DETAILED CORRESPONDENCE
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Acknowledgments
This Action is in response to the patent application filed on April 1, 2024. Claims 1-20 are currently pending and have been fully examined.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 4 and 9 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
With respect to claims 4 and 9, each claims recite: “the transaction message is part of another position message.” However, the claims further recite: “determining that the position message and the transaction message are cryptographically bound…” This makes the scope of the claim unclear because it is not clear whether “the position message” is referring to the position message of claims 1 and 6 or to the “another position message” recited in claims 4 and 9. Therefore, the scope of the claim is unclear and one of ordinary skill in the art would not be reasonably appraised of the scope of the claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of pre-AIA 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 5-7, 10-12, 15-17 and 20 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Heath (US Patent Publication No. 2013/0018705,) in view of Safak ( US Patent Publication No. 2019/0180275,) further in view of Riittinen (US Patent Publication No. 2007/0005976.)
With respect to claims 1 and 6, Heath, which like the present Application is directed to location-enabled mobile wireless device payment services, teaches:
receiving, at roadside equipment, a position message indicating a position of the UE; (location-based transaction system receives location information from a mobile device within a vehicle: [0029], the location-based system acts as a roadside device: [0031])
receiving, at the roadside equipment, a transaction message from the UE, the transaction message being separate from the position message… (a transaction such as toll payment is initiated after user enters a geofence, when the user requests to use the services (request is a transaction message): [0031]-[0032])
and including an encrypted token containing information associated with the UE to enable completion of the transaction; (the received message may include encrypted data: [0029])
The examiner notes that the claim recitation “to enable completion of the transaction” indicates intended use of the encrypted token and therefore does not further limit the scope of the claim.
determining a presence of the UE in a transaction region; (detect presence of the mobile device : [0028]-[0029])
completing the transaction in response to determining the presence of the UE in the transaction region… (perform location-based transaction after determining presence: FIG. 2, steps 36 and 40, [0028]-[0032])
Heath does not explicitly teach; however, Safak, which like the present Application is directed to performing transactions using encrypted tokens, teaches:
transaction message including an encrypted token, (consumer conveys an encrypted payment token in a transaction message: [0025], [0034]-[0036])
decrypting the encrypted token to produce a decrypted token; ([0036])
completing the transaction using the information contained in the decrypted token in response to determining that the position message and the transaction message are cryptographically bound and determining the presence of the UE in the transaction region. (process transaction using the decrypted token and in response to verification of digital signature (i.e., cryptographically bound): [0036]-[0039])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate performing transactions using transaction messages that include encrypted tokens, as taught by Safak, into the location-based vehicle related transaction control system of Heath , in order to protect transaction data against exposure to fraudulent activities. (Safak: Abstract, [0003]-[0004])
Heath and Safak do not explicitly teach; however, Riittinen, which like the present Application is directed to authorizing messages by cryptographic binding, teaches:
determine that the position message and the transaction message are cryptographically bound; ([0044], [0048]-[0049], claims 1, 2, 4)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message authorization based on digital certificates, as taught by Riittinen, into the location-based vehicle related transaction control system of Heath and Safak , in order to ensure message authenticity prior to performing the transaction.
With respect to claims 2 and 7, Heath, Safak and Riittinen teach the limitations of claims 1 and 6.
Moreover, Riittinen teaches:
determining that the position message and the transaction message are cryptographically bound comprises determining that the position message and the transaction message are both signed with the same digital certificate. (the message and the capability certificate (i.e., two messages) signed by same private key (i.e., digital certificate): [0043]-[0044], [0048]-[0049])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message authorization based on digital certificates, as taught by Riittinen, into the location-based vehicle related transaction control system of Heath and Safak , in order to ensure message authenticity prior to performing the transaction.
With respect to claims 5 and 10, Heath, Safak and Riittinen teach the limitations of claims 1 and 6.
Moreover, Safak teaches:
wherein decrypting the encrypted token comprises decrypting the encrypted token with a private key associated with the roadside equipment. ([0073]-[0074])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate performing transactions using transaction messages that include encrypted tokens, as taught by Safak, into the location-based vehicle related transaction control system of Heath , in order to protect transaction data against exposure to fraudulent activities. (Safak: Abstract, [0003]-[0004])
With respect to claims 11 and 16, Heath teaches:
sending a position message from the UE to the roadside equipment, the position message indicating a position of the UE; (location-based transaction system receives location information from a mobile device within a vehicle: [0029], the location-based system acts as a roadside device: [0031])
sending the transaction message from the UE to the roadside equipment, the transaction message including the encrypted token and being separate from the position message. (a transaction such as toll payment is initiated after user enters a geofence, when the user requests to use the services (request is a transaction message): [0031]-[0032], the received message may include encrypted data: [0029])
Heath does not explicitly teach; however, Safak teaches:
encrypting a token containing information associated with the UE to produce an encrypted token and enable completion of a transaction; (computing device encrypts payment token: [0032])
The examiner notes that the claim recitation “to produce… and enable completion of a transaction” indicates intended use of the encrypted token and therefore does not further limit the scope of the claim.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate performing transactions using transaction messages that include encrypted tokens, as taught by Safak, into the location-based vehicle related transaction control system of Heath , in order to protect transaction data against exposure to fraudulent activities. (Safak: Abstract, [0003]-[0004])
Heath and Safak do not explicitly teach; however Riittinen teaches:
cryptographically binding the token with the position message; ([0042], [0044])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message authorization based on digital certificates, as taught by Riittinen, into the location-based vehicle related transaction control system of Heath and Safak , in order to ensure message authenticity prior to performing the transaction.
With respect to claims 12 and 17, Heath, Safak and Riittinen teach the limitations of claims 11 and 16.
Moreover, Riittinen teaches:
wherein cryptographically binding the token with the position message comprises digitally signing the token and the position message with the same digital certificate.(the message and the capability certificate (i.e., two messages) signed by same private key (i.e., digital certificate): [0043]-[0044], [0048]-[0049])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message authorization based on digital certificates, as taught by Riittinen, into the location-based vehicle related transaction control system of Heath and Safak , in order to ensure message authenticity prior to performing the transaction.
With respect to claims 15 and 20, Heath, Safak and Riittinen teach the limitations of claims 11 and 16.
Moreover, Safak teaches:
wherein encrypting the token comprises encrypting the token with a public key associated with the roadside equipment. ([0073]-[0074])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate performing transactions using transaction messages that include encrypted tokens, as taught by Safak, into the location-based vehicle related transaction control system of Heath , in order to protect transaction data against exposure to fraudulent activities. (Safak: Abstract, [0003]-[0004])
Claims 3-4 and 8-9 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Heath, in view of Safak and Riittinen, further in view of Mutescu (US Patent No. 10,979,403.)
With respect to claims 3 and 8, Heath, Safak and Riittinen teach the limitations of claims 1 and 6.
Heath, Safak and Riittinen do not explicitly teach; however Mutescu, which like the present Application is directed to message encryption and decryption, teaches:
wherein decrypting the encrypted token occurs before determining that data elements (i.e. messages) are cryptographically bound. (credentials (first data) and AAD (second data) are cryptographically bound: Col. 2 ll. 33-56, the destination information is compared with AAD after the decryption occurs, so that the comparison is performed only when the decryption is successful: Col. 5 ll. 61-64])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate access control to data by cryptographic binding and enabling decryption, as taught by Mutescu, into the location-based vehicle related transaction control system of Heath, Safak and Riittinen, in order to ensure protecting sensitive information during transaction. (Mutescu: Abstract, Col. 1 ll. 27-35)
With respect to claims 4 and 9, Heath, Safak and Riittinen teach the limitations of claims 1 and 6.
Heath, Safak and Riittinen do not explicitly teach; however Mutescu teaches:
wherein determining that the position message and the transaction message are cryptographically bound occurs before decrypting the encrypted token. (credentials (first data) and AAD (second data) are cryptographically bound: Col. 2 ll. 33-56, the destination information is compared with AAD before the decryption occurs, so that the decryption will only be performed if the destination data matches the AAD: Col. 5 ll. 57-60)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate access control to data by cryptographic binding and enabling decryption, as taught by Mutescu, into the location-based vehicle related transaction control system of Heath, Safak and Riittinen, in order to ensure protecting sensitive information during transaction. (Mutescu: Abstract, Col. 1 ll. 27-35)
Claims 13-14 and 18-19 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Heath, in view of Safak and Riittinen, further in view of Lee (US Patent Publication No. 2005/0144457.)
With respect to claims 13 and 18, Heath, Safak and Riittinen teach the limitations of claims 12 and 17.
Heath, Safak and Riittinen do not explicitly teach; however Lee, which like the present Application is directed to digitally signing and encrypting data, teaches:
wherein digitally signing the token occurs before encrypting the token, and wherein encrypting the token includes encrypting the digital certificate. (encryption is performed after digital signature and generates a securing context object that includes settings (i.e., digital certificate): [0041]-[0042], claim 4)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message security process based on a combined digital signing and encryption, as taught by Lee, into the location-based vehicle related transaction control system of Heath, Safak and Riittinen, in order to generate a security context object. (Lee: Abstract, [0015])
With respect to claims 14 and 19, Heath, Safak and Riittinen teach the limitations of claims 12 and 17.
Heath, Safak and Riittinen do not explicitly teach; however Lee teaches:
wherein digitally signing the token occurs after encrypting the token and comprises digitally signing the transaction message. (digital signature is performed after encryption and generates a securing context object that includes settings (i.e., digital certificate): [0041]-[0042], claim 4)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate message security process based on a combined digital signing and encryption, as taught by Lee, into the location-based vehicle related transaction control system of Heath, Safak and Riittinen, in order to generate a security context object. (Lee: Abstract, [0015])
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Griffin (US 10,277,400) teaches cryptographically biding messages using digital signatures, Pitroda (US 2007/0198432) teaches location-based transaction services, Canavor (US 2016/0285864) teaches using cryptographically bound messages to authenticate vehicles.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMA ASGARI whose telephone number is (571)272-2037. The examiner can normally be reached M-F 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached at (571)272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SIMA ASGARI/Examiner, Art Unit 3698
/PATRICK MCATEE/Supervisory Patent Examiner, Art Unit 3698