DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Applicant’s amendment filed 10 February 2026 amends claims 2, 13, and 21. Applicant’s amendment has been fully considered and entered.
Response to Arguments
Applicant argues on page 7 of the response, “Without conceding the merits of the rejection, the independent claims have been amended. Reconsideration and withdrawal of this rejection of the claims are respectfully requested in view of the amendments to the claims.” This argument is not persuasive because Applicant's arguments amount to a general allegation that the claims define a patent eligible subject matter without specifically pointing out how the language of the claims overcome the previous §101 rejections.
Applicant argues on page 8 of the response, “Rather than attest to the trustworthiness of the ‘computing device 104’ or the ‘financial institution 112’ of Ornelas, the first and second signatures are used as part of a segregation of duties to minimize ‘the risk that all the private keys could be compromised.’ Ornelas, paras. [0026] and [0032].” This argument is not persuasive because Orneles [0032] makes it clear that the digital signature process provides a means of proving the trustworthiness of the source of information containing the digital signature. Specifically, Ornelas describes rotating private keys such that the new key is digitally signed with the old private key “thus cryptographically proving that the new key came from the same trusted source as the old key.” Therefore, Ornelas clearly utilizes the digital signature procedure as a means of determining the trustworthiness of the source of the minting requests. However, as explained on pages 7-8 of the Non-Final dated 10 December 2025, Ornelas does not disclose multiple trust levels for the financial institutions. Zilberberg was utilized to describe financial institutions having multiple levels of trust.
Applicant argues on page 8 of the response, “When combining Ornelas with Zilberberg, the Examiner is piecing together unrelated concepts. Ornelas has keys for trusted financial institutions, whereas Zilberberg has trust scores for data sources.” This argument is not persuasive because Applicant has not appreciated the proposed modification of Ornelas as presented in the Non-Final dated 10 November 2025 (“Non-Final”). Specifically, Ornelas discloses different levels of public keys that correspond to the different financial entities ([0037] & [0038] & [0040]: first-level, second-level, and third-level each correspond with different entities). However, Ornelas does not specify that these different levels correspond to different levels of trust. Zilberberg discloses assigning multiple levels of trust to different financial institutions such as banks ([0080]). Therefore, the proposed modification is simply to assign different levels of trust to the corresponding levels of public keys that already exist within Ornelas.
Applicant argues on page 8 of the response, “There is no motivation to combine these two references to create a system where specific cryptographic keys correspond to categories of trustworthiness of client devices.” This argument is not persuasive because the Non-Final specified (Page 8) that “It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the trusted financial institutions of Ornelas to have been assigned trust level from a plurality of trust levels in order to provide a more accurate representation of the trust for that financial institution as suggested by Zilberberg ([0030] & [0068])”.
Applicant argues on page 9 of the response, “There simply is no assignment of keys to categories of trustworthiness of anything, much less client devices, in either Ornelas or Zilberberg.” In response, as stated above, Ornelas discloses different levels of public keys that correspond to the different financial entities ([0037] & [0038] & [0040]: first-level, second-level, and third-level each correspond with different entities). However, Ornelas does not specify that these different levels correspond to different levels of trust. Zilberberg discloses assigning multiple levels of trust to different financial institutions such as banks ([0080]). Therefore, the proposed modification is simply to assign different levels of trust to the corresponding levels of public keys that already exist within Ornelas. A reference may be understood by the artisan as suggesting a solution to a problem that the reference does not discuss. See KSR, 137, S. Ct. at 1742, 82 USPQ2d at 1397 (“Common sense teaches…that familiar items may have obvious uses beyond their primary purposes, and in many cases a personal of ordinary skill will be able to fit the teachings of multiple patents together like pieces of a puzzle... A person of ordinary skill is also a person of ordinary creativity, not an automaton.").
Applicant argues on page 9 of the response, “This is in stark contrast with Ornelas as Ornelas explicitly relies on traceability and accountability of the signing parties.” In response, Applicant has failed to show how the public keys of Ornelas uniquely identify the financial institutions. Arguments presented by applicant cannot take the place of factually supported objective evidence. See, e.g., In re Schulze, 346 F.2d 600, 602, 145 USPQ 716, 718 (CCPA 1965); In re De Blauwe, 736 F.2d 699, 705, 222 USPQ 191, 196 (Fed. Cir. 1984).
Applicant argues on page 9 of the response, “However, this rejection is improper because it would not be obvious to one of ordinary skill in the art to add categories of trustworthiness in the verification process of Ornelas since all institutions that sign the ‘minting request’ are required to be trusted.” In response, multiple levels of trust is still “trust”. Therefore, even if the financial institutions had different designations of trust, each financial institution would still be “trusted” as required.
In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning. But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper. See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971).
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 2-21 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventors, at the time the application was filed, had possession of the claimed invention. The specification does not support the amended claim requirement that each group verification key corresponds to a respective category of trustworthiness of client devices to enable verification of trustworthiness of the client device without revealing a unique identity of the client device. Applicant’s response failed to provide citations of support for the amended claim language.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 2, 3, 11-14, 21 are rejected under 35 U.S.C. 103 as being unpatentable over Ornelas, U.S. Publication No. 2021/0182806, in view of Zilberberg, U.S. Publication No. 2015/0127660.
Referring to claims 2, 21, Ornelas discloses a computing device 116 that receives a minting request (Figure 4A, step 410 & [0106]: minting request reads on the claimed attestation token), from a financial institution (Figure 4A, step 402 & [0098]: financial institution computing device reads on the claimed client device), that includes a plurality of digital signatures and a currency request (Figure 3A, element 336 & [0103]: currency request reads on the claimed set of data; any one of the signatures in the minting request can read on the claimed digital signature since the signatures are of the entire request that includes the currency request; minting request attests to the trustworthiness of the financial institution to the extent that the request includes a digital signature), which meets the limitation of receiving, from a client device, an attestation token that attests to trustworthiness of the client device, the attestation token comprising a set of data and a digital signature generated using the set of data. Computing device 116 verifies at least one signature of the received minting request ([0106]) by using first-level public keys and attempting to verify the signature using each of the first-level public keys until one of the first-level public keys successfully verifies the signature or all the first-level public keys have been tried ([0113]), which meets the limitation of validating the attestation token based on the digital signature, including, evaluating, for one or more group verification keys of a plurality of group verification keys, a verification function using the group verification key, the set of data, and the digital signature to identify a given group verification key for which the digital signature is verified successfully. The public keys are generated ([0030]: public keys are not disclosed as being generated based upon any uniquely identifiable information, which reads on the claimed without revealing a unique identity of the client device limitation), which meets the limitation of to enable verification of trustworthiness of the client device without revealing a unique identity of the client device. If the minting request includes multiple digital signature (i.e., third signature, fourth signature, etc.), verification can include attempting to verify the third/fourth signatures against each of the second-level public keys until one of the second-level public keys successfully verifies the third/fourth signature or all the second-level public keys have been tried ([0114]) and additional signatures (i.e., fifth/sixth signatures) can be verified by utilizing each of the third-level public keys until one of the third-level public keys successfully verifies the fifth/sixth signature or all the third-level public keys have been tried ([0115]), which meets the limitation of determining the [category of trustworthiness of the client device corresponding to the] given group verification key, validating the attestation token based at least one the [category of trustworthiness of the client device]. Upon successful verification of the digital signatures of the minting request, the requested digital currency is minted ([0119]), which meets the limitation of performing an action in response to validating the attestation token.
Ornelas discloses that verification using the public keys verifies that the public keys came from trusted financial institutions ([0144]-[0145]), which meets the limitation of wherein each group verification key corresponds to a [respective category of] trustworthiness. Ornelas does not disclose multiple trust levels for the financial institutions. Zilberberg discloses assigning multiple levels of trust to different financial institutions such as banks ([0080]: As applied to Ornelas each level of public keys would correspond to a level of trust. Therefore, financial institutions in Ornelas with public keys at specific levels would have a corresponding level of trust), which meets the limitation of wherein each group corresponds to a respective category of trustworthiness of client devices, determining the category of trustworthiness of the client devices corresponding to the given group verification key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the trusted financial institutions of Ornelas to have been assigned trust level from a plurality of trust levels in order to provide a more accurate representation of the trust for that financial institution as suggested by Zilberberg ([0030] & [0068]).
Referring to claim 3, Ornelas discloses a computing device 116 that receives a minting request (Figure 4A, step 410 & [0106]: minting request reads on the claimed attestation token), from a financial institution (Figure 4A, step 402 & [0098]) that includes a currency request (Figure 3A, element 336 & [0103]), which meets the limitation of receiving the attestation token comprises receiving, from the client device, a request that includes the attestation token. Upon successful verification of the digital signatures of the minting request, the requested digital currency is minted and the newly-minted tokens are transferred to the requesting financial institution ([0119]), which meets the limitation of performing the action comprises sending, the client device, a response to the request.
Referring to claim 11, Ornelas discloses that the computing device 116 receives the plurality of public keys before receiving the minting request ([0082]), which meets the limitation of obtaining the plurality of group verification keys prior to receiving the attestation token.
Referring to claim 12, Ornelas discloses that the public keys can be rotated ([0071] & [0074]), which meets the limitation of obtaining the plurality of group verification keys periodically.
Referring to claim 13, Ornelas discloses a computing device 116 that includes a processor ([0177]) and a memory storing instructions for execution by the processor ([0178]), which meets the limitation of a system comprising one or more processors, and one or more storage devices storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations. The computing device 116 receives a minting request (Figure 4A, step 410 & [0106]: minting request reads on the claimed attestation token), from a financial institution (Figure 4A, step 402 & [0098]: financial institution computing device reads on the claimed client device), that includes a plurality of digital signatures and a currency request (Figure 3A, element 336 & [0103]: currency request reads on the claimed set of data; any one of the signatures in the minting request can read on the claimed digital signature since the signatures are of the entire request that includes the currency request), which meets the limitation of receiving, from a client device, an attestation token that attests to trustworthiness of the client device, the attestation token comprising a set of data and a digital signature generated using the set of data. Computing device 116 verifies at least one signature of the received minting request ([0106]) by using first-level public keys and attempting to verify the signature using each of the first-level public keys until one of the first-level public keys successfully verifies the signature or all the first-level public keys have been tried ([0113]), which meets the limitation of validating the attestation token based on the digital signature, including, evaluating, for one or more group verification keys of a plurality of group verification keys, a verification function using the group verification key, the set of data, and the digital signature to identify a given group verification key for which the digital signature is verified successfully. The public keys are generated ([0030]: public keys are not disclosed as being generated based upon any uniquely identifiable information, which reads on the claimed without revealing a unique identity of the client device limitation), which meets the limitation of to enable verification of trustworthiness of the client device without revealing a unique identity of the client device. If the minting request includes multiple digital signature (i.e., third signature, fourth signature, etc.), verification can include attempting to verify the third/fourth signatures against each of the second-level public keys until one of the second-level public keys successfully verifies the third/fourth signature or all the second-level public keys have been tried ([0114]) and additional signatures (i.e., fifth/sixth signatures) can be verified by utilizing each of the third-level public keys until one of the third-level public keys successfully verifies the fifth/sixth signature or all the third-level public keys have been tried ([0115]), which meets the limitation of determining the [category of trustworthiness of the client device corresponding to the] given group verification key, validating the attestation token based at least one the [category of trustworthiness of the client device]. Upon successful verification of the digital signatures of the minting request, the requested digital currency is minted ([0119]), which meets the limitation of performing an action in response to validating the attestation token.
Ornelas discloses that verification using the public keys verifies that the public keys came from trusted financial institutions ([0144]-[0145]), which meets the limitation of wherein each group verification key corresponds to a [respective category of] trustworthiness. Ornelas does not disclose multiple trust levels for the financial institutions. Zilberberg discloses assigning multiple levels of trust to different financial institutions such as banks ([0080]: As applied to Ornelas each level of public keys would correspond to a level of trust. Therefore, financial institutions in Ornelas with public keys at specific levels would have a corresponding level of trust), which meets the limitation of wherein each group corresponds to a respective category of trustworthiness of the client device, determining the category of trustworthiness of the client device corresponding to the given group verification key. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the trusted financial institutions of Ornelas to have been assigned trust level from a plurality of trust levels in order to provide a more accurate representation of the trust for that financial institution as suggested by Zilberberg ([0030] & [0068]).
Referring to claim 14, Ornelas discloses a computing device 116 that receives a minting request (Figure 4A, step 410 & [0106]: minting request reads on the claimed attestation token), from a financial institution (Figure 4A, step 402 & [0098]) that includes a currency request (Figure 3A, element 336 & [0103]), which meets the limitation of receiving the attestation token comprises receiving, from the client device, a request that includes the attestation token. Upon successful verification of the digital signatures of the minting request, the requested digital currency is minted and the newly-minted tokens are transferred to the requesting financial institution ([0119]), which meets the limitation of performing the action comprises sending, the client device, a response to the request.
Claims 4-6, 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Ornelas, U.S. Publication No. 2021/0182806, in view of Zilberberg, U.S. Publication No. 2015/0127660, and further in view of Brickell, U.S. Publication No. 2018/0287802. Referring to claims 4, 15, Ornelas discloses a computing device 116 that receives a minting request (Figure 4A, step 410 & [0106]), from a financial institution (Figure 4A, step 402 & [0098]), that includes a plurality of digital signatures and a currency request (Figure 3A, element 336 & [0103]).
Ornelas does not disclose the usage of a signature scheme that includes anonymous certificates. Brickell discloses digital signature generating using direct anonymous attestation protocol (DAA) such that the computing device receives an anonymous certificate from a trusted party executing in a trusted execution environment ([0013] & [0015] & [0017]), which meets the limitation of wherein the digital signature is generated using a group signature scheme and an anonymous certificate provided to the client device. The trusted party receives a certificate request from the client platform such that the request is signed with a private attestation key allowing the trusted platform to verify the signed request using the public attestation key ([0017: request verification procedure reads on the claimed device-level fraud detection), which meets the limitation of an anonymous certificate provided to the client device based on an evaluation of device-level fraud detection signals for the client device. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the signature scheme of Ornelas to have been implemented using DAA with the usage of anonymous certificates from a trusted parties executing in a trusted execution environment in order to attest to the authenticity of the computing device without revealing identity information (Brickell: [0010]) in a manner that is resistant to quantum computers (Brickell: [0015]).
Referring to claims 5, 16, Brickell suggests that anonymous key pairs and certificates are replaced with assignment of a new anonymous key pair and certificate (Figure 2B: suggests that the assignment of the device to the anonymous grouping is not revocable), which meets the limitation of wherein the anonymous certificate is a irrevocable anonymous certificate indicating that the client device has been irrevocably assigned to the given signature group. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the signature scheme of Ornelas to have been implemented using DAA with the usage of anonymous certificates from a trusted parties executing in a trusted execution environment in order to attest to the authenticity of the computing device without revealing identity information (Brickell: [0010]) in a manner that is resistant to quantum computers (Brickell: [0015]).
Referring to claims 6, 17, Ornelas does not disclose the usage of a signature scheme that includes anonymous certificates. Brickell discloses digital signature generating using direct anonymous attestation protocol (DAA) such that the computing device receives an anonymous certificate from a trusted party executing in a trusted execution environment ([0013] & [0015] & [0017]), which meets the limitation of wherein the group signature scheme is a direct anonymous attestation (DAA) signing scheme. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the signature scheme of Ornelas to have been implemented using DAA with the usage of anonymous certificates from a trusted parties executing in a trusted execution environment in order to attest to the authenticity of the computing device without revealing identity information (Brickell: [0010]) in a manner that is resistant to quantum computers (Brickell: [0015]).
Claims 7, 8, 18, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ornelas, U.S. Publication No. 2021/0182806, in view of Zilberberg, U.S. Publication No. 2015/0127660, in view of Brickell, U.S. Publication No. 2018/0287802, and further in view of Wentz, U.S. Publication No. 2020/0153627. Referring to claims 7, 8, 18, 19, Brickell does not disclose that the DAA signature scheme is an elliptic curve cryptography DAA scheme. Wentz discloses that the signing scheme could be a signing scheme with Barreto-Naehrig curves ([0121]), which meets the limitation of wherein the DAA signing scheme is an elliptic curve cryptographic (ECC) DAA signing scheme, wherein the ECC DAA signing scheme is an ECC DAA signing scheme with Barreto-Naehrig curves. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed information for the signing scheme of Ornelas, as modified in view of Brickell, to have been a signing scheme with Barreto-Naehrig curves because Wentz suggests ([0121]) that a signing scheme with Barreto-Naehrig curves is one of a finite number of signing schemes that could have been implemented by one of ordinary skill in the art with a reasonable expectation of success.
Claims 9, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ornelas, U.S. Publication No. 2021/0182806, in view of Zilberberg, U.S. Publication No. 2015/0127660, and further in view of Chandoor, U.S. Publication No. 2017/0201520.
Referring to claims 9, 20, Ornelas discloses that the minting request includes a time stamp ([0102]), which meets the limitation of the attestation token comprises an attestation token creation timestamp indicating a time at which the attestation token is created. A computing device 116 that receives a minting request (Figure 4A, step 410 & [0106]), from a financial institution (Figure 4A, step 402 & [0098]).
Ornelas does not explicitly disclose comparing the time difference from minting request creation to receiving of the minting request to a threshold. Chandoor discloses a provisioning request that a timestamp is received and verified by comparing the difference between the current time and the time indicated by the timestamp with respect to a threshold ([0066]), which meets the limitation of validating the attestation token comprises determining that a different between a time at which the attestation token is received and the time at which the attestation token is created is within a threshold. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the computing device 116 of Ornelas to have compared the time difference from minting request creation to receiving of the minting request to a threshold in order to ensure that the request is valid as suggested by Chandoor ([0066]).
Claims 10 are rejected under 35 U.S.C. 103 as being unpatentable over Ornelas, U.S. Publication No. 2021/0182806, in view of Zilberberg, U.S. Publication No. 2015/0127660, in view of Chandoor, U.S. Publication No. 2017/0201520, and further in view of Pan, U.S. Publication No. 2020/0366608. Referring to claim 10, Ornelas discloses that the minting request includes a time stamp ([0102]). Ornelas does not specify the time resolution of the timestamp. Pan discloses timestamps providing a time resolution at the picosecond or microsecond scale ([0027]: picosecond and microsecond scales are less than millisecond scale and picosecond scale is less than the microsecond scale), which meets the limitation of wherein the attestation token creation timestamp has a time resolution that is less than about a millisecond or less than about a microsecond. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the time resolution of the timestamps in Ornelas to have been provided in the microsecond scale or picosecond scale because Pan discloses ([0027]) that microsecond and picosecond scales represent a finite number of possible time resolution scales that could have been implemented by one of ordinary skill in the art with a reasonable expectation of success.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805. The examiner can normally be reached M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at 5712705143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BENJAMIN E LANIER/ Primary Examiner, Art Unit 2437