METHOD AND SYSTEM FOR SECURE CONFIDENTIAL DIGITAL CONTENT EXCHANGE

§103 §112

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the amendment filed on 12/04/2025. Claims 1-11 and 13-21 were previously pending and are currently pending. Claims 12 was previously cancelled at filing of the application on 10/16/2023. No claims have been cancelled and/or added in the filing of 12/04/2025. Response to Applicant’s Amendments / Arguments Regarding 35 U.S.C. § 103 The applicant’s remarks, on pages 10-14 of the response / amendment, the applicant argues the features which allegedly distinguish over the previously cited references cited in the 35 U.S.C. § 103 rejections. Applicant’s arguments have been considered but are moot in view of the new ground(s) of rejection. Previous Claim Rejections - 35 USC § 112(b) The applicant’s response / amendment filed on 12/04/2025 appropriately corrected all rejections under 35 USC § 112(b) of claims 1, 9, and 13. The previous rejections under 35 USC § 112(b) have been withdrawn. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3-4, 6-7, 9-11, 13, 16-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20140032924 to Durham et al. (hereinafter Durham), in view of US 20050246763 to Corcoran et al. (hereinafter Corcoran). Regarding claim 1, Durham teaches, A computer implemented method of exchanging digital contents among a plurality of users registered in a sharing association, (Abstract, teaches sharing media file with multiple recipients, using encryption.) wherein each user of said sharing association is associated to at least one device provided with one or more processing units and with one or more acquiring devices configured to acquire at least one biometric trait, (Abstract, teaches acquiring recipient user’s biometrics for use in generating encryption keys.) wherein the computer implemented method comprises the following steps: (fig. 7 teaches a computer / system with processors, memory, and comm. Interfaces.) A. associating and storing, using said at least one device of each user of said sharing association, : a personal univocal code of the user under consideration generated by said at least one device of the user under consideration, (Abstract teaches the media file is encrypted. [0024] teaches encrypting the media file using a symmetric key / “personal univocal code”.) (Applicant’s printed publication at [0057-61] discloses the “personal univocal code” being used to encrypt the content. Abstract and [0010] teach the personal univocal code is based on a biometric. See also Step C below.) wherein said personal univocal code of the user under consideration depends on one or more biometric features of identification of the user under consideration deriving from at least one biometric trait of the user under consideration acquired by said one or more acquiring devices, (fig. 1 and [0021] teaches key generation component 140 generating keys using biometric data, where component 140 may generate symmetric keys and asymmetric (public / private) keys. See also [0031].) and a public key and a private key of a asymmetric cryptography algorithm corresponding to the user under consideration, ([0021] teaches public / private keys also called encryption / decryption keys. [0022] teaches encryption keys (public keys) for multiple recipient users being stored and shared.) wherein the public keys of all the users of said sharing association are accessible by or stored in said at least one device of each user of said sharing association; ([0022] teaches key maintenance component 150 storing asymmetric keys of all users, or just public keys of all users. [0028] teaches users directly exchanging shared files and keys without a component 140, service 150, and sharing service 170. See also fig. 5 Steps 550 and 555.) (See also Corcoran, further discussed further below with regards to limitation G.) B. on at least one device of a sender user of said sharing association, selecting at least one digital content that forms a transmission payload and further selecting one or more recipient users of said sharing association with whom to share said transmission payload; (fig. 1 and [0024] teaches encrypting the selected media file using symmetric media encryption key, and using encryption keys (public keys) of recipient users 110 to encrypt the symmetric media encryption key, so that the recipient users may decrypted and access the symmetric media encryption key to decrypt the media. See also fig. 5, Step 555.) C. encrypting, using on said at least one device of the sender user, said at least one digital content using as a cryptographic key said personal univocal code of the sender user, and thereby obtaining an encrypted payload; (fig. 1 and [0024] teaches encrypting the selected media file using symmetric media encryption key. See also fig. 5, step 520. As discussed above, [0021] teaches that key generation using biometrics may generate symmetric and asymmetric keys.) D. encoding, using said at least one device of the sender user, for each one of said one or more recipient users, said personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said public key of the recipient user, and thereby obtaining a respective encoded personal univocal code of the sender user; (fig. 1 and [0024] teaches using encryption keys (public keys) of recipient users 110 to encrypt the symmetric media encryption key, so that the recipient users may decrypt and access the symmetric media encryption key to decrypt the media. See also fig. 5, Steps: 530, 540, 550, and 555 teaching multiple recipients providing encryption keys to encrypt symmetric key.) E. building, using said at least one device of the sender user, an encrypted file comprising the encrypted payload and a matrix binary file, that includes said encoded personal univocal code of the sender user for each one of said one or more recipient users; ([0024] teaches encrypting the media file using a symmetric media encryption key and “encrypt this symmetric media encryption key and include the symmetric media encryption key, in encrypted form, in the encrypted media file for decryption by the recipient user 110. See also fig. 5. [0023] teaches that video data is being sent, which is a matrix file in binary format.) F. sending, using the at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users; and (Fig. 6, step 610-670. and [0039-41] teaches providing encrypted media file, which includes encrypted symmetric key according to [0024], to recipient user at Step 610. [0028] teaches intermediaries providing files, or direct providing of files between devices.) G. receiving, using said at least one device of each one of said one or more recipient users receiving the encrypted file, (Fig. 6, step 610 and [0039] teaches providing encrypted media file, which includes encrypted symmetric key according to [0024], to recipient user. See also, [0024].) a) decoding said encoded personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said private key of the recipient u(Fig. 6, Steps 620, 630, and 640 teach capturing biometric, calculating decryption key (private key), and decrypting symmetric key. [0021-22] teaches the public keys of recipients users being stored and shared. See also, [0024].) b) decrypting the encrypted payload using as the cryptographic key said personal univocal code of the sender user, obtaining said at least one digital content. (Fig. 6, Step 660 teaches decrypting the encrypted media file. See also, [0024].) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Durham, which teaches multiple recipients receiving encrypted media files, where the recipient’s biometrics are used to access the encrypted media file (Abstract), where the media file is encrypted with a symmetric key that is encrypted using a public key of multiple recipient users who have the ability to decrypt the encrypted symmetric key to access the encrypted media file ([0024] and figs. 5-6), and specifically teaches at [0021] using the key generator, which uses biometrics to generate keys, where the keys generated include symmetric keys, with fig. 5, Step 520 and [0035], which teach symmetric encryption key that may be associated with the sharing user, to utilize a symmetric key that is generated based on biometrics. One of ordinary skill in the art would have been motivated to perform such an addition to fig. 5 to utilize the biometrically generated symmetric key so that the symmetric key could be recovered in case of loss, as taught by [0021], to increase computational efficiency while maintaining security by recovering / obtaining a key using biometrics that are unique to a user. Durham fails to explicitly teach public/private keys of recipients that are biometrically generated where the public keys are shared and the private keys decrypt a symmetric key, However, Corcoran teaches, G. receiving, using said at least one device of each one of said one or more recipient users receiving the encrypted file, and, using the said at least one device of each one of said one or more recipient users; (Fig. 2 & [0054-55] teaches using symmetric key, that is biometrically generated, to encrypt data / multimedia stream, where the symmetric key is encrypted using PKI infostructure, as shown in fig. 2. Additionally, [0046] teaches certificates with PKI infostructure. [0026] teaches biometrically deriving public / private keys.) a) decoding said encoded personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said private key of the recipient user, and ([0054-55], as discussed above.) b) decrypting the encrypted payload using as the cryptographic key said personal univocal code of the sender user, obtaining said at least one digital content. ([0054-55] teaches the symmetric key \ “personal univocal code” being encrypted with public key and decrypted with private key after being received.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Durham, which teaches multiple recipients receiving encrypted media files, where the recipient’s biometrics are used to access the encrypted media file (Abstract), where the media file is encrypted with a symmetric key that is encrypted using a public key of multiple recipient users who have the ability to decrypt the encrypted symmetric key to access the encrypted media file ([0024] and figs. 5-6), and specifically teaches at [0021] using the key generator, which uses biometrics to generate keys, where the keys generated include symmetric keys, with fig. 5, Step 520 and [0035], which teach symmetric encryption key that may be associated with the sharing user, to utilize a symmetric key that is generated based on biometrics, with Corcoran, which also teaches digital content that is encrypted using public / private keys that are biometrically generated (Abstract), and additionally teaches encrypting multimedia data with a symmetric key that is encrypted with a public key to be later decrypted with the receiver’s private key ([0054-55]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Durham with the added ability to explicitly use shared public keys to encrypt a symmetric key, as taught by Corcoran, for the purpose of maintaining security while increasing computational efficiency by encrypting large media files using a symmetric key and then encrypting the symmetric key using PKI public / private key encryption that is more computationally intensive. Regarding claim 3, Durham and Corcoran teach, The computer implemented method according to claim 1, wherein said at least one biometric trait is selected from the group comprising a fingerprint, a face image, a voice print, an image of an iris, a three-dimensional shape of a hand, and an image of a retina. (Durham, [0020] teaches that the biometric is a fingerprint.) Regarding claim 4, Durham and Corcoran teach, The computer implemented method according to any claim 1, wherein step F includes sending, using said at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users by means of an intermediate storage of the encrypted file on at least one storage server, (Durham, fig. 1, teaches sharing user 120 / “sender”, recipient user 110 / “recipient users”, and media sharing service 170.) thereby said at least one device of a sender user stores the encrypted file on said at least one storage server and said at least one device of each one of said one or more recipient users accesses said at least one storage server and downloads the encrypted file. (Durham, fig. 1 and [0016-17]) Regarding claim 6, Durham and Corcoran teach, The computer implemented method according to claim 1, wherein said at least one device is selected from the group comprising a smartphone, a tablet, a laptop, and a PC. (Durham, [0049] teaches tablet, smartphone, laptop, desktop computers being the computing device of fig. 7.) Regarding claim 7, Durham and Corcoran teach, The computer implemented method according to claim 1, wherein, in step A, a respective asymmetric cryptography algorithm accessible from or stored in said at least one device of each user of said sharing association is associated to each user of said sharing association. (Durham, [0049] teaches tablet, smartphone, laptop, desktop computers being the computing device of fig. 7. Fig. 7 and [0051-52] and [0055] teach key generator being associated with the devices, where the key generator generates the public / private keys.) Regarding claim 9, Durham and Corcoran teach, A system of digital contents exchange configured to exchange digital contents among a plurality of users registered in a sharing association, wherein each user of said sharing association is associated to at least one device provided with one or more processing units and with one or more acquiring devices configured to acquire at least one biometric trait, wherein said at least one device of each user of said sharing association is configured to execute a computer implemented method of exchanging digital contents among a plurality of users registered in a sharing association, wherein said method comprises the following steps: A. associating and storing, using said at least one device of each user of said sharing association: a personal univocal code of the user under consideration generated on said at least one device of the user under consideration, wherein said personal univocal code of the user under consideration depends on one or more biometric features of identification of the user under consideration deriving from at least one biometric trait of the user under consideration acquired by said one or more acquiring devices, and a public key and a private key of a asymmetric cryptography algorithm corresponding to the user under consideration, wherein the public keys of all the users of said sharing association are accessible by or stored in said at least one device of each user of said sharing association; B. on at least one device of a sender user of said sharing association, selecting at least one digital content that forms a transmission payload and further selecting one or more recipient users of said sharing association with whom to share said transmission payload; C. encrypting, using said at least one device of the sender user, said at least one digital content using as a cryptographic key said personal univocal code of the sender user, and thereby obtaining an encrypted payload; D. encoding, using said at least one device of the sender user, for each one of said one or more recipient users, said personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said public key of the recipient user, and thereby obtaining a respective encoded personal univocal code of the sender user; E. building, using said at least one device of the sender user, building an encrypted file comprising the encrypted payload and a matrix binary file, that includes said encoded personal univocal code of the sender user for each one of said one or more recipient users; F. sending, using the at least one device of the sender user, the encrypted file from said at least one device of the sender user to said at least one device of each one of said one or more recipient users; and G. receiving, using said at least one device of each one of said one or more recipient users receiving the encrypted file, and, using the said at least one device of each one of said one or more recipient users; a) decoding said encoded personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said private key of the recipient user, b) decrypting the encrypted payload using as the cryptographic key said personal univocal code of the sender user, obtaining said at least one digital content. Claim 9 is rejected using the same basis of arguments used to reject claim 1 above. Regarding claim 10, Durham and Corcoran teach, The system according to claim 9, further comprising at least one central processing device, optionally comprising or consisting in at least one server and/or at least one PC and/or at least one portable device, that is accessible, optionally via web, by a system administrator, and that records information related to one or more sharing associations of users and one or more logs of events related to transmissions of digital contents among users of a sharing association. (Durham, fig. 1 includes media sharing service 170 / “server” and devices 115 and 160. [0018] teaches a sharing user / “administrator who chooses the public keys / encryption keys used to encrypt the symmetric key. When the sharing user selects the recipient public keys / encryption keys to be used to encrypt the symmetric key that encrypts the content, this information is recorded.) Regarding claim 11, Durham and Corcoran teach, The system according to claim 9, further comprising at least one storage server, wherein said at least one device of each user of said sharing association is configured to execute the computer implemented method of exchanging digital contents among a plurality of users registered in a sharing association wherein, in step F, said method comprises sending the encrypted file from said at least one device of the sender user to said at least one device of each one of said one or more recipient users by means of an intermediate storage of the encrypted file on at least one storage server, thereby said at least one device of a sender user stores the encrypted file on said at least one storage server and said at least one device of each one of said one or more recipient users accesses said at least one storage server and downloads the encrypted file. Claim 11 is rejected using the same basis of arguments used to reject claim 4 above. Regarding claim 13, Durham and Corcoran teach, A set of one or more computer-readable media having stored thereon a set of one or more computer programs comprising instructions that, (Durham, [0056] teaches a computer readable medium.) when executed by one or more processing units of a user's device, cause said user's device to execute a computer implemented method of exchanging digital contents among a plurality of users registered in a sharing association, wherein each user of said sharing association is associated to at least one device provided with one or more processing units and with one or more acquiring devices configured to acquire at least one biometric trait, wherein the computer implemented method comprises the following steps: A. associating and storing, using said at least one device of each user of said sharing association: a personal univocal code of the user under consideration generated on said at least one device of the user under consideration, wherein said personal univocal code of the user under consideration depends on one or more biometric features of identification of the user under consideration deriving from at least one biometric trait of the user under consideration acquired by said one or more acquiring devices, and a public key and a private key of a asymmetric cryptography algorithm corresponding to the user under consideration, wherein the public keys of all the users of said sharing association are accessible by or stored in said at least one device of each user of said sharing association; B. on at least one device of a sender user of said sharing association, selecting at least one digital content that forms a transmission payload and further selecting one or more recipient users of said sharing association with whom to share said transmission payload; C. encrypting, using said at least one device of the sender user, said at least one digital content using as a cryptographic key said personal univocal code of the sender user, and thereby obtaining an encrypted payload; D. encoding, using said at least one device of the sender user, for each one of said one or more recipient users, said personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said public key of the recipient user, and thereby obtaining a respective encoded personal univocal code of the sender user; E. building, using said at least one device of the sender user, an encrypted file comprising the encrypted payload and a matrix binary file, that includes said encoded personal univocal code of the sender user for each one of said one or more recipient users; F. sending, using the at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users; and G. receiving, using said at least one device of each one of said one or more recipient users receiving the encrypted file, and, using the said at least one device of each one of said one or more recipient users; a) decoding said encoded personal univocal code of the sender user through said asymmetric cryptography algorithm by means of said private key of the recipient user, b) decrypting the encrypted payload using as the cryptographic key said personal univocal code of the sender user, obtaining said at least one digital content. Claim 13 is rejected using the same basis of arguments used to reject claim 1 above. Regarding claim 16, Durham and Corcoran teach, The system according to claim 9, wherein said at least one biometric trait is selected from the group comprising a fingerprint, a face image, a voice print, an image of an iris, a tridimensional shape of a hand, and an image of a retina. Claim 16 is rejected using the same basis of arguments used to reject claim 3 above. Regarding claim 17, Durham and Corcoran teach, The system according to claim 9, wherein step F includes sending, using said at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users by means of an intermediate storage of the encrypted file on at least one storage server, thereby said at least one device of a sender user stores the encrypted file on said at least one storage server and said at least one device of each one of said one or more recipient users accesses said at least one storage server and downloads the encrypted file. Claim 17 is rejected using the same basis of arguments used to reject claim 4 above. Regarding claim 19, Durham and Corcoran teach, The system according to claim 9, wherein said at least one device is selected from the group comprising a smartphone, a tablet, a laptop, and a PC. Claim 19 is rejected using the same basis of arguments used to reject claim 6 above. Regarding claim 20, Durham and Corcoran teach, The system according to claim 9, wherein, in step A, a respective asymmetric cryptography algorithm accessible from or stored in said at least one device of each user of said sharing association is associated to each user of said sharing association. Claim 20 is rejected using the same basis of arguments used to reject claim 7 above. Claims 2 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Durham, in view of Corcoran, in view of US 20230017001 to Kang et al. (hereinafter Kang). Regarding claim 2, Durham and Corcoran teach, The computer implemented method according to claim 1, Durham and Corcoran fail to teach generating a key based on identification data, However, Kang teaches, wherein said personal univocal code of each user of said sharing association further depends on one or more user's identification personal data. ([0165] teaches using identifier information of the user’s device to generate a key / “personal univocal code”.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Durham, which teaches multiple recipients receiving encrypted media files, where the recipient’s biometrics are used to access the encrypted media file (Abstract), where the media file is encrypted with a symmetric key that is encrypted using a public key of multiple recipient users who have the ability to decrypt the encrypted symmetric key to access the encrypted media file ([0024] and figs. 5-6), with Corcoran, which also teaches digital content that is encrypted using public / private keys that are biometrically generated (Abstract), and additionally teaches encrypting multimedia data with a symmetric key that is encrypted with a public key to be later decrypted with the receiver’s private key ([0054-55]), with Kang, which also teaches key generation of symmetric keys using biometrics, and additionally teaches generating symmetric keys using biometrics and identifiers ([0165]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Durham and Corcoran with the added ability to use multiple pieces of information to generate an encryption key, where the pieces of information are unique to the user, as taught by Kang, for the purpose of increasing security by not storing the key in a vulnerable memory, but instead generating the key based on unique user / device characteristics such as biometrics and identifiers.. Regarding claim 14, Durham, Corcoran, and Kang teach, The computer implemented method according to claim 2, wherein the personal univocal code of each user of said sharing association is selected from the group comprising name, surname, email, fiscal code, VAT number, IMEI code, SSAID code and SIM ICCID code, and/or a PIN code. (Kang, [0145] teaches identifier information of a device / vehicle, which the examiner interprets as a name or unique PIN code.) Regarding claim 15, Durham, Corcoran, and Kang teach, The system according to claim 9, wherein said personal univocal code of each user of said sharing association further depends on one or more user's identification personal data. Claim 15 is rejected using the same basis of arguments used to reject claim 2 above. Claims 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Durham, in view of Corcoran, in view of US 20210233108 to Gouneili (hereinafter Gouneili). Regarding claim 5, Durham and Corcoran teach, The computer implemented method according to claim 1, wherein step F includes (Durham, [0037] teaches that access policies are encrypted with the encryption key (public key), which is biometrically based. Thus, biometrics are used to access the access policies using the decryption key (private key). Fig. 6, Steps 650-670 and [0041] teach using the decryption key (private key), which is biometrically produced, to review the policy to determine if access is granted.) Durham and Corcoran fail to teach conditioning the sending of the media / content on biometric recognition, However, Gouneili teaches, wherein step F includes sending, using said at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users based on a biometric recognition of the sender user. ([0023] teaches a biometric PKI authentication before delivery of contents.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Durham, which teaches multiple recipients receiving encrypted media files, where the recipient’s biometrics are used to access the encrypted media file (Abstract), where the media file is encrypted with a symmetric key that is encrypted using a public key of multiple recipient users who have the ability to decrypt the encrypted symmetric key to access the encrypted media file ([0024] and figs. 5-6), with Corcoran, which also teaches digital content that is encrypted using public / private keys that are biometrically generated (Abstract), and additionally teaches encrypting multimedia data with a symmetric key that is encrypted with a public key to be later decrypted with the receiver’s private key ([0054-55]). with Gouneili, which also teaches sending encrypted media / content to other users (Abstract and [0023]), and additionally teaches biometrically authenticating a recipient before the sending the encrypted media / content to the recipient ([0023]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Durham and Corcoran with the added ability to authenticate a recipient before providing the encrypted media to the recipient, as taught by Gouneili, for the purpose of increasing security by not providing encrypted media to unauthorized users and increasing computational efficiency and use of network resources by authenticating a recipient before sending large media files to the recipient. Regarding claim 18, Durham, Corcoran, and Gouneili teach, The system according to claim 9, wherein step F includes sending, using said at least one device of the sender user, the encrypted file to said at least one device of each one of said one or more recipient users based on a biometric recognition of the sender user. Claim 18 is rejected using the same basis of arguments used to reject claim 5 above. Claims 8 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Durham, in view of Corcoran, in view of US 11785001 to Gogel (hereinafter Gogel). Regarding claim 8, Durham and Corcoran teach, The computer implemented method according to claim 1, wherein said at least one device of the sender user on which step B selects said at least one digital content is a first device of the sender user, provided with a display, and said at least one device of the sender user on which steps C, D, E, and F are executed is a second device of the sender user, wherein the computer implemented method further comprises, before step B, the following step: (The examiner notes that features of [0024] of Durham may include the sender device encrypting the symmetric key using its own biometrically generated encryption key / public key.) H. wherein, in step B, said at least one digital content is transmitted from said first device of the sender user to said second device of the sender user. (Durham, [0028] teaches that the content may be transmitted between the sender and the recipient devices without the use of the intermediaries shown in fig. 1.) Durham and Corcoran fail to teach using visual / displayed codes passed between two different devices to authorize the exchange of content, However, Gogel teaches, H. displaying an identification code on said display of said first device of the sender user, and acquiring said identification code through said camera of said second device of the sender user to establish a connection on an encrypted communication channel between said first device of the sender user and said second device of the sender user, (Col. 25, line 60 to Col. 26, line 8 teaches sharing media content between a first and second device. Col. 26, lines 9-16, teach one device displaying a QR code that is read / scanned by another device, to provide access to media content to the scanning device. See also Col. 26, lines 17-34. Col. 32, lines 55-61 teach secure encrypted communications. ) wherein, in step B, said at least one digital content is transmitted (Col. 26, lines 26-32 teaches authorizing the scanning device to access the media content.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Durham, which teaches multiple recipients receiving encrypted media files, where the recipient’s biometrics are used to access the encrypted media file (Abstract), where the media file is encrypted with a symmetric key that is encrypted using a public key of multiple recipient users who have the ability to decrypt the encrypted symmetric key to access the encrypted media file ([0024] and figs. 5-6), with Corcoran, which also teaches digital content that is encrypted using public / private keys that are biometrically generated (Abstract), and additionally teaches encrypting multimedia data with a symmetric key that is encrypted with a public key to be later decrypted with the receiver’s private key ([0054-55]), with Gogel, which also teaches delivery of content or sharing of information (Figs. 3-6, as described in Col 1 line 64 to Col. 2, line 13.), and additionally teaches using displayed QR codes to authenticate a device based on the displayed code on a second device, where the authentication results in a sharing of the media content (Col. 26, lines 9-34). One of ordinary skill in the art would have been motivated to perform such an addition to provide Durham and Corcoran with the added ability to utilize QR codes to authorize another device to access the content (Gogel, Col. 26, lines 26-32), as taught by Gogel, for the purpose of increasing security by providing another authentication method for sharing of content. Regarding claim 21, Durham, Corcoran, and Gogel teach, The system according to claim 9, wherein said at least one device of the sender user on which step B selects said at least one digital content is a first device of the sender user, provided with a display, and said at least one device of the sender user on which steps C, D, E, and F are executed is a second device of the sender user, provided with a camera, wherein the computer implemented method further comprises, before step B, the following step: H. displaying an identification code on said display of said first device of the sender user and acquiring said identification code through said camera of said second device of the sender user to establish a connection on an encrypted communication channel between said first device of the sender user and said second device of the sender user, wherein, in step B, said at least one digital content is transmitted from said first device of the sender user to said second device of the sender user. Claim 21 is rejected using the same basis of arguments used to reject claim 8 above. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571)272-3942. The examiner can normally be reached on 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571)272-3739. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /B.W.A./ /FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495