DETAILED ACTION
This final office action has been issued in response to communications received on 8/18/2025. Claims 16-20 and 25 were amended. New claims 31-32 were added. No further claims were cancelled. Claims 16-32 are presented for examination. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s Remarks, filed 8/18/2025, are somewhat confusing. Applicant remarks on page 8 of the Remarks that “Independent claim 23 is amended similarly as claim 13”, however claim 13 is cancelled and claim 23 is not an independent claim, therefore these remarks are not addressed.
Applicant’s amendments to claims 18-20, filed 8/18/2025, are sufficient to overcome the indefiniteness in those claims. Accordingly, the rejection of claims 18-20 under 35 USC 112, second paragraph, has been withdrawn.
Applicant’s remarks regarding the rejection of claims under 103 has been considered, but are found unpersuasive.
Applicant argues that Ben-Simon and Alfarano do not teach the claim limitation “wherein the subscription data set is directly requested and obtained from a subscription management server” because Ben-Simon “there is no teaching in Ben-Simon of subscription data sets used for building bundles being requested from a subscription management server” because Ben-Simon teaches “that the RoT data is stored on an IC in a secret provisioning step 74 by the IC producer”, however the Examiner respectfully disagrees. Figure 1 of Ben-Simon clearly shows that the RoT secret is transmitted and stored on the IC vendor in addition to the IC 24, so it not just stored on an IC. This is also very clear, Ben-Simon discloses the IC vendor uses the same RoT secret that is stored in the IC 24 to encrypt and sign the images (thereby generating the protected images) and it is only by verifying at the IC 24 that the image it received was generated using the same RoT secret that the IC 24 accepts the image (paras. [0045], [0053]). Therefore, Ben-Simon clearly teaches in Figure 1 that the server 50 directly requesting/obtaining protected vendor specific images from the IC vendor which have been protected/encrypted using the RoT secret (paras. [0045], [0053]). In addition, the claim limitation itself does not specify what entity does the requesting – all the claim requires is that “the subscription data is directly requested” by something and is “obtained from a subscription management server”. If Applicant intends for this claim to require that BOTH steps of directly requesting and obtaining are performed by the subscription management server, the claim limitation should be amended to disclose that the “subscription data is both directly requested and obtained from a subscription management server”.
Applicant explains how their invention on pages 9-10 of the Remarks that their invention is unique because “the subscription data is only created on request and does not need to be managed by a manufacturer/production site”, however this functionality is not explicitly in the claims currently. The subscription data set is not limited to only being created on request nor does it prohibit it from being manufactured by an IC vendor. Applicant is free to amend the claims to add this functionality into the claims.
Applicant’s arguments in the Remarks, filed 8/18/2025, with respect to the claims rejected under 103 have been full considered but are considered moot because newly added limitations to the independent claims disclose “wherein the subscription data set is directly requested and obtained from a subscription management server”, which requires a new ground of rejection necessitated by amendments.
The remaining arguments fail to comply with 37 C.F.R. § 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 16-24 & 29-30 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Simon (US 2019/0386822) in view of Alfarano (US 2021/0096178).
Regarding claim 16, Ben-Simon discloses the limitations of claim 16 substantially as follows:
A method for personalizing a secure element (para. [0002], [0012]: personalizing an integrated circuit) having the following method steps:
receiving, in a data generator, a request for a bundle of memory maps for a multiplicity of secure elements, wherein each requested memory map of the received bundle relates to a secure element of the multiplicity of secure elements, and wherein in each case one secure element of the multiplicity of secure elements is being or is fixedly installed in a corresponding terminal of a multiplicity of terminals (paras. [0018]-[0020], [0041], [0044], Fig. 1: receiving, by a IC vendor/server, RoT secrets for multiple ICs as part of a personalization process/request to generate multiple protected images (i.e. bundle of memory maps) destined to multiple ICs (i.e. multiplicity of secure elements), where each of the protected images are sent/installed on an IC 24 via IF 44 (i.e. installed corresponding terminal), where each of the protected image comprises personalized applications for an IC (i.e. each memory map relates to a secure element));
obtaining, in the data generator, at least one subscription data set for at least one secure element to be personalized of the multiplicity of secure elements, wherein the subscription data set is directly requested and obtained from a subscription management server (paras. [0019], [0043]-[0045], Fig. 1: obtaining/requesting, by the server, from the IC vendor (I.e. subscription management server) a vendor specific image to be sent to the IC as part of the personalization process, wherein the vendor specific image is directly requested by the IC producer sending an RoT secret to the IC vendor for protecting the vendor specific image, and the vendor specific image is directly obtained by the server from the IC vendor comprising OS 80 and one or more applications programs 81 and a Mobile Network Operator (MNO) profile 82 (i.e. subscription data set));
providing, by means of the data generator, an operating system or part of the operating system for the secure element to be personalized (paras. [0043]-[0044], Fig. 1: the vendor specific image provided by the server to personalize the IC comprises an OS 80 and one or more application programs to be executed by processor 32 as OS 36 and application programs 40);
generating, by means of the data generator, a memory map for each of the multiplicity of secure elements in accordance with the received request, wherein at least the memory map of the secure element to be personalized comprises the provided operating system or the part of the operating system and additionally the obtained at least one subscription data set (paras. [0019], [0032], [0043]-[0044]: generating, by the IC vendor/server, multiple protected images (i.e. bundle of memory maps) each destined to an IC for which an RoT secret was generated (i.e. for each of the secure elements), where the protected image of the IC to be personalized comprises the vendor specific image with the OS and the Mobile Network Operator (MNO) profile 82 (i.e. subscription data set));
bundling the generated memory maps by means of the data generator for finishing the terminals whilst introducing at least the memory map of the secure element to be personalized into the secure element for personalizing the secure element (paras. [0044], [0053]-[0054]: storing the protected images as a batch of protected data images (i.e. bundling the memory maps) by the IC vendor/server and providing the batch of protected data images to the destined ICs/terminals as the final part of the personalization process for the ICs in which the protected images are sent/introduced to the ICs to personalize them).
Ben-Simon does not explicitly the remaining limitations of claim 16 as follows:
providing the bundled memory maps as a memory map bundle
However, in the same field of endeavor, Alfarano discloses the remaining limitations of claim 16 as follows:
providing the bundled memory maps as a memory map bundle (paras. [0046]-[0047], [0050]-[0051], [0081]-[0082]: providing multiple/bundled memory images/maps with location & personalization images to an integrated circuit or secure element when the integrated circuit/secure element is embedded in a device)
Alfarano is combinable with Ben-Simon because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Alfarano’s method of providing a bundle of personalization memory images to an integrated circuit with the system of Ben-Simon in order to save system time and resources by enabling the system to send multiple sets of personalization and profile data in one communication to a single IC in order to enable the IC to have multiple profiles/personalizations.
Regarding claim 17, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 17 as follows:
The method according to claim 16, wherein the request for the bundle of memory maps comprises, for each requested memory map, one or more of:
an item of terminal information relating to a terminal in which a secure element relating to one of the requested memory maps is being fixedly installed (paras. [0005], [0013], [0019]: image comprises ID of the IC (i.e. identifying secure element) to be personalized for use with a specified host/terminal device selected from a list)
an item of secure element information relating to one of the multiplicity of secure elements relating to one of the requested memory map (paras. [0019]: data image comprises ID of the IC (i.e. sure element))
an item of user information relating to a user of a terminal in which a secure element relating to one of the requested memory maps is being fixedly installed (paras. [0019]: user specific part of image comprises user specific information such as ID or credentials of user)
a public key part of a cryptographic key pair of the secure element relating to one of the requested memory maps (paras. [0027]-[0032], [0043]-[0044]: RoT secrets received for an IC (i.e. secure element) as part of a personalization process/request may comprise a public key as part of a cryptographic pair to be matched against the RoT secret used to protect the data image/memory map).
Regarding claim 18, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 18 as follows:
The method according to claim 17, wherein the obtained subscription data set is based on said one or more of the item of terminal information, the item of secure element information, , and (paras. [0019], [0041], [0043]-[0044]: receiving, by a IC vendor/server, RoT secrets for multiple ICs as part of a personalization process/request (i.e. obtained at request of the data generator), which may comprise a public key pair that is used to protect/encrypt the data image (i.e. generating subscription data based on the public key part) comprising the vendor specific image, OS 80, one or more applications programs 81 and a Mobile Network Operator (MNO) profile 82 (i.e. subscription data set) (paras. [0005], [0013], [0019]: ID of the IC (i.e. identifying secure element) to be personalized for use with a specified host/terminal device selected from a list)) and (para. [0019]: user specific image comprising user information).
Regarding claim 19, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 19 as follows:
The method according to claim 17, wherein when the request for the bundle of memory maps comprises the item of terminal information and/or the item of secure element information, one or more of the item of terminal information and (paras. [0035]: server receives personalization information from IF 44 comprising a bus or suitable link (i.e. chipset information) such as USB, UART or Ethernet link).
Regarding claim 20, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 20 as follows:
The method according to claim 16, wherein, in the obtaining step, the data generator obtains at least one subscription data set for at least two or more (paras. [0044]: the data images comprising the vendor specific image with the OS 80, one or more applications programs 81 and a Mobile Network Operator (MNO) profile 82 (i.e. subscription data set) are obtained for all the destined one or more ICs).
Regarding claim 21, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 21 as follows:
The method according to claim 16, wherein, in the providing step, an operating system or part of the operating system is provided for at least two or more, for all of the secure elements of the multiplicity of secure elements (paras. [0019], [0043], [0044]: protected data image comprising vendor specific image and operator system is provided for one or more integrated circuits to which the data images are destined).
Regarding claim 22, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 22 as follows:
The method according to claim 16, wherein the request for the bundle of memory maps is sent by a terminal manufacturer or a chipset manufacturer (paras. [0041]-[0042], Fig. 1: RoT secrets are sent to start personalization process (i.e. request) and generate data images for personalization from the IC producer (i.e. producer/manufacturer of IC’s)).
Regarding claim 23, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 23 as follows:
The method according to claim 16, wherein the memory map bundle of the generated memory maps is provided in a database and is called up by a terminal manufacturer for finishing the multiplicity of terminals, wherein the callup from the database is cryptographically secure (paras. [0041], [0043]-[0044], Fig. 1: batch of protected data images (i.e. memory map bundle) is stored in server (i.e. in database) and is caused to be sent to the modules to personalize the IC’s (i.e. for finishing the multiplicity of terminals) by secure communications with the IC producer (i.e. terminal manufacturer) via applying encryption at the IC vendor)).
Regarding claim 24, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 24 as follows:
The method according to claim 16, wherein the data generator is physically removed from the subscription management server and/or the terminal manufacturer (paras. [0038]-[0040], Fig. 1: the functionality of the IC vendor (i.e. data generator) may be implemented within the IC producer (i.e. terminal manufacturer) [removing the data generator]).
Regarding claim 29, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 29 as follows:
The method according to claim 16,
wherein, prior to the request for a bundle of memory maps being obtained, for each secure element an asymmetric cryptographic key pair is generated, wherein the private key part of the asymmetric cryptographic key pair remains permanently in the secure element and the public key part of the asymmetric cryptographic key pair is sent into a hardware security module of the data generator (paras. [0024], [0027]-[0031], [0043]-[0044]: prior to receiving the RoT secret prompting generation of the protected data images (i.e. prior to request for bundle of memory maps, generating as an RoT secret a key pair comprising a private key and a public key, where the public key is used to encrypt the data images and sent with the data images to the server (i.e. sent to the data generator), while the privacy key/secret RoT would be embedded on the IC (i.e. privacy key remains permanently on the secure element).
Regarding claim 30, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 30 as follows:
The method according to claim 16, wherein the terminal manufacturer, once the memory map bundle has been obtained, removes the memory map for the secure element to be personalized from the memory map bundle and stores it in the secure element to be personalized (paras. [0061]-[0063]: the IC vendor marks/revokes/invalidates/removes each image (i.e. memory map) for an IC that has been used to personalize the IC (i.e. is stored in the secure element).
Claims 25, 28 and 31-23 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Simon (US 2019/0386822) in view of Alfarano (US 2021/0096178), as applied to claim 16, further in view of Lee (US 2016/0020802).
Regarding claim 25, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 25 as follows:
The method according to claim 16, wherein the generated memory map of the secure element to be personalized(paras. [0019], [0032], [0043]-[0044]: generating, by the IC vendor/server, multiple protected images (i.e. bundle of memory maps) each destined to be sent to personalize an IC (i.e. for two or more secure elements) for which an RoT secret was generated),
Ben-Simon and Alfarano do not teach the limitations of claim 25 as follows:
wherein the secure element to be personalized additionally comprises a test profile
However, in the same field of endeavor, Lee teaches the limitations of claim 25 as follows:
wherein the secure element to be personalized additionally comprises a test profile
(paras. [0082], [0088]: installing a test profile on the eSIM)
Lee is combinable with Ben-Simon and Alfarano because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Lee’s method of installing a test profile with the system of Ben-Simon and Alfarano in order to enable the device to use the test profile for “development or verification” of the secure element (Lee, para. [0055).
Regarding claim 28, Ben-Simon and Alfarano teach the limitations of claim 16.
Alfarano teaches the limitations of claim 28 as follows:
and wherein the secure element is an integrated secure element or an embedded secure element (paras. [0080]-[0081]: secure element may be embedded in a device)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Alfarano’s method of personalizing an secure element that is embedded within the device the system of Ben-Simon in order to increase the security by helping to prevent the secure element from being stolen.
Ben-Simon and Alfarano do not teach the remaining limitations of claim 28, however in the same field of endeavor Lee teaches the limitations of claim 28 as follows:
The method according to claim 16, wherein the data generator is a vSIM manufacturer or an SE manufacturer, (Lee, paras. [0003], [0018], [0020], [0050], [0061], Fig. 2: eSIM manufacturing device (i.e. generator) and embedded SIM (i.e. SE))
Lee is combinable with Ben-Simon and Alfarano because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Lee’s method of using an eSIM manufacturer to communicate the personalization and profile data with the system of Ben-Simon and Alfarano in order to provide the architecture for personalizing SIM’s embedded in a device.
Regarding claim 31, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 31 as follows:
The method according to claim 16, wherein the generated memory map of two or more secure elements (paras. [0019], [0032], [0043]-[0044]: generating, by the IC vendor/server, multiple protected images (i.e. bundle of memory maps) each destined to be sent to personalize an IC (i.e. for two or more secure elements) for which an RoT secret was generated),
Ben-Simon and Alfarano do not teach the limitations of claim 31 as follows:
wherein the secure elements to be personalized additionally comprises a test profile
However, in the same field of endeavor, Lee teaches the limitations of claim 31 as follows:
wherein the secure elements to be personalized additionally comprises a test profile (paras. [0082], [0088]: installing a test profile on the eSIM)
Lee is combinable with Ben-Simon and Alfarano because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Lee’s method of installing a test profile with the system of Ben-Simon and Alfarano in order to enable the device to use the test profile for “development or verification” of the secure element (Lee, para. [0055).
Regarding claim 32, Ben-Simon and Alfarano teach the limitations of claim 16.
Ben-Simon teaches the limitations of claim 25 as follows:
The method according to claim 16, wherein the generated memory map of all of the secure elements (paras. [0019], [0032], [0043]-[0044]: generating, by the IC vendor/server, multiple protected images (i.e. bundle of memory maps) each destined to be sent to personalize an IC (i.e. for all the secure elements) for which an RoT secret was generated),
Ben-Simon and Alfarano do not teach the limitations of claim 32 as follows:
wherein the secure elements to be personalized additionally comprises a test profile
However, in the same field of endeavor, Lee teaches the limitations of claim 32 as follows:
wherein the secure elements to be personalized additionally comprises a test profile (paras. [0082], [0088]: installing a test profile on the eSIM)
Lee is combinable with Ben-Simon and Alfarano because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Lee’s method of installing a test profile with the system of Ben-Simon and Alfarano in order to enable the device to use the test profile for “development or verification” of the secure element (Lee, para. [0055).
Claim 26-27 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Simon (US 2019/0386822) in view of Alfarano (US 2021/0096178), as applied to claim 16, further in view of Lee (US 2016/0020802) and Hentschel (US 2018/0054517).
Regarding claim 26, Ben-Simon, Alfarano and Lee teach the limitations of claims 16 and 25.
Lee teaches the limitations of claim 26 as follows:
The method according to claim 25, wherein the test profile is executed, after personalization of the secure element, in the then finished terminal in order to simulate a communications link to a mobile radio network (paras. [0049], [0070], [0088]: after provisioning the eSIm with a profile indicating subscriber information & authenticating the device, installing the test profile into the eSIM for execution)
The same motivation to combine utilized in claim 25 is equally applicable in the instant claim.
Neither Lee, Alfarano or Ben-Simon disclose the remaining limitations of claim 26 as follows:
wherein the test profile is executed after personalization of the secure element, in the then finished terminal in order to simulate a communications link to a mobile radio network
However, in the same field of endeavor Hentschel discloses the remaining limitations of claim 26 as follows:
wherein the test profile is executed after personalization of the secure element, in the then finished terminal in order to simulate a communications link to a mobile radio network (paras. [0003], [0014], [00037], [0041]: test routines are executed after the SIM profile is downloaded and programmed into the eSIM in the configured UE in order to simulate communications with a base station of the network)
Hentschel is combinable with Lee, Alfarano and Ben-Simon because all are from the same field of the art of provisioning personalization and profile data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Hentschel’s method of executing the test after the secure element has been personalized with the system of Lee, Alfarano and Ben-Simon in order to verify that the personalization was successful and that the terminal will communicate as expected.
Regarding claim 27, Ben-Simon, Alfarano, Lee and Hentschel teach the limitations of claim 16.
Hentschel teaches the limitations of claim 27 as follows:
The method according to claim 26, wherein only in the case of a successfully simulated communications link is a SIM functionality of the secure element enabled. (para. [0048]: when the UE device successfully engages in simulated communication with the base station is the eSIM considered fully operational and used to communicate in a non-simulated fashion (i.e. enabled))
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Hentschel’s method of enabling the SIM to be used for regular communication only after communication simulations are successfully completed with the system of Lee, Alfarano and Ben-Simon in order to save system time and resources by only using SIM’s that have been demonstrated to perform as expected by the tests.
Prior art not relied upon but applied/considered includes:
1) Li (US 20170104750) disclosing providing the eSIM package (i.e. memory map bundle) comprising multiple eSIM profiles to an eUICC that is secure and enabling a user to erase and delete eSIM's (paras. [0046]-[0048], [0065]-[0066]).
Conclusion
For the above reasons, claims 16-32 are rejected.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARON S LYNCH whose telephone number is (571)272-4583. The examiner can normally be reached on 10AM-6PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHARON S LYNCH/Primary Examiner, Art Unit 2438