DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Applicant responded to Requirement for Restriction/Election, mailed on 12/03/2025; and elected claims 1-10 (Group I) with traverse. As shown in the previous communication, the original group of claims fall into different set of classifications, that cause serious examination burden on the examiner.
Therefore, the restriction requirement is made final.
Claim Status
Claims 1-21 were Original.
In a response, filed on 01/28/2026:
Claims 1-10 are Elected; and
Claims 11-21 are Withdrawn from consideration.
/Please Cancel unelected claims/
Claims 1-10 are pending, and are examined.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-8 & 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over “CUTILLO” (US 2025/0173460 A1) in view of “FASCENDA” (US 2011/0055574 A1).
CUTILLO discloses Claim 1. A gateway computing device configured to perform operations, the operations comprising:
sending to a receiver computing device a first communication, wherein the first communication comprises an identifier associated with a transmitter device [CUTILLO discloses, “receiving a data subject identifier from a first data controller, the first data controller having a first data controller identifier” (Abstract)], a one-way function of the identifier associated with the transmitter device, or a set of authentication data associated with the transmitter device [CUTILLO discloses “cryptographic mixing function” (Abstract); HMAC() – par.0053, 0067-0068, 0075 with Fig.1];
receiving from the receiver computing device a second communication that is responsive to the first communication, wherein the second communication comprises a set of cryptographic material [CUTILLO disclose receiving crypto material; such as, pseudonym key, message authentication code, EID, CID, etc. (par.0053, 0067-0068, 0075 with Figs.1-3)];
CUTILLO does not; but, FASCENDA, analogues art, discloses A gateway device [see access point 120, par.0007 with FIG.1; wireless access point 220, par.0039 with FIG.2 of FASCENDA] and authenticating the set of cryptographic material using the set of authentication data [FASCENDA discloses “Each key comprises a unique serial number and a common network send cryptographic key and a common network receive cryptographic key used only during the authentication phase by all components on the LAN” (Abstract); see also Authenticate AP using AP key 715, FIG.7 and FIG.9A-9B, where Authentication Request/Response sent/returned between AP and Client];
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to modify the system of CUTILLO by incorporating the authentication system of FASCENDA for authenticating and securing communication system for a Wi-Fi (IEEE 802.11) network.
CUTILLO in view of FASCENDA further disclose,
and sending to the receiver computing device a third communication, wherein at least an encrypted portion of the third communication is encrypted using the set of cryptographic material [CUTILLO discloses “computing an encrypted data subject identifier based on the data subject identifier using the cryptographic mixing function based on a random key, preferably even a random one-time key” (par.0023, 0050-0051, 0056-0059)].
CUTILLO in view of FASCENDA further disclose claim 2. The gateway computing device of claim 1, wherein the transmitter computing device comprises a beacon computing device that is incapable of being updated, and wherein the gateway computing device and the receiver computing device have been re-configured after deployment to enable transmission of the first, second, and third communications [see access point 120, par.0007 with FIG.1; wireless access point 220, par.0039 with FIG.2 of FASCENDA]. The motivation to combine is the same as that of claim 1 above.
CUTILLO in view of FASCENDA further disclose claim 3. The gateway computing device of claim 1, wherein the operations further comprise, prior to sending the first communication, receiving an initial communication from the transmitter computing device that comprises an encrypted message generated by the transmitter computing device, and wherein the encrypted portion of the third communication comprises the encrypted message that has been further encrypted using the set of cryptographic material [CUTILLO discloses, “In such embodiment the K.sub.PSG is then further encrypted as the K.sub.PS by computing the K.sub.PS as the exclusive OR of the K.sub.PSG with the K.sub.ROT noted as K.sub.PS=XOR(K.sub.ROT,K.sub.PSG)” (par.0050-0059 with Figs.1-3)].
CUTILLO in view of FASCENDA further disclose claim 4. The gateway computing device of claim 1, wherein the encrypted portion of the third communication comprises a location of the gateway computing device that has been encrypted using the set of cryptographic material [CUTILLO discloses encryption data, and “a pseudonymisation of a data subject. The data subject for example can be an identifiable object where the property of no longer being identified directly or indirectly without the use of additional information is desired such as for example an object with an identification number such as for example… Such data can for example be a name, an identification number, location data, an online identifier, factors specific to the physical (par.0054)].
CUTILLO in view of FASCENDA further disclose claim 5. The gateway computing device of claim 1, wherein the second communication comprises a Message Authentication Code (MAC) value generated from both (1) the set of authentication data and (2) the set of cryptographic material, and wherein authenticating the set of cryptographic material comprises confirming the MAC value [CUTILLO discloses “cryptographic mixing function” (Abstract); HMAC(); receiving crypto material; such as, pseudonym key, message authentication code, EID, CID, etc. (par.0053, 0067-0068, 0075 with Figs.1-3)].
CUTILLO in view of FASCENDA further disclose claim 6. The gateway computing device of claim 1, wherein the set of authentication data comprises the one-way function of the identifier [CUTILLO discloses “cryptographic mixing function” (Abstract); HMAC(); receiving crypto material; such as, pseudonym key, message authentication code, EID, CID, etc. (par.0053, 0067-0068, 0075 with Figs.1-3)].
CUTILLO in view of FASCENDA further disclose claim 7-8. The gateway computing device of claim 1, wherein the identifier was generated by the transmitter computing device using a first cryptographic key, and wherein the set of authentication data was generated using a second, different cryptographic key [CUTILLO discloses “cryptographic mixing function” (Abstract); HMAC(); receiving crypto material; such as, pseudonym key, message authentication code, EID, CID, etc. (par.0053, 0067-0068, 0075 with Figs.1-3)];
wherein the set of authentication data was generated by the transmitter computing device and included in an initial communication received by the gateway computing device from the transmitter computing device [see access point 120, par.0007 with FIG.1; wireless access point 220, par.0039 with FIG.2 of FASCENDA].
The motivation to combine is the same as that of claim 1 above.
CUTILLO in view of FASCENDA further disclose claim 10. The gateway computing device of claim 1, wherein the set of cryptographic material has been received from an owner computing device associated with the transmitter computing device [CUTILLO disclose receiving crypto material; such as, pseudonym key, message authentication code, EID, CID, etc. (par.0053, 0067-0068, 0075 with Figs.1-3)].
Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over “CUTILLO” (US 2025/0173460 A1) in view of “FASCENDA” (US 2011/0055574 A1), and further in view of “Osborn” et al. (US 2024/0291648 A1).
CUTILLO in view of FASCENDA further disclose claim 9. The gateway computing device of claim 1, wherein the first communication contains the identifier or the hash of the identifier but not the set of authentication data [CUTILLO discloses, “receiving a data subject identifier from a first data controller, the first data controller having a first data controller identifier” (Abstract)].
CUTILLO/FASCENDA may not; but, Osborn, analogues art, disclose wherein the second communication comprises the set of cryptographic key material with a digital signature generated using the set of authentication data, and wherein authenticating the set of cryptographic material comprises confirming the digital signature [see par.0107 with FIG.5, where Osborn discloses: “In some examples, the MAC cryptogram may function as a digital signature for purposes of verification. Other digital signature algorithms, such as public key asymmetric algorithms”].
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to modify the system of CUTILLO/FASCENDA by incorporating the teaching of Osborn for management of membership functions for members of a partner entity associated with contactless card cryptograms.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. (See PTO—892).
For example, US is directed to US 11764980 B2 directed to Digital Contact Tracing Security And Privacy With Proximity-based ID Exchange With A Time-based Distance-bounding
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMARE F TABOR whose telephone number is (571) 270-3155. The examiner can normally be reached Mon.—Fri.: 8:00 AM to 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ALI SHAYANFAR can be reached at (571) 270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AMARE F TABOR/Primary Examiner, Art Unit 2434