Obviousness

Obviousness Analysis of U.S. Patent 11,329,973 Under 35 U.S.C. § 103

This analysis assesses the obviousness of U.S. Patent 11,329,973 under 35 U.S.C. § 103, considering combinations of prior art references that would render its claims obvious to a Person Having Ordinary Skill in the Art (PHOSITA) by the priority date of December 21, 2012.

Identified Prior Art

1. U.S. Patent Application Ser. No. 11/851,215 (the '215 application): This application, explicitly incorporated by reference in U.S. Patent 11,329,973, is titled "SYSTEMS, METHODS, AND APPARATUSES FOR SECURE DIGITAL TRANSACTIONS." U.S. Patent 11,329,973 itself states that its virtual wallet platform "may provide a Reducing Currency Denomination (RCD) payment platform and an OVER File credential storage client 4" and further clarifies that "An RCD payment platform is described in more detail in U.S. patent application Ser. No. 11/851,215" [cite: Description]. This establishes the '215 application as teaching a foundational secure digital transaction system, likely involving mobile devices and a backend server for processing payments within a virtual wallet context.
2. General Knowledge and Readily Available Technologies (Circa 2012):
   • Digital credentials and electronic identification: The concept of storing various non-payment digital items (e.g., loyalty cards, coupons, tickets, boarding passes) in mobile wallets on smartphones was prevalent. Many such systems utilized scannable codes (like QR codes or barcodes) for information transfer and validation.
   • Client-server verification systems: Existing systems commonly allowed for the remote verification of information, such as checking account balances, validating tickets, or confirming memberships, by sending an identifier to a central server and receiving a status response.
   • Proximity communication: Technologies like Near Field Communication (NFC) and Bluetooth were established for secure, short-range data transfer and authentication in mobile devices, used for various purposes including contactless payments and information exchange. The abstract of U.S. Patent 11,329,973 explicitly mentions "NFC or Bluetooth protocol-based communication" for verification, acknowledging their relevance [cite: Abstract].
   • Security for sensitive digital data: Standard computer security practices included encryption, tying digital assets to specific devices (e.g., through device identifiers), password protection, and the use of biometric authentication for accessing sensitive information. The abstract of US5892900A, titled "Method and system for secure transactions," indicates a prior art focus on ensuring authorized access and maintaining the integrity and confidentiality of information in electronic commerce.

Motivation for Combination

The background section of U.S. Patent 11,329,973 itself articulates the motivation for combining these elements: "The rapid growth and evolution of traditional and electronic commerce markets has resulted in a wide-spread demand for monetary payments by digital transactions... Additionally, as more users move to a digital transaction model, the need for digital identification also increases. As fewer users carry wallets or traditional payment forms, traditional forms of ID will become less common. Current platforms are insecure and carrying digital credentials increases the risk of identity theft or fraud in transactions. What is needed is secure system for storing and displaying user credentials." [cite: Description]

This explicit problem statement would directly motivate a PHOSITA in the field of secure digital transaction systems and mobile wallets to extend the capabilities of an existing digital payment platform (like the RCD payment platform described in the '215 application) to encompass the secure storage and verification of officially verifiable personal credentials. The objective would be to create a comprehensive "virtual wallet" that replaces physical wallets entirely, offering enhanced convenience and security for both monetary transactions and identity verification. A PHOSITA would recognize that handling sensitive official identification would necessitate robust security measures and a reliable verification mechanism that interfaces with official issuing agencies, similar to how payment systems interact with financial institutions.

Obviousness Analysis of Independent Claims

Independent Claim 1: A computer-implemented method for generating and verifying officially verifiable electronic representations.

A PHOSITA would find it obvious to adapt the secure transaction processing and verification mechanisms of the '215 application to handle "officially verifiable electronic representations" of credentials.

• Storing information associated with a credential: The '215 application teaches storing user payment information for secure transactions. Extending this to store other "wallet" items like identification or qualification credentials would be an obvious design choice for a comprehensive virtual wallet, given the widespread use of mobile wallets for non-payment items and the explicit need for digital identification.
• Receiving a file generation request and generating a verified file: The '215 application teaches receiving requests for payment actions and processing them securely. A PHOSITA would adapt this to receive requests for generating digital identity credentials. The crucial step of "verified by an issuing agency" is a natural extension of secure transaction processing, where the '215 application would interact with banks or payment networks for payment verification. For official credentials, the analogous step would be to contact official issuing agency databases (e.g., DMV for a driver's license) for validation and to obtain official data.
• Transmitting the file and receiving a verifying request: Transmitting transaction data, confirmations, or receipts is inherent in the '215 application. Similarly, receiving verification requests for transaction validity is fundamental. Adapting these steps for digital identity credentials is a straightforward application of existing principles.
• Verifying using NFC or Bluetooth communication: NFC and Bluetooth were well-known and commercially available technologies for secure, short-range data exchange and contactless transactions by the priority date. A PHOSITA, aiming for convenient and secure proximity-based verification within a virtual wallet, would readily implement these technologies, drawing from their established uses in digital payments and data sharing.
• Transmitting an authentication message: Sending a response (e.g., transaction approval or denial) is fundamental to the '215 application. Transmitting an authentication message (e.g., "valid" or "invalid" status, potentially with a reason) for a credential after verification is an obvious and direct extension of this capability.

Independent Claim 15: A computer-implemented method for requesting an officially verifiable electronic representation from a client device.

A PHOSITA would find it obvious to enable a client device, already part of a secure digital transaction system like the '215 application, to manage official digital credentials.

• Generating and transmitting a request for a credential action: A client device in the '215 application generates requests for payment actions (e.g., initiating a transaction). It would be obvious to extend this functionality to generate requests for other "credential actions," such as generating or verifying an identity credential. Transmitting these requests to a backend credential database is a standard client-server interaction.
• Request comprising a credential identifier: Payment requests in the '215 application would include payment identifiers (e.g., card numbers). Using a "credential identifier" (e.g., a driver's license number) for identity credentials is an analogous and obvious approach. The methods for obtaining this identifier, such as manual entry or scanning an information code (e.g., a QR code provided by an issuing agency), were known techniques for digital data input.
• Receiving a response to the request: Receiving responses from a backend server (e.g., transaction confirmation) is fundamental to the '215 application's client device functionality. Receiving a generated credential, a status indicator, or a reason for invalidity in response to a credential action request is a direct application of this known capability. The inclusion of a "device identifier" to limit the generated credential to the specific client device is a known security feature for digital assets (e.g., digital rights management, mobile tickets).

Independent Claim 22: An apparatus for generating and verifying officially verifiable electronic representations.

The apparatus described in Claim 22 would be an obvious modification or extension of the server-side infrastructure of a secure digital transaction system like the '215 application.

• Processor, memory, and program instructions: These are standard components of any computing apparatus, including the server components of the '215 application.
• Processor programmed to maintain a credential database with a status indicator: The server in the '215 application would maintain a database of payment credentials and transaction records. A PHOSITA, motivated to expand the virtual wallet to include identity credentials, would logically extend this to a "credential database" for identity/qualification credentials. Storing a "status indicator" (e.g., active, expired) for these credentials is an obvious design choice for managing their validity, analogous to managing the status of payment cards.
• Receiving a request for a credential action, determining a response, and transmitting it: The server in the '215 application would receive requests for payment actions, determine responses based on stored payment credentials, and transmit those responses to client devices. Applying this same logic to "credential actions" and identity credentials is a direct and obvious architectural adaptation.
• Generating requests from an issuing agency database: The process of interacting with an "issuing agency database" for verification and to obtain official credential information is analogous to how payment processors (in the '215 application context) interact with banks or payment networks to verify funds and card details. This represents a known approach to obtaining and validating official data.
• Generating a device identifier to limit the credential: This is a known security feature for digital assets to bind them to a specific device, providing an obvious method to enhance the security of digital credentials.

In conclusion, the combination of the secure digital transaction platform described in U.S. Patent Application Ser. No. 11/851,215 with general knowledge regarding digital identification, client-server verification, proximity communication technologies, and standard security practices, driven by the articulated need for a comprehensive digital wallet, would have made the claimed invention of U.S. Patent 11,329,973 obvious to a PHOSITA by its priority date.