Prosecution Insights
Last updated: July 17, 2026
Application No. 18/610,630

ANONYMOUSLY ISSUING A VERIFIABLE CREDENTIAL

Final Rejection §101§103
Filed
Mar 20, 2024
Priority
Mar 21, 2023 — EU 23163314
Examiner
WALIULLAH, MOHAMMED
Art Unit
2498
Tech Center
2400 — Computer Networks
Assignee
Nederlandse Organisatie Voor Toegepast-natuurwetenschappelijk Onderzoek Tno
OA Round
2 (Final)
87%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
98%
With Interview

Examiner Intelligence

Grants 87% — above average
87%
Career Allowance Rate
632 granted / 729 resolved
+28.7% vs TC avg
Moderate +11% lift
Without
With
+11.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 4m
Avg Prosecution
23 currently pending
Career history
749
Total Applications
across all art units

Statute-Specific Performance

§101
3.8%
-36.2% vs TC avg
§103
81.5%
+41.5% vs TC avg
§102
1.2%
-38.8% vs TC avg
§112
6.8%
-33.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 729 resolved cases

Office Action

§101 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner noted processor as hardware per defined in para [0087] of specification. Response to Arguments Applicant's arguments filed 03/25/26 have been fully considered but they are not persuasive. On page 10 regarding 101 rejection the applicant argued that examiners are instructed that a limitation should be treated as a mental process only if it can be practically performed in the human mind or with pen and paper, such as evaluations or subjective judgments. On page 3 examiner clearly stated that these steps can be performed by manually as : Like, obtaining a paper certificate which was issued by issuer, obtaining singing information from the paper certificate, creating a proof by verifying signing information, verifying signature, providing verifiable credential (seal) to credential holder(person: as stated in the claim), these limitations - recite a mental process – that is a concept which may be performed in the human mind, such as an observation, evaluation, judgment, or opinion. (see MPEP 2106.04(a)(2). Like, obtaining a paper certificate which was issued by issuer, obtaining singing information from the paper certificate, creating a proof by verifying signing information, verifying signature, providing verifiable credential (seal) to credential holder(person: as stated in the claim), these limitations - recite a mental process – that is a concept which may be performed in the human mind, such as an observation, evaluation, judgment, or opinion. (see MPEP 2106.04(a)(2). On page 11 the applicant further argued that “when considered as a whole, is integrated into a practical application of the abstract idea by applying, relying on, and/or using it in a manner that imposes a meaningful limit on it. In particular, Applicant submits that the recited mechanism for issuing a verifiable credential represents an improvement to security systems and reflects an example of "other technology" as discussed in MPEP 2106.04(d)(1)” . Claim as a whole do not verify credentials to access or any use case practically. Claim “creating the verifiable credential for the credential holder, the verifiable credential comprising the claim information and the proof, the verifiable credential comprising or being associated with verification information, the verification information being common to all members of the anonymity group; and providing the verifiable credential from the system of the credential issuer to a system of the credential holder,” as a whole only creating verifiable information not using it for practical purpose. There is no verification for practical uses. Further, “obtaining, the credential holder being a different person or organization than the credential issuer”, “obtaining, signing information; “creating, proof for the claim information by signing the claim information with the signing information”; “creating, verifiable credential for the credential holder”; and “providing the verifiable credential from the credential issuer to the credential holder” these are also assumed as insignificant extra solution activities. Pls see MPEP 2106.05 more details. Thus, claim rejection under 101 abstract idea still stand rejected. With regards to 103 rejection the applicant argued on page 12-13 that “the proposed combination does not teach or suggest the entirety of the features recited in the pending claims for at least the reasons discussed below. The recited method establishes and provides anonymity to a credential issuer including both the credential holder and the credential verifier. For example, the recited method establishes and provides anonymity to a credential issuer based on being a member of the anonymity group and creating the verification information such that it is common to all members of the anonymity group.” Examiner respectfully disagrees. Examiner relied on Camenisch for obtaining, at a system of a credential issuer, claim information associated with a credential holder, the credential holder being a different person or organization than the credential issuer ([0032] Note: “Credential Issuer” is verifier server and "user computer" corresponds to the "credential Holder” are different entity, “attributes” correspond to ”claim information” ); obtaining, at the system of the credential issuer, the signing information being unique for the credential issuer ([0032] Note: by generating signature issuer need secret/private key which is obtained by creating from names, date of birth, nationality, profession, role in an organization etc., for users, and ID, serial number, platform configuration, etc. for user computers ); creating, at the system of the credential issuer, proof for the claim information by signing the claim information with the signing information ([0039];);creating, at the system of the credential issuer, the verifiable credential for the credential holder, the verifiable credential comprising the claim information and the proof, the verifiable credential comprising or being associated with verification information ([0039] Note: "attribute credential Catt" corresponds to the "verifiable credential" claimed wherein the public key skI corresponds to the verification information being associated to the verifiable credential ), and providing the verifiable credential from the system of the credential issuer to a system of the credential holder ([0040]). And examiner relied on Griffin for “Obtaining, signing information for an anonymity group , the credential issuer being a member of the anonymity group” (Col 6 line 15-25;), “the verification information being common to all members of the anonymity group”(Col 5 line 10-15;). Combination of Camenisch and Griffin provides teaching of whole claim 1, 8, 11, 14-16(pls see the rejection). On pagte 14 the applicant further argued that “Applicant submits that in operation a verifiable credential is issued from a system of the credential issuer to a system of a credential holder without revealing the identity of the credential issuer. No combination of Camenisch and Griffin provides or results in anonymity for the credential issuer. For example, in the annotated FIG. 4 of Camenisch, the user PC 2 generates a first user pseudonym and sends this to the issuer computer and requests issue of an attribute credential Catt for a plurality of attributes.” Examiner relied on Griffin for “Obtaining, signing information for an anonymity group , the credential issuer being a member of the anonymity group (Col 6 line 15-25;), the verification information being common to all members of the anonymity group(Col 5 line 10-15;). Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. At step 1, the claim recites a method comprising a combination of “Obtaining…”, “Obtaining …”, “creating…” and “creating…”, “providing….” is a process, which is a statutory category of invention. At step 2A, prong one, the claim recites “obtaining, claim information associated with a credential holder, the credential holder being a different person or organization than the credential issuer”, “obtaining, signing information, “the signing information being unique for the credential issuer”; “creating, proof for the claim information by signing the claim information with the signing information”; “creating, verifiable credential for the credential holder, the verifiable credential comprising the claim information and the proof, the verifiable credential comprising or being associated with verification information”; and “providing the verifiable credential from the credential issuer to the credential holder” . Like, obtaining a paper certificate which was issued by issuer, obtaining singing information from the paper certificate, creating a proof by verifying signing information, verifying signature, providing verifiable credential (seal) to credential holder(person: as stated in the claim), these limitations - recite a mental process – that is a concept which may be performed in the human mind, such as an observation, evaluation, judgment, or opinion. (see MPEP 2106.04(a)(2). The courts do not distinguish between mental processes that are performed entirely in the human mind and mental processes that require a human to use a physical aid (e.g., pen and paper or a slide rule) to perform the claim limitation. (see MPEP 2106.04(a)(2).) That is, nothing in the claim element precludes the step from practically being performed in the mind. Accordingly, the claim recites an abstract idea. At step 2A, prong two, this judicial exception is not integrated into a practical application. In particular, claim recites, “the verifiable credential comprising the claim information and the proof, the verifiable credential comprising or being associated with verification information”, “the credential issuer being a member of the anonymity group” are merely concept data transferring can be performed in generic computer not an practical application of abstract idea. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. At step 2B, the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements “system of credential issue”, “system of credential holder” no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using generic computer components cannot provide an inventive concept. Independent claims 4, 8 and 111,14-16 has similar limitations also rejected by same rational. Dependents claims 2-3, 9-10, 12-13, are an insignificant extra solution activity. Thus, this claim recites an abstract idea (see 2106.05(g). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4, 8-16 are rejected under 35 U.S.C. 103 as being unpatentable over Camenisch et al(US 20170359184 A1) In view of Griffin (US 11265176 B1). With regards to claim 1, Camenisch discloses, A method of issuing a verifiable credential, the method comprising: obtaining, at a system of a credential issuer, claim information associated with a credential holder, the credential holder being a different person or organization than the credential issuer ([0032] In operation of system 1, the authorization process requires possession by user PC 2 of an attribute credential C.sub.att. The credential C.sub.att certifies a set of (one or more) attributes which may be associated with user PC 2 and/or a user thereof. Common attribute examples include names, date of birth, nationality, profession, role in an organization etc., for users, and ID, serial number, platform configuration, etc. for user computers. In general, however, attributes may represent any item of information about which proof may need to be presented to a verifying entity. FIG 1 and associated text; [0039] In step 40 of FIG. 4, authorization logic 8 of user PC 2 generates a first user pseudonym pk.sub.U1 from the secret user key sk.sub.U stored in memory 9. In step 41, authorization logic 8 sends the first pseudonym pk.sub.U1 to the issuer computer and requests issue of an attribute credential C.sub.att for a plurality of attributesThe attributes, denoted by a.sub.1, . . . , a.sub.k (k>1) in the following, are verified by the issuing authority I in any appropriate manner, and the user may supply any additional informational required for this purpose. Such procedures are well known and the details are orthogonal to the operation to be described. In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. [0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. Note: “Credential Issuer” is verifier server and "user computer" corresponds to the "credential Holder” are different entity, “attributes” correspond to ”claim information” ); obtaining, at the system of the credential issuer, the signing information being unique for the credential issuer ([0032] In operation of system 1, the authorization process requires possession by user PC 2 of an attribute credential C.sub.att. The credential C.sub.att certifies a set of (one or more) attributes which may be associated with user PC 2 and/or a user thereof. Common attribute examples include names, date of birth, nationality, profession, role in an organization etc., for users, and ID, serial number, platform configuration, etc. for user computers. In general, however, attributes may represent any item of information about which proof may need to be presented to a verifying entity. Attribute credentials can be issued in any known manner by a credential issuing authority which verifies the attribute(s) in question and encodes the attribute(s) in the credential to certify correctness of the information. Such a credential typically comprises a cryptographic signature by the issuing authority I under its own private (secret) key sk.sub.I of a public/private cryptographic key pair (sk.sub.I,pk.sub.I). Note: by generating signature issuer need secret/private key which is obtained by creating from names, date of birth, nationality, profession, role in an organization etc., for users, and ID, serial number, platform configuration, etc. for user computers ); creating, at the system of the credential issuer, proof for the claim information by signing the claim information with the signing information ([0039]; The attributes, denoted by a.sub.1, . . . , a.sub.k (k>1) in the following, are verified by the issuing authority I in any appropriate manner, and the user may supply any additional informational required for this purpose. Such procedures are well known and the details are orthogonal to the operation to be described. In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. The credential C.sub.att comprises a cryptographic signature σ.sub.skI under a secret issuer key sk.sub.I of a public/private key pair (pk.sub.I,sk.sub.I), the issuer public key pk.sub.I of which is published and known to all computers 2, 3 and 4 in system 1. The credential C.sub.att can be bound to user pseudonym pk.sub.U1 here by, for example, encoding sk.sub.U as an additional attribute in the credential when using the pseudonym pk.sub.U1 as a parameter in the signature generation algorithm); creating, at the system of the credential issuer, the verifiable credential for the credential holder, the verifiable credential comprising the claim information and the proof, the verifiable credential comprising or being associated with verification information ([0039] In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. The credential C.sub.att comprises a cryptographic signature σ.sub.skI under a secret issuer key sk.sub.I of a public/private key pair (pk.sub.I,sk.sub.I), the issuer public key pk.sub.I of which is published and known to all computers 2, 3 and 4 in system 1. The credential C.sub.att can be bound to user pseudonym pk.sub.U1 here by, for example, encoding sk.sub.U as an additional attribute in the credential when using the pseudonym pk.sub.U1 as a parameter in the signature generation algorithm. Note: "attribute credential Catt" corresponds to the "verifiable credential" claimed wherein the public key skI corresponds to the verification information being associated to the verifiable credential ), and providing the verifiable credential from the system of the credential issuer to a system of the credential holder ([0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. In step 44, authorization logic 8 of PC 2 stores the attribute credential C.sub.att and identifier cid in memory 9). Camenisch does not exclusively but Griffin teaches, Obtaining, signing information for an anonymity group , the credential issuer being a member of the anonymity group (Col 6 line 15-25; (8) In some implementations, in an anonymous feedback environment each member of the group has a public and private key pair. The group manager may create the security parameters related to the group and may issue the group public key and work with each member of the group in the creation of their respective private key. The creation of each respective private key may be an iterative process with where each private key is created to work with an already generated group public key. The end result is each group member ends up with each group's own assigned private key paired with the one public key. Col 5 line 10-20; The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group.), the verification information being common to all members of the anonymity group (Col 5 line 10-15; This may be accomplished through the use of group signatures. Group signatures are anonymous digital signature mechanisms in which a relying party uses a single group public key to verify the digital signatures of all group members, while each group member has their own distinct, private signing key.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Camenisch’s method with teaching of Griffin in order to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback(Griffin abstract). With regards to 2, 9 claim Camenisch in view of Griffin discloses, wherein the method further comprises: providing, by the system of the credential holder, a presentation of the verifiable credential to a system of a credential verifier ( FIG 6 62, 65 and associated text; ); and verifying, at the system of the credential verifier, based on the verification information (FIG 6 62, 65 and associated text;), Verification information that the verifiable credential has been issued by a member of the anonymity group (Griffin Col 5 line 0-50; The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group.). Motivation would be same as stated in claim 1. With regards to 3, claim Camenisch in view of Griffin discloses, wherein the verifiable credential is provided from the system of the credential issuer to the system of the credential holder via an anonymous channel (Griffin Col 5 line 0-50; In some implementations a third party, for example the third party providing a company with the systems and/or applications needed to utilize anonymous feedback through group signature, is also a group manager. The group manager may have the capability of linking of two signatures by the same signer, the opening of a signature to reveal the identity of the signer, and revocation of group membership or certain capabilities in order to implement particular rules and/or parameters applied to feedback. The group manager may be a trusted third party such that a business can set parameters and rules for feedback but would not be able to break the anonymity of the signer without the third party.). Motivation would be same as stated in claim 1. Claim 4 is a system claim of a credential issuer comprising at least one processor (Camenisch [0038] In this example, the attribute credential is issued electronically via communications over network 6 between PC 2 and an issuer computer (not shown in FIG. 1), e.g. a server operated by issuing authority I. ) process substantial similar steps corresponding to method claim 1, also rejected accordingly. With regards to claim 8, Camenisch discloses, A system of a credential holder comprising at least one processor configured to: receive a verifiable credential from a system of a credential issuer ([0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. In step 44, authorization logic 8 of PC 2 stores the attribute credential C.sub.att and identifier cid in memory 9; [0039]), the credential holder being a different person or organization than the credential issuer ([0039] In step 40 of FIG. 4, authorization logic 8 of user PC 2 generates a first user pseudonym pk.sub.U1 from the secret user key sk.sub.U stored in memory 9. In step 41, authorization logic 8 sends the first pseudonym pk.sub.U1 to the issuer computer and requests issue of an attribute credential C.sub.att for a plurality of attributes…..[0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. Note: Issuer is verifier server and "user computer" corresponds to the "credential Holder”), the verifiable credential comprising claim information and proof for the claim information, the verifiable credential comprising or being associated with verification information ([0039] In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. The credential C.sub.att comprises a cryptographic signature σ.sub.skI under a secret issuer key sk.sub.I of a public/private key pair (pk.sub.I,sk.sub.I), the issuer public key pk.sub.I of which is published and known to all computers 2, 3 and 4 in system 1. The credential C.sub.att can be bound to user pseudonym pk.sub.U1 here by, for example, encoding sk.sub.U as an additional attribute in the credential when using the pseudonym pk.sub.U1 as a parameter in the signature generation algorithm. Note: "attribute credential Catt" corresponds to the "verifiable credential" claimed wherein the public key skI corresponds to the verification information being associated to the verifiable credential), Camenisch does not exclusively but Griffin Teaches, the credential issuer being a member of the anonymity group (Col 5 line 10-20; The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group.), the verification information being common to all members of the anonymity group (Col 5 line 10-15; This may be accomplished through the use of group signatures. Group signatures are anonymous digital signature mechanisms in which a relying party uses a single group public key to verify the digital signatures of all group members, while each group member has their own distinct, private signing key.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Camenisch’s method with teaching of Griffin in order to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback(Griffin Abstract;) With regards to 10 , claim Camenisch in view of Griffin discloses, wherein the at least one processor is configured to: verify, based on the verification information, that the verifiable credential has been issued by a member of the anonymity group (Griffin Col 5 line 0-50; Group signatures are anonymous digital signature mechanisms in which a relying party uses a single group public key to verify the digital signatures of all group members, while each group member has their own distinct, private signing key. The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group. ), and provide the presentation of the verifiable credential to the system of the credential verifier only if the verifiable credential is verified to have been issued by a member of the anonymity group (Griffin Col 5 line 0-50; The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group. Group signatures allow for one group public key and a plurality of private keys, where each private key is associated with a group member. Signatures created by different group members are indistinguishable to verifiers but the group manager is able to determine which member has signed or to link member signatures) . Motivation would be same as stated in claim 1. With regards to claim 11, Camenisch discloses, A system of a credential verifier comprising at least one processor configured to: receive a presentation of a verifiable credential from a system of a credential holder ([0032] In operation of system 1, the authorization process requires possession by user PC 2 of an attribute credential C.sub.att. The credential C.sub.att certifies a set of (one or more) attributes which may be associated with user PC 2 and/or a user thereof. Common attribute examples include names, date of birth, nationality, profession, role in an organization etc., for users, and ID, serial number, platform configuration, etc. for user computers. In general, however, attributes may represent any item of information about which proof may need to be presented to a verifying entity. [0039] In step 40 of FIG. 4, authorization logic 8 of user PC 2 generates a first user pseudonym pk.sub.U1 from the secret user key sk.sub.U stored in memory 9. In step 41, authorization logic 8 sends the first pseudonym pk.sub.U1 to the issuer computer and requests issue of an attribute credential C.sub.att for a plurality of attributes…..[0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. Note: Issuer is verifier server and "user computer" corresponds to the "credential Holder”), the verifiable credential comprising claim information and proof for the claim information, the verifiable credential having been issued by a credential issuer ([0039] In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. The credential C.sub.att comprises a cryptographic signature σ.sub.skI under a secret issuer key sk.sub.I of a public/private key pair (pk.sub.I,sk.sub.I), the issuer public key pk.sub.I of which is published and known to all computers 2, 3 and 4 in system 1. The credential C.sub.att can be bound to user pseudonym pk.sub.U1 here by, for example, encoding sk.sub.U as an additional attribute in the credential when using the pseudonym pk.sub.U1 as a parameter in the signature generation algorithm. Note: "attribute credential Catt" corresponds to the "verifiable credential" claimed wherein the public key skI corresponds to the verification information being associated to the verifiable credential), the credential holder being a different person or organization than the credential issuer ([0039] In step 40 of FIG. 4, authorization logic 8 of user PC 2 generates a first user pseudonym pk.sub.U1 from the secret user key sk.sub.U stored in memory 9. In step 41, authorization logic 8 sends the first pseudonym pk.sub.U1 to the issuer computer and requests issue of an attribute credential C.sub.att for a plurality of attributes…..[0040] In step 43, the issuer computer sends the attribute credential C.sub.att, together with a unique credential identifier cid for this credential, to user PC 2. Note: Issuer is verifier server and "user computer" corresponds to the "credential Holder”), the verifiable credential comprising or being associated with verification information, and verify, based on the verification information ([0039] In step 42, the issuer computer generates an attribute credential C.sub.att certifying the attributes (a.sub.1, . . . , a.sub.k) and bound to the first user pseudonym pk.sub.U1. In this embodiment, the credential C.sub.att is a privacy-preserving credential permitting zero-knowledge proofs to be made about attributes, e.g. an anonymous credential of the Identity Mixer credential system referenced above. The credential C.sub.att comprises a cryptographic signature σ.sub.skI under a secret issuer key sk.sub.I of a public/private key pair (pk.sub.I,sk.sub.I), the issuer public key pk.sub.I of which is published and known to all computers 2, 3 and 4 in system 1. The credential C.sub.att can be bound to user pseudonym pk.sub.U1 here by, for example, encoding sk.sub.U as an additional attribute in the credential when using the pseudonym pk.sub.U1 as a parameter in the signature generation algorithm. Note: "attribute credential Catt" corresponds to the "verifiable credential" claimed wherein the public key skI corresponds to the verification information being associated to the verifiable credential) Camenisch does not exclusively but Griffin Teaches, the credential issuer being a member of an anonymity group, the verifiable credential has been issued by a member of the anonymity group (Col 5 line 10-20; The systems and applications may leverage group signature technology to protect the anonymity of the feedback provider. While assurance is gained that the information is coming from a group member by using the group public key to verify a group member signature, there is no way for an outsider to verify which of the group members has provided the data signed by a member of the group.), the verification information being common to all members of the anonymity group (Col 5 line 10-15; This may be accomplished through the use of group signatures. Group signatures are anonymous digital signature mechanisms in which a relying party uses a single group public key to verify the digital signatures of all group members, while each group member has their own distinct, private signing key.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Camenisch’s method with teaching of Griffin in order to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback(Griffin Abstract;) With regards to 12 , claim Camenisch in view of Griffin discloses, wherein the at least one processor is configured to obtain the verification information from at least one of the system of the credential holder, the system of the credential issuer, a group management system, the verification information comprising group information and public cryptographic information associated with the anonymity group (Griffin Col 5 line 0-50; Anonymity of the group members may help mitigate or prevent any malicious identification and/or retaliation against those providing feedback. In some implementations a third party, for example the third party providing a company with the systems and/or applications needed to utilize anonymous feedback through group signature, is also a group manager. The group manager may have the capability of linking of two signatures by the same signer, the opening of a signature to reveal the identity of the signer, and revocation of group membership or certain capabilities in order to implement particular rules and/or parameters applied to feedback. The group manager may be a trusted third party such that a business can set parameters and rules for feedback but would not be able to break the anonymity of the signer without the third party. The group manager may be able to break the anonymity of the signer to the extent needed to apply the parameters and/or rules for feedback. This may be aided through the use of digital certificates. In some implementations, identification of a signer as belonging to a particular group or having a particular status or position is accomplished by adding an appropriate identifier in the group public key certificate). Motivation would be same as stated in claim 1. With regards to claim 13, Camenisch in view of Griffin further discloses, wherein the at least one processor (25,85) is configured to: transmit a request to reveal an identity of the credential issuer to the system of the credential holder or directly to a system of an opening authority (Griffin Col 13 line 35-50; The group certificate extension may be designated as non-critical. For example, a certificate authority may validate a digital certificate without checking for the extension and/or any data values associated with the extension. In some implementations, the group manager is identified by a uniform resource identifier (URI) that allows for a determination of who is operating the group allowing for a request to be sent to open a signature associated with one of the group signatures or link two or more signatures potentially associated with one of the group signatures.), and receive information specifying the identity of the credential issuer from the system of the opening authority if the request was accepted by the system of the opening authority. Motivation would be same as stated in claim 1. Claims 14-16 are non-transitory computer readable medium (Camenisch FIG 2 20 and associated text;) claim recites corresponding to system claims 4, 8, 11, also rejected accordingly. Allowable Subject Matter Claims 5-7 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498
Read full office action

Prosecution Timeline

Mar 20, 2024
Application Filed
Nov 26, 2025
Non-Final Rejection mailed — §101, §103
Mar 25, 2026
Response Filed
May 28, 2026
Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683763
COMPUTER-BASED SYSTEMS CONFIGURED TO SELECT A MONITORED DATA SEGMENTATION AND METHODS OF USE THEREOF
2y 6m to grant Granted Jul 14, 2026
Patent 12682081
KEY DEPRECATION WITHOUT CERTIFICATE REVOCATION
2y 6m to grant Granted Jul 14, 2026
Patent 12682061
MALWARE ANALYSIS CONTINUATION SYSTEM AND MALWARE ANALYSIS CONTINUATION METHOD
1y 10m to grant Granted Jul 14, 2026
Patent 12671683
FINGERPRINTING PKI CERTIFICATES BI-DIRECTIONALLY
2y 8m to grant Granted Jun 30, 2026
Patent 12665763
HUB-BASED TOKEN GENERATION AND ENDPOINT SELECTION FOR SECURE CHANNEL ESTABLISHMENT
2y 8m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
87%
Grant Probability
98%
With Interview (+11.0%)
2y 4m (~0m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 729 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month