Prosecution Insights
Last updated: July 17, 2026
Application No. 18/447,083

Secure Circuit For Encryption Key Generation

Non-Final OA §103§112
Filed
Aug 09, 2023
Priority
Jun 05, 2015 — provisional 62/171,705 +4 more
Examiner
ZAIDI, SYED A
Art Unit
2432
Tech Center
2400 — Computer Networks
Assignee
Apple Inc.
OA Round
3 (Non-Final)
82%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
94%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
636 granted / 778 resolved
+23.7% vs TC avg
Moderate +13% lift
Without
With
+12.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
26 currently pending
Career history
818
Total Applications
across all art units

Statute-Specific Performance

§101
6.6%
-33.4% vs TC avg
§103
74.7%
+34.7% vs TC avg
§102
7.5%
-32.5% vs TC avg
§112
5.9%
-34.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 778 resolved cases

Office Action

§103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION In view of the Pre-Appeal Brief filed on 11/19/2025, PROSECUTION IS HEREBY REOPENED. New grounds of rejection are set forth below. To avoid abandonment of the application, appellant must exercise one of the following two options: (1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 CFR 1.113 (if this Office action is final); or, (2) initiate a new appeal by filing a notice of appeal under 37 CFR 41.31 followed by an appeal brief under 37 CFR 41.37. The previously paid notice of appeal fee and appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth in 37 CFR 41.20 have been increased since they were previously paid, then appellant must pay the difference between the increased fees and the amount previously paid. A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by signing below: Response to Arguments In communications filed on 11/19/2025, claims 21-40 are presented for examination. Claims 21, 32, and 38 are independent. Applicants’ arguments, see Applicant Arguments/Remarks filed 11/19/2025, with respect to claim(s) rejected under prior art have been fully considered and are persuasive. The rejection is withdrawn. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 21, 32, 38 and their respective dependent claims are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 21, 32, 38 recite: sending, by an application, a key creation request for a secure circuit of the device to create a cryptographic key associated with the application and protected by a biometric authentication performed by the secure circuit for the application. It is not clear whether “a key creation request” or “a cryptographic key” is “protected by a biometric authentication performed by the secure circuit for the application.” Further, if it is “a cryptographic key” that is “protected by a biometric authentication performed by the secure circuit for the application”, it is not clear how the key can be protected prior to its existence (i.e., creation) as recited in the claim, or how the clause “protected by the biometric authentication performed by the secure circuit for the application” affects the scope of “sending, by the application, a key creation request”. Furthermore, applicant’s claims are directed to the method (and CRMs comprising instructions for the method) of the application. It is noted that applicant’s argument in their pre-appeal-brief conference request, item #2, explicitly argues the art fails to teach any “biometric authentication”, emphasizing the claim recites a clause that includes the words “…biometric authentication performed by the secure circuit” and presumably elucidates to the audience that Lal does not include a disclosure of “biometric authentication” by any secure circuit. However, standard claim interpretation would find that no “biometric authentication” is ever performed in the claim, nor required by the claim, and, since the claim is directed to the method (and corresponding CRMs) of “the application” and not a method of “the secure circuit”, acts or functions of the secure circuit are not required for infringement (and thus to teach the claim) except to the extent they affect the scope of steps of the application. However, because applicant has now argued this language, which would not affect the scope of any of the claimed steps of the application, as not being taught by the prior art, applicant has now created prosecution estoppel to require the language which renders the claim indefinite. A potential infringer or competitor now does not understand what, precisely, is required for infringement, particularly whether the claims are limited to the method (and CRM) of the application or whether the secure circuit and its method are also now required. Dependent claims are rejected for incorporating the aforementioned deficiency of the base claims by reference. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claim(s) 21, 22, 27-29, 31-33, 36-39 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 20170046509 A1 (hereinafter ‘Lal’) in view of US 20110055299 A1 (hereinafter ‘Phillips’) in view of US 20140089682 A1 (hereinafter ‘Gulati’). As regards claim 21, Lal (US 20170046509 A1) discloses: A non-transitory computer readable medium having program instructions stored therein that are executable by a device to perform operations comprising: sending, by an application, a key creation request for a secure circuit of the device to create a cryptographic key associated with the application (Lal: Fig. 3, ¶55-¶59, i.e., trusted module generating keys in response to a request from the application) and protected by a biometric authentication performed by the secure circuit for the application; (Lal: Fig. 2, ¶35-¶36, i.e., authentication of the application) However, Lal does not, but in analogous art, Phillips (US 20110055299 A1) teaches: protected by a biometric. (Phillips: ¶172, i.e., the key is protected by means of biometrics) Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Lal to include biometrics-based protection of encryption keys as taught by Philips with the motivation to protect the keys (Phillips: ¶172) Lal further teaches the application is authenticated with the trusted module to setup a secure session i.e., cryptographic service, with the sensor, wherein the data is protected by the key (Lal: Figs. 2-3, ¶35-¶39) However, Lal et al do not but in analogous art, Gulati (US 20140089682 A1) teaches: sending, by the application, a use request for the secure circuit to perform a cryptographic service using the protected cryptographic key; and (Gulati: Fig. 6, ¶6-¶9, ¶31-¶32, ¶69, ¶76, ¶83, i.e., the SEP generates keys upon request from the application and performs cryptographic operations on behalf of the application upon request) Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Lal to include a secure cryptographic processor for providing secure services to applications upon request as taught by Gulati with the motivation to securely provide cryptographic services (Gulati: Fig. 6, ¶6-¶9) Lal et combination further teaches: receiving, by the application, a result of the cryptographic service in response to a successful biometric authentication. (Lal: Figs. 2-3, ¶35-¶39, i.e., the application is authenticated with the trusted module to setup a secure session i.e., cryptographic service, with the sensor, wherein the data is protected by the key. See also, Phillips: ¶172, i.e., the key is protected by means of biometrics. See also, Gulati: Fig. 6, ¶6-¶9, ¶31-¶32, ¶69, ¶76, ¶83, the SEP provides the result back) Claims 32 and 38 recite substantially the same features recited in claim 21 above and are therefore rejected based on the aforementioned rationale in the rejection. As regards claim 22, Lal et al combination teaches the computer readable medium of claim 21, wherein the key creation request specifies usage criteria that restrict how the protected cryptographic key is used; and (Lal: Fig. 3, ¶55-¶59, i.e., trusted module generating keys in response to a request from the application to communicate with the sensor i.e., usage) wherein one of the usage criteria is the secure circuit verifying biometric information from a biosensor before performing a requested service using the protected cryptographic key. (Lal: Fig. 3, ¶55-¶59, i.e., trusted module generating keys in response to a request from the application to communicate with the sensor. See also, Phillips: ¶139-¶140, ¶172, i.e., the key is protected by means of biometrics) Claim 33 recites substantially the same features recited in claim 22 above and is therefore rejected based on the aforementioned rationale in the rejection. As regards claim 27, Lal et al combination teaches the computer readable medium of claim 21, wherein the operations further comprise: providing the result of the cryptographic service to another device to unlock functionality of the other device. (Lal: Fig. 3, ¶55-¶59) As regards claim 28, Lal et al combination teaches the computer readable medium of claim 21, wherein the cryptographic service includes signing a payload provided by the application and using the protected cryptographic key. (Phillips: ¶171-¶172) Claim 36 recites substantially the same features recited in claim 28 above and is therefore rejected based on the aforementioned rationale in the rejection. As regards claim 29, Lal et al combination teaches the computer readable medium of claim 21, wherein the cryptographic service includes an encryption or a decryption performed by the secure circuit using the protected cryptographic key. (Lal: ¶20-¶21) Claim 37 recites substantially the same features recited in claim 29 above and is therefore rejected based on the aforementioned rationale in the rejection. As regards claim 31, Lal et al combination teaches the computer readable medium of claim 21. However, Lal et al do not but in analogous art, Gulati teaches: wherein the requests are sent to a mailbox circuit of the secure circuit. (Gulati: Fig. 6, ¶6-¶9, i.e., application requesting a key from the SEP using the mailbox wherein, Fig. 13, ¶31, ¶69, the SEP generates the keys) Before the time the invention was filed it would have been obvious to one of ordinary skill in the art to modify Lal to include using a mailbox mechanism to request key generation to a security module as taught by Gulati with the motivation to control access to the security module (Gulati: Fig. 6, ¶6-¶9, ¶31, ¶69) Claim 39 recites substantially the same features recited in claim 31 above and is therefore rejected based on the aforementioned rationale in the rejection. Claim 23-24, 30, 34, 40 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lal in view of Phillips in view of Gulati in view of US 20030097579 A1 (hereinafter ‘England’). As regards claim 23, Lal et al combination teaches the computer readable medium of claim 21, wherein the key creation request is a request. However, Lal et al do not but in analogous art, England (US 20030097579 A1) teaches: for a certified public key pair, and wherein the operations further comprise: receiving, by the application, a certificate obtained by the secure circuit for the certified public key pair and from a certificate authority, wherein the certificate includes a public key of the pair, and wherein the protected cryptographic key is a private key of the pair. (England: ¶65) Before the time the invention was filed it would have been obvious to one of ordinary skill in the art to modify Lal to include secure processor generating certificate including keys with the motivation to provide trusted applications access to confidential information (England: ¶30-¶31) Claim 34 recites substantially the same features recited in claim 23 above and is therefore rejected based on the aforementioned rationale in the rejection. As regards claim 24, Lal et al combination teaches the computer readable medium of claim 23, wherein the certificate includes an application identifier of the application. (England: ¶7, ¶65-¶66, ¶78) As regards claim 30, Lal et al combination teaches the computer readable medium of claim 21. However, Lal et al do not but in analogous art, England (US 20030097579 A1) teaches: wherein the requests are sent via an application programing interface (API) supported by an operating system of the device. (England: ¶65-¶70, i.e., using API to request) Before the time the invention was filed it would have been obvious to one of ordinary skill in the art to modify Lal to include secure processor generating certificate including keys with the motivation to provide trusted applications access to confidential information (England: ¶30-¶31) Claim 40 recites substantially the same features recited in claim 30 above and is therefore rejected based on the aforementioned rationale in the rejection. Claim 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lal in view of Phillips in view of Gulati in view of England in view of US 20130246281 A1 (hereinafter ‘Yamada’). As regards claim 25, Lal et al combination teaches the computer readable medium of claim 23. However, Lal et al do not but in analogous art, Yamada (US 20130246281 A1) teaches: wherein the certificate indicates an ability to perform the biometric authentication. (Yamada: Figs. 7-8, ¶121-¶123, i.e., biometric authentication type indicated in the certificate) Before the time the invention was filed it would have been obvious to one of ordinary skill in the art to modify Lal to include certificate indicating biometric authentication type as taught by Yamada with the motivation to specify authentication information (Yamada: Figs. 7-8, ¶121-¶123) Claim Objections Claim 26 is objected. Claim recites allowable subject matter: “receiving an indication of a user preference to perform a different type of authentication, wherein the key creation request is sent in response to the received indication; and performing a subsequent authentication for the user that includes: the application sending the use request of the cryptographic service; and the application providing the received result of the cryptographic service to an external entity in lieu of the user name and password” not taught by prior art taken alone or in combination. Claim would be allowable if rewritten in independent form including all of the limitations of the respective base claims and any intervening claims. Claim 35 is objected. Claim recites allowable subject matter: “receiving, by the application, an indication of a preference of the user to perform a different type of authentication, wherein the key creation request is sent in response to the received indication; and performing a subsequent authentication for the user that includes: the application sending the use request of the cryptographic service” not taught by prior art taken alone or in combination. Claim would be allowable if rewritten in independent form including all of the limitations of the respective base claims and any intervening claims. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432 /SYED A ZAIDI/Primary Examiner, Art Unit 2432
Read full office action

Prosecution Timeline

Show 5 earlier events
Aug 07, 2025
Response Filed
Aug 22, 2025
Final Rejection mailed — §103, §112
Nov 19, 2025
Response after Non-Final Action
Nov 19, 2025
Notice of Allowance
Jan 22, 2026
Response after Non-Final Action
Apr 23, 2026
Non-Final Rejection mailed — §103, §112
Jul 09, 2026
Applicant Interview (Telephonic)
Jul 09, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683765
CERTIFICATE-BASED PAIRING OF KEY FOB DEVICE AND CONTROL UNIT
2y 6m to grant Granted Jul 14, 2026
Patent 12682110
IMAGE DISPLAY APPARATUS, IMAGE CAPTURING APPARATUS, CONTROL METHOD, AND STORAGE MEDIUM
1y 9m to grant Granted Jul 14, 2026
Patent 12676855
METHOD AND SYSTEM FOR AUTHENTICATING A USER ON AN IDENTITY-AS-A-SERVICE SERVER
3y 7m to grant Granted Jul 07, 2026
Patent 12671684
SYSTEMS AND METHODS FOR PROACTIVELY UPGRADING LOW QUALITY ACCESS CREDENTIALS
4y 7m to grant Granted Jun 30, 2026
Patent 12671711
SYSTEMS AND METHODS FOR ANALYSIS AND CLASSIFICATION OF DATA SECURITY MEASURES AND DATA INTEGRITY
2y 10m to grant Granted Jun 30, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
82%
Grant Probability
94%
With Interview (+12.8%)
2y 8m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 778 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month