044, 0059 teach(es) Each transaction block contains a hash pointer as a link to a previous block, a timestamp and transaction data). However, Chan does not explicitly teach by validating that the cryptographically secure signature and a signature of the first transaction request provided by the blockchain authorizing entity. Le Saint from same or similar field of endeavor teaches by validating that the cryptographically secure signature and a signature of the first transaction request provided by the blockchain authorizing entity (Le Saint: Paragraph(s) 0036-0038 teach(es) The certificate may include one or more data fields, such as the legal name of the identity, a serial number of the certificate, a valid-from and valid-to date for the certificate, certificate-related permissions, etc.). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of Chan to incorporate the teachings of Le Saint for by validating that the cryptographically secure signature and a signature of the first transaction request provided by the blockchain authorizing entity. There is motivation to combine Le Saint into Chan because Le Saint s teachings of valid-from and valid-to date for the certificate would facilitate to control the certificates (Le Saint: Paragraph(s) 0036-0038). Regarding Claim 21, Chan teaches A computing system comprising a processor and memory, the memory to store instructions that when executed by the processor cause the processor to (Chan: Abstract; Paragraph(s) 0077-0079): access a certificate of authentication from a storage device, the certificate of authentication previously received from an authentication entity via network, certifying that a user has been authenticated by the authentication entity (Chan: Abstract; Paragraph(s) 0053, as stated above with respect to claim 14), and comprising: user identification information, a request to authorize the user to access the blockchain, data indicating a time period in which the certificate of authentication is valid, and a cryptographically secure signature associated to the authentication entity (Chan: Paragraph(s) 0033-0034, 0038, 0064 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc. The genesis block is signed with a signature that is cryptographically generated using information pertaining to the key; the amend data may indicate that an attempt was detected to cause a data dump on certain ciphered data associated with the key, but back-dated to a known time where the key was valid and the new key has been refreshed N times since the known time when the key was valid); validate the certificate of authentication …; access a cryptographic key associated to the user; generate a blockchain transaction request, the transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication; generate a cryptographic signature using a signing key to authenticate the blockchain transaction request (Chan: Paragraph(s) 0033-0034, 0055-0056 teach(es) genesis block is signed with a signature derived from a key value for signing the key certificate and information pertaining to the key and key source information); and transmit the transaction request with the cryptographic signature to a blockchain entity (Chan: Abstract; Paragraph(s) 0007, 0022, 0026, as stated above with respect to claim 14). However, Chan does not explicitly teach by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period. Le Saint from same or similar field of endeavor teaches by validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period (Le Saint: Paragraph(s) 0036-0038 teach(es) The certificate may include one or more data fields, such as the legal name of the identity, a serial number of the certificate, a valid-from and valid-to date for the certificate, certificate-related permissions, etc.). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of Chan to incorporate the teachings of Le Saint for validating that the cryptographically secure signature was signed by the authentication entity and validating that the certificate of authentication is within the time period. There is motivation to combine Le Saint into Chan because Le Saint s teachings of valid-from and valid-to date for the certificate would facilitate to control the certificates (Le Saint: Paragraph(s) 0036-0038). Regarding Claim 24, Chan teaches A method for authorizing a user to access a secure ledger, the method comprising (Chan: Abstract; Paragraph(s) 0077-0079): accessing a certificate of authentication, the certificate of authentication attesting that the user is authenticated (Chan: Abstract; Paragraph(s) 0053 teach(es) the centralized control may be a trusted node, such as a certificate authority, authorized to attest and sign the transaction blocks to validate them) and comprising: identification data associated to the user, data comprising a request to authorize the user to access the secure ledger, a cryptographically secure signature associated to the authentication entity, and data comprising a time stamp and/or a time period in which the certificate of authentication is valid (Chan: Paragraph(s) 0033-0034, 0038, 0064 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc. The genesis block is signed with a signature that is cryptographically generated using information pertaining to the key; the amend data may indicate that an attempt was detected to cause a data dump on certain ciphered data associated with the key, but back-dated to a known time where the key was valid and the new key has been refreshed N times since the known time when the key was valid); validating the certificate of authentication … (Chan: Paragraph(s) 0050, 0053, as stated above with respect to claim 14); receiving a cryptographic key from the user; generating a secure ledger transaction request comprising the cryptographic key, identification data associated to the user and the certificate of authentication (Chan: Abstract; Paragraph(s) 0007, 0022, 0026, as stated above with respect to claim 14), wherein generating the secure ledger transaction request comprises generating a cryptographic signature using a signing key to authenticate the secure ledger transaction request (Chan: Paragraph(s) 0033-0034, 0055-0056 teach(es) genesis block is signed with a signature derived from a key value for signing the key certificate and information pertaining to the key and key source information); and transmitting the transaction request to the secure ledger (Chan: Abstract; Paragraph(s) 0007, 0022, 0026, as stated above with respect to claim 14). However, Chan does not explicitly teach by validating that the cryptographically secure signature was signed by the authentication entity and validating the time stamp, that the certificate of authentication is within the time period. Le Saint from same or similar field of endeavor teaches by validating that the cryptographically secure signature was signed by the authentication entity and validating the time stamp, that the certificate of authentication is within the time period (Le Saint: Paragraph(s) 0036-0038 teach(es) The certificate may include one or more data fields, such as the legal name of the identity, a serial number of the certificate, a valid-from and valid-to date for the certificate, certificate-related permissions, etc.). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of Chan to incorporate the teachings of Le Saint for validating that the cryptographically secure signature was signed by the authentication entity and validating the time stamp, that the certificate of authentication is within the time period. There is motivation to combine Le Saint into Chan because Le Saint s teachings of valid-from and valid-to date for the certificate would facilitate to control the certificates (Le Saint: Paragraph(s) 0036-0038). Regarding Claim 17, the combination of Chan and Le Saint teaches all the limitations of claim 16 above; and Chan further teaches wherein the instructions cause the processor to determine whether the user was previously authorized to access the secure ledger (Chan: Paragraph(s) 0037, 0042 teach(es) The data introduced by the secure cryptographic operations, e.g. amend or emend operations, is reflected in the transaction blocks of the key block-chain ledger, e.g. a specific Merkle tree branch of the transaction blocks of the block-chain). Regarding Claim 19, the combination of Chan and Le Saint teaches all the limitations of claim 18 above; however the combination does not explicitly teach wherein the user activation request comprises a nonce. Le Saint further teaches wherein the user activation request comprises a nonce (Le Saint: Paragraph(s) 0040-0041, 0104-0105, 0135). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of the combination of Chan and Le Saint to incorporate the teachings of Le Saint for wherein the user activation request comprises a nonce. There is motivation to combine Le Saint into the combination of Chan and Le Saint because Le Saint’s teachings of nonce would facilitate secure handing of requests (Le Saint: Paragraph(s) 0040-0041, 0104-0105, 0135). Regarding Claim 20, the combination of Chan and Le Saint teaches all the limitations of claim 19 above; however the combination does not explicitly teach wherein the instructions cause the processor to determine whether the second transaction request comprises the nonce. Le Saint further teaches wherein the instructions cause the processor to determine whether the second transaction request comprises the nonce (Le Saint: Paragraph(s) 0040-0041, 0104-0105, 0135). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of the combination of Chan and Le Saint to incorporate the teachings of Le Saint for wherein the instructions cause the processor to determine whether the second transaction request comprises the nonce. There is motivation to combine Le Saint into the combination of Chan and Le Saint because Le Saint’s teachings of nonce would facilitate secure handing of requests (Le Saint: Paragraph(s) 0040-0041, 0104-0105, 0135). Regarding Claim 23, the combination of Chan and Le Saint teaches all the limitations of claim 22 above; and Chan further teaches wherein the cryptographic data comprises a cryptographically secure signature generated by the authentication entity (Chan: Paragraph(s) 0033-0034, 0038, 0064, 0056 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc. The genesis block is signed with a signature that is cryptographically generated using information pertaining to the key; where the contents of the transaction blocks are maintained as secret, then only the signature for each transaction block is released and mined for public establishment of the key block-chain ledger). Regarding Claim 25, the combination of Chan and Le Saint teaches all the limitations of claim 24 above; and Chan further teaches comprising: receiving a first secure ledger transaction request; verifying the first transaction request; and generating a secure ledger entry on the basis of the verification (Chan: Abstract; Paragraph(s) 0050, 0053, 0007, 0022, 0026, as stated above with respect to claim 16). Regarding Claim 27, the combination of Chan and Le Saint teaches all the limitations of claim 14 above; and Chan further teaches wherein verifying the certificate of authentication comprises: validating that the cryptographically secure signature of the certificate of authentication was validly signed by the authentication entity using a private key (Chan: Paragraph(s) 0033-0034 teach(es) When a private key is created in HSM, genesis block for a block-chain is created that includes metadata identifying the source of generation, e.g. HSM, and mode of generation for the key, such as the type of key, protocols, etc.; genesis block is signed with a signature derived from a key value for signing the key certificate and information pertaining to the key and key source information). Regarding Claim 28, the combination of Chan and Le Saint teaches all the limitations of claim 14 above; however the combination does not explicitly teach wherein verifying the certificate of authentication comprises: validating that a timestamp of the certificate of authentication is within the time period of validity in which the certificate remains valid. Le Saint further teaches wherein verifying the certificate of authentication comprises: validating that a timestamp of the certificate of authentication is within the time period of validity in which the certificate remains valid (Le Saint: Paragraph(s) 0036-0038 teach(es) The certificate may include one or more data fields, such as the legal name of the identity, a serial number of the certificate, a valid-from and valid-to date for the certificate, certificate-related permissions, etc.). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of the combination of Chan and Le Saint to incorporate the teachings of Le Saint for wherein verifying the certificate of authentication comprises: validating that a timestamp of the certificate of authentication is within the time period of validity in which the certificate remains valid. There is motivation to combine Le Saint into the combination of Chan and Le Saint because Le Saint’s teachings of valid-from and valid-to date for the certificate would facilitate to control the certificates (Le Saint: Paragraph(s) 0036-0038). Regarding Claim 29, the combination of Chan and Le Saint teaches all the limitations of claim 14 above; however the combination does not explicitly teach wherein the instructions cause the processor to: transmit, via the network, a prompt to a user device requesting the cryptographic key associated to the user, wherein the cryptographic key is a public key of the user. Le Saint further teaches wherein the instructions cause the processor to: transmit, via the network, a prompt to a user device requesting the cryptographic key associated to the user, wherein the cryptographic key is a public key of the user (Le Saint: Paragraph(s) 0035 teach(es) The term “public/private key pair” may include a pair of linked cryptographic keys generated by an entity. The public key may be used for public functions such as encrypting a message to send to the entity or for verifying a digital signature which was supposedly made by the entity). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of the combination of Chan and Le Saint to incorporate the teachings of Le Saint for wherein the instructions cause the processor to: transmit, via the network, a prompt to a user device requesting the cryptographic key associated to the user, wherein the cryptographic key is a public key of the user. There is motivation to combine Le Saint into the combination of Chan and Le Saint because Le Saint’s teachings of public/private key pair would facilitate to control the certificates (Le Saint: Paragraph(s) 0035). Claim(s) 18 and 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Chan and Le Saint, as applied to claims 16 and 25 above, and in further view of Kumar (US 20190163912 A1). Regarding Claims 18 and 26, the combination of Chan and Le Saint teaches all the limitations of claims 16 and 25 above; however the combination does not explicitly teach wherein the instructions cause the processor to: communicate a user activation request to the user; generate a second secure ledger entry comprising data indicating that the user activation request has been communicated to the user; receive a second secure ledger transaction request in response to the user activation request; validate the second transaction request; and generate a third secure ledger entry based on the second transaction request, the third secure ledger entry indicating that the user is authorized to access the secure ledger. Kumar from same or similar field of endeavor teaches wherein the instructions cause the processor to: communicate a user activation request to the user(Kumar: Paragraph(s) 0053 teach(es) the enrollment service sends a certificate request for the endpoint device to the certificate authority); generate a second secure ledger entry comprising data indicating that the user activation request has been communicated to the user(Kumar: Paragraph(s) 0064 teach(es) the local ledger emits an event that represents a block of device enrollment transactions for integration with applications in a blockchain); receive a second secure ledger transaction request in response to the user activation request(Kumar: Paragraph(s) 0062 teach(es) the discovery service on the gateway device sends an enrollment request for the endpoint device over secure transport, with enrollment service one-way certificate verification including the endpoint device profile and the gateway device profile to the enrollment service); validate the second transaction request(Kumar: Paragraph(s) 0066 teach(es) the enrollment service performs gateway device and endpoint device authentication, and enrollment request validation based on the configured orchestration rules); and generate a third secure ledger entry based on the second transaction request, the third secure ledger entry indicating that the user is authorized to access the secure ledger (Kumar: Paragraph(s) 0064, 0099 teach(es) a distributed ledger in the blockchain has adequate transaction records to reproduce history of device and service transactions for cross-domain traceability across the supply chain of update package providers and publishers). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the teachings of the combination of Chan and Le Saint to incorporate the teachings of Kumar for wherein the instructions cause the processor to: communicate a user activation request to the user; generate a second secure ledger entry comprising data indicating that the user activation request has been communicated to the user; receive a second secure ledger transaction request in response to the user activation request; validate the second transaction request; and generate a third secure ledger entry based on the second transaction request, the third secure ledger entry indicating that the user is authorized to access the secure ledger. There is motivation to combine Kumar into the combination of Chan and Le Saint because Kumar’s teachings of enrollment service and certificate would facilitate a device management service, a policy service, or an update service (Kumar: Paragraph(s) 0002, 0011). Response to Arguments Applicant's arguments filed September 12, 2025 have been fully considered but they are not persuasive. Regarding applicant’s argument under Claim Rejections - 35 USC § 101 that “the claims do not broadly cover all characterizations of blockchain transaction formation, but, rather, are directed to a specific improvement of the technological field through the use of transaction validations and/or secure ledger transaction requests, ultimately providing a more secure blockchain and more secure transactions,” examiner respectfully argues that the claims do not recite technical details and contexts of the blockchain (secure ledger) transaction, enough to provide any improvements of the technological field and overcome the rejections. It is recommended to amend the claims further with more technical details and contexts of “a specially formed blockchain transaction”, “a registered user’s interaction with blockchain services according to an assigned role within the organization”, etc. Regarding applicant’s argument under Claim Rejections - 35 USC § 103 that “Chan fails to teach the elements of claim 14. In particular Chan fails to teach or suggest the claimed certification of authentication that is (1) received from an authentication entity, (2) verified, and (3) used to generate a secure ledger transaction request, as required by amended claim 14,” examiner respectfully argues that the combination of Chan and Le Saint teaches the features as stated above with respect to the 103 rejections. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CLAY LEE whose telephone number is (571)272-3309. The examiner can normally be reached Monday-Friday 8-5pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571)270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CLAY C LEE/ Primary Examiner, Art Unit 3699
Read full office action

Prosecution Timeline

Jan 25, 2024
Application Filed
Jun 13, 2025
Non-Final Rejection — §101, §103
Aug 26, 2025
Interview Requested
Sep 05, 2025
Applicant Interview (Telephonic)
Sep 05, 2025
Examiner Interview Summary
Sep 12, 2025
Response Filed
Dec 30, 2025
Final Rejection — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/657,263
Patent 12597019
Post-Provisioning Authentication Protocols
2y 5m to grant Granted Apr 07, 2026
18/196,769
Patent 12591639
RESOURCE BASED LICENSING
2y 5m to grant Granted Mar 31, 2026
18/549,430
Patent 12572907
UNIVERSAL PAYMENT CHANNEL
2y 5m to grant Granted Mar 10, 2026
17/207,792
Patent 12561654
SYSTEMS AND METHODS FOR EXECUTING REAL-TIME ELECTRONIC TRANSACTIONS USING A ROUTING DECISION MODEL
2y 5m to grant Granted Feb 24, 2026
17/857,471
Patent 12561712
LOYALTY POINT DISTRIBUTIONS USING A DECENTRALIZED LOYALTY ID
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
54%
Grant Probability
99%
With Interview (+57.1%)
4y 1m
Median Time to Grant
Moderate
PTA Risk
Based on 216 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month