Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsChina Unionpay Co. Ltd. › 18994518
Last updated: April 19, 2026
Application No. 18/994,518

PRIVACY COMPUTING SYSTEM, METHOD, APPARATUS, DEVICE AND MEDIUM

Non-Final OA §103
Filed
Jan 14, 2025
Examiner
MOHAMMADI, FAHIMEH M
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
China Unionpay Co. Ltd.
OA Round
1 (Non-Final)
76%
Grant Probability
Favorable
1-2
OA Rounds
3y 3m
To Grant
99%
With Interview

Interview Optional

+52.6% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 294 resolved cases, 2023–2026

Examiner Intelligence

MOHAMMADI, FAHIMEH M View full profile →
Grants 76% — above average
76%
Career Allow Rate
224 granted / 294 resolved
+18.2% vs TC avg
Strong +53% interview lift
Without
With
+52.6%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
24 currently pending
Career history
318
Total Applications
across all art units

Statute-Specific Performance

§101
16.0%
-24.0% vs TC avg
§103
58.1%
+18.1% vs TC avg
§102
8.0%
-32.0% vs TC avg
§112
9.3%
-30.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 294 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is in response to the application 18/994518 filed on 01/14/2025. Claims 1-11, 13-15, 17, 21, 24-26 and 28 have been examined and are pending in this application. Priority Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. PCT/CN2022/137368, filed on 12/07/2022, which claims priority to Application No. CN202210837745.8, filed on 07/15/2022. Information Disclosure Statement The information disclosure statement (IDS), submitted on 01/14/2025, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Interpretation - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as "configured to" or "so that"; and (C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: “the first privacy computing device is configured to send/receive a first query request/information/loading,” recited in claims 1 and 2; “the first privacy computing device is further configured to send/receive a cooperation request,” recited in claims 3 and 4; “the first privacy computing device is further configured to send/receive a second query request,” recited in claims 5 and 6; “the first privacy computing device is further configured to send/receive [] an authorization request,” recited in claims 7 and 8; “the first privacy computing device is further configured to send/receive a [] request,” recited in claim 9; “the first privacy computing device is further configured to receive the second confirmation message/startup request,” recited in claim 10; “the first privacy computing device is further configured to send/receive a [] request,” recited in claim 11;. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claims 1, 3, 5, 7, 9-10, 13, 15, 17, 21, 24, 26 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over PHEGADE et al. (“Phegade,” US 2016/0044005) in view of LI et al. (“Li,” US 2020/0004973). Regarding claim 1: Phegade discloses a privacy computing system, comprising: a first privacy computing device and at least one second privacy computing device, wherein: the first privacy computing device and a second privacy computing device collaborate on privacy computing tasks based on management plane interoperability and execute the privacy computing tasks based on data plane interoperability, wherein the management plane interoperability and the data plane interoperability are mutually independent (Phegade: par. 0012 communication system 100 enable distrusting entities to share their respective data using one or more mutually agreed upon procedure and/or algorithms that determine the portions of their respective data will be shared within a trusted execution environment provided by a trusted broker [] first client device 102 may be associated with a first entity and second client device 112 may be associated with a second entity. The first entity and second entity may desire to share information with one another using secure element 106 provided by trust broker service 108); for the second privacy computing device, when the first privacy computing device and the second privacy computing device perform the management plane interoperability, the first privacy computing device is configured to send a first query request to the second privacy computing device, wherein the first query request carries first identification information of the first privacy computing device and second identification information of a to-be-queried sub- algorithm (Phegade: par. 0013 secure element 106 is configured to [] process the data within a trusted execution environment using one or more mutually agreed upon procedures and/or algorithms, and provide a portion of the processed data to one or more of first client device 102, second client device 112; par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102; par. 0038 in 408, secure element 106 checks the first client device ID/certificate to determine if the remote attestation challenge contains a proper identifier for first client device 102); the second privacy computing device is configured to receive the first query request, and when it is determined that the first identification information is located in stored identification information for compliance devices, send stored information for components included in the sub- algorithm with the second identification information to the first privacy computing device (Phegade: par. 0042 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Phegade does not explicitly disclose the first privacy computing device is further configured to receive the information for components included in the sub-algorithm with the second identification information, and send, to the second privacy computing device, a loading request for loading the components included in the sub-algorithm with the second identification information and the second privacy computing device is further configured to receive the loading request, load the components included in the sub-algorithm with the second identification information, and after the loading is successful, send a loading success message to the first privacy computing device. However, Li discloses the first privacy computing device is further configured to receive the information for components included in the sub-algorithm with the second identification information, and send, to the second privacy computing device, a loading request for loading the components included in the sub-algorithm with the second identification information (Li: par. 0080 the first server 11 sends a data request to the second server 12, and the data request contains the request for the ciphertext of the demonstrator's specific data and the endorsement certificate of the demonstrator's specific data); and the second privacy computing device is further configured to receive the loading request, load the components included in the sub-algorithm with the second identification information, and after the loading is successful, send a loading success message to the first privacy computing device (Li: par. 0080 after receiving the data request above, the second server encrypts the specific data by using the public key of the demonstrator for homomorphic encryption provided by the demonstrator in advance to generate homomorphically encrypted ciphertext and generate verification data based on the homomorphically encrypted ciphertext. The verification data is used for demonstrating whether the ciphertext to be verified corresponds to the specific data. Then, the second server sends the ciphertext and the verification data to the first server). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Li with the system/method of Phegade to include send a loading request for loading the components included in the sub-algorithm with the second identification information. One would have been motivated provide more effective methods and apparatuses for obtaining an input of a secure multiparty computation protocol (Li: par. 0007). Regarding claim 3: Phegade in view of Li discloses the system according to claim 1. Phegade further discloses the first privacy computing device is further configured to send a cooperation request for privacy algorithm interoperability to the second privacy computing device, wherein the cooperation request carries the first identification information of the first privacy computing device (Phegade: par. 0017 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112); and the second privacy computing device is further configured to receive the cooperation request, and when it is determined that the first identification information is located in the stored identification information for compliance devices, send to the first privacy computing device a first confirmation message for agreeing to cooperate (Phegade: par. 0017 the trusted execution environment ensures the secure storage and processing of sensitive data and trusted code or applications; par. 0038 if first client device 102 verifies the secure code, it sends a connection request to secure element 106 including an indication that the cryptographic identity has been verified by first client device 102). Regarding claim 5: Phegade in view of Li discloses the system according to claim 1. Phegade further discloses the first privacy computing device is further configured to send a second query request to the second privacy computing device, wherein the second query request carries the first identification information of the first privacy computing device and third identification information of a to-be-queried data resource (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102); and the second privacy computing device is further configured to receive the second query request, and when it is determined that the first identification information is located in the stored identification information for compliance devices, send to the first privacy computing device stored information for the data source with the third identification information (Phegade: par. 0039 secure element 106 receives the connection request from first client device 102 [] in 422, secure element 106 receives first confidential information from first client device 102 using the secure channel [] secure element 106 seals the confidential information to the code identity of the trusted network environment by storing the first confidential information within secure data store 208 in a way such that only the trusted execution environment running the same code that received the confidential information can read it). Regarding claim 7: Phegade in view of Li discloses the system according to claim 5. Li further discloses the first privacy computing device is further configured to send to the second privacy computing device an authorization request for using the data resource with the third identification information, wherein the authorization request carries the first identification information of the first privacy computing device (Li: par. 0087 obtaining verification data based on the first ciphertext, wherein the verification data is used for verifying whether the ciphertext to be verified corresponds to the object data; par. 0088 sending the verification data to the first server); and the second privacy computing device is further configured to receive the authorization request, and when it is determined that the first identification information is located in the stored identification information for compliance devices, send to the first privacy computing device a granted authorization message for authorized use of the data resource with the third identification information (Li: par. 0089 the first server and the third server perform the MPC protocol, so that the third server obtains the evaluation result of the object [] and protects the privacy data of the object against the third server [] the object data is the savings of the object, and the first server specifies the savings data in the data request. The data request may also contain specifying an encryption method for the data, that is, specifying homomorphic encryption of the data by the public key of the object). The motivation is the same that of claim 1 above. Regarding claim 9: Phegade in view of Li discloses the system according to claim 5. Li further discloses the first privacy computing device is further configured to send a project execution preparation request to the second privacy computing device, wherein the project execution preparation request carries the first identification information of the first privacy computing device, second identification information of a sub-algorithm required for a to-be-run project, and third identification information of a target data resource required for the to-be-run project (Li: par. 0141 FIG. 11 includes Part I and Part II, wherein Part I corresponds to the case where a first server obtains verification data from the second server of an authorized organization, and Part II corresponds to the case that a first server prepares the verification data by itself []. In Part I, the first server sends a data request to the second server, and the second server prepares the first ciphertext and the verification data according to the data request, and sends the verification data to the first server, and optionally, also sends the first ciphertext to the first server); and the second privacy computing device is further configured to receive the project execution preparation request, and when it is determined that the first identification information is located in the stored identification information for compliance devices, and when it is determined that the target data resource of the third identification information is stored, and when it is determined that the components included in the sub-algorithm with the second identification information are completely loaded, sent to the first privacy computing device a second confirmation message confirming a readiness (Li: par. 0141 the first server sends only the verification data to the third server, wherein the verification data is the location in the blockchain ledger where the authorized organization stores the first ciphertext in the blockchain, so that the third server can download the first ciphertext directly from the location in the blockchain ledger to be used in the MPC protocol). The motivation is the same that of claim 1 above. Regarding claim 10: Phegade in view of Li discloses the system according to claim 9. Phegade further discloses for the second privacy computing device, when the first privacy computing device and the second privacy computing device perform the data plane interoperability, the first privacy computing device is further configured to receive the second confirmation message, and send to the second privacy computing device a startup request to start a computing task (Phegade: par. 0041 in 442, secure element 106 receives second confidential information from second client device 112 and stores the second confidential information in secure data store 208. The second confidential information includes portions of confidential information that may be potentially shared with first client device 102; par. 0042 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment; par. 0044 In 452, secure element 106 sends one or more notification to one or more entities matching criteria agreed upon the participants such as one or more owners of provided confidential information such as the first entity and/or the second entity); and the second privacy computing device is further configured to receive the startup request, and run the sub-algorithm with the second identification information based on the target data resource with the third identification information (Phegade: par. 0019 each of the parties that provide data to secure element 106 is remotely able to verify that the code they have mutually agreed upon in order to provide a portion of their data to the other party is the code that is running in the trusted execution environment). Regarding claim 13: Phegade discloses a privacy computing method, applied to a first privacy computing device, the method comprising: when performing management plane interoperability with a second privacy computing device, sending a first query request to the second privacy computing device, wherein the first query request carries first identification information of the first privacy computing device and second identification information of a to-be-queried sub-algorithm (Phegade: par. 0013 secure element 106 is configured to [] process the data within a trusted execution environment using one or more mutually agreed upon procedures and/or algorithms, and provide a portion of the processed data to one or more of first client device 102, second client device 112; par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102; par. 0038 in 408, secure element 106 checks the first client device ID/certificate to determine if the remote attestation challenge contains a proper identifier for first client device 102), and the first privacy computing device and the second privacy computing device respectively collaborate on privacy computing tasks based on the management plane interoperability and perform the privacy computing tasks based on data plane interoperability, wherein the management plane interoperability and the data plane interoperability are mutually independent (Phegade: par. 0012 communication system 100 enable distrusting entities to share their respective data using one or more mutually agreed upon procedure and/or algorithms that determine the portions of their respective data will be shared within a trusted execution environment provided by a trusted broker [] first client device 102 may be associated with a first entity and second client device 112 may be associated with a second entity. The first entity and second entity may desire to share information with one another using secure element 106 provided by trust broker service 108). Phegade does not explicitly disclose when information for components included in the sub-algorithm with the second identification information sent by the second privacy computing device is received, sending to the second privacy computing device a loading request for loading the components included in the sub-algorithm with the second identification information. However, Li discloses when information for components included in the sub-algorithm with the second identification information sent by the second privacy computing device is received, sending to the second privacy computing device a loading request for loading the components included in the sub-algorithm with the second identification information (Li: par. 0080 the first server 11 sends a data request to the second server 12, and the data request contains the request for the ciphertext of the demonstrator's specific data and the endorsement certificate of the demonstrator's specific data [] then, the second server sends the ciphertext and the verification data to the first server). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Li with the system/method of Phegade to include sending to the second privacy computing device a loading request for loading the components included in the sub-algorithm with the second identification information. One would have been motivated provide more effective methods and apparatuses for obtaining an input of a secure multiparty computation protocol (Li: par. 0007). Regarding claim 15: Phegade in view of Li discloses the system according to claim 13. Phegade further discloses wherein, before sending the first query request to the second privacy computing device, the method further comprises: sending a cooperation request for privacy algorithm interoperability to the second privacy computing device, wherein the cooperation request carries the first identification information of the first privacy computing device (Phegade: par. 0017 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Regarding claim 17: Phegade in view of Li discloses the system according to claim 13. Phegade further discloses sending a second query request to the second privacy computing device, wherein the second query request carries the first identification information of the first privacy computing device and third identification information of a to-be-queried data resource (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102). Regarding claim 21: Phegade in view of Li discloses the system according to claim 17. Li further discloses sending a project execution preparation request to the second privacy computing device, wherein the project execution preparation request carries the first identification information of the first privacy computing device, second identification information of a sub-algorithm required for a to-be-run project, and third identification information of a target data resource required for the to-be-run project (Li: par. 0141 FIG. 11 includes Part I and Part II, wherein Part I corresponds to the case where a first server obtains verification data from the second server of an authorized organization, and Part II corresponds to the case that a first server prepares the verification data by itself []. In Part I, the first server sends a data request to the second server, and the second server prepares the first ciphertext and the verification data according to the data request, and sends the verification data to the first server, and optionally, also sends the first ciphertext to the first server). The motivation is the same that of claim 13 above. Regarding claim 24: Phegade discloses a privacy computing method, applied to a second privacy computing device, the method comprising: when performing management plane interoperability with a first privacy computing device, receiving a first query request sent by the first privacy computing device, wherein the first query request carries first identification information of the first privacy computing device and second identification information of a to-be-queried sub-algorithm (Phegade: par. 0013 secure element 106 is configured to [] process the data within a trusted execution environment using one or more mutually agreed upon procedures and/or algorithms, and provide a portion of the processed data to one or more of first client device 102, second client device 112; par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102; par. 0038 in 408, secure element 106 checks the first client device ID/certificate to determine if the remote attestation challenge contains a proper identifier for first client device 102), and the first privacy computing device and the second privacy computing device collaborate on privacy computing tasks based on the management plane interoperability and execute the privacy computing tasks based on data plane interoperability, wherein the management plane interoperability and the data plane interoperability are mutually independent (Phegade: par. 0012 communication system 100 enable distrusting entities to share their respective data using one or more mutually agreed upon procedure and/or algorithms that determine the portions of their respective data will be shared within a trusted execution environment provided by a trusted broker [] first client device 102 may be associated with a first entity and second client device 112 may be associated with a second entity. The first entity and second entity may desire to share information with one another using secure element 106 provided by trust broker service 108); and when it is determined that the first identification information is located in stored identification information for compliance devices, sending to the first privacy computing device stored information for components included in the sub-algorithm with the second identification information (Phegade: par. 0042 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Phegade does not explicitly disclose when a loading request sent by the first privacy computing device is received, loading the components included in the sub-algorithm with the second identification information, and after the loading is successful, sending a loading success message to the first privacy computing device. However, Li discloses when a loading request sent by the first privacy computing device is received, loading the components included in the sub-algorithm with the second identification information, and after the loading is successful, sending a loading success message to the first privacy computing device (Li: par. 0080 after receiving the data request above, the second server encrypts the specific data by using the public key of the demonstrator for homomorphic encryption provided by the demonstrator in advance to generate homomorphically encrypted ciphertext and generate verification data based on the homomorphically encrypted ciphertext. The verification data is used for demonstrating whether the ciphertext to be verified corresponds to the specific data. Then, the second server sends the ciphertext and the verification data to the first server). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Li with the system/method of Phegade to include loading the components included in the sub-algorithm with the second identification information, and after the loading is successful, sending a loading success message to the first privacy computing device. One would have been motivated provide more effective methods and apparatuses for obtaining an input of a secure multiparty computation protocol (Li: par. 0007). Regarding claim 26: Phegade in view of Li discloses the system according to claim 24. Phegade further discloses wherein, before receiving the first query request sent by the first privacy computing device, the method further comprises: receiving a cooperation request sent by the first privacy computing device, wherein the cooperation request carries the first identification information of the first privacy computing device (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102); and when it is determined that the first identification information is located in the stored identification information for compliance devices, sending to the first privacy computing device a first confirmation message for agreeing to cooperate (Phegade: par. 0042 the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Regarding claim 28: Phegade in view of Li discloses the system according to claim 24. Phegade further discloses receiving a second query request sent by the first privacy computing device, wherein the second query request carries the first identification information of the first privacy computing device and third identification information of a to-be-queried data resource (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102 [] secure element 106 receives a remote attestation challenge from first client device 102 [] the remote attestation challenge includes a first client device identifier or certificate associated with first client device 102); and when it is determined that the first identification information is located in the stored identification information for compliance devices, sending to the first privacy computing device stored information for the data resource with the third identification information (Phegade: par. 0042 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Claims 2, 4, 6, 8, 11, 14 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over PHEGADE et al. (“Phegade,” US 2016/0044005) in view of LI et al. (“Li,” US 2020/0004973) and Sabella et al. (“Sabella,” US 2022/0086218). Regarding claim 2: Phegade in view of Li discloses the system according to claim 1. Phegade further discloses the first privacy computing device is further configured to send the first query request to the second privacy computing device (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102); the second privacy computing device is further configured to receive the first query request, and send the stored information for components included in the sub-algorithm with the second identification information to the first privacy computing device (Phegade: par. 0042 the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112); the first privacy computing device is further configured to receive, based on the first API, the information for components included in the sub-algorithm with the second identification information, and send the loading request to the second privacy computing device (Li: par. 0080 the first server 11 sends a data request to the second server 12, and the data request contains the request for the ciphertext of the demonstrator's specific data and the endorsement certificate of the demonstrator's specific data); and the second privacy computing device is further configured to receive the loading request, and send the loading success message to the first privacy computing device (Li: par. 0080 after receiving the data request above, the second server encrypts the specific data by using the public key of the demonstrator for homomorphic encryption provided by the demonstrator in advance to generate homomorphically encrypted ciphertext and generate verification data based on the homomorphically encrypted ciphertext. The verification data is used for demonstrating whether the ciphertext to be verified corresponds to the specific data. Then, the second server sends the ciphertext and the verification data to the first server). Phegade in view of Li does not explicitly disclose first request based on a configured first/second application programming interface (API). However, Rogers discloses first/second request based on a configured first/second application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 4: Phegade in view of Li discloses the system according to claim 3. Phegade further discloses the first privacy computing device is further configured to send the cooperation request for privacy algorithm interoperability to the second privacy computing device (Phegade: par. 0037 secure element 106 receives a connection request from first client device 102; par. 0017 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information [] should be shared with one or both of first client device 102 and second client device 112); and the second privacy computing device is further configured to receive the cooperation request and send the first confirmation message (Phegade: par. 0017 the trusted execution environment ensures the secure storage and processing of sensitive data and trusted code or applications; par. 0038 if first client device 102 verifies the secure code, it sends a connection request to secure element 106 including an indication that the cryptographic identity has been verified by first client device 102). Phegade in view of Li does not explicitly disclose first request based on a configured third application programming interface (API). However, Rogers discloses first/second request based on a configured third application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 6: Phegade in view of Li discloses the system according to claim 5. Phegade further discloses the first privacy computing device is further configured to send the second query request to the second privacy computing device (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102); and the second privacy computing device is further configured to receive the second query request and send the information for the data resource with the third identification information (Phegade: par. 0032 receive confidential data or information from first client device 102 and second client device 112, and/or send a result of processing the confidential data to one or more of first client device 102, second client device 112). Phegade in view of Li does not explicitly disclose request based on a configured fourth application programming interface (API). However, Rogers discloses request based on a configured fourth application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 8: Phegade in view of Li discloses the system according to claim 7. Li further discloses the first privacy computing device is further configured to send the authorization request to the second privacy computing device (Li: par. 0087 obtaining verification data based on the first ciphertext, wherein the verification data is used for verifying whether the ciphertext to be verified corresponds to the object data; par. 0088 sending the verification data to the first server); and the second privacy computing device is further configured to receive the authorization request and send the granted authorization message (Li: par. 0089 the first server and the third server perform the MPC protocol, so that the third server obtains the evaluation result of the object [] the data request may also contain specifying an encryption method for the data, that is, specifying homomorphic encryption of the data by the public key of the object). Phegade in view of Li does not explicitly disclose request based on a configured fifth application programming interface (API). However, Rogers discloses request based on a configured fifth application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 11: Phegade in view of Li discloses the system according to claim 9. Li further discloses the first privacy computing device is further configured to send the project execution preparation request to the second privacy computing device (Li: par. 0141 FIG. 11 includes Part I and Part II, wherein Part I corresponds to the case where a first server obtains verification data from the second server of an authorized organization, and Part II corresponds to the case that a first server prepares the verification data by itself); and the second privacy computing device is further configured to receive the project execution preparation request and send the second confirmation message to the first privacy computing device (Li: par. 0141 the first server sends only the verification data to the third server, wherein the verification data is the location in the blockchain ledger where the authorized organization stores the first ciphertext in the blockchain, so that the third server can download the first ciphertext directly from the location in the blockchain ledger to be used in the MPC protocol). The motivation is the same that of claim 1 above. Phegade in view of Li does not explicitly disclose send request based on a configured sixth application programming interface (API). However, Rogers discloses send request based on a configured sixth application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 14: Phegade in view of Li discloses the system according to claim 13. Phegade further discloses sending the first query request to the second privacy computing device includes sending the first query request to the second privacy computing device (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102); and sending the loading request to the second privacy computing device for loading the components included in the sub-algorithm with the second identification information includes sending the loading request to the second privacy computing device (Li: par. 0080 the first server 11 sends a data request to the second server 12, and the data request contains the request for the ciphertext of the demonstrator's specific data and the endorsement certificate of the demonstrator's specific data). Phegade in view of Li does not explicitly disclose first request based on a configured fifth application programming interface (API). However, Rogers discloses request based on a configured fifth application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Regarding claim 25: Phegade in view of Li discloses the system according to claim 24. Phegade further discloses receiving the first query request sent by the first privacy computing device (Phegade: par. 0037 in 402, secure element 106 receives a connection request from first client device 102); sending stored information for components included in the sub-algorithm with the second identification information to the first privacy computing device includes sending the stored information for components included in the sub-algorithm with the second identification information to the first privacy computing device (Phegade: par. 0042 in 448, secure element 106 executes the mutually agreed upon secure code in the trusted network environment [] the secure code may be configured to perform aggregation, combination, or other processing of the first confidential information and the second confidential information to determine portions of the first confidential information and/or the second confidential information that should be shared with one or both of first client device 102 and second client device 112). Li further discloses receiving the loading request sent by the first privacy computing device includes receiving the loading request (Li: par. 0080 the first server 11 sends a data request to the second server 12, and the data request contains the request for the ciphertext of the demonstrator's specific data); and sending a loading success message to the first privacy computing device includes sending the loading success message to the first privacy computing device (Li: par. 0080 the verification data is used for demonstrating whether the ciphertext to be verified corresponds to the specific data. Then, the second server sends the ciphertext and the verification data to the first server). The motivation is the same that of claim 24 above. Phegade in view of Li does not explicitly disclose first query request based on a configured first/second application programming interface (API). However, Rogers discloses first/second query request based on a configured first/second application programming interface (API) (Rogers: par. 0026 query interface 112 may be implemented as an application program interface (API) through which automated agents, or other components and/or systems may interact with entity management system 130 or privacy management system 150). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rogers with the system/method of Phegade and Li to include send and receive request based on a configured an application programming interface (API). One would have been motivated to providing data analytics systems include application programming interfaces and entity management systems (Rogers: par. 0001). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439 /LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

Jan 14, 2025
Application Filed
Mar 18, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/304,237
Patent 12604186
Methods and Systems for Network Authentication Using a Unique Authentication Identifier
2y 5m to grant Granted Apr 14, 2026
18/110,051
Patent 12598078
NETWORK ACCESS USING HARDWARE-BASED SECURITY
2y 5m to grant Granted Apr 07, 2026
18/747,916
Patent 12598174
FLEET MANAGEMENT SYSTEM AND METHOD
2y 5m to grant Granted Apr 07, 2026
17/862,547
Patent 12568073
SECURE EXCHANGE OF CERTIFICATE AUTHORITY CERTIFICATE INLINE AS PART OF FILE TRANSFER PROTOCOL
2y 5m to grant Granted Mar 03, 2026
18/363,266
Patent 12562966
Transitioning Network Entities Associated With A Virtual Cloud Network Through A Series Of Phases Of A Certificate Bundle Distribution Process
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
76%
Grant Probability
99%
With Interview (+52.6%)
3y 3m
Median Time to Grant
Low
PTA Risk
Based on 294 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month