UNITED STATES PA TENT AND TRADEMARK OFFICE
`
`UNITED STATES DEPARTMENT OF COMMERCE
`United States Patent and Trademark Office
`Address: COMMISSIONERFORPATENTS
`P.O. Box 1450
`Alexandria, Virginia 22313-1450
`www.uspto.gov
`
`APPLICATION NO.
`
`FILING DATE
`
`FIRST NAMED INVENTOR
`
`ATTORNEY DOCKET NO.
`
`CONFIRMATION NO.
`
`90/015,052
`
`06/08/2022
`
`8352730
`
`02198-00080
`
`9657
`
`7590
`142179
`Hard IP LLC (General)
`10 Notch Hill Drive
`Livingston, NJ 07039
`
`09/12/2024
`
`EXAMINER
`
`TARAE, CATHERINE MICHELLE
`
`ART UNIT
`
`PAPER NUMBER
`
`3992
`
`MAIL DATE
`
`DELIVERY MODE
`
`09/12/2024
`
`PAPER
`
`Please find below and/or attached an Office communication concerning this application or proceeding.
`
`The time period for reply, if any, is set in the attached communication.
`
`PTOL-90A (Rev. 04/07)
`
`Patent Owner Exhibit 2025, Page 1 of 35
`
`

`

`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`Commissioner for Patents
`United States Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`www.uspto.gov
`
`DO NOT USE IN PALM PRINTER
`
`(THIRD PARTY REQUESTER'S CORRESPONDENCE ADDRESS)
`
`Quinn Emanuel Urquhart & Sullivan LLP
`c/o James M. Glass
`51 Madison Ave.
`22nd Floor
`New York, NY 10010
`
`EX PARTEREEXAMINATION COMMUNICATION TRANSMITTAL FORM
`
`REEXAMINATION CONTROL NO. 90/015,052.
`
`PATENT UNDER REEXAMINATION 8352730.
`
`ART UNIT 3992.
`
`Enclosed is a copy of the latest communication from the United States Patent and Trademark
`Office in the above identified ex parte reexamination proceeding (37 CFR 1.550(f)).
`
`Where this copy is supplied after the reply by requester, 37 CFR 1.535, or the time for filing a
`reply has passed, no submission on behalf of the ex parte reexamination requester will be
`acknowledged or considered (37 CFR 1.550(g)).
`
`PTOL-465 (Rev.07-04)
`
`Patent Owner Exhibit 2025, Page 2 of 35
`
`

`

`Office Action in Ex Parle Reexamination
`
`Control No.
`90/015,052
`
`Examiner
`C. Michelle Tarae
`
`Patent Under Reexamination
`8352730
`
`Art Unit
`3992
`
`AIA (FITF) Status
`No
`
`-- The MAILING DA TE of this communication appears on the cover sheet with the correspondence address -(cid:173)
`
`a. ~ Responsive to the communication(s) filed on 02 November 2022.
`0 A declaration(s)/affidavit(s) under 37 CFR 1.130(b) was/were filed on __ .
`
`b. 0 This action is made FINAL.
`
`c. 0 A statement under 37 CFR 1.530 has not been received from the patent owner.
`
`A shortened statutory period for response to this action is set to expire 2 month(s) from the mailing date of this letter.
`Failure to respond within the period for response will result in termination of the proceeding and issuance of an ex parte reexamination
`certificate in accordance with this action. 37 CFR 1.550(d). EXTENSIONS OF TIME ARE GOVERNED BY 37 CFR 1.550(c).
`If the period for response specified above is less than thirty (30) days, a response within the statutory minimum of thirty (30) days
`will be considered timely.
`
`Part I
`THE FOLLOWING ATTACHMENT(S) ARE PART OF THIS ACTION:
`1. 0 Notice of References Cited by Examiner, PTO-892.
`3. 0
`2. 0 Information Disclosure Statement, PTO/SB/08.
`4. 0
`
`Interview Summary, PTO-474.
`
`Part II
`
`SUMMARY OF ACTION
`
`1 a. ~ Claims 1-17 are subject to reexamination.
`
`1 b. □
`
`Claims __ are not subject to reexamination.
`
`2. □
`
`Claims __ have been canceled in the present reexamination proceeding.
`
`3. □
`
`Claims __ are patentable and/or confirmed.
`
`Claims 1-17 are rejected.
`
`Claims __ are objected to.
`
`The drawings, filed on __ are acceptable.
`
`0 disapproved.
`
`4. ~
`5. □
`6. □
`0 approved (7b)
`7. □ The proposed drawing correction, filed on __ has been (7a)
`8. □ Acknowledgment is made of the priority claim under 35 U.S.C. 119(a)-(d) or (f).
`a) 0 All b)
`0 Some* c) 0 None
`of the certified copies have
`1 0 been received.
`2 0 not been received.
`3 0 been filed in Application No. __
`4 0 been filed in reexamination Control No. - -
`5 0 been received by the International Bureau in PCT application No. __
`* See the attached detailed Office action for a list of the certified copies not received.
`9. 0 Since the proceeding appears to be in condition for issuance of an ex parte reexamination certificate except for formal
`matters, prosecution as to the merits is closed in accordance with the practice under ExparteQuayle, 1935 C.D.
`11, 453 O.G. 213.
`
`10. 0 Other:
`
`cc: Requester (if third oartv requester)
`U.S. Patent and Trademark Office
`PTOL-466 (Rev. 08-13)
`
`Office Action in Ex Parte Reexamination
`
`Part of Paper No.
`
`20240906
`
`Patent Owner Exhibit 2025, Page 3 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 2
`
`EX PARTE REEXAMINATION NON-FINAL OFFICE ACTION
`
`A substantial new question (SNQ) of patentability affecting claims 1-17 of U.S.
`
`Pat. No. 8,352,730 to Giobbi ("the '730 Patent") was raised by the Request for Ex Parte
`
`reexamination filed June 8, 2022 ("Request") by Samsung Electronics America, Inc.
`
`("Requester").
`
`Claims 1-17 are reexamined below.
`
`Prior and Concurrent Proceedings and Litigation
`
`Examiner notes related ex parte reexamination filings: 90/015,053 (Appeal Brief
`
`filed July 3, 2024) and 90/015,054 (Order granted on August 2, 2022).
`
`Examiner further notes:
`
`•
`
`IPR2021-01444, which concluded with a Denial of Institution in which the PTAB
`
`indicated Petitioner did not show a reasonable likelihood of prevailing because
`
`Petitioner did not show persuasively that the references taught a "third-party
`
`trusted authority."
`
`IPR2024-00232, trial instituted.
`
`IPR2024-00775, pending.
`
`IPR2024-01326, pending.
`
`IPR2024-01333, pending.
`
`•
`
`•
`
`•
`
`•
`
`The '730 Patent is also the subject of 6:21cv210, Proxense, LLC V. Samsung
`
`Electronics Co, Ltd Et Al.
`
`The patent owner is reminded of the continuing responsibility under 37 CFR
`
`1.565(a) to apprise the Office of any litigation activity, or other prior or concurrent
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 4 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 3
`
`proceeding, involving the '730 Patent throughout the course of this reexamination
`
`proceeding. The third party requester is also reminded of the ability to similarly apprise
`
`the Office of any such activity or proceedings throughout the course of this
`
`reexamination proceeding. See MPEP §§ 2207, 2282, and 2286.
`
`References Asserted by PO Requester as Raising SNQs of Patentability
`
`• U.S. Pat. No. 7,188,110 to Ludtke ("Ludtke" or "Ex. 1005") available as
`
`prior art under 35 USC 102(e);
`
`• U.S. Pub. No. 20030196084 to Okereke et al. ("Okereke" or "Ex. 1006")
`
`available as prior art under 35 USC 102(a,e);
`
`• U.S. Pub. No. 20030177102 to Robinson ("Robinson" or "Ex. 1007")
`
`available as prior art under 35 USC 102(a,e); and
`
`• WO 9956429 A2 to Scott ("Scott" or "Ex. 1008") available as prior art
`
`under 35 USC 102(b).
`
`Other
`
`• Declaration of Benjamin F. Goldberg ("Goldberg Dec" or "Ex. 1003").
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 5 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`I.
`
`Lexicographic Definitions
`
`Claim Interpretation
`
`Page 4
`
`After careful review of the original specification and unless expressly noted otherwise by
`
`the Examiner, the Examiner cannot locate any lexicographic definitions in the original
`
`specification with the required clarity, deliberateness, and precision. Because the
`
`Examiner cannot locate any lexicographic definitions in the original specification with the
`
`required clarity, deliberateness, and precision, the Examiner concludes the Patent
`
`Owner is not their own lexicographer. See MPEP § 2111.01 IV.
`
`II.
`
`'Source' for the 'Broadest Reasonable Interpretation'
`
`For terms not lexicographically defined by Patent Owner, the Examiner hereby
`
`adopts the following interpretation under the broadest reasonable interpretation
`
`standard. In other words, the Examiner has provided the following interpretation simply
`
`as express notice of how she is interpreting particular terms under the broadest
`
`reasonable interpretation standard. Additionally, this interpretation is only a guide to
`
`claim terminology since claim terms must be interpreted in context of the surrounding
`
`claim language. 1
`
`In accordance with In re Morris, 127 F.3d 1048, 1056 (Fed. Cir.
`
`1997), the Examiner points to this other "source" to support her interpretation of the
`
`claims. Finally, the following list is not intended to be exhaustive in any way:
`
`1 While most interpretations are cited because these terms are found in the claims, the Examiner may have provided
`additional interpretations to help interpret words, phrases, or concepts found in the interpretations themselves, the
`'730 Patent, or in the prior art.
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 6 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 5
`
`Third-party trusted authority: "third party n .... 2. One other than the principals
`
`involved in a transaction." THE AMERICAN HERITAGE COLLEGE DICTIONARY 1433
`
`(4th ed. 2004).
`
`Ill.
`
`35 U.S.C. 112(f)
`
`The following is a quotation of 35 U.S.C. 112(f):
`
`(f) Element in Claim for a Combination. - An element in a claim for a combination may be
`expressed as a means or step for performing a specified function without the recital of
`structure, material, or acts in support thereof, and such claim shall be construed to cover the
`corresponding structure, material, or acts described in the specification and equivalents
`thereof.
`
`The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
`
`An element in a claim for a combination may be expressed as a means or step for performing
`a specified function without the recital of structure, material, or acts in support thereof, and
`such claim shall be construed to cover the corresponding structure, material, or acts
`described in the specification and equivalents thereof.
`
`The claims in this application are given their broadest reasonable interpretation
`
`using the plain meaning of the claim language in light of the specification as it would be
`
`understood by one of ordinary skill in the art. The broadest reasonable interpretation of
`
`a claim element (also commonly referred to as a claim limitation) is limited by the
`
`description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth
`
`paragraph, is invoked.
`
`As explained in MPEP § 2181, subsection I, claim limitations that meet the
`
`following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35
`
`U.S.C. 112, sixth paragraph:
`
`(A)
`
`the claim limitation uses the term "means" or "step" or a term used as a substitute
`
`for "means" that is a generic placeholder (also called a nonce term or a non-
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 7 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 6
`
`structural term having no specific structural meaning) for performing the claimed
`
`function;
`
`(B)
`
`the term "means" or "step" or the generic placeholder is modified by functional
`
`language, typically, but not always linked by the transition word "for'' (e.g.,
`
`"means for'') or another linking word or phrase, such as "configured to" or "so
`
`that"; and
`
`(C)
`
`the term "means" or "step" or the generic placeholder is not modified by sufficient
`
`structure, material, or acts for performing the claimed function.
`
`Use of the word "means" (or "step") in a claim with functional language creates a
`
`rebuttable presumption that the claim limitation is to be treated in accordance with 35
`
`U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim
`
`limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth
`
`paragraph, is rebutted when the claim limitation recites sufficient structure, material, or
`
`acts to entirely perform the recited function.
`
`Absence of the word "means" (or "step") in a claim creates a rebuttable
`
`presumption that the claim limitation is not to be treated in accordance with 35 U.S.C.
`
`112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim
`
`limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth
`
`paragraph, is rebutted when the claim limitation recites function without reciting
`
`sufficient structure, material or acts to entirely perform the recited function.
`
`Claim limitations in this application that use the word "means" (or "step") are
`
`being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph,
`
`except as otherwise indicated in an Office action. Conversely, claim limitations in this
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 8 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 7
`
`application that do not use the word "means" (or "step") are not being interpreted under
`
`35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise
`
`indicated in an Office action.
`
`This application includes one or more claim limitations that do not use the word
`
`"means," but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35
`
`U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder
`
`that is coupled with functional language without reciting sufficient structure to perform
`
`the recited function and the generic placeholder is not preceded by a structural modifier.
`
`Such claim limitations are:
`
`In claim 8:
`
`verification unit (generic placeholder)
`
`in communication with the memory, receives scan data from a biometric scan for
`
`comparison against the biometric data, and if the scan data matches the biometric data,
`
`wirelessly sends one or more codes from the plurality of codes and the other data
`
`values for authentication by an agent that is a third-party trusted authority possessing a
`
`list of device ID codes uniquely identifying legitimate integrated devices, wherein the
`
`one or more codes and the other data values includes the device ID code (functional
`
`language without reciting sufficient structure to perform the recited function)
`
`structure/algorithm in the specification - See at least 4:13-23; Fig. 2 and
`
`associated discussion
`
`In claim 15:
`
`authentication unit (generic placeholder)
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 9 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 8
`
`receives the plurality of codes and the other data values and send the plurality of
`
`codes and the other data values to agent for authentication to determine whether the
`
`one or more codes and the other data values are legitimate, wherein the agent is a
`
`third-party trusted authority possessing a list of device ID codes uniquely identifying
`
`legitimate integrated devices, and responsive to the device ID code being authenticated,
`
`the authentication unit receiving an access message from the agent allowing the user to
`
`access an application (functional language without reciting sufficient structure to
`
`perform the recited function)
`
`structure/algorithm in the specification - See at least abstract; 5:8-26; Fig.3 and
`
`associated discussion
`
`Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C.
`
`112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to
`
`cover the corresponding structure described in the specification as performing the
`
`claimed function, and equivalents thereof.
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 10 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 9
`
`Claim Rejections - 35 USC§ 103
`
`The following is a quotation of pre-AIA 35 U.S.C. 103(a) which forms the basis
`
`for all obviousness rejections set forth in this Office action:
`
`(a) A patent may not be obtained though the invention is not identically disclosed or described
`as set forth in section 102, if the differences between the subject matter sought to be patented
`and the prior art are such that the subject matter as a whole would have been obvious at the
`time the invention was made to a person having ordinary skill in the art to which said subject
`matter pertains. Patentability shall not be negated by the manner in which the invention was
`made.
`
`Claims 1, 2, 4-9, 11, 12, and 14-17 are rejected under pre-AIA 35 U.S.C.
`
`103(a) as being unpatentable over Ludtke and Okereke.
`
`As per claim 1, Ludtke discloses a method for verifying a user during
`authentication of an integrated device, comprising the steps of:
`
`"A method of identifying an authorized user with a biometric device and enabling the
`
`authorized user to access private information over a voice network is disclosed."
`
`(abstract)
`
`persistently storing biometric data of the user and a plurality of codes and other
`data values comprising a device ID code uniquely identifying the integrated
`device and a secret decryption value in a tamper proof format written to a storage
`element on the integrated device that is unable to be subsequently altered;
`
`"If confirmation succeeds, the device writes the fingerprint image data into write-once
`
`memory, or other memory that is protected from accidental modification." (19:35-40)
`
`"The user connects to and performs transactions with the eCommerce system through a
`
`transaction device which has a unique identifier (ID)." (3:32-35)
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 11 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 1 O
`
`"The device may also be encoded with a secret PIN code that must be entered to begin
`
`the user-confirmation procedure." (18:61-63)
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27)
`
`"Another embodiment of security in a data structure is shown in FIG. 26 at 2609, where
`
`a different PKI key pair may be used for each set of password data 2616. Thus, in this
`
`structure a phone number 2610, a password ID 2612, a back-end public key 2614, and
`
`password data 2616 are maintained on an individual key basis. Thus, even if one of the
`
`key pairs were compromised, the additional keys would still protect other records in the
`
`device. Although more complex in nature, this complexity may be hidden from the user
`
`by use of automatic updates and back-end programming." (37:57-67; Fig. 26)
`
`"In the embodiment as illustrated in FIG. 26, at 2609 there may be a one-to-one
`
`relationship between a password and a public key owned by the back-end system. A
`
`password exchange protocol may enable the back-end system to demand a password
`
`by its password ID 2612. In response, the device may encrypt the specified password
`
`using the back-end system's public key, and transmit it to the back-end system." (38: 1-
`
`8)
`
`"The device and back-end system each have one pair of session keys a public key and
`
`a private key." (38:36-38)
`
`wherein the biometric data is selected from a group consisting of a palm print, a
`retinal scan, an iris scan, a hand geometry, a facial recognition, a signature
`recognition and a voice recognition;
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 12 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 11
`
`"The identification by the biometric device may be achieved in a variety of ways, as
`
`discussed above. For example, biometric identification, may be, fingerprint, retinal scan,
`
`voice, DNA, hand profile, face recognition, etc." (35:61-64)
`
`responsive to receiving a request for a biometric verification of the user,
`receiving scan data from a biometric scan; comparing the scan data to the
`
`biometric data to determine whether the scan data matches the biometric data;
`
`"At 3102 the user may start a device, such as a digital wallet (OW). At 3104 the OW
`
`checks to see if a fingerprint has been detected. If not then the OW loops back looking
`
`for a fingerprint. If a fingerprint has been detected, then at 3106 a check is made to see
`
`if it matches a stored authorized fingerprint." (39:49-54)
`
`"The consumer access device 2802 has an LCD screen 2804 showing text, a biometric
`
`identification unit, in this embodiment as a Fingerprint Identification Unit (FIU) 2806 and
`
`a touchpad 2808 for user input. The user of the consumer access device 2802 would be
`
`authorized access to the device 2802 if the device recognized the user after the user
`
`had pressed his finger against the FIU 2806." (39:21-27; Figs. 28 and 31)
`
`responsive to a determination that the scan data matches the biometric data,
`wirelessly sending one or more codes from the plurality of codes and the other
`data values for authentication by an agent that is a third-party trusted authority
`
`possessing a list of device ID codes uniquely identifying legitimate integrated
`devices, wherein the one or more codes and other data values includes the
`device ID code; and
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27,
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 13 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 12
`
`where the unique transaction device ID value is the one or more codes that is wirelessly
`
`sent)
`
`"In order to maintain confidentiality of the identity of the user, the transaction device
`
`information does not provide user identification information. Thus, the vendor or other
`
`entities do not have user information but rather transaction device information. The
`
`TPCH 110 maintains a secure database of transaction device information and user
`
`information." (6:45-51)
`
`"The user connects to and performs transactions with the eCommerce system through a
`
`transaction device which has a unique identifier (ID) ... The transaction device, e.g., the
`
`privacy card, is the identity that may be known to a vendor. The highly secured location,
`
`accessible through or part of a transaction processing clearing house (TPCH), provides
`
`the transaction processing clearing house the information necessary to authorize a
`
`transaction. For example, the transaction processing clearing house may access
`
`relevant account information to authorize transactions. However, the identity of the user
`
`is not revealed externally so that confidentiality of the user's identity is maintained."
`
`(3:32-47)
`
`"In this embodiment, a transaction privacy clearing house (TPCH) 110 interfaces a user
`
`120 and a vendor 125. In this particular embodiment, a transaction device, e.g., a
`
`privacy card 130, is used to maintain the privacy of the user while enabling the user to
`
`perform transactions. The transaction device information is provided to the TPCH 11 0
`
`that then indicates to the vendor 125 and the user 120 approval of the transaction to be
`
`performed." (6:36-44)
`
`"One embodiment of the TPCH 600 is illustrated by FIG. 6. The incoming
`
`communications mechanism 605 and outgoing communications mechanism 610 are the
`
`means of communicating with external retailers and vendors, as well as the transaction
`
`device such as the digital wallet. A variety of communication devices may be used, such
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 14 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 13
`
`as the Internet, direct dial-up modem connections, wireless or cellular signals, etc."
`
`(9:35-42)
`
`COMMERCE 6EllERI\L AI\CHffECTUflf
`
`~--~~~D '~-,,,
`
`l~~
`
`FIG. 1
`
`..,_..... -- T~At~SACT:,;<r',1 S~'~U"M lll'>.CK!Wr~~
`-+ - ...... ,,H.;.;;f8,UN{: J)ISTt\tBllit~r.i ij-1,,:.,.~.i~E:t
`..,.. ___ .- fl-f{~:c:-.i.. :JfSTti:~ll!)C!~ .:.::~-~mt:..
`
`Fig. 1 of Ludtke showing the transaction privacy clearing house (TPCH) (110) (i.e. third(cid:173)
`
`party trusted authority) separate from the consumer (120) and vendors (125)
`
`Ludtke discloses use of a device ID, secret PIN codes, and private keys to
`
`authorize users as discussed above. Ludtke further discloses sending the device ID to
`
`the TPCH as part of the transaction as discussed above; however, if Ludtke is seen as
`
`not describing the specific "transaction device information" that is provided to the TPCH
`
`or storing the secret decryption value, Okereke discloses this.
`
`"In so doing, a unique identifier for the wireless product to be employed is passed
`
`as at 210 to the proxy server 125 program for authorization. The wireless product 165
`
`can be a personal digital assistant (PDA), laptop, cellular telephone or any other device
`
`capable of remote wireless communication. The unique identifier can be a serial number
`
`or SIM. number, for example. If the unique identifier is one which the proxy server
`
`program identifies as being acceptable, the proxy server program will send approval as
`
`at 220 to the desktop 140, which executes functionality to make a key exchange as at
`
`225, such as, for example, a Diffie Hellman Key Exchange. This key is used to encrypt
`
`information sent to the server using AES (Advanced Encryption Standard) ... In another
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 15 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 14
`
`embodiment, this key is used as part of a shared secret between the server and the
`
`client. This shared secret is used to generate a session key. The new session key
`
`ensures that conversations cannot be eavesdropped if the key has been compromised."
`
`(10025)
`"The wireless device 165 is provided with a memory, processor, and input/output
`
`means as is commonly known. Using the session key, the user can then encrypt
`
`credential information, its PKI certificate 180 and private key, and forward this
`
`information to the proxy server 125 as at 230 in FIGS. 4 and 5. In one embodiment of
`
`the invention, the encrypted information is sent to the proxy server via secure IP
`
`network. The credential information or authentication measure can be something the
`
`user has (such as a swipe card), something the user is (such as represented by a
`
`fingerprint scan), or something the user knows (such as a password or pass phrase). In
`
`one embodiment, the credential information is a user name and password." (10026)
`
`Okereke and Ludtke are analogous references as both are concerned with
`
`user/device authentication and secure communications/transactions. (Ludtke, abstract;
`
`Okereke, abstract)
`
`At the time of the invention, it would have been obvious to a person of ordinary
`
`skill in the art to modify Ludtke to have the "transaction device information" include a
`
`device ID as well as store secret decryption value as doing so provides additional data
`
`with which to authenticate the user/device before allowing subsequent transactions.
`
`(Ludtke, 37:29-43, "Because of the sensitive nature of the information being transferred,
`
`such as access codes, PINs, etc., it may be desired to use a secure communication
`
`means and/or encryption to lessen the possibility of unauthorized use of the
`
`information.")
`
`responsive to authentication of the one or more codes and the other data values
`
`by the agent, receiving an access message from the agent allowing the user
`access to an application, wherein the application is selected from a group
`consisting of a casino machine, a keyless lock, a garage door opener, an ATM
`machine, a hard drive, computer software, a web site and a file.
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 16 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 15
`
`"The memory/info stick driver 952 allows the digital wallet to accept memory stick and
`
`info stick devices. The info stick is mechanism that puts a CPU, ROM/RAM, etc. on a
`
`memory stick device. By inserting an info stick into the digital wallet, the functionality of
`
`the wallet device can be extended with the functions of the info stick." (16:57-62)
`
`"In addition to the eCommerce functionality, the digital wallet may be configured to
`
`provide other functional capabilities. For example, the digital wallet can be configured to
`
`contain extra user information, such as passport numbers or medical records. The
`
`digital wallet may contain personal digital assistant functionality such as a calendar. An
`
`extra memory slot can be used to insert memory cards containing digital photo albums
`
`for viewing on the screen or a slot on the device may receive a card that has pager or
`
`cell phone functionality built-in." (17:62-18:4)
`
`In addition to the functionalities discussed above, the digital wallet itself may be
`
`considered computer software and a file. (Fig. 9b)
`
`As per claim 2, Ludtke discloses the method of claim 1, wherein the one or more
`codes and the other data values are transmitted to the agent over a network.
`
`"One means of achieving this is for the transaction device to be manufactured with
`
`several hundred unique transaction device ID values stored in its permanent memory. In
`
`this embodiment, the TPCH may maintain a copy of these values, so it knows that
`
`whenever a transaction arrives with one of these values, the TPCH knows which
`
`transaction device, and hence which user, the transaction it associated with." (30:20-27,
`
`where the unique transaction device ID value is the one or more codes that is
`
`transmitted to the agent over the network)
`
`"One embodiment of the TPCH 600 is illustrated by FIG. 6. The incoming
`
`communications mechanism 605 and outgoing communications mechanism 610 are the
`
`means of communicating with external retailers and vendors, as well as the transaction
`
`device such as the digital wallet. A variety of communication devices may be used, such
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-Final Office Action
`
`Patent Owner Exhibit 2025, Page 17 of 35
`
`

`

`Control Number: 90/015,052
`Art Unit: 3992
`
`Page 16
`
`as the Internet, direct dial-up modem connections, wireless or cellular signals, etc."
`
`(9:35-42)
`
`"One embodiment of a system is illustrated in FIG. 1. In this embodiment, a transaction
`
`privacy clearing house (TPCH) 110 interfaces a user 120 and a vendor 125. In this
`
`particular embodiment, a transaction device, e.g., a privacy card 130, is used to
`
`maintain the privacy of the user while enabling the user to perform transactions. The
`
`transaction device information is provided to the TPCH 110 that then indicates to the
`
`vendor 125 and the user 120 approval of the transaction to be performed." (6:36-44)
`
`As per claim 4, Ludtke discloses the method of claim 1, wherein the one or more
`codes and the other data values indicate that the biometric verification was
`successful.
`
`"At 3102 the user may start a device, such as a digital wallet (DW). At 3104 the DW
`
`checks to see if a fingerprint has been detected. If not then the DW loops back looking
`
`for a fingerprint. If a fingerprint has been detected, then at 3106 a check is made to see
`
`if it matches a stored authorized fingerprint." (39:49-54)
`
`"The consumer access device 2802 has an LCD screen 2804 showing text, a biometric
`
`identification unit, in this embodiment as a Fingerprint Identification Unit (FIU) 2806 and
`
`a touchpad 2808 for user input. The user of the consumer access device 2802 would be
`
`authorized access to the device 2802 if the device recognized the user after the user
`
`had pressed his finger against the FIU 2806." (39:21-27; Figs. 28 and 31)
`
`As per claim 5, Ludtke discloses the method of claim 1, wherein the biometric data
`and the scan data are both based on a fingerprint scan by the user.
`
`Ex Parte Reexamination of U.S. Pat. No. 8,352,730 - Non-F