UNITED STATES PA TENT AND TRADEMARK OFFICE
`
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONERFORPATENTS
`P.O. Box 1450
`Alexandria, Virginia 22313-1450
`www.uspto.gov
`
`APPLICATION NO.
`
`FILING DATE
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`CONFIRMATION NO.
`
`90/015,052
`
`06/08/2022
`
`8352730
`
`02198-00080
`
`9657
`
`11/25/2024
`
`7590
`Hecht Partners LLP
`125 Park Avenue,
`25th Floor
`New York, NY 10017
`
`EXAMINER
`
`TARAE, CATHERINE MICHELLE
`
`ART UNIT
`
`PAPER NUMBER
`
`3992
`
`MAIL DATE
`
`DELIVERY MODE
`
`11/25/2024
`
`PAPER
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`PTOL-90A (Rev. 04/07)
`
`Patent Owner Exhibit 2021, Page 1 of 32
`
`

`

`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`Commissioner for Patents
`United States Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`www.uspto.gov
`
`DO NOT USE IN PALM PRINTER
`
`(THIRD PARTY REQUESTER'S CORRESPONDENCE ADDRESS)
`
`Quinn Emanuel Urquhart & Sullivan LLP
`c/o James M. Glass
`51 Madison Ave.
`22nd Floor
`New York, NY 10010
`
`EX PARTEREEXAMINATION COMMUNICATION TRANSMITTAL FORM
`
`REEXAMINATION CONTROL NO. 90/015,052.
`
`PATENT UNDER REEXAMINATION 8352730.
`
`ART UNIT 3992.
`
`Enclosed is a copy of the latest communication from the United States Patent and Trademark
`Office in the above identified ex parte reexamination proceeding (37 CFR 1.550(f)).
`
`Where this copy is supplied after the reply by requester, 37 CFR 1.535, or the time for filing a
`reply has passed, no submission on behalf of the ex parte reexamination requester will be
`acknowledged or considered (37 CFR 1.550(g)).
`
`PTOL-465 (Rev.07-04)
`
`Patent Owner Exhibit 2021, Page 2 of 32
`
`

`

`Office Action in Ex Parle Reexamination
`
`Control No.
`90/015,052
`
`Examiner
`C. Michelle Tarae
`
`Patent Under Reexamination
`8352730
`
`Art Unit
`3992
`
`AIA (FITF) Status
`No
`
`-- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address -(cid:173)
`
`a. ~ Responsive to the communication(s) filed on 09 October 2024.
`0 A declaration(s)/affidavit(s) under 37 CFR 1.130(b) was/were filed on __ .
`
`b. 0 This action is made FINAL.
`
`c. 0 A statement under 37 CFR 1.530 has not been received from the patent owner.
`
`A shortened statutory period for response to this action is set to expire 2 month(s) from the mailing date of this letter.
`Failure to respond within the period for response will result in termination of the proceeding and issuance of an ex parte reexamination
`certificate in accordance with this action. 37 CFR 1.550(d). EXTENSIONS OF TIME ARE GOVERNED BY 37 CFR 1.550(c).
`If the period for response specified above is less than thirty (30) days, a response within the statutory minimum of thirty (30) days
`will be considered timely.
`
`Part I
`THE FOLLOWING ATTACHMENT(S) ARE PART OF THIS ACTION:
`1. 0 Notice of References Cited by Examiner, PTO-892.
`3. 0
`2. 0 Information Disclosure Statement, PTO/SB/08.
`4. 0
`
`Interview Summary, PTO-474.
`
`Part II
`
`SUMMARY OF ACTION
`
`1 a. ~ Claims 1-17 are subject to reexamination.
`
`1 b. □
`
`Claims __ are not subject to reexamination.
`
`2. □
`
`Claims __ have been canceled in the present reexamination proceeding.
`
`3. □
`
`Claims __ are patentable and/or confirmed.
`
`Claims 1-17 are rejected.
`
`Claims __ are objected to.
`
`The drawings, filed on __ are acceptable.
`
`0 disapproved.
`
`4. ~
`5. □
`6. □
`0 approved (7b)
`7. □ The proposed drawing correction, filed on __ has been (7a)
`8. □ Acknowledgment is made of the priority claim under 35 U.S.C. 119(a)-(d) or (f).
`a) 0 All b)
`0 Some* c) 0 None
`of the certified copies have
`1 0 been received.
`2 0 not been received.
`3 0 been filed in Application No. __
`4 0 been filed in reexamination Control No. - -
`5 0 been received by the International Bureau in PCT application No. __
`* See the attached detailed Office action for a list of the certified copies not received.
`9. 0 Since the proceeding appears to be in condition for issuance of an ex parte reexamination certificate except for formal
`matters, prosecution as to the merits is closed in accordance with the practice under ExparteQuayle, 1935 C.D.
`11, 453 O.G. 213.
`
`10. 0 Other:
`
`cc: Requester (if third oartv requester)
`U.S. Patent and Trademark Office
`PTOL-466 (Rev. 08-13)
`
`Office Action in Ex Parte Reexamination
`
`Part of Paper No.
`
`20241120
`
`Patent Owner Exhibit 2021, Page 3 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 2
`
`EX PARTE REEXAMINATION NON-FINAL OFFICE ACTION
`
`A substantial new question (SNQ) of patentability affecting claims 1-17 of U.S.
`
`Pat. No. 8,352,730 to Giobbi ("the '730 Patent") was raised by the Request for Ex Parte
`
`reexamination filed June 8, 2022 ("Request") by Samsung Electronics America, Inc.
`
`("Requester").
`
`Patent Owner ("PO") filed a response on October 9, 2024 ("Remarks").
`
`This is a second Non-Final office action due to the Examiner updating the
`
`rejections, which was not necessitated by any claim amendments.
`
`Claims 1-17 are reexamined below.
`
`Prior and Concurrent Proceedings and Litigation
`
`Examiner notes related ex parte reexamination filings: 90/015,053 (Examiner's
`
`Answer to Appeal Brief mailed October 24, 2024) and 90/015,054 (Non-Final mailed
`
`November 5, 2024).
`
`Examiner further notes:
`
`•
`
`IPR2021-01444, which concluded with a Denial of Institution in which the PTAB
`
`indicated Petitioner did not show a reasonable likelihood of prevailing because
`
`Petitioner did not show persuasively that the references taught a "third-party
`
`trusted authority."
`
`IPR2024-00232, trial instituted.
`
`IPR2024-00775, pending.
`
`IPR2024-01326, pending.
`
`IPR2024-01333, pending.
`
`•
`
`•
`
`•
`
`•
`
`Patent Owner Exhibit 2021, Page 4 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 3
`
`The '730 Patent is also the subject of 6:21cv210, Proxense, LLC V. Samsung
`
`Electronics Co, Ltd Et Al.
`
`The patent owner is reminded of the continuing responsibility under 37 CFR
`
`1.565(a) to apprise the Office of any litigation activity, or other prior or concurrent
`
`proceeding, involving the '730 Patent throughout the course of this reexamination
`
`proceeding. The third party requester is also reminded of the ability to similarly apprise
`
`the Office of any such activity or proceedings throughout the course of this
`
`reexamination proceeding. See MPEP §§ 2207, 2282, and 2286.
`
`References Asserted by PO Requester as Raising SNQs of Patentability
`
`• U.S. Pat. No. 7,188,110 to Ludtke ("Ludtke" or "Ex. 1005") available as
`
`prior art under 35 USC 102(e);
`
`• U.S. Pub. No. 20030196084 to Okereke et al. ("Okereke" or "Ex. 1006")
`
`available as prior art under 35 USC 102(a,e);
`
`• U.S. Pub. No. 20030177102 to Robinson ("Robinson" or "Ex. 1007")
`
`available as prior art under 35 USC 102(a,e); and
`
`• WO 9956429 A2 to Scott ("Scott" or "Ex. 1008") available as prior art
`
`under 35 USC 102(b).
`
`Other
`
`• Declaration of Benjamin F. Goldberg ("Goldberg Dec" or "Ex. 1003").
`
`Patent Owner Exhibit 2021, Page 5 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 4
`
`I.
`
`Lexicographic Definitions
`
`Claim Interpretation
`
`After careful review of the original specification and unless expressly noted otherwise by
`
`the Examiner, the Examiner cannot locate any lexicographic definitions in the original
`
`specification with the required clarity, deliberateness, and precision. Because the
`
`Examiner cannot locate any lexicographic definitions in the original specification with the
`
`required clarity, deliberateness, and precision, the Examiner concludes the Patent
`
`Owner is not their own lexicographer. See MPEP § 2111.01 IV.
`
`II.
`
`'Source' for the 'Broadest Reasonable Interpretation'
`
`For terms not lexicographically defined by Patent Owner, the Examiner hereby
`
`adopts the following interpretation under the broadest reasonable interpretation
`
`standard. In other words, the Examiner has provided the following interpretation simply
`
`as express notice of how she is interpreting particular terms under the broadest
`
`reasonable interpretation standard. Additionally, this interpretation is only a guide to
`
`claim terminology since claim terms must be interpreted in context of the surrounding
`
`claim language. 1
`
`In accordance with In re Morris, 127 F.3d 1048, 1056 (Fed. Cir.
`
`1997), the Examiner points to this other "source" to support her interpretation of the
`
`claims. Finally, the following list is not intended to be exhaustive in any way:
`
`1 While most interpretations are cited because these terms are found in the claims, the Examiner may have provided
`additional interpretations to help interpret words, phrases, or concepts found in the interpretations themselves, the
`'730 Patent, or in the prior art.
`
`Patent Owner Exhibit 2021, Page 6 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 5
`
`Third-party trusted authority "third party n .... 2. One other than the principals
`
`involved in a transaction." THE AMERICAN HERITAGE COLLEGE DICTIONARY 1433
`
`(4th ed. 2004).
`
`Access message: a message/notification indicating the user is allowed access,
`
`or otherwise allowing access (See at least the '730 Patent at 5:23-26, "Authentication
`
`module 310 can send a message to application 330, or otherwise allow access to the
`
`application, responsive to a successful authentication by trusted key authority 320.")
`
`Computer software: "n. computer programs; instructions that make hardware
`
`work ... " Microsoft Press Computer Dictionary, 5th Edition, Microsoft Press, Redmond,
`
`WA, 2002.
`
`File: "n. A complete, named collection of information, such as a program, a set of
`
`data used by a program, or a user-created document. .. " Microsoft Press Computer
`
`Dictionary, 5th Edition, Microsoft Press, Redmond, WA, 2002.
`
`Patent Owner Exhibit 2021, Page 7 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 6
`
`Claim Rejections - 35 USC§ 103
`
`The following is a quotation of pre-AIA 35 U.S.C. 103(a) which forms the basis
`
`for all obviousness rejections set forth in this Office action:
`
`(a) A patent may not be obtained though the invention is not identically disclosed or described
`as set forth in section 102, if the differences between the subject matter sought to be patented
`and the prior art are such that the subject matter as a whole would have been obvious at the
`time the invention was made to a person having ordinary skill in the art to which said subject
`matter pertains. Patentability shall not be negated by the manner in which the invention was
`made.
`
`Claims 1, 2, 4-9, 11, 12, and 14-17 are rejected under pre-AIA 35 U.S.C.
`
`103(a) as being unpatentable over Ludtke and Okereke.
`
`As per claim 1, Ludtke discloses a method for verifying a user during
`authentication of an integrated device, comprising the steps of:
`
`"A method of identifying an authorized user with a biometric device and enabling the
`
`authorized user to access private information over a voice network is disclosed."
`
`(abstract)
`
`persistently storing biometric data of the user and a plurality of codes and other
`data values comprising a device ID code uniquely identifying the integrated
`device and a secret decryption value in a tamper proof format written to a storage
`element on the integrated device that is unable to be subsequently altered;
`
`"If confirmation succeeds, the device writes the fingerprint image data into write-once
`
`memory, or other memory that is protected from accidental modification." (19:35-40)
`
`"The user connects to and performs transactions with the eCommerce system through a
`
`transaction device which has a unique identifier (ID)." (3:32-35)
`
`Patent Owner Exhibit 2021, Page 8 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 7
`
`"The device may also be encoded with a secret PIN code that must be entered to begin
`
`the user-confirmation procedure." (18:61-63)
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27)
`
`"Another embodiment of security in a data structure is shown in FIG. 26 at 2609, where
`
`a different PKI key pair may be used for each set of password data 2616. Thus, in this
`
`structure a phone number 2610, a password ID 2612, a back-end public key 2614, and
`
`password data 2616 are maintained on an individual key basis. Thus, even if one of the
`
`key pairs were compromised, the additional keys would still protect other records in the
`
`device. Although more complex in nature, this complexity may be hidden from the user
`
`by use of automatic updates and back-end programming." (37:57-67; Fig. 26)
`
`"In the embodiment as illustrated in FIG. 26, at 2609 there may be a one-to-one
`
`relationship between a password and a public key owned by the back-end system. A
`
`password exchange protocol may enable the back-end system to demand a password
`
`by its password ID 2612. In response, the device may encrypt the specified password
`
`using the back-end system's public key, and transmit it to the back-end system." (38:1-
`
`8)
`
`"The device and back-end system each have one pair of session keys a public key and
`
`a private key." (38:36-38)
`
`wherein the biometric data is selected from a group consisting of a palm print, a
`retinal scan, an iris scan, a hand geometry, a facial recognition, a signature
`recognition and a voice recognition;
`
`Patent Owner Exhibit 2021, Page 9 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 8
`
`"The identification by the biometric device may be achieved in a variety of ways, as
`
`discussed above. For example, biometric identification, may be, fingerprint, retinal scan,
`
`voice, DNA, hand profile, face recognition, etc." (35:61-64)
`
`responsive to receiving a request for a biometric verification of the user,
`receiving scan data from a biometric scan; comparing the scan data to the
`
`biometric data to determine whether the scan data matches the biometric data;
`
`"At 3102 the user may start a device, such as a digital wallet (OW). At 3104 the OW
`
`checks to see if a fingerprint has been detected. If not then the OW loops back looking
`
`for a fingerprint. If a fingerprint has been detected, then at 3106 a check is made to see
`
`if it matches a stored authorized fingerprint." (39:49-54)
`
`"The consumer access device 2802 has an LCD screen 2804 showing text, a biometric
`
`identification unit, in this embodiment as a Fingerprint Identification Unit (FIU) 2806 and
`
`a touchpad 2808 for user input. The user of the consumer access device 2802 would be
`
`authorized access to the device 2802 if the device recognized the user after the user
`
`had pressed his finger against the FIU 2806." (39:21-27; Figs. 28 and 31)
`
`responsive to a determination that the scan data matches the biometric data,
`wirelessly sending one or more codes from the plurality of codes and the other
`data values for authentication by an agent that is a third-party trusted authority
`
`possessing a list of device ID codes uniquely identifying legitimate integrated
`devices, wherein the one or more codes and other data values includes the
`device ID code; and
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27,
`
`Patent Owner Exhibit 2021, Page 10 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 9
`
`where the unique transaction device ID value is the one or more codes that is wirelessly
`
`sent)
`
`"In order to maintain confidentiality of the identity of the user, the transaction device
`
`information does not provide user identification information. Thus, the vendor or other
`
`entities do not have user information but rather transaction device information. The
`
`TPCH 110 maintains a secure database of transaction device information and user
`
`information." (6:45-51)
`
`"The user connects to and performs transactions with the eCommerce system through a
`
`transaction device which has a unique identifier (ID) ... The transaction device, e.g., the
`
`privacy card, is the identity that may be known to a vendor. The highly secured location,
`
`accessible through or part of a transaction processing clearing house (TPCH), provides
`
`the transaction processing clearing house the information necessary to authorize a
`
`transaction. For example, the transaction processing clearing house may access
`
`relevant account information to authorize transactions. However, the identity of the user
`
`is not revealed externally so that confidentiality of the user's identity is maintained."
`
`(3:32-47)
`
`"In this embodiment, a transaction privacy clearing house (TPCH) 110 interfaces a user
`
`120 and a vendor 125. In this particular embodiment, a transaction device, e.g., a
`
`privacy card 130, is used to maintain the privacy of the user while enabling the user to
`
`perform transactions. The transaction device information is provided to the TPCH 110
`
`that then indicates to the vendor 125 and the user 120 approval of the transaction to be
`
`performed." (6:36-44)
`
`"One embodiment of the TPCH 600 is illustrated by FIG. 6. The incoming
`
`communications mechanism 605 and outgoing communications mechanism 610 are the
`
`means of communicating with external retailers and vendors, as well as the transaction
`
`device such as the digital wallet. A variety of communication devices may be used, such
`
`Patent Owner Exhibit 2021, Page 11 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 1 O
`
`as the Internet, direct dial-up modem connections, wireless or cellular signals, etc."
`
`(9:35-42)
`
`COMMERCE GEllsRl\l AI\CHffECTURf
`
`F!G. 1
`
`...,__...,,. il1Ar~SAt:r:1.m SY~ll"M MC:KWi~~
`-+ - - , ft-KIB;::.N\C 'JfSTF11!ll.ii10:I~ -::~~~t'llEi.
`........- -- FH~'s:c:,,1. 3fST~::}UJ!C!~ ~/:'M.!N£:..
`
`Fig. 1 of Ludtke showing the transaction privacy clearing house (TPCH) (110) (i.e. third(cid:173)
`
`party trusted authority) separate from the consumer (120) and vendors (125)
`
`Ludtke discloses use of a device ID, secret PIN codes, and private keys to
`
`authorize users as discussed above. Ludtke further discloses sending the device ID to
`
`the TPCH as part of the transaction as discussed above; however, if Ludtke is seen as
`
`not describing the specific "transaction device information" that is provided to the TPCH
`
`or storing the secret decryption value, Okereke discloses this.
`
`"In so doing, a unique identifier for the wireless product to be employed is passed
`
`as at 210 to the proxy server 125 program for authorization. The wireless product 165
`
`can be a personal digital assistant (PDA), laptop, cellular telephone or any other device
`
`capable of remote wireless communication. The unique identifier can be a serial number
`
`or SIM. number, for example. If the unique identifier is one which the proxy server
`
`program identifies as being acceptable, the proxy server program will send approval as
`
`at 220 to the desktop 140, which executes functionality to make a key exchange as at
`
`225, such as, for example, a Diffie Hellman Key Exchange. This key is used to encrypt
`
`information sent to the server using AES (Advanced Encryption Standard) ... In another
`
`Patent Owner Exhibit 2021, Page 12 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 11
`
`embodiment, this key is used as part of a shared secret between the server and the
`
`client. This shared secret is used to generate a session key. The new session key
`
`ensures that conversations cannot be eavesdropped if the key has been compromised."
`
`(10025)
`"The wireless device 165 is provided with a memory, processor, and input/output
`
`means as is commonly known. Using the session key, the user can then encrypt
`
`credential information, its PKI certificate 180 and private key, and forward this
`
`information to the proxy server 125 as at 230 in FIGS. 4 and 5. In one embodiment of
`
`the invention, the encrypted information is sent to the proxy server via secure IP
`
`network. The credential information or authentication measure can be something the
`
`user has (such as a swipe card), something the user is (such as represented by a
`
`fingerprint scan), or something the user knows (such as a password or pass phrase). In
`
`one embodiment, the credential information is a user name and password." (,T0026)
`
`Okereke and Ludtke are analogous references as both are concerned with
`
`user/device authentication and secure communications/transactions. (Ludtke, abstract;
`
`Okereke, abstract)
`
`At the time of the invention, it would have been obvious to a person of ordinary
`
`skill in the art to modify Ludtke to have the "transaction device information" include a
`
`device ID as well as store secret decryption value as doing so provides additional data
`
`with which to authenticate the user/device before allowing subsequent transactions.
`
`(Ludtke, 37:29-43, "Because of the sensitive nature of the information being transferred,
`
`such as access codes, PINs, etc., it may be desired to use a secure communication
`
`means and/or encryption to lessen the possibility of unauthorized use of the
`
`information.")
`
`responsive to authentication of the one or more codes and the other data values
`
`by the agent, receiving an access message from the agent allowing the user
`access to an application, wherein the application is selected from a group
`consisting of a casino machine, a keyless lock, a garage door opener, an ATM
`machine, a hard drive, computer software, a web site and a file.
`
`Patent Owner Exhibit 2021, Page 13 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 12
`
`"transaction device information is provided to the TPCH 110 that then indicates to the
`vendor 125 and the user 120 approval of the transaction to be performed" (6:41-44).
`
`"TPCH, at step 1520, confirms the transaction and provides the confirmation to the
`vendor and the user. At step 1525, the vendor completes the transaction without the
`knowledge of the user'' (27: 13-16)
`
`"After verifying the user, the transaction device displays the collection of eCoupons that
`the user requested on its display screen, step 1607." (27:31-33)
`
`Here, after the user is authenticated, the user has access to a collection of
`
`eCoupons, which are digital files.
`
`"Secure distribution of physical (or electronic) content to the user is performed once the
`transaction is authorized." (29:29-30)
`
`"If the product purchased is electronic in nature (e.g., software, content such as digital
`images, stock purchases, etc.) electronic distribution may be used. In one embodiment
`of electronic distribution, the TPCH 110 functions as the middleman of the distribution
`channel. This allows the TPCH 110 to retain user privacy by not exposing addressing
`information and possibly email addresses to third parties. In an embodiment which
`utilizes a POS terminal and a POS terminal is used for distribution, the content may be
`encrypted at the source and distributed via the system to the POS terminal wherein the
`POS terminal subsequently decrypts the distributed material. The POS terminal may
`then pass the data to an appropriate place desired by the user, for example, to a user
`controlled device such as PC storage, a digital wallet or a privacy card." (7:42-56)
`
`In this embodiment, the user would have access to the digital product after they
`
`have been authenticated. The digital product can include software and digital images.
`
`As per claim 2, Ludtke discloses the method of claim 1, wherein the one or more
`codes and the other data values are transmitted to the agent over a network.
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27,
`
`where the unique transaction device ID value is the one or more codes that is
`
`transmitted to the agent over the network)
`
`Patent Owner Exhibit 2021, Page 14 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 13
`
`"One embodiment of the TPCH 600 is illustrated by FIG. 6. The incoming
`
`communications mechanism 605 and outgoing communications mechanism 610 are the
`
`means of communicating with external retailers and vendors, as well as the transaction
`
`device such as the digital wallet. A variety of communication devices may be used, such
`
`as the Internet, direct dial-up modem connections, wireless or cellular signals, etc."
`
`(9:35-42)
`
`"One embodiment of a system is illustrated in FIG. 1. In this embodiment, a transaction
`
`privacy clearing house (TPCH) 110 interfaces a user 120 and a vendor 125. In this
`
`particular embodiment, a transaction device, e.g., a privacy card 130, is used to
`
`maintain the privacy of the user while enabling the user to perform transactions. The
`
`transaction device information is provided to the TPCH 110 that then indicates to the
`
`vendor 125 and the user 120 approval of the transaction to be performed." (6:36-44)
`
`As per claim 4, Ludtke discloses the method of claim 1, wherein the one or more
`codes and the other data values indicate that the biometric verification was
`successful.
`
`"At 3102 the user may start a device, such as a digital wallet (DW). At 3104 the DW
`
`checks to see if a fingerprint has been detected. If not then the DW loops back looking
`
`for a fingerprint. If a fingerprint has been detected, then at 3106 a check is made to see
`
`if it matches a stored authorized fingerprint." (39:49-54)
`
`"The consumer access device 2802 has an LCD screen 2804 showing text, a biometric
`
`identification unit, in this embodiment as a Fingerprint Identification Unit (FIU) 2806 and
`
`a touchpad 2808 for user input. The user of the consumer access device 2802 would be
`
`authorized access to the device 2802 if the device recognized the user after the user
`
`had pressed his finger against the FIU 2806." (39:21-27; Figs. 28 and 31)
`
`Patent Owner Exhibit 2021, Page 15 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 14
`
`As per claim 5, Ludtke discloses the method of claim 1, wherein the biometric data
`and the scan data are both based on a fingerprint scan by the user.
`
`"The identification by the biometric device may be achieved in a variety of ways, as
`
`discussed above. For example, biometric identification, may be, fingerprint, retinal scan,
`
`voice, DNA, hand profile, face recognition, etc." (35:61-64)
`
`As per claim 6, Ludtke discloses the method of claim 1, further comprising:
`establishing a secure communication channel prior to sending the one or more
`codes and the other data values for authentication.
`
`"The security management function 620 ensures secure communications among the
`
`components internal to the TPCH 600 and the entities external to the TPCH 600. This
`
`function includes participating in secure communications protocols to open and maintain
`
`secure connections. This ensures that only authorized entities are allowed access to
`
`data and that only authorized transaction devices can execute transactions against a
`
`user's account." (9:52-59)
`
`As per claim 7, Ludtke discloses the method of claim 1, further comprising:
`receiving a request for the one or more codes and the other data values without a
`request for biometric verification; and responsive to receiving the request for the
`one or more codes and the other data values without a request for biometric
`
`verification, sending the one or more codes and the other data values without
`requesting the scan data.
`
`Per the Goldberg Dec, Ludtke envisions using different forms of authentication other
`
`than biometric information. In the situation where a PIN was used, there would be no
`
`need for a request for biometric information. (190)
`
`"The transaction device enhances security by authenticating the user of the card prior to
`
`usage such that if a card is lost or stolen, it is useless in the hands of an unauthorized
`
`Patent Owner Exhibit 2021, Page 16 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 15
`
`person. One means of authentication is some kind of PIN code entry. Alternately,
`
`authentication may be achieved by using more sophisticated technologies such as a
`
`biometric solution (e.g., fingerprint recognition)." (4:65-5:1)
`
`Claim 8 recites substantially similar subject matter to that of claim 1; therefore,
`claim 8 is rejected based on the same rationale as claim 1.
`
`Further, the "verification unit" will be the portion of memory and instructions that verify
`
`the biometric information. (Goldberg Dec 194). A POSITA would recognize that the
`
`verification unit would be in communication with the memory, since the biometric
`
`information that the verification unit compares with received biometric information is
`
`stored in the memory for comparison. (Id.)
`
`As per claim 9, Ludtke discloses the integrated device of claim 8, wherein the one
`
`or more codes and the other data values are transmitted to the agent over a
`network.
`
`See Claim 2.
`
`As per claim 11, Ludtke discloses the integrated device of claim 8, wherein the
`verifier comprises: an LED to be activated for requesting the biometric scan.
`
`Per the Goldberg Dec, Ludtke discloses notifications to request a biometric scan and it
`
`would be obvious to use an LED. In describing the fingerprint scanner, Ludtke indicates
`
`that at "various times during interaction, the user is prompted to supply a fingerprint
`
`recognition sample." (14:40-42) A POSITA would recognize that the prompt can be in a
`
`number of ways that would be consistent with alerts on a mobile device. One of the
`common alert mechanisms in a mobile device is an LED. (Goldberg Dec 197)
`
`Ludtke further discloses a user interface (Fig. 28) with a screen asking the user what
`
`they wish to do:
`
`Patent Owner Exhibit 2021, Page 17 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 16
`
`What do you wiSh to do?
`
`A~~ess Dialinti Code
`View Balances
`
`Credit cards
`
`,
`F!U
`
`'
`2806
`
`r
`T,:mchpad
`
`....
`
`..I
`
`\..
`
`FIG. 28
`
`I !
`
`!
`
`I
`
`2804
`
`',
`
`2&l8
`
`,;
`i@2
`
`A POSITA would have recognized that user interface screens such as these are very
`
`often implemented with an LED screen, and an LED screen would be the obvious and
`
`well known choice for alerting the user.
`
`Claim 12 recites substantially similar subject matter to that of claim 1; therefore,
`
`claim 12 is rejected based on the same rationale as claim 1.
`
`Further, since the claim does not indicate what "receives" the one or more codes, the
`
`receiver can be the device itself, a memory or processor on the device, or another
`
`device receiving codes. (Goldberg Dec, ,r101) Additionally, users are biometrically
`
`verified through the use of fingerprint data to secure the device. (Id.)
`
`As per claim 14, Ludtke discloses the method of claim 12, further comprising:
`
`establishing a secure communications channel with a biometric key, wherein the
`one or more codes and the other data values associated with the biometrically
`verified user is received from the biometric key.
`
`Patent Owner Exhibit 2021, Page 18 of 32
`
`

`

`Application/Control Number: 90/015,052
`Art Unit: 3992
`
`Page 17
`
`"The transaction device enhances security by authenticating the user of the card prior to
`
`usage such that if a card is lost or stolen, it is useless in the hands of an unauthorized
`
`person. One means of authentication is some kind of PIN code entry. Alternately,
`
`authentication may be achieved by using more sophisticated technologies such as a
`
`biometric solution (e.g., fingerprint recognition)." (4:65-5:1)
`
`Claims 3, 10 and 13 are rejected under pre-AIA 35 U.S.C. 103(a) as being
`
`unpatentable over Ludtke, O