Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsTencent Technology (Shenzhen) Company Limited › 18779483
Last updated: May 29, 2026
Application No. 18/779,483

DATA TRANSMISSION METHOD, RELATED APPARATUS, DEVICE, AND STORAGE MEDIUM

Final Rejection §103
Filed
Jul 22, 2024
Priority
May 16, 2022 — CN 202210530907.3 +1 more
Examiner
TRUVAN, LEYNNA THANH
Art Unit
2435
Tech Center
2400 — Computer Networks
Assignee
Tencent Technology (Shenzhen) Company Limited
OA Round
2 (Final)
76%
Grant Probability
Favorable
3-4
OA Rounds
1y 11m
Est. Remaining
97%
With Interview

Interview Optional

+20.3% interview lift. Interview already conducted in this application's prosecution history. This examiner has a 76% grant rate with +20.3% interview lift. Since an interview has already been tried, recommend written response with narrowed claims based on precedent claim evolution patterns.
Based on 504 resolved cases, 2023–2026

Examiner Intelligence

TRUVAN, LEYNNA THANH View full profile →
Grants 76% — above average
76%
Career Allowance Rate
385 granted / 504 resolved
+18.4% vs TC avg
Strong +20% interview lift
Without
With
+20.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 9m
Avg Prosecution
15 currently pending
Career history
525
Total Applications
across all art units

Statute-Specific Performance

§101
0.9%
-39.1% vs TC avg
§103
69.4%
+29.4% vs TC avg
§102
19.8%
-20.2% vs TC avg
§112
1.1%
-38.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 504 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 2. The amendment of claims 1-20, filed on 1/28/2026, is acknowledged and considered. 3. Claims 1-8 and 10-18 are pending. Claims 1, 10 and 12 are independent claims. Claims 9 and 19-20 are cancelled by Applicant. Response to Arguments 4. Applicant’s arguments with respect to claim(s) 1-8 and 10-18 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claims 9 and 20 has overcome the rejection under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), necessitated by the current amendment. Claims 5-7 and 16-17 has overcome the previous objection, necessitated by the current amendment. In response to Applicant’s arguments regarding the amendment: The arguments are moot as they are directed towards the amended limitations that are now rejected under a new 103 combination, under Ling [US 20190289090] in view of Cantrell, et al. [US 20190205889]. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 5. Claim(s) 1-8 and 10-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ling [US 20190289090] in view of Cantrell, et al. [US 20190205889]. As per claim 1: Ling, et al. teaches a data transmission method, performed by a second device that is a peer node in a decentralized peer-to-peer (P2P) network and that directly communicates with a first device as another peer node in the P2P network, comprising: receiving a first certificate transmitted by a first device, and transmitting a second certificate to the first device; [Ling: para 0183-0184; the second push client may obtain the certificate (i.e. first certificate) of the push server (i.e. first device) in advance. The second push client sends the encrypted first random number, a signature of the first random number, and a terminal certificate (i.e. second certificate) to the push server] determining a first public key and a first terminal identity based on the first certificate in response to both the first certificate and the second certificate being valid certificates [Ling: para 0183; the second push client obtain the certificate of the push server in advance, extract the public key from the certificate, and the second push client obtain the certificate of the push server in advance and extract the public key from the certificate. Para 0185; The terminal certificate is used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server verify the signature of the first random number by using the terminal certificate, and if the signature is correct, determine the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. The push server refers to first device associated to the first terminal identity. Also, the first terminal identity may broadly be interpreted as a signature or any data that identifies the terminal or first device per se], the first public key and a first private key being a key pair generated by the first device, and the first terminal identity being an identity corresponding to the first device; [Ling: para 0187; the push server decrypts by using a private key of the push server (the first private key), content that is encrypted by using a public key (the first public key) of the push server. Para 0223-0225; examples of different terminal identity being registered] **receiving a data access request transmitted by the first device [**rejected under a secondary reference, discussion below] in response to both the first terminal identity and a second terminal identity being registered identities [Ling: para 0219-0220; A first application program of the terminal sends a first registration request to the first push client. Para 0223-0225; examples of different terminal registered identity], the data access request being encrypted by the first device using a second public key or the first private key, the second public key being obtained by the first device based on the second certificate, the second public key and a second private key being a key pair generated by a second device, and the second terminal identity being an identity corresponding to the second device; and [Ling: para 0183-0185; The second push client generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key obtained in advance. The first public key is a public key carried in a certificate of the push server. Specifically, the second push client obtain the certificate of the push server in advance, and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. After generating the encrypted first random number, the second push client may send the encrypted first random number, the signature of the first random number, and the certificate of the terminal itself together to the push server. The terminal certificate may be used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server may verify the signature of the first random number by using the terminal certificate, and if the signature is correct, determine that the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. As such, the second certificate may broadly be the certificate that is sent to the push server or terminal certificate which includes its own set of data such as public key, random number, signature, etc. The terminal certificate is a second certificate sent by the second push client or second device. Para 0187; discussion of multiple (i.e. first and second) public keys and private keys associated respectively to the push server and associated certificate. Uses a private key of the push server (the first private key), content that is encrypted by using a public key of the push server (the first public key), and the terminal decrypts, by using a private key corresponding to the terminal certificate (a second private key), content that is encrypted by using a public key in the terminal certificate (the second public key). Para 0226-0227; identifier associated to the respective terminal or server] **transmitting target data to the first device in response to the data access request, the target data transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity [**rejected under a secondary reference, discussion below] and being encrypted data obtained through encryption using the first public key or the second private key. [Ling: para 0183; The second push client generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key. The second push client obtain the certificate of the push server and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. The encrypted random number may be the target data encrypted by using the first public key] Ling teaches the transmission and terminal request transmitted by the first device in response to both the first terminal identity and a second terminal identity being registered identities. However, Ling did not clearly include a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmitting target data to the first device in response to the data access request, the target data transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Cantrell discloses blockchain technology is a peer-to-peer authentication system for valuable digitized items that allows online interactions directly between two or more parties without going through one or more trusted intermediaries. It may involve a peer-to-peer network and timestamps actions that are hashed into an ongoing chain of hash-based proof-of-work code to form a record that cannot be changed without redoing the proof-of-work. The longest chain distributed on the peer-to-peer network proves that the data must have existed at the time in order to get into the hash, thereby proving the sequence of events witnessed, thereby proving the integrity of the digitized document has been maintained. The blockchain technology can allow digitized item use as intended based on cryptographic proof instead of trust, allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party [Cantrell: para 0004]. Thus, Cantrell obviously suggest peer-to-peer (P2P) network for “transmitting target data to the first device in response to the data access request, the target data transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, where one would be motivated to provide cryptographic proof instead of trust and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries. Cantrell further discusses transaction request be broadcast through a mesh or peer-to-peer network between devices whereby responses to the request are generated and sent back to the requesting device, each response providing an answer as to how to fulfill transaction the request. The requesting device receives the responses, aggregates and analyzes the responses, determines how to proceed with the transaction based on the responses, and transferring information from the requesting device to another device through the peer-to-peer network [Cantrell: para 0023]. The information (e.g., transaction requests, capabilities of handling transaction requests, and responses to transaction requests) shared between devices will do so in a peer-peer network of devices that is decentralized. That is, all devices have the potential for sharing and distributing information on transactions. This system can be authenticated, shared, and managed, by a block chain system for authentication and decentralization [Cantrell: para 0027]. As such, Cantrell obviously suggest a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmitting target data to the first device in response to the data access request, the target data transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Cantrell with Ling to teach a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmitting target data to the first device in response to the data access request, the target data transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, for the reason to provide cryptographic proof and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries [Cantrell: para 0004]. Claim 2: Ling: para 0183-0187 [various keys associated to the specific certificate]; discussing the method according to claim 1, further comprising, before transmitting the second certificate to the first device: obtaining the second public key and the second private key; storing the second private key; transmitting the second public key and the second terminal identity to an authentication server, so that the authentication server signs the second public key and the second terminal identity using a target private key, to obtain the second certificate; and receiving the second certificate transmitted by the authentication server. Claim 3: Ling: para 0183-0187 [various data include key, random number, and signature associated to the specific certificate] in view of Cantrell: para 0004, 0039 [suggesting “hash calculation”, under the same pretext and motivation as in claim 1]; discussing the method according to claim 2, further comprising, after receiving the second certificate transmitted by the authentication server: decrypting the second certificate using a target public key to obtain a target signature, the target public key and the target private key being a key pair generated by the authentication server; performing hash calculation on the second public key and the second terminal identity to obtain a target digest; and storing the second certificate in response to the target signature being consistent with the target digest. Claim 4: Ling: para 0183-0187 [decryption involve various data associated to the specific certificate] in view of Cantrell: para 0004, 0039 [suggesting “hash calculation”, under the same pretext and motivation as in claim 1]; discussing the method according to claim 1, further comprising, after receiving the first certificate transmitted by the first device: decrypting the first certificate using a target public key to obtain a digital signature, the target public key being generated by an authentication server; obtaining, from the first certificate, a candidate public key to be verified and a candidate identity to be verified; performing hash calculation on the candidate public key and the candidate identity to obtain a message digest; and determining that the first certificate is a valid certificate in response to the message digest being consistent with the digital signature; wherein determining the first public key and the first terminal identity based on the first certificate includes: determining the candidate public key as the first public key, and determining the candidate identity as the first terminal identity. Claim 5: Ling: para 0186-0187, 0202-0205 [decryption involve various data specific to the respective device]; discussing the method according to claim 1, wherein transmitting the target data to the first device in response to the data access request includes: decrypting the data access request to obtain request data using: the second private key in response to the data access request being encrypted by the first device using the second public key; or the first public key in response to the data access request being encrypted by the first device using the first private key; obtaining original data based on the request data; encrypting the original data to obtain the target data using the second private key to or the first public key; and transmitting the target data to the first device, so that the first device decrypts the target data to obtain the original data using: the second public key in response to the target data being encrypted using the second private key; or the first private key in response to the target data being encrypted using the first public key. Claim 6: Ling: para 0185-0187, 0224-0228 [certificate and identifier associated to the terminal or device]; discussing the method according to claim 1, further comprising, after determining the first public key and the first terminal identity based on the first certificate: obtaining a terminal identity set stored by the second device, the terminal identity set including M registration terminal identities registered for the second device, and M being an integer greater than or equal to 1; and determining that the first terminal identity is a registered identity in response to the first terminal identity successfully matching one of the registration terminal identities in the terminal identity set. Claim 7: Ling: para 0202-0205, 0224-0227 [registration data includes various data specific to the respective device]; discussing the method according to claim 6, further comprising: updating the terminal identity set to obtain an updated terminal identity set, including at least one of: displaying the terminal identity set, and removing, in response to a deletion operation, K registration terminal identities from the terminal identity set to obtain the updated terminal identity set, K being an integer greater than or equal to 1 and less than or equal to M; or displaying an identity adding control, displaying an identity adding region in response to a selection operation on the identity adding control, and adding T registration terminal identities to the terminal identity set in response to an input operation on the identity adding region, to obtain the updated terminal identity set, T being an integer greater than or equal to 1. Claim 8: Ling: para 0130, 0169 [device may establish Bluetooth and scan identifier]; discussing the method according to claim 1, further comprising, before receiving the first certificate transmitted by the first device, and transmitting the second certificate to the first device: establishing a Bluetooth connection to the first device in response to the second device and the first device enabling a Bluetooth function, so that a communication connection is established between the second device and the first device; establishing a communication connection to the first device in response to the second device and the first device being connected to a same wireless hotspot; displaying a QR code including the second terminal identity, and establishing a communication connection to the first device in response to the first device scanning the QR code; or displaying an information input region, and establishing a communication connection to the first device in response to the first terminal identity inputted on the information input region. Claim 9: Cancelled As per claim 10: Ling, et al. teaches a computer device, implemented at a second device that is a peer node in a decentralized peer-to-peer (P2P) network and that directly communicates with a first device as another peer node in the P2P network, comprising: one or more processors; and [Ling: para 0285] one or more memories storing one or more program instructions that, when executed by the one or more processors [Ling: para 0285-0286], cause the one or more processors to: receive a first certificate transmitted by a first device, and transmit a second certificate to the first device; [Ling: para 0183-0184; the second push client obtain the certificate (i.e. first certificate) of the push server (i.e. first device) in advance. The second push client sends the encrypted first random number, a signature of the first random number, and a terminal certificate (i.e. second certificate) to the push server] determine a first public key and a first terminal identity based on the first certificate in response to both the first certificate and the second certificate being valid certificates [Ling: para 0183; the second push client obtain the certificate of the push server in advance, extract the public key from the certificate, and the second push client obtain the certificate of the push server in advance and extract the public key from the certificate. Para 0185; The terminal certificate is used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server verify the signature of the first random number by using the terminal certificate, and if the signature is correct, determine the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. The push server refers to first device associated to the first terminal identity. Also, the first terminal identity may broadly be interpreted as a signature or any data that identifies the terminal or first device per se], the first public key and a first private key being a key pair generated by the first device, and the first terminal identity being an identity corresponding to the first device; [Ling: para 0187; the push server decrypts, by using a private key of the push server (the first private key), content that is encrypted by using a public key (the first public key) of the push server. Para 0223-0225; examples of different terminal identity being registered] **receive a data access request transmitted by the first device [**rejected under a secondary reference, discussion below] in response to both the first terminal identity and a second terminal identity being registered identities [Ling: para 0219-0220; A first application program of the terminal sends a first registration request to the first push client. Para 0223-0225; examples of different terminal registered identity], **the data access request being encrypted by the first device using a second public key or the first private key, the second public key being obtained by the first device based on the second certificate, the second public key and a second private key being a key pair generated by a second device, and the second terminal identity being an identity corresponding to the second device; and [Ling: para 0183-0185; The second push client generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key obtained in advance. It should be noted that the first public key is a public key carried in a certificate of the push server. Specifically, the second push client obtain the certificate of the push server in advance, and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. After generating the encrypted first random number, the second push client send the encrypted first random number, the signature of the first random number, and the certificate of the terminal itself together to the push server. The terminal certificate is used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server verify the signature of the first random number by using the terminal certificate, and if the signature is correct, may determine that the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. As such, the second certificate may broadly be the certificate that is sent to the push server or terminal certificate which includes its own set of data such as public key, random number, signature, etc. The terminal certificate is a second certificate sent by the second push client or second device. Para 0187; discussion of multiple (i.e. first and second) public keys and private keys associated respectively to the push server and associated certificate. Uses a private key of the push server (the first private key), content that is encrypted by using a public key of the push server (the first public key), and the terminal decrypts, by using a private key corresponding to the terminal certificate (a second private key), content that is encrypted by using a public key in the terminal certificate (the second public key). Para 0226-0227; identifier associated to the respective terminal or server] **transmit target data to the first device in response to the data access request, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity [**rejected under a secondary reference, discussion below] and being encrypted data obtained through encryption using the first public key or the second private key. [Ling: para 0183; The second push client can generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key. The second push client obtain the certificate of the push server and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. The encrypted random number may be the target data encrypted by using the first public key] Ling teaches the transmission and terminal request transmitted by the first device in response to both the first terminal identity and a second terminal identity being registered identities. However, Ling did not clearly include a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmit target data to the first device in response to the data access request, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Cantrell discloses blockchain technology is a peer-to-peer authentication system for valuable digitized items that allows online interactions directly between two or more parties without going through one or more trusted intermediaries. It may involve a peer-to-peer network and timestamps actions that are hashed into an ongoing chain of hash-based proof-of-work code to form a record that cannot be changed without redoing the proof-of-work. The longest chain distributed on the peer-to-peer network proves that the data must have existed at the time in order to get into the hash, thereby proving the sequence of events witnessed, thereby proving the integrity of the digitized document has been maintained. The blockchain technology can allow digitized item use as intended based on cryptographic proof instead of trust, allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party [Cantrell: para 0004]. Thus, Cantrell obviously suggest peer-to-peer (P2P) network to “transmit target data to the first device in response to the data access request, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, where one would be motivated to provide cryptographic proof instead of trust and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries. Cantrell further discusses transaction request are broadcasted through a mesh or peer-to-peer network between devices whereby responses to the request are generated and sent back to the requesting device, each response providing an answer as to how to fulfill transaction the request. The requesting device receives the responses, aggregates and analyzes the responses, determines how to proceed with the transaction based on the responses, and transferring information from the requesting device to another device through the peer-to-peer network [Cantrell: para 0023]. The information (e.g., transaction requests, capabilities of handling transaction requests, and responses to transaction requests) shared between devices will do so in a peer-peer network of devices that is decentralized. That is, all devices have the potential for sharing and distributing information on transactions. This system can be authenticated, shared, and managed, by a block chain system for authentication and decentralization [Cantrell: para 0027]. As such, Cantrell obviously suggest a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmit target data to the first device in response to the data access request, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Cantrell with Ling to teach a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “transmit target data to the first device in response to the data access request, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, for the reason to provide cryptographic proof and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries [Cantrell: para 0004]. Claim 11: Ling: para 0183-0187 [various keys associated to the specific certificate]; discussing the computer device according to claim 10, wherein the one or more program instructions, when executed by the one or more processors, further cause the one or more processors to, before transmitting the second certificate to the first device: obtain the second public key and the second private key; store the second private key; transmit the second public key and the second terminal identity to an authentication server, so that the authentication server signs the second public key and the second terminal identity using a target private key, to obtain the second certificate; and receive the second certificate transmitted by the authentication server. As per claim 12: Ling, et al. teaches a data transmission method, performed by a first device that is a peer node in a decentralized peer-to-peer (P2P) network and that directly communicates with a second device as another peer node in the P2P network, comprising: transmitting a first certificate to a second device, and receiving a second certificate transmitted by the second device, the first device being configured to generate a first key pair including a first public key and a first private key, a first terminal identity corresponding to the first device, the second device being configured to generate a second key pair including a second public key and a second private key, and a second terminal identity corresponding to the second device; [Ling: para 0183-0184; the second push client obtain the certificate (i.e. first certificate) of the push server (i.e. first device) in advance. The second push client sends the encrypted first random number, a signature of the first random number, and a terminal certificate (i.e. second certificate) to the push server] determining the second public key and the second terminal identity based on the second certificate in response to both the first certificate and the second certificate being valid certificates; [Ling: para 0183; the second push client obtain the certificate of the push server in advance, extract the public key from the certificate, and the second push client obtain the certificate of the push server in advance and extract the public key from the certificate. Para 0185; The terminal certificate is used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server verify the signature of the first random number by using the terminal certificate, and if the signature is correct, determine the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. The push server refers to first device associated to the first terminal identity. Also, the first terminal identity may broadly be interpreted as a signature or any data that identifies the terminal or first device per se] **transmitting a data access request to the second device [**rejected under a secondary reference, discussion below] in response to both the first terminal identity and the second terminal identity being registered identities [Ling: para 0187; the push server decrypts by using a private key of the push server (the first private key), content that is encrypted by using a public key (the first public key) of the push server. Para 0223-0225; examples of different terminal identity being registered], **the data access request being encrypted by the first device using the second public key or the first private key; and [Ling: para 0183-0185; The second push client generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key obtained in advance. The first public key is a public key carried in a certificate of the push server. Specifically, the second push client obtain the certificate of the push server in advance, and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. After generating the encrypted first random number, the second push client may send the encrypted first random number, the signature of the first random number, and the certificate of the terminal itself together to the push server. The terminal certificate is used by the push server to determine that the encrypted first random number is indeed sent by the terminal. Specifically, the push server verify the signature of the first random number by using the terminal certificate, and if the signature is correct, determine that the first random number is indeed sent by the terminal, and encrypt, by using a public key in the terminal certificate, a second random number generated by the push server. As such, the second certificate may broadly be the certificate that is sent to the push server or terminal certificate which includes its own set of data such as public key, random number, signature, etc. The terminal certificate is a second certificate sent by the second push client or second device. Para 0187; discussion of multiple (i.e. first and second) public keys and private keys associated respectively to the push server and associated certificate. Uses a private key of the push server (the first private key), content that is encrypted by using a public key of the push server (the first public key), and the terminal decrypts, by using a private key corresponding to the terminal certificate (a second private key), content that is encrypted by using a public key in the terminal certificate (the second public key). Para 0226-0227; identifier associated to the respective terminal or server] **receiving target data from the second device, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity [**rejected under a secondary reference, discussion below] and being encrypted data obtained through encryption using the first public key or the second private key. [Ling: para 0183; The second push client generate the first random number after receiving the secure-transmission connection establishment request, and encrypt the first random number by using the first public key. The second push client obtain the certificate of the push server and extract the public key from the certificate, so as to encrypt the random number that is to be sent to the push server. The encrypted random number may be the target data encrypted by using the first public key] Ling teaches the transmission and terminal request transmitted by the first device in response to both the first terminal identity and a second terminal identity being registered identities. However, Ling did not clearly include a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “receiving target data from the second device, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Cantrell discloses blockchain technology is a peer-to-peer authentication system for valuable digitized items that allows online interactions directly between two or more parties without going through one or more trusted intermediaries. It may involve a peer-to-peer network and timestamps actions that are hashed into an ongoing chain of hash-based proof-of-work code to form a record that cannot be changed without redoing the proof-of-work. The longest chain distributed on the peer-to-peer network proves that the data must have existed at the time in order to get into the hash, thereby proving the sequence of events witnessed, thereby proving the integrity of the digitized document has been maintained. The blockchain technology can allow digitized item use as intended based on cryptographic proof instead of trust, allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party [Cantrell: para 0004]. Thus, Cantrell obviously suggest peer-to-peer (P2P) network for “receiving target data from the second device, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, where one would be motivated to provide cryptographic proof instead of trust and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries. Cantrell further discusses transaction request be broadcast through a mesh or peer-to-peer network between devices whereby responses to the request are generated and sent back to the requesting device, each response providing an answer as to how to fulfill transaction the request. The requesting device receives the responses, aggregates and analyzes the responses, determines how to proceed with the transaction based on the responses, and transferring information from the requesting device to another device through the peer-to-peer network [Cantrell: para 0023]. The information (e.g., transaction requests, capabilities of handling transaction requests, and responses to transaction requests) shared between devices will do so in a peer-peer network of devices that is decentralized. That is, all devices have the potential for sharing and distributing information on transactions. This system can be authenticated, shared, and managed, by a block chain system for authentication and decentralization [Cantrell: para 0027]. As such, Cantrell obviously suggest a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “receiving target data from the second device, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Cantrell with Ling to teach a decentralized peer-to-peer (P2P) network for “receiving a data access request transmitted by the first device” and “receiving target data from the second device, the target data being transmitted directly between the second device and the first device through the P2P network without passing through an intermediate entity”, for the reason to provide cryptographic proof and allowing any two or more willing parties to employ the content without the need to trust each other and without the need for a trusted third party or trusted intermediaries [Cantrell: para 0004]. Claim 13: Ling: para 0183-0187 [various keys associated to the specific certificate]; discussing the method according to claim 12, further comprising, before transmitting the first certificate to the second device: obtaining the first public key and the first private key; storing the first private key; transmitting the first public key and the first terminal identity to an authentication server, so that the authentication server signs the first public key and the first terminal identity using a target private key, to obtain the first certificate; and receiving the first certificate transmitted by the authentication server. Claim 14: Ling: para 0183-0187 [various data include key, random number, and signature associated to the specific certificate] in view of Cantrell: para 0004, 0039 [suggesting “hash calculation”, under the same pretext and motivation as in claim 12]; discussing the method according to claim 13, further comprising, after receiving the first certificate transmitted by the authentication server: decrypting the first certificate using a target public key to obtain a target signature, the target public key and the target private key being a key pair generated by the authentication server; performing hash calculation on the first public key and the first terminal identity to obtain a target digest; and in response to the target signature being consistent with the target digest, storing the first certificate. Claim 15: Ling: para 0183-0187 [decryption involve various data associated to the specific certificate] in view of Cantrell: para 0004, 0039 [suggesting “hash calculation”, under the same pretext and motivation as in claim 12]; discussing the method according to claim 12, further comprising, after receiving the second certificate transmitted by the second device: decrypting the second certificate using a target public key to obtain a digital signature, the target public key being generated by the authentication server; obtaining, from the second certificate, a candidate public key to be verified and a candidate identity to be verified; performing hash calculation on the candidate public key and the candidate identity to obtain a message digest; and determining that the second certificate is a valid certificate in response to the message digest being consistent with the digital signature; wherein determining the second public key and the second terminal identity based on the second certificate includes: determining the candidate public key as the second public key, and determining the candidate identity as the second terminal identity. Claim 16: Ling: para 0182-0187 [encryption and decryption of various data involving the request]; discussing the method according to claim 12, further comprising at least one of: before transmitting the data access request to the second device, encrypting request data to obtain the data access request using the second public key or using the first private key; after transmitting the data access request to the second device, transmitting a data access request to the second device, so that the second device decrypts the data access request to obtain the request data using: the second private key in response to the data access request being encrypted using the second public key, or the first public key in response to the data access request being encrypted using the first private key; or after receiving the target data transmitted by the second device, decrypting the target data to obtain original data using: the second public key in response to the target data being obtained by the second device encrypting the original data using the second private key; or the first private key in response to the target data being obtained by the second device encrypting the original data using the first public key. Claim 17: Ling: para 0185-0187, 0224-0228 [certificate and identifier associated to the terminal or device]; discussing the method according to claim 12, further comprising, after determining the second public key and the second terminal identity based on the second certificate: obtaining a terminal identity set stored by the first device, the terminal identity set including N second registration terminal identities registered for the first device, and N being an integer greater than or equal to 1; and determining that the second terminal identity is a registered identity in response to the second terminal identity successfully matching a registration terminal identity in the terminal identity set. Claim 18: Ling: para 0130, 0169 [device may establish Bluetooth and scan identifier]; discussing the method according to claim 12, further comprising, before transmitting the first certificate to the second device, and receiving the second certificate transmitted by the second device: establishing a Bluetooth connection to the second device in response to the second device and the first device enabling a Bluetooth function, so that a communication connection is established between the second device and the first device; establishing a communication connection to the second device in response to the second device and the first device being connected to a same wireless hotspot; or scanning a QR code displayed on the second device to establish a communication connection to the first device, the QR code including the second terminal identity. Claim 19: Cancelled Claim 20: Cancelled Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Leynna Truvan whose telephone number is (571)272-3851. The examiner can normally be reached Monday-Friday 9:00AM-5:00PM, EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at 571-270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. Leynna Truvan Examiner Art Unit 2435 /L.TT/Examiner, Art Unit 2435 /EDWARD ZEE/Primary Examiner, Art Unit 2435
Read full office action

Prosecution Timeline

Jul 22, 2024
Application Filed
Oct 30, 2025
Non-Final Rejection mailed — §103
Nov 07, 2025
Interview Requested
Dec 01, 2025
Applicant Interview (Telephonic)
Dec 05, 2025
Examiner Interview Summary
Jan 28, 2026
Response Filed
May 06, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/234,495
Patent 12641083
DYNAMIC ALIGNMENT OF DEFINITIONS FOR ENTITLEMENT MANAGEMENT AND CONTROL
2y 9m to grant Granted May 26, 2026
19/054,256
Patent 12621127
SYSTEMS AND METHODS FOR HIGH-CONFIDENCE SYMMETRIC-KEY DOCUMENT SIGNING AND ENCRYPTION USING A COMPUTING DEVICE
1y 2m to grant Granted May 05, 2026
19/114,194
Patent 12621147
Method, Device and System for Managing Carbon Data and Related Apparatus
1y 1m to grant Granted May 05, 2026
17/683,266
Patent 12615267
THUMBPRINTING SECURITY INCIDENTS VIA GRAPH EMBEDDINGS
4y 2m to grant Granted Apr 28, 2026
18/148,166
Patent 12615233
STORING AND ACCESSING OVERLAPPING INTERNET PROTOCOL (IP) ADDRESS RANGES
3y 4m to grant Granted Apr 28, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
76%
Grant Probability
97%
With Interview (+20.3%)
3y 9m (~1y 11m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 504 resolved cases by this examiner. Grant probability derived from career allowance rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month