Prosecution Insights
Last updated: July 17, 2026
Application No. 18/791,399

DIGITAL PASS OPEN ACCESS PLATFORM

Non-Final OA §102§103
Filed
Jul 31, 2024
Priority
Aug 14, 2023 — provisional 63/532,667
Examiner
SWEARINGEN, JEFFREY R
Art Unit
2445
Tech Center
2400 — Computer Networks
Assignee
Apple Inc.
OA Round
1 (Non-Final)
76%
Grant Probability
Favorable
1-2
OA Rounds
1y 5m
Est. Remaining
98%
With Interview

Examiner Intelligence

Grants 76% — above average
76%
Career Allowance Rate
524 granted / 688 resolved
+18.2% vs TC avg
Strong +22% interview lift
Without
With
+21.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
21 currently pending
Career history
706
Total Applications
across all art units

Statute-Specific Performance

§101
5.6%
-34.4% vs TC avg
§103
69.2%
+29.2% vs TC avg
§102
12.8%
-27.2% vs TC avg
§112
4.7%
-35.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 688 resolved cases

Office Action

§102 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 1, 5, 7-9, 13, 17, and 19-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lin (TW I646480B). In regard to claim 1, Liu disclosed a method comprising: receiving, by a first server and from a user device, a request to access a service of the first server, the request comprising one or more attributes associated with a digital pass and a digital signature associated with the digital pass; in response to the request for verification, verifying the one or more attributes associated with the digital pass based on the digital signature associated with the digital pass; in response to successfully verifying the one or more attributes associated with the digital pass, providing the user device access to the service; and in response to unsuccessfully verifying the one or more attributes associated with the digital pass, forgoing providing the user device access to the service. Liu: “In the server part, the server includes: a contract module, a verification module, and a processing module. The contract module is used to pre-release a service contract through a blockchain transaction before the service is provided. The service contract includes a service function and a service event; the verification module is configured to send a service request to the client to the client. (sic) Requesting a digital voucher, and after receiving the digital voucher, querying the voucher contract of the corresponding client from the voucher registration contract to verify the digital signature and the public key; the processing module is configured to execute the service function and trigger after the digital voucher passes the verification The corresponding service event enables the server to provide services to the client.” The digital voucher is the digital pass. The attributes associated with the digital pass is the public key. The user device is the client. In regard to claim 5, Liu disclosed wherein receiving the request to access the service is in response to another request, by the first server and to the user device, for the one or more attributes associated with the digital pass. Liu: The contract module is used to pre-release a service contract through a blockchain transaction before the service is provided. The service contract includes a service function and a service event; the verification module is configured to send a service request to the client to the client…Requesting a digital voucher, and after receiving the digital voucher, querying the voucher contract of the corresponding client from the voucher registration contract to verify the digital signature and the public key” In regard to claim 7, Liu disclosed wherein providing the user device access to the service comprises: transmitting, by the first server and to the user device, a data object in response to successfully verifying the one or more attributes associated with the digital pass. Liu: “the digital voucher passes the verification”, passing the verification is transmitting a data object in response to successfully verifying In regard to claim 8, Liu disclosed: modifying, by the first server, at least one attribute of the one or more attributes associated with the digital pass; and transmitting, by the first server and to the user device, an indication of the modification for modifying the one or more attributes of the digital pass. Liu: “The portion of the client 210 includes a generation module 211, an execution module 212, and a detection module 213. The generating module 211 is configured to generate a private key and a corresponding public key thereof, and generate a voucher signature request message according to the public key and the identification data. The identification data is as follows: country code, country name, place name, organization unit name, department name, certificate name, contact mailbox, and the like. In actual implementation, generating a private key and its corresponding public key, and generating a voucher signature request message according to the public key and the identification data can be implemented by using the software library package "OpenSSL".” Modifying the attribute is changing the identification information, and transmitting an indication of the modification is generating a voucher signature request message according to the identification data. Claim 9 is rejected for substantially the same reasons as claim 1. Claim 13 is rejected for substantially the same reasons as claim 1. Claim 17 is rejected for substantially the same reasons as claim 5. Claim 19 is rejected for substantially the same reasons as claim 7. Claim 20 is rejected for substantially the same reasons as claim 8. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 2-4, 10-12, and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Hu (WO 2023/005838 A1). In regard to claim 2, Liu disclosed wherein verifying the one or more attributes associated with the digital pass based on the digital signature associated with the digital pass comprises: … verifying the digital signature based on the obtained key. Liu: querying the voucher contract of the corresponding client from the voucher registration contract to verify the digital signature and the public key Liu failed to disclose obtaining a key from a second server. However, Hu disclosed wherein verifying the one or more attributes associated with the digital pass based on the digital signature associated with the digital pass comprises: obtaining a key from a second server… Hu: “Wherein, the first user end may be a data demander, and the application program and/or client software in the first user end may have the following functions: subscribe/sign up to release data sharing messages; search through the information release column, or book release Information, or methods recommended by others, to obtain data sharing information (such as the identity of the data publisher, which industries the data can be used for, which users the data can use, and the category of data, data content introduction, nature, use, price and other attributes), according to the published data sharing information, determine the data that needs to be accessed; before accessing the shared data, mutual authentication with the authentication and authorization module of the server is required; its identity information, such as the identity of the data user, the data The user's public key and the data information that needs to be accessed, such as the identity of the data publisher, the public key of the data publisher, the ciphertext ID, the key ID, etc., as well as the digital signature of its identity information and the data information that needs to be accessed, are sent to The "data sharing access record" on the server side; receive the notification from the "data sharing access record", which includes the key storage address, data storage address, access token, etc.; according to the address of the key storage, send the access token to The token verification module of the key storage server to obtain the decryption key; according to the address stored in the ciphertext, request to obtain the data corresponding to the ciphertext identification ID; decrypt the ciphertext data according to the obtained data decryption key to obtain the required Accessed data; manage shared data records that you have accessed, such as queries.” The second server is the “key storage server” Hu disclosed a key storage server – a “second server”. Liu disclosed a server comprising a verification module. It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to store the key used in Liu on a second “key storage” server as in Hu for the purpose of having a centralized key storage and distribution system. In regard to claim 3, Liu disclosed wherein verifying the one or more attributes associated with the digital pass based on the digital signature associated with the digital pass further comprises: … determining whether to provide access to the service based at least in part on the received information. Liu: “the processing module is configured to execute the service function and trigger after the digital voucher passes the verification The corresponding service event enables the server to provide services to the client.” Liu failed to disclosed: transmitting, by the first server and to the second server, a request for information regarding the verified one or more attributes; receiving, by the first server and from the second server, the information regarding the verified one or more attributes; However, Hu disclosed: transmitting, by the first server and to the second server, a request for information regarding the verified one or more attributes; receiving, by the first server and from the second server, the information regarding the verified one or more attributes; Hu disclosed a key storage server – a “second server” – as shown in claim 2. The steps of transmitting and receiving are “its identity information, such as the identity of the data user, the data The user's public key and the data information that needs to be accessed, such as the identity of the data publisher, the public key of the data publisher, the ciphertext ID, the key ID, etc., as well as the digital signature of its identity information and the data information that needs to be accessed, are sent to The "data sharing access record" on the server side; receive the notification from the "data sharing access record", which includes the key storage address, data storage address, access token, etc.” Hu disclosed a key storage server – a “second server”. Liu disclosed a server comprising a verification module. It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to store the key used in Liu on a second “key storage” server as in Hu for the purpose of having a centralized key storage and distribution system. In regard to claim 4, Liu disclosed wherein the digital signature is generated by the user device with a private key associated with the digital pass and the digital signature is verified by a public key associated with the digital pass Liu: “In the server part, the server includes: a contract module, a verification module, and a processing module. The contract module is used to pre-release a service contract through a blockchain transaction before the service is provided. The service contract includes a service function and a service event; the verification module is configured to send a service request to the client to the client. (sic) Requesting a digital voucher, and after receiving the digital voucher, querying the voucher contract of the corresponding client from the voucher registration contract to verify the digital signature and the public key; the processing module is configured to execute the service function and trigger after the digital voucher passes the verification The corresponding service event enables the server to provide services to the client.” The digital voucher is the digital pass. The attributes associated with the digital pass is the public key. The user device is the client. Liu failed to disclose the public key is stored on a second server. However, Hu disclosed the public key is stored on a second server. Hu: “Wherein, the first user end may be a data demander, and the application program and/or client software in the first user end may have the following functions: subscribe/sign up to release data sharing messages; search through the information release column, or book release Information, or methods recommended by others, to obtain data sharing information (such as the identity of the data publisher, which industries the data can be used for, which users the data can use, and the category of data, data content introduction, nature, use, price and other attributes), according to the published data sharing information, determine the data that needs to be accessed; before accessing the shared data, mutual authentication with the authentication and authorization module of the server is required; its identity information, such as the identity of the data user, the data The user's public key and the data information that needs to be accessed, such as the identity of the data publisher, the public key of the data publisher, the ciphertext ID, the key ID, etc., as well as the digital signature of its identity information and the data information that needs to be accessed, are sent to The "data sharing access record" on the server side; receive the notification from the "data sharing access record", which includes the key storage address, data storage address, access token, etc.; according to the address of the key storage, send the access token to The token verification module of the key storage server to obtain the decryption key; according to the address stored in the ciphertext, request to obtain the data corresponding to the ciphertext identification ID; decrypt the ciphertext data according to the obtained data decryption key to obtain the required Accessed data; manage shared data records that you have accessed, such as queries.” The second server is the “key storage server” Hu disclosed a key storage server – a “second server”. Liu disclosed a server comprising a verification module. It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to store the key used in Liu on a second “key storage” server as in Hu for the purpose of having a centralized key storage and distribution system. Claim 10 is rejected for substantially the same reasons as claim 2. Claim 11 is rejected for substantially the same reasons as claim 3. Claim 12 is rejected for substantially the same reasons as claim 4. Claim 14 is rejected for substantially the same reasons as claim 2. Claim 15 is rejected for substantially the same reasons as claim 3. Claim 16 is rejected for substantially the same reasons as claim 4. Claims 6 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Luthra et al. (US 2023/0298416). In regard to claim 6, Liu failed to disclose: providing, for presentation on an electronic display, an indication of verification in response to successfully verifying the one or more attributes associated with the digital pass. However, Luthra disclosed: providing, for presentation on an electronic display, an indication of verification in response to successfully verifying the one or more attributes associated with the digital pass. Luthra [0097] “If the digital pass 2800 is valid, the notifier 414 of the verifier application 120 displays a positive or an acceptance message (e.g., a first notice), such as, for example, the valid message shown in FIG. 30. The acceptance message confirms that the user 102 has recently tested negative for the infectious disease or analyte of interest and can be allowed access to the location. If the certifier 412 determines that the digital pass 2800 is expired or invalid, the notifier 414 of the verifier application 120 can display a negative or denial message (e.g., a second notice), such as, for example, the message shown in FIG. 31 indicating that the pass is expired or not valid. As such, the verifier 106 can deny the user 102 access to the location. In some examples, if the result of the test was inconclusive, the notifier 414 can display the same interface as shown in FIG. 31 or another interface/display indicating the result was inconclusive. In such an instance, the verifier 106 can decide whether to allow or deny access to the user 102. If a digital pass is not found, the notifier 414 of the verifier application 120 can display another message (e.g., a third notice), such as, for example, the message shown in FIG. 32 indicating that a pass is not found. In such an instance, the verifier 106 can deny the user 102 access. Therefore, the verifier application 120 can display the first notice (FIG. 30), the second notice (FIG. 31), the third notice (FIG. 32), and/or any other notices to grant or deny the user 102 access to the location based on the verification outcome and a location of the verifier device 112.” It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to display the results of a verification as in Luthra with the Liu verification system in order to notify the user that verification has occurred. Claim 18 is rejected for substantially the same reasons as claim 6. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jeffrey R. Swearingen whose telephone number is (571)272-3921. The examiner can normally be reached M-F 8:00 am - 5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached at 571-270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. Jeffrey R. Swearingen Primary Examiner Art Unit 2445 /Jeffrey R Swearingen/Primary Examiner, Art Unit 2445
Read full office action

Prosecution Timeline

Jul 31, 2024
Application Filed
Sep 05, 2025
Response after Non-Final Action
Apr 23, 2026
Non-Final Rejection mailed — §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683978
CLIQUE GRAPH MINING FOR HOST NAVIGATION SAFETY
2y 5m to grant Granted Jul 14, 2026
Patent 12671744
DYNAMIC EXPERIENTIAL SNAPSHOTS
2y 2m to grant Granted Jun 30, 2026
Patent 12666184
SECURE IDENTIFICATION METHODS AND SYSTEMS
3y 3m to grant Granted Jun 23, 2026
Patent 12664313
UTILITY PRESERVING ANONYMIZATION OF VISUAL CONTENT
2y 6m to grant Granted Jun 23, 2026
Patent 12657145
ELECTRONIC CONTROL DEVICE AND CALCULATION METHOD
4y 1m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
76%
Grant Probability
98%
With Interview (+21.7%)
3y 5m (~1y 5m remaining)
Median Time to Grant
Low
PTA Risk
Based on 688 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month