Prosecution Insights
Last updated: July 17, 2026
Application No. 18/701,762

AUTHORIZING AN APPLICATION ON A SECURITY ELEMENT

Final Rejection §103
Filed
Apr 16, 2024
Priority
Oct 27, 2021 — DE 10 2021 005 350.8 +1 more
Examiner
KENNEDY, LESA M
Art Unit
2458
Tech Center
2400 — Computer Networks
Assignee
Giesecke+Devrient Epayments GmbH
OA Round
2 (Final)
77%
Grant Probability
Favorable
3-4
OA Rounds
9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 77% — above average
77%
Career Allowance Rate
158 granted / 206 resolved
+18.7% vs TC avg
Strong +24% interview lift
Without
With
+24.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
12 currently pending
Career history
220
Total Applications
across all art units

Statute-Specific Performance

§101
1.9%
-38.1% vs TC avg
§103
88.6%
+48.6% vs TC avg
§102
2.1%
-37.9% vs TC avg
§112
5.5%
-34.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 206 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims This office action is a response to an amendment filed on 03/19/2026. Claims 1-15 are cancelled, claims 16, 19, 22, 27 and 29 are amended, and claims 31 and 32 are newly added. Claims 16-32 are currently pending. Response to Arguments Applicant’s remarks, see page 8, with respect to the rejections under 35 USC 112(b) have been fully considered. The claims have been amended to clarify the claimed subject matter; therefore, the rejections are withdrawn. Applicant’s remarks, see pages 8-13, with respect to the rejections under 35 USC 102 and 103 have been fully considered. The amended claims overcome the prior rejections; therefore, the rejections have been withdrawn. However, upon further consideration, a new ground(s) of rejection is made, necessitated by the amendments. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 16-20, 24-26 and 28-32 are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al. (US 2017/0337542), hereinafter Kim, in view of Khan (US 2015/0127549). Kim is cited by Applicant in the IDS filed 04/16/2024. Regarding claim 16, Kim discloses a method for authorizing an application installed on a security element, comprising the following steps: capturing a user feature by a sensor of a user verification element and generating sensor data that characterize the user feature (Kim, [0187]: biometric information module obtains a user’s biometric information (sensor data) captured by sensor module; Fig. 9; [0213]: the biometric information from the biometric sensor is delivered to the biometric information module in a TEE (user verification element)); deriving a user verification status from the sensor data by the user verification element (Kim, Fig. 9, [0213]: biometric information module in TEE (user verification element) checks whether the user is permitted (user verification status) by comparing the user’s biometric information and the information obtained from the biometric sensor (sensor data)); and transmitting the user verification status from the user verification element to the security element (Kim, Fig. 9, [0213]: biometric information module in the TEE (user verification element) sends whether the user is authenticated (user verification status) to a payment relay module in a REE (security element)) for the purpose of authorizing the application by way of the security element (Note: This limitation is deemed to be intended use, therefore the prior art is not required to teach it; Kim, [0214]: “when the authentication is completed according to the authentication result, the electronic device may perform payment” [i.e., the payment application is authorized when authentication is successful]. See also [0190]). Kim does not explicitly disclose wherein the security element is a chip card, smart card, embedded secure element (eSE), or an embedded universal integrated circuit card (eUICC). However, Khan discloses transmitting the user verification status from the user verification element to the security element for the purpose of authorizing the application by way of the security element (Khan, [0035], [0077]: secure enclave processor (user verification element) provides a token with an authentication-complete indicator/local validation information (user verification status) to a secure element; [0078]: the local validation information (user verification status) enables the payment applet to conduct a financial transaction; [enabling payment applet = authorizing the application]), wherein the security element is a chip card, smart card, embedded secure element (eSE), or an embedded universal integrated circuit card (eUICC) (Khan, [0042]). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim and Khan before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system as taught by Kim, to include a hardware secure element for storing/executing payment applets and receiving local validation information as taught by Khan. The motivation for doing so would have been to improve security and confidentiality by placing payment application authorization in a tamper-resistant secure element (Khan, [0042]). Regarding claim 17, Kim discloses comprising the step of providing a device comprising the security element and the user verification element (Kim, Fig 9, [0158]: REE (security element); TEE (user verification element)). Regarding claim 18, Kim discloses wherein the user verification status is derived by a sensor controller of the user verification element that is assigned to the sensor and/or the user verification status is transmitted from a verification controller of the user verification element to an intermediary application of the security element (Kim, Fig. 9, [0213]: biometric information module (verification controller) of the TEE (user verification element) delivers whether the user is authenticated (user verification status) to the payment relay module of the payment manager (intermediary application) of the REE (security element)). Regarding claim 19, Kim discloses wherein the verification controller derives the user verification status from the sensor data (Kim, [0213]: biometric information module (verification controller) determines whether the user is permitted (user verification status) by comparing the user’s biometric information and information obtained from the biometric sensor (sensor data)) or the sensor controller determines whether a positive user verification status results from the sensor data and forwards the derived user verification status to the verification controller. Regarding claim 20, Kim discloses wherein data communication between the user verification element and the security element is encrypted (Kim, Fig. 9, [0198]: payment relay module in REE (security element) communicates with the TEE (user verification element) through an encryption library) and/or at least partially secured with message authentication codes. Regarding claim 24, Kim discloses wherein the user feature is captured by a biometric sensor of the user verification element, in particular by a fingerprint sensor (Kim, [0187]). Regarding claim 25, Kim discloses wherein the authorization of the application comprises the further step of: selecting the application on the security element and/or carrying out a transaction using the application, provided that an intermediary application of the user verification element detects a positive user verification status (Kim, [0235]: “A biometric information module in the TEE may report whether the user is authenticated after comparing the delivered biometric information with the stored user's biometric information, to an authentication module of a payment application through a security environment driver module and a biometric information management module in the REE”; [0137]: the payment application performs payment transactions). Regarding claim 26, Kim does not explicitly disclose wherein, if there is a positive user verification status, the intermediary application determines an application installed on the security element, which application is selected and/or with the aid of which application a transaction is carried out. However, Khan discloses wherein, if there is a positive user verification status, the intermediary application determines an application installed on the security element, which application is selected and/or with the aid of which application a transaction is carried out (Khan, Fig. 2, [0035]: “secure enclave processor 220 may compare authentication information with stored authentication and, if a match is obtained, may provide an encrypted token with an authentication-complete indicator to a secure element 230”; Fig. 2, [0043]: “secure element 230 may include one or more applets or applications that execute in an environment of secure element 230 …, the one or more applets may include an authentication applet 232 that: … sets one or more software flags (such as an authentication-complete flag 234) … and/or conveys information to one or more payment applets 236 … that conduct financial transactions … based on the one or more software flags”. It would have been obvious to one of ordinary skill in the art, having the teachings of Kim and Khan before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system as taught by Kim, to include that after successful biometric authentication, the intermediary component selects/enables a specific application stored on the secure element to conduct a financial transaction as taught by Khan. The motivation for doing so would have been to enable having control over which application is activated in response to successful biometric verification. Regarding claim 28, Kim discloses wherein the transaction is carried out contactlessly by the security element, and/or an authentication transaction, a payment transaction and/or an access control transaction is/are carried out as a transaction (Kim, [0235]: “A biometric information module in the TEE may report whether the user is authenticated after comparing the delivered biometric information with the stored user's biometric information, to an authentication module of a payment application through a security environment driver module and a biometric information management module in the REE”; [0137]: the payment application performs payment transactions). Regarding claim 29, Kim discloses a device comprising a user verification element having a sensor and a security element having an application installed thereon (Kim, Fig. 9, [0158]: electronic device comprising a REE (security element) having a payment application, and a TEE (user verification element); [0187], [0213]: biometric information module on the TEE (user verification element) obtains biometric information from a biosensor), wherein the user verification element is configured to capture a user feature by the sensor and to derive therefrom a user verification status that characterizes the user feature, and to transmit the user verification status to the security element (Kim, Fig. 9, [0213]: biometric information module on the TEE (user verification element) obtains user biometric information from the biosensor, and determines and delivers whether the user is authenticated (user verification status) to payment relay module in the REE (security element)); and the security element is configured to accept the user verification status (Kim, [0213]: whether the user is authenticated (user verification status) is delivered to the payment relay module in the REE (security element)) in order to authorize the application (Note: This limitation is deemed to be intended use, therefore the prior art is not required to teach it; Kim, [0214]: “when the authentication is completed according to the authentication result, the electronic device may perform payment” [i.e., the payment application is authorized when authentication is successful]. See also [0190]). Kim does not explicitly disclose and the security element is a chip card, smart card, embedded secure element (eSE), or an embedded universal integrated circuit card (eUICC). However, Khan discloses the security element is configured to accept the user verification status (Khan, [0035], [0077]: secure enclave processor (user verification element) provides a token with an authentication-complete indicator/local validation information (user verification status) to a secure element), and the security element is a chip card, smart card, embedded secure element (eSE), or an embedded universal integrated circuit card (eUICC) Khan, [0042]). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim and Khan before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system as taught by Kim, to include a hardware secure element for storing/executing payment applets and receiving local validation information as taught by Khan. The motivation for doing so would have been to improve security and confidentiality by placing payment application authorization in a tamper-resistant secure element (Khan, [0042]). Regarding claim 30, Kim discloses wherein the device is configured to carry out a method for authorizing an application installed on a security element, comprising the following steps: capturing a user feature by a sensor of a user verification element and generating sensor data that characterize the user feature (Kim, [0187]: biometric information module obtains a user’s biometric information (sensor data) captured by sensor module; Fig. 9; [0213]: the biometric information from the biometric sensor is delivered to the biometric information module in a TEE (user verification element)); deriving a user verification status from the sensor data by the user verification clement (Kim, Fig. 9, [0213]: biometric information module in TEE (user verification element) checks whether the user is permitted (user verification status) by comparing the user’s biometric information and the information obtained from the biometric sensor (sensor data)); and transmitting the user verification status from the user verification clement to the security clement (Kim, Fig. 9, [0213]: biometric information module in the TEE (user verification element) sends whether the user is authenticated (user verification status) to a payment relay module in a REE (security element)) for the purpose of authorizing the application by way of the security clement (Note: This limitation is deemed to be intended use, therefore the prior art is not required to teach it; Kim, [0214]: “when the authentication is completed according to the authentication result, the electronic device may perform payment” [i.e., the payment application is authorized]. See also [0190]). Regarding claim 31, Kim does not explicitly disclose wherein the user verification element and the security element are structurally separated and maintain a data communication connection. However, Khan discloses wherein the user verification element and the security element are structurally separated and maintain a data communication connection (Khan, Fig. 2 discloses authentication subsystem 216 + processing subsystem 210 containing secure enclave processor (user verification element) structurally separate from secure subsystem 218 containing secure element 230 (secure element); [0035]: secure enclave processor provides an encrypted token with an authentication-complete indicator to secure element (i.e., maintains a data communication connection)). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim and Khan before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system as taught by Kim, to include a separate hardware secure element for storing/executing payment applets and receiving authentication-complete indicator/local validation information as taught by Khan. The motivation for doing so would have been to improve security and confidentiality by placing payment application authorization in a tamper-resistant secure element (Khan, [0042]). Regarding claim 32, Kim does not explicitly disclose wherein the method further comprises checking, by an operating system of the security element, the user verification status, and selecting the application and/or carrying out a transaction using the application, provided that an intermediary application of the user verification element detects a positive user verification status. However, Khan discloses wherein the method further comprises checking, by an operating system of the security element, the user verification status, and selecting the application and/or carrying out a transaction using the application, provided that an intermediary application of the user verification element detects a positive user verification status (Khan, [0043]: Secure element includes applets executing in its operating system. The authentication applet sets software flags in the operating system of the secure element [setting flags = checking by the operating system]; [0062]: the authentication-complete flag is set to true to enable (i.e., select) the activated payment applet if the authentication-complete indicator (user verification status) indicates that a match was obtained (i.e., positive user verification status detected); [0043]: the payment applets conduct financial transactions when activated and based on software flags; [0074]-[0077], [0084]: secure enclave processor (user verification element) provides local validation information/authentication-complete indicator (user verification status) if a match is obtained (i.e., positive user verification status detected)). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim and Khan before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system as taught by Kim, to include an authentication-complete flag in the operating system of a secure element for enabling or disabling a payment applet as taught by Khan. The motivation for doing so would have been to improve security and confidentiality by placing payment application authorization in a tamper-resistant secure element and controlling transaction execution based on protected authentication status information. Claims 21 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Kim in view of Khan, further in view of Mardikar (US 2009/0307142). Mardikar is cited by Applicant in the IDS filed on 04/16/2024. Regarding claim 21, Kim and Khan do not explicitly disclose wherein the user verification status is transmitted from the user verification element to the security element according to a security protocol. However, Mardikar discloses wherein the user verification status is transmitted from the user verification element to the security element according to a security protocol (Mardikar, Fig. 4, [0053]: SE 410/application SE (security element) and SE 420/Crypto SE (user verification element) each communicate using authenticated and encrypted channels [i.e., a security protocol is being used]; Fig. 6. Step 612: Crypto SE (user verification element) sends approval/disapproval of payment information (user verification status) to App SE (security element)). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim, Khan and Mardikar before him or her before the effective filing date of the claimed invention, to modify a biometric payment authentication system in which a processing subsystem provide authentication-complete indicators to a secure subsystem as taught by Kim and Khan, to include securing authentication related message flow between the two environments as taught by Mardikar. The motivation for doing so would have been to improve the confidentiality/integrity of the communications. Regarding claim 22, Kim and Khan do not explicitly disclose wherein the sensor controller and/or the verification controller and/or the intermediary application is/are pre-personalized, in particular with a cryptographic key set relating to a security protocol. However, Mardikar discloses wherein the sensor controller and/or the verification controller and/or the intermediary application is/are pre-personalized, in particular with a cryptographic key set relating to a security protocol (Mardikar, [0073]: Crypto SE (verification controller) is pre-loaded (pre-personalized) with several cryptographic key-pairs relating to security protocols). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim, Khan and Mardikar before him or her before the effective filing date of the claimed invention, to modify a system in which biometric verification results are transmitted from a processing subsystem to secure subsystem as taught by Kim and Khan, to include pre-loading (pre-personalizing) the verification component with cryptographic key-pairs tied to security protocols as taught by Mardikar. The motivation for doing so would have been to enhance the security of the biometric verification operations. Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Kim in view of Khan, further in view of Giobbi (US 2006/0143441). Giobbi is cited by Applicant in the IDS filed on 04/16/2024. Regarding claim 23, Kim and Khan do not explicitly disclose wherein the user verification status is transmitted from the verification controller to the intermediary application in encrypted form by a security protocol relating to a challenge-response method. However, Giobbi discloses wherein the user verification status is transmitted from the verification controller to the intermediary application in encrypted form by a security protocol relating to a challenge-response method (Giobbi, Fig. 2: biometric key includes a control module; Fig. 3: biometric key/control module (verification controller) communicates with authentication module (intermediary application); Fig. 6, steps 630-650; [0047]-[0048]: code (user verification status) sent from biometric key (verification controller; Fig. 2, [0032]: “persistent storage 226 can store encryption/decryption keys utilized to establish secure communications links” [This implies encrypted transmissions]; [0042]: “the key and authentication module engage in preliminary data exchanges to determine who and/or what they are …These data exchanges can include challenge-response dialogs”). It would have been obvious to one of ordinary skill in the art, having the teachings of Kim, Khan and Giobbi before him or her before the effective filing date of the claimed invention, to modify a system in which biometric verification results are transmitted from a processing subsystem to a secure subsystem as taught by Kim and Khan, to include utilizing encrypted transmission of verification information following a challenge-response security protocol as taught by Giobbi. The motivation for doing so would have been to enhance the security of the biometric verification operations, and prevent spoofing or interception. Allowable Subject Matter Claim 27 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Related Art The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure: Mestre et al. (US 2013/0185167) discloses a payment device/transaction card that includes a payment application which allows the payment device/transaction card to carry out financial transactions (see [0072]). A script is used to set, reset, activate, deactivate, configure or reconfigure a function of the payment application (see [0058]). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to LESA M KENNEDY whose telephone number is (571)431-0704. The examiner can normally be reached on Monday-Wednesday 9:30 am - 5:30 pm ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on (571) 270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. The examiner also requests, in response to this Office Action, support be shown for language added to any original claims on amendment and any new claims. That is, indicate support for newly added claim language by specifically pointing to page(s) and line no(s) in the specification and/or drawing figure(s). This will assist the examiner in prosecuting the application. /LESA M KENNEDY/Primary Examiner, Art Unit 2458
Read full office action

Prosecution Timeline

Apr 16, 2024
Application Filed
Dec 23, 2025
Non-Final Rejection mailed — §103
Mar 03, 2026
Applicant Interview (Telephonic)
Mar 03, 2026
Examiner Interview Summary
Mar 19, 2026
Response Filed
Jun 03, 2026
Final Rejection mailed — §103
Jul 14, 2026
Applicant Interview (Telephonic)
Jul 14, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676900
IMS ROUTING BASED ON SUBSCRIBER TYPE
2y 2m to grant Granted Jul 07, 2026
Patent 12659221
SYSTEM AND METHOD FOR RETRIEVING ALARM DATA FROM AN ISOLATED NETWORK
2y 8m to grant Granted Jun 16, 2026
Patent 12634356
SYSTEMS AND METHODS FOR ANALYZING CONTENT FROM VIRTUAL WHITEBOARDS
3y 0m to grant Granted May 19, 2026
Patent 12608437
SYSTEMS AND METHODS OF COMMUNICATING ELECTRONIC DATA TRANSACTION UPDATES TO CLIENT COMPUTER SYSTEMS
2y 1m to grant Granted Apr 21, 2026
Patent 12592869
CLOUD RESIDUAL RISK ASSESSMENT TOOL
3y 0m to grant Granted Mar 31, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
77%
Grant Probability
99%
With Interview (+24.2%)
3y 0m (~9m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 206 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month