System and Method for Secure-Core Silicon Mobile End-Points to Detrimne KYC and KYT

§101 §103

DETAILED ACTION In response to the communication filed on 02/23/2026, responded in following. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amendment filed 02/23/2026 has been entered. Claims 1-10 have been canceled. Claims 11-23 have been newly added. Election/Restrictions Claims 11-23 are newly submitted, and the previous submitted and examined claims 1-10 have been canceled. The newly submitted claims 11-20 are directed to an invention that is independent or distinct from the invention originally claimed for the following reasons: The newly submitted claims recite materially different claim scope from the originally examined claims. Applicant canceled previously examined claims 1-10 and newly submitted claims 11-23 after prosecutions on the merits had already occurred. Upon review, claims 11-20 are directed to distinct inventions having different claim scope from the originally examined invention. On the other hand, claims 21-23 correspond to previous claims 1-3. Since applicant has received an action on the merits for the originally presented invention, this invention has been constructively elected by original presentation for prosecution on the merits. Accordingly, claims 11-20 are withdrawn from consideration as being directed to a non-elected invention. See 37 CFR 1.142(b) and MPEP § 821.03. To preserve a right to petition, the reply to this action must distinctly and specifically point out supposed errors in the restriction requirement. Otherwise, the election shall be treated as a final election without traverse. Traversal must be timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are subsequently added, applicant must indicate which of the subsequently added claims are readable upon the elected invention. Should applicant traverse on the ground that the inventions are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the inventions to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner finds one of the inventions unpatentable over the prior art, the evidence or admission may be used in a rejection under 35 U.S.C. 103 or pre-AIA 35 U.S.C. 103(a) of the other invention. Response to Arguments Applicants arguments Applicant's arguments filed 02/23/2026 have been fully considered but they are not persuasive. First, the Applicants arguments relate to newly submitted claims 11-20, which are directed to an invention that is independent or distinct from the invention originally claimed. Accordingly, these claims are withdrawn, as explained in the “Election/Restrictions” above. Second, the Applicant did not respond to the rejection under 35 USC § 101, the drawings objection, and the specification objection in the previous Office Action. Third, the Applicants arguments concerning claim 21, which corresponds to previous claim 1: With respect to the argument regarding the sequence disclosed by Johnson, the Examiner considered host computing device 710 to correspond to the second SIM. Johnson discloses, in paragraphs 0121-0122, that “the SIM or other device may require a password before the mobile module or other device will issue a device token. Of course, other forms of credentials for authentication (correspond to the “hybrid pattern for user identity and transaction authorization” as claimed) on the device level are also contemplated herein. … the session key(s) 750 (“encryption keys”, see para.0128 regarding encryption using the session key) are then delegated or passed from the mobile module 705 to the software platform or stack of the host computing device 710 and from the mobile operator 720 to the authentication server 715.” With respect to the argument regarding second SIM disclosed by Johnson, the Examiner considered host computing device 710 correspond to the second SIM. Johnson discloses that “the client or host computing device 710 (which may be a personal computer, mobile phone, or other portable or non-mobile computing device) initiates the authentication request by sending a network security token request 725 to the mobile infrastructure 720 via the authentication/trusted server 715.” In addition, contrary to the Applicant’s arguments, claim 22 further recites that “the second SIM device is stationary.” Therefore, the arguments are not persuasive. Specification The title of the invention is not descriptive due to use of abbreviations (e.g., KYC and KYT). A new title is required that is clearly indicative of the subject matter of the invention to which the claims are directed. Drawings The drawings were received on 04/11/2025. The drawings are objected to under 37 CFR 1.83(a) because the paragraphs on page 8 of the specification filed on 04/11/2025 do not sufficiently describe the features shown in Figures 1-4. The paragraph regarding FIG 1 on page 8 merely states that it “illustrates a three-encryption-key multi-signature process,” but does not describe the individual component, steps, or interactions depicted in the figure. The paragraph regarding FIGS. 2A-2C on page 8 merely states that they identify a SIM-based applet and a system architecture but fail to describe how the SIM corrects data from the mobile equipment and mobile network, nor how data is utilized. The paragraph regarding FIG. 3 on page 8 merely states that it lists components such as SIM 009. Mobile equipment 010, MEMS device, and User Input 011, but the specification does not explain their functions, interconnections, or roles in the continuous authentication method. The paragraph regarding FIG. 4 on page 8 merely states that it lists SIM 013, Applet 014, and firmware, but lacks descriptive detail on how sensory measurements and extraction capabilities are implemented or managed. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Claim Objections Claims 21-23 are objected to because of the following informalities: Claims 21 state “SIM device.” The abbreviation needs to be spelled out. Claims 3 states “QOS metrics.” The abbreviation needs to be spelled out. Claim 21 states “a second SIM device in the packet-based network that is separated from the first SIM device.” It should be “packet-based wireless mobile network.” Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 21-23 are rejected under 35 U.S.C. 101 because they do not fall within recognized categories of statutory subject matter. The claimed invention is directed to a system comprising software only. For example, claim 21 recites a system without reciting any hardware component or structure. Although, the claims recite “SIM devices,” the SIM devices are separate devices that merely communicate with the claimed system. Additionally, the claim merely provides abbreviation without sufficient structural context. For example, paragraph [0069] in the filed Specification defines: “Encryption Key Framework: To deploy smart legal contracts, three encryption keys (SC Key) in separate logical and physical locations provides governance, management, regulatory compliance, and execution for on-chain encryption key management in Cloud, HSM, and SIM software operating environments” Computer software programs per se do not fall within recognized categories of statutory subject matter. If the system in claims 21 is considered as machines, then the machines need to consist of some concrete parts or structures, which are currently not recited in the claims. The examiner suggests including a piece of hardware such as a hardware component (e.g., hardware processor or a memory) to overcome this rejection (See MPEP § 2106). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson et al. (US 20060235796 A1, hereinafter “Johnson”) in view of Farag et al. (US 20230362655 A1, hereinafter “Farag”). Regarding claim 21, (New) Johnson discloses a secure communication system for mobile devices in a packet-based wireless mobile network with identity security of both user and transaction comprising: a system controller of the secure communication system that is an entity that can transact, wherein the system controller issues and controls encryption keys to customers for secure transactions (Johnson: [0121] the client or host computing device 710 (which may be a personal computer, mobile phone, or other portable or non-mobile computing device) initiates the authentication request by sending a network security token request 725 to the mobile infrastructure 720 via the authentication/trusted server 715 (“system controller”); [0122] the mobile infrastructure 720 and/or authentication server 715 (“system controller”) can respond by generating a message that contains a network security token 745 with encrypted session key(s), which are signed and/or encrypted using the shared secret 740. The client 710 can then verify the signed message and pass the encrypted network session key(s) to the SIM 705 for decryption. The session key(s) 750 (“encryption keys”, see para.0128 regarding encryption using the session key) are then delegated or passed from the mobile module 705 to the software platform or stack of the host computing device 710 and from the mobile operator 720 to the authentication server 715 (“issued and control the encryption keys from system controller”)); a first SIM device in the packet-based wireless mobile network wherein the first SIM device captures quality of service data, user identity data and transaction data (Johnson: [0121 and 0122] The mobile module 705 (“first SIM device) uses a secret 740 shared between it and the mobile infrastructure 720 for generating a challenge response 735 (“captured data”), which is then forwarded to the client 710. The client 710 will use the challenge response 735 (“captured data”) to generate a request security token response (“captured data including user identity data”), which may also include the SIM identity and the challenge 730 for authentication purposes. The request security token response and the challenge response 735 (“captured data”) therein can be validated using, e.g., the shared secret 740. Using the shared secret 740, the mobile module 705 can then return the un-encrypted session key(s) 750 to the client 710. The mobile module 705 (“first SIM device”) can then return the un-encrypted session key(s) 750 (“quality of service data is captured”) to the client 710; [0123] The session key(s) 750 (“captured quality of service data” which improves quality because it establishes network session) are then delegated or passed from the mobile module 705 (“first SIM device”) to the software platform or stack of the host computing device 710 and from the mobile operator 720 to the authentication server 715 (if necessary). The mobile module 705 typically needs an active billing account in good standing on the mobile infrastructure 720. Accordingly, upon verification of the challenge response 735 (“captured data”) and such active billing account information (“captured data including transaction data”), a trust may be established between the SIM 705 and mobile infrastructure 720 creating a virtual secure channel); a second SIM device in the packet-based network that is separated from the first SIM device and receives captured data from the first SIM device (Johnson: [0122] The client 710 (“second SIM device”) will use the challenge response 735 (“captured data”) to generate a request security token response, which may also include the SIM identity and the challenge 730 for authentication purposes), wherein captured data from the first SIM device and the second SIM device are analyzed and data elements that establish a hybrid pattern for user identity and transaction authorization are performed under authority of the system controller before issuing encryption keys (Johnson: [0118] the SIM or other device may require a password before the mobile module or other device will issue a device token. Of course, other forms of credentials for authentication on the device level (“a hybrid pattern for user identity and transaction authorization”) are also contemplated herein (“before issuing encryption keys”, the challenge and the response are analyzed prior to the steps 740-755); … ; [0122] the session key(s) 750 (“encryption keys”, see para.0128 regarding encryption using the session key) are then delegated or passed from the mobile module 705 to the software platform or stack of the host computing device 710 and from the mobile operator 720 to the authentication server 715). However, Johnson does not disclose, Farag in a same field of endeavor teaches the secure communication system comprising: a second SIM device stores captured data as immutable data (Farag: [0012] The shared, verifiable, and immutable nature of a public distributed ledger (e.g., blockchain) creates a trusted source for SIM data); and a packet-based communication network with data packets wirelessly transmitted in standard packets on-chain node consensus processing (Farag: [0012] The shared, verifiable, and immutable nature of a public distributed ledger (e.g., blockchain) creates a trusted source for SIM data). Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to have modified the independent network disclosed by Johnson with the teachings of Farag to include a second SIM device that stores captured data as immutable data; and a packet-based communication network with data packets wirelessly transmitted in standard packets on-chain node consensus processing. One of ordinary skill in the art would have been motivated to make this modification because a blockchain includes a digital distributed ledger that stores digital records of data such as transactions that are distributed and maintained among nodes of a computer network, where the entries are stored in blocks of the ledger that are cryptographically related. Thus, a blockchain network has a decentralized, distributed database where a ledger is maintained by peer nodes (para. 0030). Regarding claim 22, (New) the combination of Johnson and Farag discloses all elements of the current invention as stated above. Johnson discloses the system of claim 21 wherein the second SIM device is stationary (Johnson: [0121] Typically, the client or host computing device 710 (which may be a personal computer)). Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Johnson et al. (US 20060235796 A1, hereinafter “Johnson”) in view of Farag et al. (US 20230362655 A1, hereinafter “Farag”) in view of Grayson (US 20230021642 A1, hereinafter “Grayson”). Regarding claim 23, (New) the combination of Johnson and Farag discloses all elements of the current invention as stated above. The combination does not disclose, Grayson in a same field of endeavor teaches the system of claim 21 wherein the quality of service has QOS metrics and at least one QOS metric of significance is captured and analyzed as a data element for establishing the hybrid pattern for user identity and transaction authorization (Grayson: [0041] Similarly, the Subscriber Identity Module(s) (SIM(s)) of mobile device 102 may be configured with one or more federation defined E.212 numbers to use when performing network selection; [0049] the identity type(s) (e.g., any type, SP identity, cloud provider identity, etc.) that the IDP uses to perform authentication for a mobile device. For an ANP, the policy specific identity information 242 can be used to indicate identity type(s) supported by the ANP for authentication with an IDP. Further, identity (ID) policy information 243 can be encoded to indicate whether identity information a baseline ID policy is to be applied such that identities are to be kept private (e.g., all users are to be anonymous) or whether a permanent ID will be returned by the IDP. Further, Quality of Service (QoS) information, such as a baseline or ‘bronze’ QoS 244, a mid-level or ‘silver’ QoS 245, and/or a top-level or ‘gold’ QoS 246 (“QOS metrics”) can be used to indicate, for an IDP, service level(s) sought by the IDP for service by an ANP and can be used to indicate, for an ANP, service level(s) supported by the ANP). Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to have modified the independent network disclosed by Johnson with the teachings of Grayson to include the quality of service that has QOS metrics and at least one QOS metric of significance is captured and analyzed as a data element for establishing the hybrid pattern for user identity and transaction authorization. One of ordinary skill in the art would have been motivated to make this modification because it enable faster, more secure logins, while QOS provides clear service levels for a smoother experience. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Rishy-Maharaj et al. (US 20130165075 A1): [0119] In one embodiment, the transmission of credentials may be a multistep process. For instance, the wireless device 102 may first have to provide a personal identification number in order to get the wireless device 102 or its SIM 124 to transmit credentials. The local mobile server systems 106 may search the database of network server 106 for the incoming IMSI and the K associated with the IMSI. Then the operator may generate a random number ("RAND") and signs it with the K associated with the IMSI computing a first signed response number ("SRES_1"). The operator network may send the RAND to the wireless device 102 or the SIM 124 of wireless device 102. The wireless device 102 or the SIM 124 may sign the RAND with a K producing a second signed response ("SRES_2") that is sent back to the local mobile server systems 106 with an encryption key ("K.sub.g"). The local mobile server systems 106 compare the SRES_1 and SRES_2 received to information stored, and if the SER_1 and SER_2 are determined to be authentic, the wireless device 102 and/or its SIM 124 are authenticated. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached at (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ANDREW SUH/Primary Examiner, Art Unit 2493