Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 1 of 11
`
`
`
`
`
`
`
`
`
`Exhibit 19
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 2 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 2 of 11
`
`PATENT
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`In re of:
`Application No.:
`
`10/331,259
`
`Examiner:
`
`Trang T. Doan
`
`Filing Date:
`
`April 24, 2006
`
`Art Unit:
`
`2131
`
`First Inventor:
`
`Gisela MEISTER
`
`Customer No.:
`
`23364
`
`Attorney No.:
`
`MEIS3002/JEK.
`
`Confirmation No.:
`
`4669
`
`For:
`
`METHOD FOR CARRYING OUT A SECURE ELECTRONIC
`TRANSACTION USING A PORTABLE DATA SUPPORT
`
`RESPONSE TO OFFICE ACTION DATED AUGUST27, 2008
`
`Commissioner for Patents
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`Sir:
`
`INTRODUCTORY COMMENTS
`
`This is responsive to the Office Action mailed August 27, 2008 regarding the above-
`identified application. Reconsideration of the application is requested in view of the
`amendments and comments presented herein.
`
`AMENDMENTS
`
`Amendments to the Specification
`
`The specification is amended as shown in the following pages under the heading
`“AMENDMENT TO THE SPECIFICATION.”
`
`Amendments to the Claims
`
`The claims are amended as shown in the following pages under the heading “LIST OF
`CURRENT CLAIMS”. This listing of claims supersedes all prior listings of the claims
`presented in this application, shows the current status of all claims in the application and
`shows currently proposed amendments. Any cancellation of claims is made without prejudice
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 3 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 3 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Art Unit: 2131
`
`or disclaimer and Applicant reserves all rights to the original claimed and disclosed subject
`
`matter.
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 4 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 4 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Agt Unit: 2131
`
`AMENDMENTS TO THE SPECIFICATION
`
`Onpage 1, before the first paragraph, the following headings and paragraph are
`
`inserted:
`
`BACKGROUND
`
`A. Field
`
`This invention relates to secure authentication of a user of a portable data carrier
`
`communicating with a terminal.
`
`On page1, the first paragraph is amendedto read:
`
`This invention starts out from a method exemplified, for example, by the method
`
`the main-claim-Such-a-methed is newn for-example-fom
`according to the-species-of
`"Handbuch der Chipkarten" (herein-after "Chip card manual"), W. Rankl, W. Effing, 3rd
`edition, 1999, pp. 692 to 703, under thetitle "Digital signature". For performing a legally
`binding electronic signature, a digital signature card containing a secret signature keyis
`accordingly to be used. A signature is performed on a suitable terminal from which the card
`receives in electronic form a document to be signed. To be able to performa signature, the
`user of the card must establish proof of his identity through the terminal. This proof is
`regularly furnished by entering a PIN (personidentification number) which is compared with
`a reference PIN stored in the card. In future it is planned to perform user authentication by
`checking a biometric feature, e.g. a fingerprint. When an electronic document has been
`signed with the help of a signature card after successful authentication of the user, the
`document can then be passed on in any way. The electronic signature makesit possible to
`effect particularly security-critical transactions, e.g. the placing of service orders involving
`costs, by electronic channels.
`
`On page 1, the last paragraph is deleted.
`
`On page 2, before the third paragraph, the following headingis inserted:
`
`SUMMARY
`
`On page 2, before the fifth paragraph, the following headingis inserted:
`DESCRIPTION OF THE DRAWINGS
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 5 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 5 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Art Unit: 2131
`
`LIST OF CURRENT CLAIMS
`
`1. (Currently Amended) A method for effecting a secure electronic transaction on a
`terminal using a portable data carrier arranged to perform different user authentication
`
`
`methods, whereinwhereby-auserauthenticateshimself vis-a-vis the portable data carrier
`
`
`
`portable data carrier confirms the proof of authentication to the terminal, and the portable
`data carrier then performs a security-establishing operation within the electronic transaction,
`comprising the steps of creating lecating-viathe-portable-data-earrier quality information by
`the portable data carrier about how the authentication of the user was performed by the used
`user authentication method dene and attaching said quality information is attached to the
`
`result of the security-establishing operation.
`
`2. (Previously Presented) The method according to claim1, wherein the security-
`establishing operation performed by the portable data carrier comprises creating a digital
`
`signature.
`
`3. (Previously Presented) The method according to claim 1, wherein the
`authentication ofthe user is performed by presentation of a biometric feature.
`
`4, (Previously Presented) The method according to claim 3, wherein the
`authentication of the user is performed by presentation of a physiological or behavior-based
`
`feature characteristic of a user.
`
`5. (Previously Presented) The method according to claim 1, whereinthe
`authentication of the user is performed by proof of knowledgeof a secret.
`
`6. (Previously Presented) The method according to claim 1, wherein at least two
`different authentication methods of different quality are offered for authentication ofthe user.
`
`7. (Previously Presented) The method according to claim 6, wherein the particular
`
`authentication methods not used are disabled.
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 6 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 6 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Art Unit: 2131
`
`8. (Previously Presented) The method according to claim 6, wherein no quality
`information is produced for an authentication method.
`
`9, (Previously Presented) The method according to claim 1, wherein a user is asked.to
`
`select an authentication method.
`
`10. (Currently Amended) A portable data carrier for performing a security-
`establishing operation within a secure electronic transaction and arranged to perform different
`
`user authentication methods, whereby a-user-authenticates-himselfvis-a-visthe portable data
`catrier isarranged to perform a user authentication using one of said implemented user
`authentication methods and the portable data carrier is arranged to confirm cenfirms the
`authentication to a terminal, and wherein comprising-setting-up the data carrier is arranged to
`create quality information stating how the authentication of the user was performedbythe
`used user authentication method.
`
`11. (Previously Presented) The data carrier according to claim 10, wherein the
`portable data carrier is set up to create a digital signature.
`
`12. (Previously Presented) The data carrier according to claim 10, wherein the data
`carrier supports at least two qualitatively different authentication methods.
`
`13. (Previously Presented) A terminal for use in connection with a portable data
`carrier according to claim 9, said terminal including a device arranged to cause a userto
`select one ofat least two possible authentication methods.
`
`14. (Currently Amended) A system for effecting a secure electronic transaction within
`which the quality of authentication of a user vis-a-vis of the systemis ascertained, comprising
`a portable data carrier according to claim 10 and a terminal accordingto claim 13.
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 7 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 7 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Ast Unit: 2131
`
`REMARKS
`
`Amendments
`Claims 1 and 10 have been amended to more clearly recite the subject matter for
`which protection is sought to avoid any misinterpretation of the original claim language.
`Thus, claim 1
`is amended to recite that the portable data carrier is arranged to perform
`different user authentication methods and describes the manner in which quality information
`regarding authentication of the user is carried out by the portable data carrier to determine
`proof of authentication.
`Support for the amendment is found, for example, at page 2,
`paragraph 3 and page 5, paragraph 1 of the specification.
`Claim 10 has been amended in a manner so that it is consistent with claim 1 and
`support for the amendment is found in the same locations within the written description as
`identified above with respect to the amendments made to claim 1.
`
`Claim Objections
`The objections to claims 1, 10 and 14 are moot in view of the amendments made to
`
`the claims.
`
`Claim Rejections — 35 USC $112
`The rejection of claims 1 and 10 under 35 USC §112 is now moot in view of the
`amendments made to the claims.
`The word “locating” im claims
`1 and 10 was a
`typographical error. The term “creating” was the intended word to be used in the claims.
`
`Claim Rejections — 35 USC §102
`The rejection of claims 1, 3-8, 10, 12 and 14 under 35 USC §102(e) on grounds that
`the claims are anticipated by Mimura (U.S. 7,162,058)
`is now moot
`in view of the
`amendments made to claims 1 and 10. Specifically, the original step in claim 1 of creating
`quality information about how the user has been authenticated has been expanded somewhat
`to provide a better foundation for the process of developing quality information regarding the
`authentication procedure that is used by the portable data carrier. More specifically, as
`described in the specification, the portable data carrier is arranged to perform different user
`authentication methods, and then, the data carrier performs a security-establishing operation
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 8 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 8 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Art Unit: 2131
`
`comprising creating quality information about how the authentication of the user was
`performed by the used user authentication method.
`Clearly, there is not the remotest suggestion in Mimura that different authentication
`procedures can be used by the user or creating quality information via the authentication
`program described in the patent. On the contrary, Mimura simply teaches a fingerprint
`comparison authentication process and nothing moreto establish authentication by a user.
`As explained in the specification, the problem solved by the present invention lies in
`effecting a secure electronic transaction using a portable data carrier which takes into account
`the quality of the user authentication performed. When the user authentication is being
`performed in accordance with the invention, the performing data carrier produces quality
`information about the authentication procedure used. This “voucher”is attached to the result
`of a security-establishing operation subsequently performed by the portable data carrier. The
`recipient of the thus formed message can therefore clearly recognize how a user has
`authenticated himself before effecting the security-establishing operation. Accordingly, a
`
`secure transaction can be affected contingent on the quality of the user authentication.
`For example, in an electronic purse application, authentication for an application
`involving the withdrawal of a sum of money below a limiting value can be effected after a
`simple PIN authentication, while amounts of money to be withdrawn above such limiting
`value would require a more secure authentication, such as by means of a biometric feature.
`
`(See page 2, first paragraph.)
`The result is that tampering with an authentication voucher even when an authorized
`user has access to both a portable data carrier and an associated, low-order authentication
`information, is rendered virtually impossible, even though the user has an associated PIN.
`(See page 2, third paragraph.) This is quite different from Mimura, where the electronic
`authentication unit compares a fingerprint
`image of a clerk with a reference fingerprint
`information stored on the IC card 100, with the authentication unit 103 performing an
`
`electronic authentication with a host computer 130 if the fingerprints match.
`If the newly
`inputted fingerprint matches the reference fingerprint
`information 104, access to the
`authentication information 105 is allowed and the authentication is made between the
`
`the access from the
`applications 131 and the electronic authentication unit 103 so that
`terminal 120 to the applications 130 is permitted, enabling the clerk to authorize the
`
`application.
`
`
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7. Filed 07/28/22 Page 9 of 11
`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 9 of 11
`
`Application No.: 10/531,259
`Examiner: Trang T. Doan
`Art Unit: 2131
`
`As noted previously, nothing is disclosed in Mimura regarding the availability of
`multiple authentication procedures in combination with the creation of quality information by
`a portable data carrier about how an authentication of the user was performed, followed by
`using such information during the security-establishing operation.
`Accordingly, it is respectfully submitted that withdrawal of the rejection of claim 1 is
`in order and the sameis respectfully requested.
`:
`The above remarks apply equally with regard to apparatus claim 10. The withdrawal
`
`of the rejection of claim 10 is likewise requested.
`Claims 2-9 and 11-14 are patentable at least on the basis of the patentability of claims
`1 and 10 from which they depend.
`In addition, each claim recites additional subject matter
`that further distinguishes the elements of the independent claims over the cited prior art.
`Accordingly, allowance of the dependent claims 2-9 and 11-14 is in order and the sameis
`
`requested.
`
`Claim Rejections — 35 USC $103
`The rejection of claims 2 and 11 under 35 USC §103(a) in view of Mimura and
`Barlow is moot in view of the amendmentsto the claims and it is respectfully submitted that
`the patentability of claims 2 and 11 has been established by the amendmentsto claims 1 and
`10, and likewise, with regard to claims 9 and 13.
`The application having been placed in condition for allowance, its passage to issue is
`
`respectfully requested.
`
`BACON & THOMAS, PLLC
`625 Slaters Lane, 4" Floor
`Alexandria, VA 22314-1176
`Phone: (703) 683-0500
`Facsimile: (703) 683-1080
`
`Date: November 26, 2008
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 10 of 11
`
`2761
`
`Amendment/Req. Reconsideration-After
`Non-FinalReject
`
`Response_112608.pdf
`
`0f19d917d3c28b7ae5beaNcd47ff70ebe338
`
`Title of Invention:
`
`Methodfor carrying out a secure electronic transaction using a portable data
`support
`
`File Listing:
`
`Pages
`Multi
`File Size(Bytes)/
`DocumentDescription
`Document
`
`
`
`Number Message Digest|Part/.zip|P (if appl.)
`311647
`
`

`

`Case 6:21-cv-01101-ADA Document 49-7 Filed 07/28/22 Page 11 of 11
`Case 6:21-cv-01101-ADA Document 49-
`FaleOy/28/22 Page 11of11
`otal Files Size (in
`
`This AcknowledgementReceipt evidences receipt on the noted date by the USPTOofthe indicated documents,
`characterized by the applicant, and including page counts, where applicable. It serves as evidence of receipt similar to a
`Post Card, as described in MPEP 503.
`
`New Applications Under 35 U.S.C. 111
`If a new application is being filed and the application includes the necessary componentsfora filing date (see 37 CFR
`1.53(b)-(d) and MPEP 506), a Filing Receipt (37 CFR 1.54) will be issued in due course and the date shownonthis
`AcknowledgementReceiptwill establish thefiling date of the application.
`
`National Stage of an International Application under 35 U.S.C. 371
`If a timely submission to enter the national stage of an international application is compliant with the conditions of 35
`U.S.C. 371 and other applicable requirements a Form PCT/DO/EO/903indicating acceptance of the application as a
`national stage submission under 35 U.S.C. 371 will be issued in addition to the Filing Receipt, in due course.
`
`the application.
`
`New International Application Filed with the USPTO as a Receiving Office
`If a new international application is being filed and the international application includes the necessary components for
`an international filing date (see PCT Article 11 and MPEP 1810), a Notification of the International Application Number
`and of the International Filing Date (Form PCT/RO/105)will be issued in due course, subject to prescriptions concerning
`national security, and the date shownon this AcknowledgementReceiptwill establish the international filing date of
`
`