Prosecution Insights
Last updated: July 17, 2026
Application No. 17/587,453

Biometric Payment Technology

Final Rejection §101§103§112
Filed
Jan 28, 2022
Priority
Sep 16, 2015 — provisional 62/219,515 +2 more
Examiner
JONES, COURTNEY PATRICE
Art Unit
3600
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Block Inc.
OA Round
6 (Final)
68%
Grant Probability
Favorable
7-8
OA Rounds
0m
Est. Remaining
90%
With Interview

Examiner Intelligence

Grants 68% — above average
68%
Career Allowance Rate
170 granted / 249 resolved
+16.3% vs TC avg
Strong +22% interview lift
Without
With
+22.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
29 currently pending
Career history
279
Total Applications
across all art units

Statute-Specific Performance

§101
1.4%
-38.6% vs TC avg
§103
86.9%
+46.9% vs TC avg
§102
4.7%
-35.3% vs TC avg
§112
0.8%
-39.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 249 resolved cases

Office Action

§101 §103 §112
Acknowledgements This communication is in response to applicant’s response filed on 10/14/2025. Claims 1, 7, 11, 18, and 22-24 have been cancelled. Claims 1, 9, 19, and 25-27 have been amended. Claims 2-6, 8-10, 12-17, 19-21, and 25-27 are pending and have been examined. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Regarding applicant’s arguments: Applicant’s arguments see pg. 12, filed 10/14/2025, with respect to the rejection(s) of claim(s) under Claim Rejections - 35 USC § 112(b) that the amendments made to claims 25-27 render the rejections moot have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. Applicant’s arguments see pgs. 12-18, filed 10/14/2025, with respect to the rejection(s) of claim(s) under Claim Rejections - 35 USC § 101 that even if the amended claims recite an abstract idea, the claims as amended integrate the judicial exception into a practical application under Step 2A, Prong Two, because each individual biometric characteristic will generate a unique digital signature i.e., a unique digital signature for each different account have been considered and are not persuasive. Examiner respectfully argues the concept of mapping the financial accounts of users and registered biometric characteristics associated with the users describes how identification information is associated to the payment account. The concept of generating a digital signature of a user based on the biometric characteristic recites using identification information to create an identifier, which is the signature. The identifier and the biometric characteristic are sent to the payment processing server, which are the one or more servers, to validate the signature and use the biometric characteristics to find the account. These examples are similar to how a payment processing server would process data, where the biometric characteristics are substituting other elements that have been used in previous methods, such as payment cards, tokens or non-card methods. The unique mapping of a different biometric characteristic to each financial account is not an improvement of technology or technical field. As recited, the additional elements determined for Step 2A (prong 2) do not show the abstract idea as an improved process, which does not show an improvement to the technology. There are very few elements that can be defined to be improvements in the claimed invention, but replacing what could be used as secure identification of the customer is not improving the process as recited. This description supports replacing one identifying element for a biometric one. This does not affect or change the process as determined to be abstract, thus it does not show an improvement to the technology or technical process. The Specification points to improving the process to prevent fraudulent identification, but this process as recited does not improve over the current established methods of fraud prevention in a payment process. Therefore, the rejection is maintained. Applicant’s arguments see pgs. 18-22, filed 10/14/2025, with respect to the rejection(s) of claim(s) under Claim Rejections - 35 USC § 103 that the currently cited prior art does not teach, suggest, or motivate “storing, by one or more servers of a payment processing service, mappings between multiple financial accounts of a user and registered biometric characteristics associated with the user such that an individual registered biometric characteristic associated with the user corresponds to a single individual financial account of the user; scanning, by a biometric reader associated with a point-of-sale (POS) terminal, a biometric characteristic of the user; based at least in part on the scanned biometric characteristic, generating a digital signature of the user, wherein the generated digital signature is unique to the scanned biometric characteristic of the user” have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Grigg (US 20120197740) in view of Sheets (US 20130290136). Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 2-6, 8-10, 12-17, 19-21, and 25-27 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Under Step 1 of the Section 101 analysis, claim 2 directed to is a system, claim 9 is directed to a method, and claim 19 is directed to one or more non-transitory computer-readable media (an apparatus, a process, and an article of manufacture). Under Step 2A Prong One, Claims 2, 9, and 19 recite: storing, by one or more servers of a payment processing service, mappings between multiple financial accounts of a user and registered biometric characteristics associated with the user such that an individual registered biometric characteristic associated with the user corresponds to a single individual financial account of the user; scanning, by a biometric reader associated with a point-of-sale (POS) terminal, a biometric characteristic of the user; based at least in part on the scanned biometric characteristic, generating a digital signature of the user, wherein the generated digital signature is unique to the scanned biometric characteristic of the user; receiving, by the one or more servers and from the POS terminal, a candidate biometric characteristic associated with a payment request from the POS terminal, wherein the candidate biometric characteristic represents the biometric characteristic, and wherein the payment request comprises the digital signature; determining, by the one or more servers and based on accessing the registered biometric characteristics, that the candidate biometric characteristic corresponds to a registered biometric characteristic of the user; selecting, by the one or more servers and based at least on accessing the mappings and on determining that the candidate biometric characteristic corresponds to the registered biometric characteristic, a financial account associated with the registered biometric characteristic from the multiple financial accounts of the user; retrieving, by the one or more servers and based on confirming, using the digital signature, an identity of the user, data of the financial account associated with the registered biometric characteristic; and authorizing, by the one or more servers and in response to retrieving the data of the financial account and confirming the identity of the user, the payment request using the data of the financial account of the user without requesting additional identification from the user, wherein the payment request is a part of a payment transaction. Claims 2, 9, and 19 as drafted include language (see underlined language above) that recite an abstract idea of a secure payment process by creating an authentication ID corresponding to the identification data, both of which are used to authenticate the use of and retrieve payment data of the user’s financial account, which falls under certain methods of organizing human activity (e.g., commercial transactions). The use of tokenization, encryption, and digital signatures are recited at a high level of generality and supportive of a secure authentication and identification for payment. Under Step 2A Prong Two, the additional claim element(s), considered individually, do not apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception and in a manner that integrates the exception into a practical application of the exception. The additional claim elements(s) “system comprising one or more processers and one or more non-transitory computer-readable media,” “one or more servers,” “biometric reader,” and “POS terminal” generally “apply” the concept of a secure payment process by creating an authentication ID corresponding to the identification data, both of which are used to authenticate the use of and retrieve payment data of the user’s financial account on a computer. The claimed computer components are recited at a high level of generality and are merely invoked as tools to perform the abstract idea. Simply implementing the abstract idea on a generic computer is not a practical application of the abstract idea. The steps (e.g., receive user ID, map user ID to user financial account; if match found, authorize transaction) are routine in the field of payment processing and do not recite a specific technical improvement to computer functionality or another technical field. The claim does not require a particular machine, transformation, or unconventional technical solution, but rather, automates a business process using generic computer components. Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Under Step 2A Prong Two, the additional claim element(s) of claims, considered in combination, do not apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception and in a manner that integrates the exception into a practical application of the exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using system comprising one or more processers and one or more non-transitory computer-readable media, one or more servers, biometric reader, and POS terminal amounts to no more than applying the abstract idea of a secure payment process by creating an authentication ID corresponding to the identification data, both of which are used to authenticate the use of and retrieve payment data of the user’s financial account. Under Step 2B, the additional claim element(s), considered individually and in combination, do not provide meaningful limitation(s) to transform the abstract idea into a patent eligible application of the abstract idea such that the claim(s) amounts to significantly more than the abstract idea itself for similar reasons outlined under Step 2A Prong Two. A similar analysis can be applied to dependent claim 3 which claims “wherein the one or more servers receive an additional candidate biometric characteristic from an e-commerce website” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claims 4, 14, and 21 which claims “receiving, during a first time period prior to the payment request and by the one or more servers, the biometric characteristic of the user from a device of a merchant; sending, during the first time period, by the one or more servers and to the device, the biometric characteristic of the user for registration; receiving, during the first time period, by the one or more servers and from the device, a confirmation of the registration of the biometric characteristic of the user as the registered biometric characteristic of the user; and causing, during a second time period after the payment request and by the one or more servers, a transfer of funds from the financial account of the user to a financial account associated with the POS terminal to settle the payment request” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claims 5, 16, and 20 which claims “wherein confirming the identity of the user comprises: comparing, by the one or more servers, syntax and context of the digital signature to the registered biometric characteristic to determine whether the digital signature matches the registered biometric characteristic of the user; and based on determining the syntax and the context match the registered biometric characteristic, verifying the identity of the user associated with the registered biometric characteristic” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claims 6 and 17 which claims “wherein the candidate biometric characteristic received from the POS terminal is tokenized” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claims 8 and 12 which claims “applying one or more conditions associated with the registered biometric characteristic in the authorizing the payment request using the data of the financial account of the user” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claim 10 which claims “wherein the candidate biometric characteristic is a fingerprint processed by the biometric reader as distances between ridges to obtain a minutiae set, wherein the digital signature corresponds to the minutiae set” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claim 13 which claims “wherein the digital signature is encrypted by the POS terminal” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claim 15 which claims “wherein the POS terminal establishes a connection with the device based at least in part on the device entering a geo-fence of the POS terminal” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. A similar analysis can be applied to dependent claims 25-27 which claims “wherein: a first registered biometric characteristic of the user is a fingerprint of the user; a first financial account associated with the first registered biometric characteristic is a credit account of the user; a second registered biometric characteristics of the user is further comprise an iris scan of the user; and a second financial account associated with the second registered biometric characteristic is a debit account of the user” which merely elaborate on the abstract idea without reciting any new additional elements. When the limitations are considered individually and as a whole in combination with the independent claims from which they depend from, the claims do not recite additional elements that amount to significantly more than the judicial exception. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 2-5, 8-9, 12-16, 19-21, and 25-27 are rejected under 35 U.S.C. 103 as being unpatentable over Grigg (US 20120197740) in view of Sheets (US 20130290136). Regarding Claims 2, 9, and 19, Grigg teaches storing, by one or more servers of a payment processing service, mappings between multiple financial accounts of a user users and registered biometric characteristics associated with the users user such that an individual registered biometric characteristic associated with the user corresponds to a single individual financial account of the user (Paragraphs 0029, 0037, 0065, 0070, and 0072 teach a user may download the electronic wallet application from a server to the mobile device; the user may then download payment information about each of a plurality of payment vehicles from one or more servers and store this information in a secure section of memory on the mobile device; a user may create a quick pay voice command for the user's credit card with Bank A and debit card with Bank B by using the electronic wallet application and then assign payment information to each command using the same application; for instance, the user may create a voice command “Bank A credit card” to use for instructing the mobile device to instantly send the payment information for his credit card with Bank A, and a voice command “Bank B debit card” to use for instructing the mobile device to instantly send the payment information for his debit card with Bank B; once the commands are created, the user may be able to initiate a payment at a POS terminal by simply saying “Bank A credit card” or “Bank B debit card” depending on the card the user desires to use; FIG. 3 a provides a process for configuring a transaction authorization system; the user of the mobile device installs payment information on the mobile device for a plurality of payment vehicles; the user may then be able to use the electronic wallet application to access, via the network, servers for each of a plurality of financial institutions in order to download payment information, e.g., encrypted account numbers, etc., associated with the one or more payment vehicles issued to the user from the financial institution; for example, a user may use her mobile phone to access Bank A and download the information needed to be able to make wireless mobile wallet payments from her checking account with Bank A; the mobile device associates the selected default payment vehicle with the selected single action user input in memory; it should be understood that the process of selecting default payment vehicles and associated single action user inputs can be repeated for a plurality of payment vehicles and user inputs, as indicated by arrow; for example, a user may select a credit card as a default payment vehicle for a first verbal command, a checking account as a default payment vehicle for a second verbal command); scanning, by a biometric reader associated with a point-of-sale (POS) terminal, a biometric characteristic of the user (Paragraphs 0038, 0097, and 0102-0103 teach other embodiments may use biometrics both as the single action input and for use in authentication of the user at the same time; for example, in one embodiment of the invention the user presses a “pay now” icon on the touch screen of their mobile phone with the user's finger and the touch screen immediately scans the fingerprint of the finger pressing the icon and then immediately initiates transmission of the payment information if the fingerprint matches one stored in the phone's memory for the user; the processor determines the payment information to transfer based on the input and/or the connection signal; for example, the processor may determine the payment information to transfer based on analysis of the input from the user; if the user is using speech recognition software to determine which account the transfer should be made from, the processor can make that determination at this step; a different type of input indicates to the system that the transfer should be made from different accounts; the mobile device wirelessly transmits the default payment code to the POS terminal; in response to the user performing the single action user input that has been setup as the quick pay mechanism, the mobile device wirelessly transmits the default payment code to the POS terminal using the wireless payment network interface; for example, the mobile device may transmit the default payment code wirelessly over the network; the POS terminal receives the default payment code from the mobile payment device and identifies the code for use in other processes; for example, the POS terminal may receive the default payment code in an encrypted form and decrypts the code for use with the transaction authorization process); receiving, by the one or more servers and from the POS terminal, a candidate biometric characteristic associated with a payment request from the POS terminal, wherein the candidate biometric characteristic represents the biometric characteristic (Paragraph 0104 teaches the POS terminal sends the default payment code to the financial institution with an authorization request as if the payment code were any other account number; for example, the POS terminal sends the default payment code to the financial institution associated with the default payment code; although the default payment code is not an account number, the POS terminal can treat the default payment code in much the same manner as standard account numbers); determining, by the one or more servers and based on accessing the registered biometric characteristics, that the candidate biometric characteristic corresponds to a registered biometric characteristic of the user (Paragraph 0105 teaches the financial institution server determines from the received default payment code that the pending transaction was initiated using a single action user input and determines the default payment vehicle associated with the default payment code in memory; for example, the financial institution server receives a default payment code, recognizes that the user triggered a hotkey to authorize the transaction, and looks up the checking account associated with the default payment code); selecting, by the one or more servers and based at least on accessing the mappings and on determining that the candidate biometric characteristic corresponds to the registered biometric characteristic, a financial account associated with the registered biometric characteristic from the multiple financial accounts of the user (Paragraph 0124 teaches the processor determines the payment information to transfer based on the input and/or the connection signal; for example, the processor may determine the payment information to transfer based on analysis of the input from the user; if the user is using speech recognition software to determine which account the transfer should be made from, the processor can make that determination at this step; in another embodiment, a different type of input indicates to the system that the transfer should be made from different accounts); retrieving, by the one or more servers and based on confirming, an identity of the user, data of the financial account associated with the registered biometric characteristic (Paragraph 0105 teaches in an embodiment, the financial institution server recognizes the default payment code, determines that this means the transaction initiated by means of a single action user input, and identifies the payment vehicle associated with the payment code based on the association stored in the financial institution server's memory); and authorizing, by the one or more servers and in response to retrieving the data of the financial account and confirming the identity of the user, the payment request using the data of the financial account of the user without requesting additional identification from the user, wherein the payment request is a part of a payment transaction (Paragraph 0106 teaches the financial institution server determines to authorize the transaction based at least partially on rules specific to single action input transactions and on account information associated with the default payment vehicle; the rules are default rules provided by the financial institution; the financial institution server determines to authorize the transaction based at least on part of the rules pertaining to the default payment code; for example, the financial institution may determine to authorize a transaction using the single action user input because the transaction is occurring during business hours based on a rule set up by the user; the financial institution determines to authorize the transaction using the single action user input because the transaction is for less than five dollars based on default rules provided by the financial institution and, in some cases, approved or accepted by the user). However, Grigg does not explicitly teach based at least in part on the scanned biometric characteristic, generating a digital signature of the user, wherein the generated digital signature is unique to the scanned biometric characteristic of the user based on the biometric characteristic; receiving, by the one or more servers and from the POS terminal, a candidate biometric characteristic associated with a payment request from the POS terminal, wherein the payment request comprises the digital signature; and retrieving, by the one or more servers and based on confirming, using the digital signature, data of the financial account associated with the registered biometric characteristic. Sheets from the same or similar field of endeavor teaches based at least in part on the scanned biometric characteristic, generating a digital signature of the user, wherein the generated digital signature is unique to the scanned biometric characteristic of the user based on the biometric characteristic (Paragraphs 0038, 0045-0046, and 0049 teach the consumer device provides unforgeable evidence of the biometric match in the form of a unique digital signature to provide proof to a payment processing network that the match occurred; the consumer device may be used in conjunction with transactions of currency or points (e.g., points accumulated in a particular software application); the consumer device includes software to perform the various payment transactions, processing user biometric data, and generating a unique digital signature as further described below; the user biometric data may include fingerprint data, retinal scan data, digital photograph data (e.g., facial recognition data), DNA data, palm print data, hand geometry data, iris recognition data, or other similar biometric identifier that would be appreciated by one of ordinary skill in the art with the benefit of this disclosure; furthermore, the payment processing network can receive a unique digital signature (e.g., from the payment device, terminal, or acquirer) to determine a risk factor associated with a transaction, as further described below); receiving, by the one or more servers and from the POS terminal, a candidate biometric characteristic associated with a payment request from the POS terminal, wherein the payment request comprises the digital signature (Paragraphs 0085 and 0006 teach the consumer device captures biometric data (e.g., second biometric data) from a user as he/she speaks into it; the user's voice may be captured by the biometric sensor; the second biometric data is captured by from the user when the user wishes to initiate a payment transaction; the consumer device provides unforgeable evidence of the biometric match in the form of a unique digital signature to provide proof to a payment processing network that the match occurred); and retrieving, by the one or more servers and based on confirming, using the digital signature, data of the financial account associated with the registered biometric characteristic (Paragraphs 0049, 0086, and 0088 teach the authorization and settlement server (“authorization server”) performs payment authorization functions; the authorization server is further configured to send and receive authorization data to the issuer; the payment processing network can receive a unique digital signature (e.g., from the payment device, terminal, or acquirer) to determine a risk factor associated with a transaction, as further described below; the consumer device locally compares the first and second set of biometric data and determines whether the biometric information matches according to a predetermined threshold (e.g., predetermined criteria, correlation, etc.); if the received input data and the previously stored input data match according to the predetermined threshold, then the data is considered a match; the consumer device sends the payment card data (or alternatively payment account data) and biometric digital artifact to the payment processor network; the consumer device can send the biometric digital artifact, consumer device verification method (CDVM), and authorization request to the terminal (FIG. 1) instead of directly sending the biometric digital artifact to the payment processing network; the biometric digital artifact can be referred to as a unique digital artifact). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Grigg to incorporate the teachings of Sheets to based at least in part on the scanned biometric characteristic, generate a digital signature of the user, wherein the generated digital signature is unique to the scanned biometric characteristic of the user based on the biometric characteristic; receive, by the one or more servers and from the POS terminal, a candidate biometric characteristic associated with a payment request from the POS terminal, wherein the payment request comprises the digital signature; and retrieve, by the one or more servers and based on confirming, using the digital signature, data of the financial account associated with the registered biometric characteristic. There is motivation to combine Sheets into Grigg because the system provides strong proof that the biometric matching is occurring and the user is indeed performing the transactions (Sheets Paragraph 0007). Other advantages of embodiments of the invention relate to technical advantages such as the reduction in data transmission, which results in increased bandwidth over communication networks. For example, because much of the biometric verification processing occurs in a distributed manner (e.g., by using many mobile phones), the need for large computational requirements for a central server computer is reduced. Further, in embodiments of the invention, a digital artifact that is relatively small in size is being transmitted to a central server computer, resulting in fast data transmission. This is compared to the case where a data intensive biometric data sample (e.g., an audio file for a voice sample) is being transmitted through a communication medium (Sheets Paragraph 0041). Regarding Claim 2, Grigg teaches a system, comprising: one or more processors; and one or more non-transitory computer-readable media storing instructions executable by the one or more processors, wherein the instructions program the one or more processors to perform operations (Paragraph 0141 teaches systems, methods, and/or computer program products. It will be understood that each block included in the flowchart illustrations and/or block diagrams, and combinations of blocks included in the flowchart illustrations and/or block diagrams, may be implemented by one or more computer-executable program code portions; these one or more computer-executable program code portions may be provided to a processor of a general purpose computer, special purpose computer, and/or some other programmable data processing apparatus in order to produce a particular machine, such that the one or more computer-executable program code portions, which execute via the processor of the computer and/or other programmable data processing apparatus, create mechanisms for implementing the steps and/or functions represented by the flowchart(s) and/or block diagram block(s)). Regarding Claim 9, Grigg teaches a method for processing a payment transaction (Paragraph 0064 teaches FIGS. 3 a through FIG. 6, described below, illustrate process flows for methods of using the transaction authorization system described above in different ways to configure the system and effectuate single-action payment information transmissions during a transaction, in accordance with various embodiments of the invention; it should be understood that the steps performed by each entity may, in some cases, be performed in a different order than the order shown, may be performed by different entities, or may not be performed at all; these figures depict only some embodiments of the invention but do not limit the invention to the described steps). Regarding Claim 19, Grigg teaches one or more non-transitory computer-readable media storing instructions executable by one or more processors, wherein the instructions program the one or more processors to perform actions (Paragraphs 0138-0139 teach computer-executable program instructions may be stored or embodied in a computer-readable medium to form a computer program product that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block(s); It will be understood that any suitable computer-readable medium may be utilized. The computer-readable medium may include, but is not limited to, a non-transitory computer-readable medium, such as a tangible electronic, magnetic, optical, electromagnetic, infrared, and/or semiconductor system, apparatus, and/or device; for example, in some embodiments, the non-transitory computer-readable medium includes a tangible medium such as a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a compact disc read-only memory (CD-ROM), and/or some other tangible optical and/or magnetic storage device. In other embodiments of the present invention, however, the computer-readable medium may be transitory, such as a propagation signal including computer-executable program code portions embodied therein) Regarding Claim 3, the combination of Grigg and Sheets teaches all the limitations of claim 2 above; however, the combination does not explicitly teach wherein the one or more servers receive an additional candidate biometric characteristic from an e-commerce website. Sheets further teaches wherein the one or more servers receive an additional candidate biometric characteristic from an e-commerce website (Paragraphs 0098 and 0047 teach FIG. 5B illustrates authenticating a user via a thumbprint, according to an embodiment of the present invention; consumer device includes a display and a biometric sensor; the biometric sensor is configured to receive biometric data from the user; the biometric sensor is configured to receive a fingerprint from a user; for example, the terminal can be a POS device at a grocery store checkout line; the terminal could be a client computer or a mobile phone in the event that the user is conducting a remote transaction). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Grigg and Sheets to incorporate the further teachings of Sheets for the one or more servers to receive an additional candidate biometric characteristic from an e-commerce website. There is motivation to combine further Sheets into the combination of Grigg and Sheets because embodiments of the invention provide strong user authentication on a trusted consumer device without requiring the user to go through a formal registration process with the issuer or payment processing network. Certain embodiments allow the use of any biometric technology (e.g., fingerprint scan, iris scan, voice recognition, etc.) supported by their consumer device (e.g., smart phone, tablet computer) to authenticate the user (Sheets Paragraph 0006). Regarding Claims 4, 14, and 21, the combination of Grigg and Sheets teaches all the limitations of claims 2, 9, and 19 above; and Grigg further teaches receiving, during a first time period prior to the payment request and by the one or more servers, the biometric characteristic of the user from a device of a merchant (Paragraphs 0070 teaches the mobile device prompts the user to select a single action user input to associate with the default payment vehicle; the mobile device prompts the user the select one of the potential input devices for association with the default payment vehicle; for example, a message can appear on the screen requesting that the user select verbal command that will be associated with the payment vehicle); sending, during the first time period, by the one or more servers and to the device, the biometric characteristic of the user for registration (Paragraph 0071 teaches the user selects a single action user input; the user selects the single action user input from a list of single action user inputs displayed on the mobile device screen; in another embodiment, the user selects the single action user input by performing the single action; for example, the user may give a verbal command for the single action user input that is to be associated with the payment vehicle); receiving, during the first time period, by the one or more servers and from the device, a confirmation of the registration of the biometric characteristic of the user as the registered biometric characteristic of the user (Paragraph 0072 teaches the mobile device associates the selected default payment vehicle with the selected single action user input in memory; the process evaluates the user's selection of the default payment vehicle and of the single action user input and stores the association in the memory; for example, the user may have selected a credit card as the default payment vehicle and a touchscreen icon as the single action user input to be associated with the credit card; the mobile device, thus, will store the association between the credit card and the touchscreen icon in the memory as default payment information; it should be understood that the process of selecting default payment vehicles and associated single action user inputs can be repeated for a plurality of payment vehicles and user inputs; for example, a user may select a credit card as a default payment vehicle for a first touchscreen icon, a checking account as a default payment vehicle for a second touchscreen icon, and a rewards account as a default payment vehicle for a hotkey); and causing, during a second time period after the payment request and by the one or more servers, a transfer of funds from the financial account of the user to a financial account associated with the POS terminal to settle the payment request (Paragraphs 0087-0088 teach the financial institution server determines from the received indicator that the pending transaction was initiated using a single action user input; the financial institution server recognizes the indicator with the payment information; for example, the financial institution server may evaluate the codes associated with the payment information to determine if a binary code indicating a single action user input origination, such as a hotkey, is present; the financial institution server determines whether to authorize the transaction based at least partially on rules specific to the single action input transactions; the rules are default rules provided by the financial institution associated with the payment vehicle). Regarding Claims 5, 16, and 20, the combination of Grigg and Sheets teaches all the limitations of claims 2, 9, and 19 above; however, the combination does not explicitly teach comparing, by the one or more servers, syntax and context of the digital signature to the registered biometric characteristic to determine whether the digital signature matches the registered biometric characteristic of the user; and based on determining the syntax and the context match the registered biometric characteristic, verifying the identity of the user associated with the registered biometric characteristic. Sheets further teaches comparing, by the one or more servers, syntax and context of the digital signature to the registered biometric characteristic to determine whether the digital signature matches the registered biometric characteristic of the user (Paragraph 0085 and 0006 teach the consumer device captures biometric data (e.g., second biometric data) from a user as he/she speaks into it; the user's voice may be captured by the biometric sensor; the consumer device may capture biometric data from the user's fingerprint; the second biometric data is captured by from the user when the user wishes to initiate a payment transaction; the consumer device provides unforgeable evidence of the biometric match in the form of a unique digital signature to provide proof to a payment processing network that the match occurred); and based on determining the syntax and the context match the registered biometric characteristic, verifying the identity of the user associated with the registered biometric characteristic (Paragraphs 0049, 0086, and 0088 teach the authorization and settlement server performs payment authorization functions; the authorization server is further configured to send and receive authorization data to the issuer; furthermore, the payment processing network can receive a unique digital signature to determine a risk factor associated with a transaction; the consumer device locally compares the first and second set of biometric data and determines whether the biometric information matches according to a predetermined threshold (e.g., predetermined criteria, correlation, etc.); if the received input data and the previously stored input data match according to the predetermined threshold, then the data is considered a match; the consumer device sends the payment card data (or alternatively payment account data) and biometric digital artifact to the payment processor network; the consumer device can send the biometric digital artifact, consumer device verification method (CDVM), and authorization request to the terminal instead of directly sending the biometric digital artifact to the payment processing network; it should be noted that the biometric digital artifact can be referred to as a unique digital artifact). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Grigg and Sheets to incorporate the further teachings of Sheets to compare, by the one or more servers, syntax and context of the digital signature to the registered biometric characteristic to determine whether the digital signature matches the registered biometric characteristic of the user; and based on determining the syntax and the context match the registered biometric characteristic, verify the identity of the user associated with the registered biometric characteristic. There is motivation to further combine Sheets into the combination of Grigg and Sheets because of the same reasons listed above for claims 2, 9, and 19. Regarding Claims 8 and 12, the combination of Grigg and Sheets teaches all the limitations of claims 2 and 9 above; and Grigg further teaches the operations further comprising applying one or more conditions associated with the registered biometric characteristic in the authorizing the payment request using the data of the financial account of the user (Paragraph 0088 teaches the financial institution server determines whether to authorize the transaction based at least partially on rules specific to the single action input transactions; in an embodiment, the rules are default rules provided by the financial institution associated with the payment vehicle; for example, a credit card company may prohibit single action input transaction for purchases greater than five hundred dollars; in another embodiment, the rules are provided by the user; for example, the user may indicate that all purchases of less than five dollars can be approved via a single action user input; the rules may be provided by the user using a web interface, GUI, or other input device). Regarding Claim 13, the combination of Grigg and Sheets teaches all the limitations of claim 9 above; however, the combination does not explicitly teach wherein the digital signature is encrypted by the POS terminal. Sheets further teaches wherein the digital signature is encrypted by the POS terminal (Paragraphs 0036 and 0047 teach a “biometric digital artifact,” as described herein, can be a digital artifact or cryptographically generated value that provides information identifying a type of biometric used in an authentication process and whether a biometric match has occurred on a consumer device; the terminal can be a POS device at a grocery store checkout line; the terminal could be a client computer or a mobile phone in the event that the user is conducting a remote transaction). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Grigg and Sheets to incorporate the further teachings of Sheets for the digital signature to be encrypted by the POS terminal. There is motivation to further combine Sheets into the combination of Grigg and Sheets because as long as the difference in the cryptographic values of the two biometric digital artifacts is below a predefined threshold (e.g. a few bits), the second biometric digital artifact will be considered to be valid. If a received biometric digital artifact is significantly different than previously received and stored biometric digital artifacts in the user fraud profile database, the received biometric digital artifact may not be verified and the payment transaction request may be denied for possible fear of a fraudster wishing to initiate the payment transaction request (Sheets Paragraph 0110). Regarding Claims 15, the combination of Grigg and Sheets teaches all the limitations of claim 14 above; and Grigg further teaches wherein the POS terminal establishes a connection with the device based at least in part on the device entering a geo-fence of the POS terminal (Paragraphs 0040 and 0074 teach the input comprises a wireless signal received by the mobile device from a wireless transmitter, such as a radio-frequency (RF) or NFC transmitter located proximate to the POS terminal or other transaction device; the single user action would be moving the mobile phone within range of the transmitter; the user enters a single action user input that is associated with a default payment vehicle when the user is proximate to a POS terminal; the user enters the single action user input using the input devices, such as a hotkey, camera, or accelerometer; for example, the user may trigger a hotkey associated with a credit card when the user is attempting to complete a transaction at a cash register; proximate is a relative term that is affected by the strength of the wireless payment network interface and the receiver at the POS terminal). Regarding Claims 25-27, the combination of Grigg and Sheets teaches all the limitations of claims 2, 9, and 19 above; and Grigg further teaches wherein: a first registered biometric characteristic of the user is a fingerprint of the user (Paragraph 0010 teaches the biometric is a fingerprint); a first financial account associated with the first registered biometric characteristic is a credit account of the user (Paragraphs 0070 and 0072 teaches the mobile device associates the selected default payment vehicle with the selected single action user input in memory; the process evaluates the user's selection of the default payment vehicle and of the single action user input and stores the association in the memory; for example, the user may have selected a credit card as the default payment vehicle and a touchscreen icon as the single action user input to be associated with the credit card; the mobile device, thus, will store the association between the credit card and the touchscreen icon in the memory as default payment information); a second registered biometric characteristics of the user is further comprise an iris scan of the user (Paragraph 0010 teaches the biometric is an iris scan); and the multiple financial accounts of the user further comprise a second financial account associated with the second registered biometric characteristic is a debit account of the user (Paragraph 0072 teaches it should be understood that the process of selecting default payment vehicles and associated single action user inputs can be repeated for a plurality of payment vehicles and user inputs, as indicated by arrow; for example, a user may select a credit card as a default payment vehicle for a first verbal command, a checking account as a default payment vehicle for a second verbal command). Claims 6 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Grigg (US 20120197740) in view of Sheets (US 20130290136) in further view of Baghdasaryan (US 20110082802). Regarding Claims 6 and 17, the combination of Grigg and Sheets teaches all the limitations of claims 2 and 9 above; however, the combination does not explicitly teach wherein the candidate biometric characteristic received from the POS terminal is tokenized. Baghdasaryan from same or similar field of endeavor teaches wherein the candidate biometric characteristic received from the POS terminal is tokenized (Paragraph 0043 teaches during an example user identification process (also referred to as a user verification process), a user swipes their finger across a fingerprint sensor; the process then determines whether the user's fingerprint information matches a fingerprint template associated with the fingerprint sensor; if the user's fingerprint information matches a fingerprint template, the user's credentials are released to the user and/or a service or process requesting the user verification; thus, the user credentials are not released from the secure storage device until a matching fingerprint template is confirmed; the user credentials released as a result of a match with a fingerprint template are not necessarily the same credentials provided by the user during the enrollment process; for example, the user credentials released after finding a matching fingerprint template may include an OTP (One Time Password) token, RSA signature and the like; the enrollment process can be initiated by a Web server, a Web browser plug-in, and the like). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Grigg and Sheets to incorporate the teachings of Baghdasaryan for the candidate biometric characteristic received from the POS terminal to be tokenized. There is motivation to combine Baghdasaryan into the combination of Grigg and Sheets because if the fingerprint information matches a fingerprint template associated with the fingerprint sensor, the Web browser plug-in releases user secrets from the user credentials. In particular embodiments, the fingerprint sensor releases an OTP token or an RSA signature instead of plaintext credentials. After the credentials are released, they are communicated to the Web site to complete the user authentication process (Baghdasaryan Paragraph 0051). Claim 10 are rejected under 35 U.S.C. 103 as being unpatentable over Grigg (US 20120197740) in view of Sheets (US 20130290136) in further view of Adams (US 20100117794). Regarding Claim 10, the combination of Grigg and Sheets teaches all the limitations of claim 9 above; however, the combination does not explicitly teach wherein the candidate biometric characteristic is a fingerprint processed by the biometric reader as distances between ridges to obtain a minutiae set, wherein the digital signature corresponds to the minutiae set. Adams from same or similar field of endeavor teaches wherein the candidate biometric characteristic is a fingerprint processed by the biometric reader as distances between ridges to obtain a minutiae set, wherein the digital signature corresponds to the minutiae set (Paragraph 0280 teaches the enabling process is the same for all of the biometric devices; the biometric device is enabled by the authorized user by the placement of the user's enrolled finger, or fingers in a series, on the fingerprint platen; the fingerprint platen recognizes the placement of the finger and begins the scan of the finger to determine the fingerprint, reducing the fingerprint to a template of minutiae as is common in the art; this minutiae template is compared with a previously stored fingerprint minutiae template and a calculation is made as to the degree of match between the two templates; if the match meets pre-established criteria, then the match is verified and the biometric device converts to an enabled state). It would have been prima facie obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Grigg and Sheets to incorporate the teachings of Adams for the candidate biometric characteristic to be a fingerprint processed by the biometric reader as distances between ridges to obtain a minutiae set, wherein the digital signature corresponds to the minutiae set. There is motivation to combine Adams into the combination of Grigg and Sheets because the enabling step takes less than two seconds (Adams Paragraph 0281). The system reduces the time of calculation, which improves the process of authenticating the customer’s account. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Wagner et al. (US 20180211022) a biometric verification system is disclosed. The system includes a portable device which stores a biometric reference template and authentication preferences. The portable device can be used with an access device. The access device can prompt the user for a biometric sample. The access device may create a biometric sample template from the biometric sample, and the biometric sample template can be compared to the biometric reference template to determine if a user is authentic. Baca et al. (US 20140214673) teaches authentication using biometric data for mobile device e-commerce transactions. A method may include capturing a mobile device user's biometric data; comparing the captured biometric data to authorized user biometric data stored on the mobile device; and authenticating an e-commerce transaction if the captured biometric data corresponds to the authorized user biometric data stored on the mobile device. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137. The examiner can normally be reached on 7:30 am - 4:30 pm CST (M-Th). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /COURTNEY P JONES/Primary Examiner, Art Unit 3699
Read full office action

Prosecution Timeline

Show 22 earlier events
Jun 20, 2025
Request for Continued Examination
Jun 24, 2025
Response after Non-Final Action
Jul 14, 2025
Non-Final Rejection mailed — §101, §103, §112
Sep 25, 2025
Interview Requested
Oct 01, 2025
Examiner Interview Summary
Oct 01, 2025
Applicant Interview (Telephonic)
Oct 14, 2025
Response Filed
Jun 23, 2026
Final Rejection mailed — §101, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12670494
SECURE AUTHENTICATION BASED ON PASSPORT DATA STORED IN A CONTACTLESS CARD
2y 4m to grant Granted Jun 30, 2026
Patent 12664548
EMAIL BASED E-COMMERCE WITH QR CODE BARCODE, IMAGE RECOGNITION ALTERNATIVE PAYMENT METHOD AND BIOMETRICS
1y 8m to grant Granted Jun 23, 2026
Patent 12657555
SYSTEMS AND METHODS FOR MULTIPARTITE RELAY PROTOCOLS
2y 6m to grant Granted Jun 16, 2026
Patent 12657583
MULTI BLOCKCHAIN NETWORK SYSTEM WITHOUT NATIVE CRYPTOCURRENCY BASED ON AGGREGATED PROOF-OF-TRANSACTION CONSENSUS
2y 2m to grant Granted Jun 16, 2026
Patent 12646066
RADIO NETWORK PULSES FOR CONTACTLESS PAYMENT VERIFICATION
2y 6m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

7-8
Expected OA Rounds
68%
Grant Probability
90%
With Interview (+22.2%)
3y 1m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 249 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month