DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged.
Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted on January 26, 2026, is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) has/have been considered by the examiner.
Claim Objections
Applicant is advised that should claim 19 be found allowable, claim 20 will be objected to under 37 CFR 1.75 as being a substantial duplicate thereof. When two claims in an application are duplicates or else are so close in content that they both cover the same thing, despite a slight difference in wording, it is proper after allowing one claim to object to the other as being a substantial duplicate of the allowed claim. See MPEP § 608.01(m).
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,256,013 in view of U.S. Patent Pub. No. 2019/0034900 to Lo et al.
Claims 1, 11, and 17
‘013 Patent
A device comprising:
Claim 1: A device comprising:
a near-field communication (NFC) interface;
Claim 1: a near-field communication (NFC) interface configured to detect NFC signals;
a non-volatile memory comprising an emulation program code for a contactless card;
Claim 1: a non-volatile memory having contactless card emulation program code stored thereon, the contactless card emulation program code operable when executed upon by the processor to:
a processor to execute the emulation program code to:
Claim 1: a processor;
identify, via the NFC interface, a contactless card authentication request;
Claim 1: detect, via the NFC interface, an NFC signal including a contactless card authentication request;
generate a first session key with at least part of a counter value and a first card key;
Claim 1: generate a diversified key using at least the user-identifier, the counter value, the master key, and one or more cryptographic algorithms;
generate a response message;
Claim 1: generate a response message including at least a portion of the shared secret, at least a portion of the counter value, or portions of both;
encode the response message using the first session key to generate an encoded response message;
Claim 1: encode the response message using the diversified key and the one or more cryptographic algorithms to generate an encoded response message;
concatenate the encoded response message with one or more blocks of a random number to create a concatenated encoded response message;
Claim 1: concatenate the encoded response message with a random number to create a concatenated encoded response message;
generate a second session key with a second card key and at least part of the counter value;
Claim 1: generate a session key based on a second master key and at least a portion of the counter value;
encipher the concatenated encoded response message using the second session key to generate an enciphered response message; and
Claim 1: encipher the concatenated encoded response message using the session key to generate an enciphered response message; and
send, via the NFC interface, the enciphered response message to a receiving device.
Claim 1: send, via the NFC interface, the enciphered response message in one or more NFC signals to a device.
Lo
initiate the emulation program code for the contactless card associated with the contactless card authentication request;
¶ 4: Card reading comprises reading secure data from a financial card at a point of interaction. Financial cards can support one or more forms of data storage and transfer such as magnetic stripe cards, Europay Mastercard Visa (EMV) compliant chip cards, contactless chip cards, and phone card emulation mode. The information stored within a financial card enables the identification of the card, either by account number such as a payment card number, a Primary Account Number (PAN), a representative token, or other method. The card reader can further authenticate a chip card by using cryptographic measures such as offline-data-authentication. The interoperability between card readers and cards are ensured by industrial standards such as EMV, and account privacy protection can be evaluated against industrial standards such as PCI Secure Reading and Exchange of Data (SRED).
Claims 2 and 12
‘013 Patent
the processor configured to increment the counter value associated with an emulated contactless card in response to sending the encoded response message to the receiving device.
Claim 2: the processor configured to increment the counter value associated with the emulated contactless card in response to sending the encoded response message to the device.
Claims 3 and 13
‘013 Patent
the processor to encode the response message with one or more cryptographic algorithms comprising at least one of a symmetric encryption algorithm, a hash-based message authentication code (HMAC) algorithm, a cipher-based message authentication code (CMAC) algorithm, or a combination thereof.
Claim 4: wherein the one or more cryptographic algorithms comprises at least one of a symmetric encryption algorithm, a hash-based message authentication code (HMAC) algorithm, and a cipher-based message authentication code (CMAC) algorithm.
Claims 4 and 14
‘013 Patent
wherein the emulation program code updates the session keys in response to sending the encoded response message.
Claim 5: wherein the contactless card emulation program code updates the diversified key in response to sending the encoded response message.
Claims 5 and 15
‘013 Patent
wherein the emulation program code is configured to cause the processor to increment the counter value associated with the contactless card according to a predetermined update protocol.
Claim 3: wherein the contactless card emulation program code is configured to cause the processor to increment the counter value associated with the contactless card according to a predetermined update protocol.
Claims 6 and 16
‘013 Patent
wherein the non-volatile memory is configured to store a plurality of emulated contactless cards including the contactless card and counter values associated with the plurality of emulated contactless cards, each of the of the plurality of emulated contactless cards is associated with a different one of the counter values.
Claim 6: wherein the non-volatile memory is configured to store a plurality of emulated contactless cards including the contactless card and counter values associated with the plurality of emulated contactless cards, each of the of the plurality of emulated contactless cards is associated with a different one of the counter values.
Claims 7 and 18
‘013 Patent
wherein the emulation program code is configured to cause the processor to monitor the NFC interface for NFC signals associated with transactions.
Claim 8: wherein the contactless card emulation program code is configured to cause the processor to monitor the NFC interface for NFC signals associated with performing transactions.
Claims 8, 19, and 20
‘013 Patent
wherein the emulation program code is configured to cause the processor to monitor the NFC interface for NFC signals associated with performing authentication to access a network, data, or health information.
Claim 9: wherein the contactless card emulation program code is configured to cause the processor to monitor the NFC interface for NFC signals associated with performing authentication to access a network, data, or health information.
Claim 9
‘013 Patent
wherein the contactless card is configured to perform transactions with an associated bank account, and another emulated contactless card of the plurality of emulated contactless cards is configured to perform authentication to access a network, data or health information.
Claim 7: wherein the contactless card is configured to perform transactions with an associated bank account, and another emulated contactless card of the plurality of emulated contactless cards is configured to perform authentication to access a network, data or health information.
Claim 10
‘013 Patent
wherein the processor to identify the contactless card authentication request in response to being within an NFC communication range of a point-of-sale device, a kiosk, a checkout register, a payment station, or a terminal.
Claim 10: wherein the processor to detect the NFC signal in response to being within an NFC communication range of a point-of-sale device, a kiosk, a checkout register, a payment station, or a terminal.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S. Patent Pub. No. 2015/0019442 discloses methods and devices for pre-generating session keys for securing transactions are provided. A plurality of session cryptographic keys are generated from a master cryptographic key and a respective plurality of possible values of a transaction counter. The session cryptographic keys are encrypted to provide a plurality of encrypted session cryptographic keys, which are stored in the user terminal. The master cryptographic key is deleted from the user terminal after the session keys are generated. To secure a transaction, a cryptogram is generated based on one of the encrypted session cryptographic keys and transaction data for the transaction, and the cryptogram is transmitted to a transaction terminal. The transaction counter is updated, and the encrypted session cryptographic key is deleted from the user terminal.
U.S. Patent No. 10,411,886 discloses systems and processes are described for establishing and using a secure channel. A shared secret may be used for authentication of session initiation messages as well as for generation of a private/public key pair for the session. A number of ways of agreeing on the shared secret are described and include pre-sharing the keys, reliance on a key management system, or via a token mechanism that uses a third entity to manage authentication, for example. In some instances, the third party may also perform endpoint selection by providing a particular endpoint along with the token. The particular cipher suite applied in a particular implementation may be configurable. The process is applicable to either implicit key confirmation (e.g., handshake negotiation) or explicit key confirmation (e.g., full negotiation).
U.S. Patent No. 6,925,563 discloses a circuit for the implementation of modular multiplication of numbers comprises an alternative formation of the algorithm first proposed by R. C. Montgomery. The modified Montgomery algorithm is implemented in one of a plurality of circuits comprising full adders, half adders, registers and gates.
U.S. Patent Pub. No. 2018/0048464 discloses a method and system of creating and managing encryption keys that facilitates sharing of encrypted content.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NILESH B KHATRI whose telephone number is (571)270-7083. The examiner can normally be reached 8:30 AM - 5:30 PM Monday-Friday, alternating Fridays off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NILESH B KHATRI/Primary Examiner, Art Unit 3699