DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
The present office action is responsive to communications filed on 11/28/2025. Claims 1, 22, and 24 have been amended. Claims 9-11, 30-32, 35, 36, and 37 have been previously cancelled. Claims 1-6, 12-15, 19-27, 33, 34, and 38 are currently pending.
Applicant’s arguments and amendments filed on 11/28/2025 with respect to rejection of claim 22 under 35 USC 112(b), as seen in page 10, have been fully considered and persuasive. Further more Applicant’s arguments and amendments with respect to rejection of claims 1-3, 20, 21, 24, and 34 under 35 USC 103 over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), and Sheets et al. (US PGPub No. 20210264434-A1), as seen in pages 10-18, have been fully considered and are persuasive specifically the amended limitation of dual controllers. Therefore, the rejection have been withdrawn. However, upon further consideration, new grounds of rejection is made in additional view of Yang et al. (US PGPub No. 20190172056-A1) and Rezayee et al. (US PGPub No. 20160026990-A1).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 12, 20, 21, and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), and Rezayee et al. (US PGPub No. 20160026990-A1).
With respect to claim 1, Sharma teaches an apparatus comprising: (¶0052-0054: As will be appreciated based on the foregoing specification, the above-described embodiments of the disclosure may be implemented using computer programming or engineering techniques including computer software, firmware, hardware or any combination or subset thereof); a processor; (¶0020-0024: As seen in Figure 2, the computing device 200 also includes an input device 208 that receives inputs from the user (i.e., user inputs) such as, for example, authentication inputs, transaction requests, etc. The input device 208 is coupled to (and is in communication with) the processor 202 and may include, for example, a keyboard, a pointing device, a mouse, a touch sensitive panel (e.g., a touch pad or a touch screen, etc.), another computing device, and/or an audio input device.).
a first communication interface to allow the processor to communicate with a mobile device, wherein the first communication interface is to receive a first authentication information from the mobile device, (¶0054: Receiving, by a computing device, via a first wireless connection (first communication interface) , a credential from a mobile device in connection with a network transaction, the credential specific to an account associated with the mobile device (first authentication information).
a second communication interface to allow the processor to communicate with point-of-user-interaction apparatus, (¶0033: As seen in Figure 1, the POS terminal 114 is configured to establish a wireless connection with the mobile device 116 based on the identifier included in the authorization reply (e.g., the BLE address, the MAC address, etc.) and to transmit the result of the transaction (e.g., approved, declined, failed, etc.) (e.g., from the authorization reply, based on a transaction status as the POS terminal 114, etc.) to the mobile device 116, via the wireless connection (e.g., a Bluetooth® connection, etc.). It should be noted that, in this exemplary embodiment, a different wireless connection (WC2) other than the wireless connection (WC1) may be used to pass the payment account credential (i.e., the NFC connection, etc.).).
wherein the second communication interface is to receive a second authentication information from the point-of-user-interaction apparatus, (¶0033: As seen in Figure 1, the POS terminal 114 is configured to establish a wireless connection with the mobile device 116 based on the identifier included in the authorization reply (e.g., the BLE address, the MAC address, etc.) and to transmit the result of the transaction (e.g., approved, declined, failed, etc.) (e.g., from the authorization reply, based on a transaction status as the POS terminal 114, etc.) to the mobile device 116, via the wireless connection (e.g., a Bluetooth® connection, etc.). It should be noted that, in this exemplary embodiment, a different wireless connection (WC2) other than the wireless connection (WC1) may be used to pass the payment account credential (i.e., the NFC connection, etc.).)
wherein the processor is to notify the mobile device of a validity of the transaction via the first communication interface, (¶0033: In addition, the POS terminal 114 is configured to establish a wireless connection with the mobile device 116 based on the identifier included in the authorization reply (e.g., the BLE address, the MAC address, etc.) and to transmit the result of the transaction (e.g., approved, declined, failed, etc.) (e.g., from the authorization reply, based on a transaction status as the POS terminal 114, etc.) to the mobile device 116, via the wireless connection (e.g., a Bluetooth® connection, etc.)).
wherein the processor is to notify the point-of-user-interaction apparatus of the validity of the transaction via the second communication interface, (¶0054: (f) transmitting, by the computing device, via a second wireless connection, a notification, including the result of the network transaction, to the mobile device, based on the identifier included in the authorization reply, the first wireless connection being different than the second wireless connection.)
wherein the apparatus is to receive the second identification via the point-of-user-interaction apparatus, (¶0029: Further, in response to receiving the credentials for the user’s payment account, from the mobile 116 (and the virtual wallet 118), the POS terminal 114 is configured to compile an authorization request for the transaction, including the payment account, an amount of the transaction, a currency, a merchant ID, and other data specific the transaction (e.g., a transaction ID, etc.) and the merchant name). Uniquely, the POS terminal 114 is configured to include the identifier of the mobile device 116 in the authorization request (second identification).)
wherein the second identification is used to identify the mobile device to the point-of-user-interaction apparatus; and (¶0038: In connection therewith, the POS terminal 114 recognizes or identifies (broadly, determines), at 306, the identifier of the mobile device 116. The identifier may include a BLE address, a MAC address or another wireless network associated address (e.g., with which the POS terminal 114 is enabled to communicate with the mobile device 116, etc.).
Sharma does not disclose:
wherein the first authentication information includes a first key and a second cryptographic token; and
wherein the second authentication information includes a second key and a first cryptographic token, wherein the processor is to authenticate a transaction between the mobile device and the point-of-user-interaction apparatus by decrypting the first cryptographic token with the first key and decrypting the second cryptographic token with the second key,
However, Cummins teaches wherein the first authentication information includes a first key and a second cryptographic token; and (¶0101-104: The payment credentials management service 112 may build a message including the notification and a session identifier, and then may encrypt the message using the mobile key 604. The payment credentials management service 112 may also identify the mobile device 104 for receipt using the unique identifier in the user profile.).
wherein the second authentication information includes a second key and a first cryptographic token, (¶0101: In step 1004 may include the provisioning of the single use key 118, the single use key 118 may be encrypted using a random key (e.g., or suitable key other than the mobile key 604), and then encrypted single use key may be encrypted using the mobile 604 and provisioned to the mobile payment application 106 similar encryption and transmission of the message as disclosed herein).
wherein the processor is to authenticate a transaction between the mobile device and the point-of-user-interaction apparatus by decrypting the first cryptographic token with the first key and decrypting the second cryptographic token with the second key, (¶0061-0063: As seen in Figure 1, the remote notification service 114 may then transmit the message to the mobile device 104 using remote notification device 104 may provide the message to the mobile payment application 106, which may then decrypt the message using the shared mobile key (decrypting the first cryptographic token and with first key) , and then may decrypt the encrypted single key with random key (decrypting the second cryptographic token with second key) , and thus use the single use key in a payment transaction. . In such an embodiment, the mobile key may be used to decrypt the session identifier to be used to build the authentication code to be used for the mutual authentication 404. ).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Cummins regarding the authentication information to the method Sharma in order to prevent unauthorized access and eavesdropping from occurring (Cummins: ¶0004 & ¶0064).
Sharma in view of Cummins does not disclose:
wherein a first controller of the point-of-user-interaction apparatus generates a first identification,
wherein the mobile device is to generate a second identification which is a second unique identification,
wherein the point-of-user-interaction apparatus is to generate a third identification which is a third unique identification, wherein the third identification is provided to the apparatus via the mobile device,
However, Yen teaches wherein a first controller of the point-of-user-interaction apparatus generates a first identification, (¶0045: The application may be initiated by use of the mobile terminal 210 to initiate purchase of goods and/or services, wherein the transaction data, transmitted between the mobile terminal 210 and the receiving terminal 214 through the communication link 216 results from processing the payment of the goods and/or services (generating first authentication via point of sale). ¶0077-0079: In interaction A, coupons are provisioned to the mobile terminal 210 through the merchant application 210a for the user to browse, save and use. Redeemed coupons are also synchronized at a backend. Loyalty cards are registered to the mobile terminal 210 and a loyalty ID is created, which may be the primary identifier of the loyalty card (generating first identification).).
wherein the mobile device is to generate a second identification which is a second unique identification, (¶0077-0079: The receiving terminal 214 receives the authentication code from the mobile terminal 210 and compares the received authentication code against an authentication code generated by the receiving terminal 214 based on data from the mobile terminal (generating second authentication information).).
wherein the point-of-user-interaction apparatus is to generate a third identification which is a third unique identification, (¶0039: In another example, the receiving terminal may generate the unique identifier (third unique identification) and the unique identifier to the mobile terminal, whereby the server receives the unique identifier from mobile terminal during the creation of the storage slot). wherein the third identification is provided to the apparatus via the mobile device, (¶0039: whereby the server receives the unique identifier from the mobile terminal during the creation of the storage slot).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yen with regards to generation of identification information via POS to the method of Sharma in view of Cummins in order to enable for mobile transactions to be compatible between any type of merchants (Yen: ¶0003-0004).
Sharma in view of Cummins and Yen does not disclose:
wherein the first identification is used to match the first authentication information with the second authentication information;
However, Sheets teaches wherein the first identification is used to match the first authentication information with the second authentication information; (¶0061-0065: In some embodiments, the payment processing network computer 112 may verify that the authentication token (first identification) is associated with the device identifier. After determining that the consumer 102 is associated with the mobile communication device 104 that is enrolled in the system, the payment processing network computer 112 may determine an issuer and a consumer account associated with the device identifier if the device identifier is present in the transaction request message and the consumer account identifier is not in the transaction request message. The payment processing network computer 112 may determine a merchant pay-me account associated with the merchant account identifier and may start the process of transferring funds equal to the transaction amount to the merchant pay-me account from the consumer account (matching first authentication information and second authentication information) . At step 5, the payment processing network computer 112 may generate and send an authorization request message to the issuer computer 114 operated by issuer of the consumer’s account and may obtain authorization for the transaction. The authorization request message may contain the consumer’s account identifier and the account of the transaction. ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Sheets regarding sending the first authentication information via mobile device to authenticate transaction to the method Tankha in view of Dundigalla and Sharma in order to provide security for consumers because the consumer’s account information is not passed to ah wide number of entities (some of which may have malicious or fraudulent intent) and the consumer’s account information is only passed within a secure payment channel (Sheets: ¶0023).
Tankha in view of Dundigalla, Sharma, and Sheets does not disclose:
wherein the point-of-user-interaction apparatus comprises a first controller with a security function that generates both the first authentication information and the second authentication information, and
a second controller communicatively coupled to a display unit, wherein the first controller instructs transmission of the first authentication information to the mobile device, and
wherein the second controller instructs transmission of the second authentication information to the apparatus.
However, Yang teaches wherein the point-of-user-interaction apparatus comprises a first controller with a security function (¶0139: In Figure 15 shows the POS terminal 200. The controller 2800 controls all operations of the POS terminal 2000, and controls the authentication information generator 2100, the authentication information receiver 2200, the authentication information transmitter 2300, the authenticator 2400, the transaction requester 2500, the memory 2600, and the transceiver 2700 so as to allow the POS terminal 2000 to generate the authentication information ) that generates both the first authentication information and the second authentication information, and ( ¶0079-0080 Figure 4 is a flowchart of a method of authenticating, by the POS terminal 2000, a transaction request from the device 1000 in the transaction request authenticating system, according to another exemplary embodiment. In operation S402, the POS terminal 2000 generates authentication information, based on a user input.)
wherein the first controller instructs transmission of the first authentication information to the mobile device, and (¶0082: In operation S404, the device 1000 performs a short-range contact with the POS terminal 2000. The device 1000 and the POS terminal 2000 may approach each other to within a predetermined range, and once the device 1000 and the POS terminal 2000 are within the predetermined range, the device 1000 and the POS terminal 2000 may be connected to each other via an NFC network. The connection between the device 1000 and the POS terminal 2000 may be established by exchanging messages between the device 1000 and the POS terminal 2000.);
wherein the second controller instructs transmission of the second authentication information to the apparatus. (Further ¶0117 The transceiver 2700 exchanges the various types of information with the device 1000 and the server 3000, wherein the various types of information are used for the POS terminal 2000 to generate the authentication information, to compare the authentication information that is generated by the POS terminal 2000 with the authentication information that is received from the device 1000, and to request the transaction with the server 3000);
Although, Yang does not explicitly disclose a first and second authentication, the limitation emphasize the use of dual controllers that generates of authentication information and transmits data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yang regarding the first and second controllers to the method Tankha in view of Dundigalla, Sharma, and Sheets in order to ensure a secure transaction and prevention of confidential information from being exposed (Yang: ¶0004).
Tankha in view of Dundigalla, Sharma, Sheets, and Yang does not disclose:
a second controller communicatively coupled to a display unit,
a second controller communicatively coupled to a display unit, (¶0039 and In Figure 2A shows the point-of-sale system 200B includes the processing module 210, the touch sensitive display 212 and an interface module 230’. The interface module 230′ of the point-of-sale system 200B, like the interface module 230 of FIG. 2A, includes a secure input controller 232 and an input controller 234. During the secure input mode, the secure input controller 232 in this example needs to comply with industry security requirements, such as the Payment Card Industry Data Security Standards (PCI DSS).);
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Rezayee regarding the second controller to the method Tankha in view of Dundigalla, Sharma, Sheets, and Yang in order to ensure a security while complying industry security protocol and help with processing data by the point of sale system (Rezayee: ¶0004).
With respect to claim 2, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee teaches the method of claim 1 (see rejection of claim 1 above) wherein the first communication interface comprises a wireless interface. (Sharma: ¶0026: The wireless connection is designated WC1 (first communication interface) as seen in Figure 1, for an NFC connection, it should be understood that the NFC connection is a short ranges connection, whereby the mobile device 116 is required to be within close proximity to the POS terminal 114 (e.g., within about four centimeters, or otherwise, etc.).
With respect to claim 3, the combination of Sharma in view of Cummins, Yen, and Sheets teaches the method of claim 1 (see rejection of claim 1 above) wherein the second communication interface comprises a network interface. (Sharma: ¶0027-0033 & 0045: This may involve, again, the POS terminal 114 and the mobile device 116 establishing a wireless connection, at 336, which, in this embodiment, may be a Bluetooth® connection based on the BLE address (and different than the NFC connection) (e.g., WC2 in the system 100 of FIG. 1, etc.).
With respect to claim 12, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee teaches the method of claim 1 (see rejection of claim 1 above) wherein the second unique identification is same as the third unique identification, or wherein the second unique identification is different than the third unique identification. (Yen: ¶0044: A unique identifier, used to facilitate the enablement of the communication link is stored in a memory of the mobile terminal, the receiving terminal and the server and implies in ¶120-122: implies second unique identification can be referenced to the server and can be used as a third unique identifier).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yen regarding second and third identifications to the method Sharma in view of Cummins, Sheets, Yang, and Rezayee in order to enable for mobile transactions to be compatible between any type of merchants (Yen: ¶0003- 0004).
With respect to claim 20, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee teaches the method of claim 1 (see rejection of claim 1 above) wherein the mobile device comprises a camera or a biometric sensor to authenticate a user of the mobile device. (Sharma: ¶0025: As seen in Figure 1, the mobile device 116, the user 112 opens the virtual wallet application 118, whereupon the mobile device 116, as configured by the virtual wallet application 118, solicits an authentication input from the user 112. The authentication input may include, for example, a biometric (e.g., a fingerprint, a facial image, etc.), a PIN, a password, a motion, etc.).
With respect to claim 21, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee teaches the method of claim 1 (see rejection of claim 1 above) wherein the transaction is a financial transaction or wherein the transaction is a voting ballot. (Sharma: ¶0011-0016 : In addition, in the system 100, the user 112 is associated with a payment account, which is issued to the user 112 by issuer 108 and is suitable to fund transactions (financial transaction) for the purchase of products from the merchant 102 (or other merchants as desired).).
With respect to claim 24, Sharma teaches a method for authenticating a transaction between a mobile device and a point-of-user-interaction apparatus, the method comprising: (¶00010-0011: Transactions may be initiated by users, at merchants, through virtual wallet applications in mobile devices associated with the users, by authenticating of the users (e.g., via biometrics, PINs, etc.) and then tapping of the mobile devices at POS terminals of the merchants. The POS terminals, in turn, receive credentials from the virtual wallet applications, via local wireless connections (e.g., via near-filed communication (NFC), etc.), and proceed to compile and transmit authorization requests toward issuers of the payment accounts involved in the transactions for approval.) receiving a first authentication information from the mobile device, (¶0028-0029: In connection with the interaction between the POS terminal 114 and the mobile device 116, the POS terminal 114 is configured to recognize and/or capture the identifier associated with the mobile device 116, which, in this embodiment, includes a BLE address, and to store the address in memory (e.g., the memory 204, etc.) in association with the specific transaction (e.g., to distinguish the mobile device 116 from other mobile devices in the vicinity, etc.) (first authentication information)).
receiving a second authentication information from the point-of-user-interaction apparatus, (¶0028-0029: Further, in response to receiving the credential for the user's payment account, from the mobile device 116 (and the virtual wallet application 118), the POS terminal 114 is configured to compile an authorization request for the transaction, including the payment account credential, an amount of the transaction, a currency, a merchant ID, and other data specific to the transaction (e.g., a transaction ID, etc.) and the merchant (e.g., a merchant name, an MCC, etc.) (second authentication information) , etc. Uniquely, the POS terminal 114 is configured to include the identifier of the mobile device 116 in the authorization request.).
notifying the mobile device of a validity of the transaction; and notifying the point-of-user-interaction apparatus of the validity of the transactions (¶0049-051: As seen in Figure 1, whereby, upon receipt of a conventional authorization reply, the POS terminal 114 may retrieve the identifier from memory (e.g., based on a transaction ID, terminal ID, etc.) and use the identifier (e.g., the BLE address, MAC address, etc.), for the specific transaction, to notify the mobile device 116 (and specifically, the virtual wallet application 118) of the result, thereby permitting the mobile device 116 (and also the POS terminal 114)).
wherein the method comprises: receiving the second identification via the point-of-user-interaction apparatus, (¶0029: Further, in response to receiving the credentials for the user’s payment account, from the mobile 116 (and the virtual wallet 118), the POS terminal 114 is configured to compile an authorization request for the transaction, including the payment account, an amount of the transaction, a currency, a merchant ID, and other data specific the transaction (e.g., a transaction ID, etc.) and the merchant name). Uniquely, the POS terminal 114 is configured to include the identifier of the mobile device 116 in the authorization request (second identification).)
wherein the second identification is used to identify the mobile device to the point-of- user-interaction apparatus; (¶0038: In connection therewith, the POS terminal 114 recognizes or identifies (broadly, determines), at 306, the identifier of the mobile device 116. The identifier may include a BLE address, a MAC address or another wireless network associated address (e.g., with which the POS terminal 114 is enabled to communicate with the mobile device 116, etc.).
Sharma does not disclose:
wherein the first authentication information includes a first key and a second cryptographic token;
wherein the second authentication information includes a second key and a first cryptographic token;
authenticating a transaction between the mobile device and the point-of-user- interaction apparatus by decrypting the first cryptographic token with the first key and decrypting the second cryptographic token with the second key;
However, Cummins teaches wherein the first authentication information includes a first key and a second cryptographic token; (¶0101-104: The payment credentials management service 112 may build a message including the notification and a session identifier, and then may encrypt the message using the mobile key 604. The payment credentials management service 112 may also identify the mobile device 104 for receipt using the unique identifier in the user profile.)
wherein the second authentication information includes a second key and a first cryptographic token; (¶0101: In step 1004 may include the provisioning of the single use key 118, the single use key 118 may be encrypted using a random key (e.g., or suitable key other than the mobile key 604), and then encrypted single use key may be encrypted using the mobile 604 and provisioned to the mobile payment application 106 similar encryption and transmission of the message as disclosed herein).
authenticating a transaction between the mobile device and the point-of-user- interaction apparatus by decrypting the first cryptographic token with the first key and decrypting the second cryptographic token with the second key; (¶0061-0063: As seen in Figure 1, the remote notification service 114 may then transmit the message to the mobile device 104 using remote notification device 104 may provide the message to the mobile payment application 106, which may then decrypt the message using the shared mobile key (decrypting the first cryptographic token and with first key) , and then may decrypt the encrypted single key with random key (decrypting the second cryptographic token with second key) , and thus use the single use key in a payment transaction. . In such an embodiment, the mobile key may be used to decrypt the session identifier to be used to build the authentication code to be used for the mutual authentication 404. ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Cummins regarding the authentication information to the method Sharma in order to prevent unauthorized access and eavesdropping from occurring (Cummins: ¶0004 & ¶0064).
Sharma in view of Cummins does not disclose:
wherein a first controller of the point-of-user-interaction apparatus generates a first identification,
wherein the method comprising: receiving the first identification; wherein the mobile device is to generate a second identification which is a second unique identification,
wherein the point-of-user-interaction apparatus is to generate a third identification which is a third unique identification, wherein the method comprises: receiving the third identification via the mobile device,
However, Yen teaches wherein a first controller of the point-of-user-interaction apparatus generates a first identification, (¶0045: The application may be initiated by use of the mobile terminal 210 to initiate purchase of goods and/or services, wherein the transaction data, transmitted between the mobile terminal 210 and the receiving terminal 214 through the communication link 216 results from processing the payment of the goods and/or services (generating first authentication via point of sale). ¶0077-0079: In interaction A, coupons are provisioned to the mobile terminal 210 through the merchant application 210a for the user to browse, save and use. Redeemed coupons are also synchronized at a backend. Loyalty cards are registered to the mobile terminal 210 and a loyalty ID is created, which may be the primary identifier of the loyalty card (generating first identification).).
wherein the mobile device is to generate a second identification which is a second unique identification, (¶0077-0079: The receiving terminal 214 receives the authentication code from the mobile terminal 210 and compares the received authentication code against an authentication code generated by the receiving terminal 214 based on data from the mobile terminal (generating second authentication information).).
wherein the point-of-user-interaction apparatus is to generate a third identification which is a third unique identification, (¶0039: In another example, the receiving terminal may generate the unique identifier (third unique identification) and the unique identifier to the mobile terminal, whereby the server receives the unique identifier from mobile terminal during the creation of the storage slot). wherein the third identification is provided to the apparatus via the mobile device, (¶0039: whereby the server receives the unique identifier from the mobile terminal during the creation of the storage slot).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yen with regards to generation of identification information via POS to the method of Sharma in view of Cummins in order to enable for mobile transactions to be compatible between any type of merchants (Yen: ¶0003-0004).
Sharma in view of Cummins and Yen does not disclose:
wherein the first identification is used to match the first authentication information with the second authentication information;
However, Sheets teaches wherein the first identification is used to match the first authentication information with the second authentication information; (¶0061-0065: In some embodiments, the payment processing network computer 112 may verify that the authentication token (first identification) is associated with the device identifier. After determining that the consumer 102 is associated with the mobile communication device 104 that is enrolled in the system, the payment processing network computer 112 may determine an issuer and a consumer account associated with the device identifier if the device identifier is present in the transaction request message and the consumer account identifier is not in the transaction request message. The payment processing network computer 112 may determine a merchant pay-me account associated with the merchant account identifier and may start the process of transferring funds equal to the transaction amount to the merchant pay-me account from the consumer account (matching first authentication information and second authentication information) . At step 5, the payment processing network computer 112 may generate and send an authorization request message to the issuer computer 114 operated by issuer of the consumer’s account and may obtain authorization for the transaction. The authorization request message may contain the consumer’s account identifier and the account of the transaction. ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Sheets regarding sending the first authentication information via mobile device to authenticate transaction to the method Tankha in view of Dundigalla and Sharma in order to provide security for consumers because the consumer’s account information is not passed to ah wide number of entities (some of which may have malicious or fraudulent intent) and the consumer’s account information is only passed within a secure payment channel (Sheets: ¶0023).
Tankha in view of Dundigalla, Sharma, and Sheets does not disclose:
wherein the point-of-user-interaction apparatus comprises a first controller with a security function that generates both the first authentication information and the second authentication information, and
a second controller communicatively coupled to a display unit, wherein the first controller instructs transmission of the first authentication information to the mobile device, and
wherein the second controller instructs transmission of the second authentication information to the apparatus.
However, Yang teaches wherein the point-of-user-interaction apparatus comprises a first controller with a security function (¶0139: In Figure 15 shows the POS terminal 200. The controller 2800 controls all operations of the POS terminal 2000, and controls the authentication information generator 2100, the authentication information receiver 2200, the authentication information transmitter 2300, the authenticator 2400, the transaction requester 2500, the memory 2600, and the transceiver 2700 so as to allow the POS terminal 2000 to generate the authentication information ) that generates both the first authentication information and the second authentication information, and ( ¶0079-0080 Figure 4 is a flowchart of a method of authenticating, by the POS terminal 2000, a transaction request from the device 1000 in the transaction request authenticating system, according to another exemplary embodiment. In operation S402, the POS terminal 2000 generates authentication information, based on a user input.)
wherein the first controller instructs transmission of the first authentication information to the mobile device, and (¶0082: In operation S404, the device 1000 performs a short-range contact with the POS terminal 2000. The device 1000 and the POS terminal 2000 may approach each other to within a predetermined range, and once the device 1000 and the POS terminal 2000 are within the predetermined range, the device 1000 and the POS terminal 2000 may be connected to each other via an NFC network. The connection between the device 1000 and the POS terminal 2000 may be established by exchanging messages between the device 1000 and the POS terminal 2000.);
wherein the second controller instructs transmission of the second authentication information to the apparatus. (Further ¶0117 The transceiver 2700 exchanges the various types of information with the device 1000 and the server 3000, wherein the various types of information are used for the POS terminal 2000 to generate the authentication information, to compare the authentication information that is generated by the POS terminal 2000 with the authentication information that is received from the device 1000, and to request the transaction with the server 3000);
Although, Yang does not explicitly disclose a first and second authentication, the limitation emphasize the use of dual controllers that generates of authentication information and transmits data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yang regarding the first and second controllers to the method Tankha in view of Dundigalla, Sharma, and Sheets in order to ensure a secure transaction and prevention of confidential information from being exposed (Yang: ¶0004).
Tankha in view of Dundigalla, Sharma, Sheets, and Yang does not disclose:
a second controller communicatively coupled to a display unit,
a second controller communicatively coupled to a display unit, (¶0039 and In Figure 2A shows the point-of-sale system 200B includes the processing module 210, the touch sensitive display 212 and an interface module 230’. The interface module 230′ of the point-of-sale system 200B, like the interface module 230 of FIG. 2A, includes a secure input controller 232 and an input controller 234. During the secure input mode, the secure input controller 232 in this example needs to comply with industry security requirements, such as the Payment Card Industry Data Security Standards (PCI DSS).);
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Rezayee regarding the second controller to the method Tankha in view of Dundigalla, Sharma, Sheets, and Yang in order to ensure a security while complying industry security protocol and help with processing data by the point of sale system (Rezayee: ¶0004).
Claims 4-6, 15, 19, and 25-27 are rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), Rezayee et al. (US PGPub No. 20160026990-A1), Pomeroy et al. (US PGPub No. 20160086166-A1), and Dundigalla et al. (US PGPub No. 20220058906-A1).
With respect to claim 4, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee teaches the method of claim 1 (see rejection of claim 1 above) wherein the point-of-user- interaction apparatus comprises:
a first controller with a security function, the first controller communicatively coupled to the memory, (Cummins: ¶0043-0045: As seen in Figure 1, the user 102 may have a payment account with an issuer 108, such as a credit card account. The user 102 may desire to use their mobile device 104 to conduct payment transactions using their payment account with the issuer 108 for funding of the transactions. Payment credentials corresponding to the payment account may be stored by a remote-SE (remote-secure element) system 110 (a first controller with a security function) for provisioning to the mobile device 104. The remote-SE system 110 may include at least include at least a payment credentials management service 112 and a remote notification 114. )
wherein the first controller is to generate the first authentication information and the second authentication information; ( Yen ¶0045: The application may be initiated by use of the mobile terminal 210 to initiate purchase of goods and/or services, wherein the transaction data, transmitted between the mobile terminal 210 and the receiving terminal 214 through the communication link 216 results from processing the payment of the goods and/or services (generating first authentication via point of sale). ¶0077-0079: In interaction A, coupons are provisioned to the mobile terminal 210 through the merchant application 210a for the user to browse, save and use. Redeemed coupons are also synchronized at a backend. Loyalty cards are registered to the mobile terminal 210 and a loyalty ID is created, which may be the primary identifier of the loyalty card (generating first identification). The receiving terminal 214 receives the authentication code from the mobile terminal 210 and compares the received authentication code against an authentication code generated by the receiving terminal 214 based on data from the mobile terminal (generating second authentication information).)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yen with regards to generation of identification information via POS to the method of Sharma in view of Cummins, Sheets, Yang, and Rezayee in order to enable for mobile transactions to be compatible between any type of merchants (Yen: ¶0003-0004).
a message circuitry to wirelessly transmit the communication message to the mobile device, (Cummins: ¶0060-0061: As seen in Figure 4, the dual channel communication may include using remote notification 402 as a first channel, and mutual authentication 404 as a second channel. Remote notification 402 may be performed between the remote notification service 114 and the mobile device 104. In some embodiments, the payment credentials management service 112 may generate information, such as the single use key 118, to be provided to the mobile payment application 106. The payment credentials management service 112 may generate a message including the single use key encrypted with a random key to be provided and may encrypt the message using the mobile key.).
transmit the first authentication information, via the message circuitry, to the mobile device, and transmit, via a network connection, (Cummins: ¶0026: As seen in Figure 12 illustrates the delivery of a single use key to the mobile device of Figure 1. ¶0111: As seen in Figure 10 In an exemplary embodiment, while performing the connection with the payment credentials management service 112 made upon the triggering of remote management, the encrypted single use key 118, may be previously transmitted to the mobile payment application 106 in a message encrypted by the mobile key 604.).
the second authentication information to the second communication interface; (Sharma: ¶0027-0033 & 0045: It should be noted that, in this exemplary embodiment, a different wireless connection (WC2) other than the wireless connection (WC1) may be used to pass the payment account credential (i.e., the NFC connection, etc.).).
a display unit configured to display an application to communicate with a user of the mobile device; and a second controller communicatively coupled to the display unit; (Sharma: ¶0029-0033: The POS terminal 114 is further configured to then transmit the authorization request 120 to the acquirer 104 (associated with the merchant 102), along path A in the system 100.).
wherein the first controller is to instruct at least one of the one or more interfaces to transmit the first authentication information to the mobile device, and (Cummins: ¶0120-0121: In Figure 14, a method for conducting a contactless payment transaction using the mobile payment application 106 on the mobile device 104 using the card profile 116 and single use key 118 provisioned by the payment credentials management service 112. In step 1402, the user 102 may start the mobile payment application 106 on the mobile device 104. In step 1404, the mobile payment application 106 may prepare for payment. To prepare for payment, the mobile payment application 106 may regenerate the mobile storage key and may retrieve the payment credentials and generating key from the card profile 116 and the single use key 118 in the encrypted local storage 304. The generating key may be used by the mobile payment application 106 to generate a payment cryptogram for use in the payment transaction. The mobile payment application 106 may also indicate to the user 102 that the application is ready for payment.).
wherein the second controller is to instruct at least one of the one or more interfaces to transmit the second authentication information to the second communication interface. (Sharma: ¶0015 & 0029-0031: The POS terminal 114 is configured, by executable instructions, to receive payment account credentials from payment devices, to compile and transmit authorization requests for payment account transactions, to receive authorization replies as describe more below, and/or to further operate as described herein (e.g., to communicate with mobile devices, etc.). ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Cummins regarding the authentication information to the method of Sharma in view of Yen, Sheets, Yang, and Rezayee in order to prevent unauthorized access and eavesdropping from occurring (Cummins: ¶0004 & ¶0064).
Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee does not disclose:
a memory to store a communication message;
However, Pomeroy teaches a memory to store a communication message; (¶0058-0063: In an embodiment, the point of sale processing unit 105 stores and/or receives from the electronic value token transaction computer 150 (or a sub-administrator or unit associated therewith, such as a sub-wallet administrator) a transaction format associated with the POS retailer and/or associated with a given transaction type and/or value token, and such transaction format may be used to format the transaction request or message, to prompt the user for further information, or for other data gathering or transmit/receive features at the point of sale.).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Pomeroy regarding communication message and the memory to the method Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee in order to format transaction requests or messages, to prompt user for further information, and to confirm validity of the user (Pomeroy: ¶0008 & 0063).
Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy does not disclose:
wherein the communication message includes a hyperlink; one or more interfaces to: transmit the communication message to the message circuitry;
However, Dundigalla teaches wherein the communication message includes a hyperlink; (¶0023: activating, on the object-dispensing apparatus e.g., user-point-interaction apparatus), a short-range wireless communication reader to receive and read a token communicated from a user device in possession of a user (communication target). Further the method includes determining, based on the token, a mobile communication device identifier associated with a mobile communication device utilized by the user, and, using the mobile communication identifier, communicating a push notification to the mobile communication device. The push notification notifies the user of contactless use of the object-dispensing apparatus and provides an activatable link configured to launch a mobile application on the mobile communication device. In addition, the method further including receiving the push notification on a display) one or more interfaces to: transmit the communication message to the message circuitry; (¶0019-0020: ATM are further to receive notification from the backend system that the user is registered for contactless use of ATM and in response to receiving the notification, display a user interface on the ATM (second application programmable interface of the point-of-user-interaction) that instructs the user to view the display on the mobile communication device for contactless transaction ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Dundigalla regarding the communication message to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy in order to provide a way for users to physically contact object-dispensing machines (such as a ATM or a POS) and allow the user obtain the object within the same timeframe that a user would obtain the object if they were physically contact the machine (Dundigalla: ¶0002-0004).
With respect to claim 5, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, , Rezayee, Pomeroy, and Dundigalla teaches the method of claim 4 (see rejection of claim 4 above) wherein the point-of-user-interaction apparatus comprises a circuitry operable to modify the communication message. (Pomeroy: ¶0075: As seen in Figure 3B, showing the POS terminal includes a message modification unit may adjust the messages and requests so that multiple units, sub-components/processors, or third-party administrators can recognize and correctly interpret the messages.) .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Pomeroy regarding communication message and the memory to the method Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Dundigalla in order to format transaction requests or messages, to prompt user for further information, and to confirm validity of the user (Pomeroy: ¶0008 & 0063).
With respect to claim 6, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 4 (see rejection of claim 4 above) wherein the mobile device includes: an antenna to detect or read the communication message from the point-of-user- interaction apparatus near the mobile device; (Dundigalla: ¶0063: Further, mobile communication device 300 includes a communication interface that is operatively connected to the processing device(s) 304 and is configured to communicate with one or more other devices (e.g., backend processing system devices) on communication network. In this regard, the network communication interface may include an antenna operatively coupled to a transmitter and receiver (together a “transceiver”). The processing 304 is configured to provide signals and receive from the transmitter and receiver, respectively).
a reader to initiate a transmission of a command via a first application programmable interface to the point-of-user-interaction apparatus, and based on a response from the point-of-user-interaction apparatus, (Dundigalla: ¶0024: selecting the activatable link in the push notification, launching a mobile application stored on the mobile communication device ) issue the hyperlink via a second application programmable interface, (Dundigalla: ¶0032: No initial contact with the machine is made possible by communicating a digital token to the machine via short-range wireless communication, such as Near Field Communication (NFC) or the like. In response, a push notification is communicated to the user's wireless device, which includes an activatable link (hyperlink) for launching a mobile application.)
the reader is coupled to the antenna; (Dundigalla: ¶0059-0060: Further, object-dispensing apparatus 200 includes a network communication interface that is operatively connected to the processing device(s) 204 and is configured to communicate with one or more other devices (e.g., backend processing system devices) on communication network. In this regard, the network communication interface may include an antenna operatively coupled to a transmitter and a receiver (together a “transceiver”). As seen in Figure 2, memory 202 of object-dispensing apparatus 200 includes first instructions 210 that are configured to activate the short-range wireless reader 200 to receive and read 220 a digital token 120 communicated from a short-range wireless device in possession of the user 110 (e.g., the mobile communication device 300 or another device, such as card device or the like).).
a display unit configured to display an application based on the response from the point-of-user-interaction apparatus and/or the communication message; and (Dundigalla: ¶0068: As seen in Figure 2, Figure In turn, the information in the token is communicated to the backend processing system 200-2 to determine the mobile communication device identifier 320 and, in specific embodiments of the invention, that the user has pre-registered for contactless dispensing of currency notes 280-1 at the ATM 200-1. The backend-processing system 200-2 subsequently communicates the push notification 250 to the mobile communication device 300.).
a circuitry to receive the first authentication information from the point-of-user- interaction apparatus, (Dundigalla: ¶0071: As seen in Figure 4, at Event 608-612, the backend processing system sends a push notification to the mobile communication device associated with the mobile communication device identifier. In response to the mobile communication device displaying the push notification, at Event 610, the user activates the mobile application link in the push notification and, at Event 612, the mobile application (e.g., associated financial institution mobile application) is launched and requests that the user provide user authentication credentials (i.e., username/passcode, biometrics or the like).).
wherein the circuitry is to send the first authentication information (Sharma: ¶0114-0115: When the mobile device (after the user 112 is authenticated and the payment account selected) is brought within the range of the POS terminal 114, a wireless connection is established between the mobile device 116 and the POS terminal 114, at 302 (e.g., WC1 in the system 100 as seen in Figure 1 to the first communication interface. (Sharma: ¶0054: receiving, by a computing device, via a first wireless connection, a credential from a mobile device in connection with a network transaction, the credential specific to an account associated with the mobile device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Dundigalla regarding the communication message to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, an Pomeroy in order to provide a way for users to physically contact object-dispensing machines (such as a ATM or a POS), allow the user obtain the object within the same timeframe that a user would obtain the object if they were physically contact the machine, and to initiate authentication between devices (Dundigalla: ¶0002-0004 & 00031).
With respect to claim 15, the combination of Sharma in view of Cummins, Yen, Sheets, Pomeroy, and Dundigalla teaches the method of claim 6 (see rejection of claim 6 above) wherein the transmission and the response are near field communications. (Cummins: ¶0088: In some embodiments, the user 102 may be required to enter a PIN at the point-of-sale terminal 120 for additional authentication at stage 13. At stage 14, the point-of-sale terminal 120 may execute standard payment transaction processes, such as those used for NFC payment transactions, as will be apparent to persons having skill in the relevant art.).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Cummins regarding the antenna to the method Sharma in view of Yen, Sheets, Pomeroy, and Dundigalla in order to enable contactless communication and transactions between the point-of-sale terminal and mobile device (Cummins: ¶0002 & ¶0088).
With respect to claim 19, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 6 (see rejection of claim 6 above) wherein the mobile device comprises a camera or a biometric sensor to authenticate a user of the mobile device based on a user's interaction with the hyperlink. (Dundigalla: ¶0051: Once the mobile application on the mobile device. Once the mobile application launches, the user is initially required to provide authentication credentials (e.g., pin number, biometric data or the like.) Upon verification of the authentication credential, the user is provided an object-dispensing machine-like experience through the mobile application. For example, in the ATM scenario in which user desires to withdraw currency notes, the mobile application presents user interfaces (notification) that allow the user to select an account from which the withdraw occur and withdrawal amount).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Dundigalla regarding the biometric sensor to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy in order to verify the user authentication (Dundigalla: ¶0008).
With respect to claim 25, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee teaches the method of claim 24 (see rejection of claim 24 above) wherein the point-of-user- interaction apparatus comprises (Sharma: ¶0015: The POS terminal is configured, by executable instructions, to receive payment account credentials from payment devices, to compile and transmit authorization requests for payment account transactions, to receive authorization replies as describe more below, and/or to further operate as described herein (e.g., to communicate with mobile devices, etc.). It should be noted that the POS terminal is configured to communicate wirelessly with one or more devices, for example, via NFC, RFID, ZigBee, and/or Bluetooth® communication schemes, etc.)
a first controller with a security function, (Cummins: ¶0043-0045: As seen in Figure 1, the user 102 may have a payment account with an issuer 108, such as a credit card account. The user 102 may desire to use their mobile device 104 to conduct payment transactions using their payment account with the issuer 108 for funding of the transactions. Payment credentials corresponding to the payment account may be stored by a remote-SE (remote-secure element) system 110 (a first controller with a security function) for provisioning to the mobile device 104. The remote-SE system 110 may include at least include at least a payment credentials management service 112 and a remote notification 114. )
the first controller communicatively coupled to the memory, wherein the first controller is to generate the first authentication information and the second authentication information; ( Yen ¶0045: The application may be initiated by use of the mobile terminal 210 to initiate purchase of goods and/or services, wherein the transaction data, transmitted between the mobile terminal 210 and the receiving terminal 214 through the communication link 216 results from processing the payment of the goods and/or services (generating first authentication via point of sale). ¶0077-0079: In interaction A, coupons are provisioned to the mobile terminal 210 through the merchant application 210a for the user to browse, save and use. Redeemed coupons are also synchronized at a backend. Loyalty cards are registered to the mobile terminal 210 and a loyalty ID is created, which may be the primary identifier of the loyalty card (generating first identification). The receiving terminal 214 receives the authentication code from the mobile terminal 210 and compares the received authentication code against an authentication code generated by the receiving terminal 214 based on data from the mobile terminal (generating second authentication information).)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Yen with regards to generation of identification information via POS to the method of Sharma in view of Cummins, Sheets, Yang, and Rezayee in order to enable for mobile transactions to be compatible between any type of merchants (Yen: ¶0003-0004).
a message circuitry to wirelessly transmit the communication message to the mobile device, (Cummins: ¶0060-0061: As seen in Figure 4, the dual channel communication may include using remote notification 402 as a first channel, and mutual authentication 404 as a second channel. Remote notification 402 may be performed between the remote notification service 114 and the mobile device 104. In some embodiments, the payment credentials management service 112 may generate information, such as the single use key 118, to be provided to the mobile payment application 106. The payment credentials management service 112 may generate a message including the single use key encrypted with a random key to be provided and may encrypt the message using the mobile key.).
transmit the first authentication information, via the message circuitry, to the mobile device; and (Cummins: ¶0026: As seen in Figure 12 illustrates the delivery of a single use key to the mobile device of Figure 1. ¶0111: As seen in Figure 10 In an exemplary embodiment, while performing the connection with the payment credentials management service 112 made upon the triggering of remote management, the encrypted single use key 118, may be previously transmitted to the mobile payment application 106 in a message encrypted by the mobile key 604.).
transmit, via a network connection, the second authentication information to a second communication interface; (Sharma: ¶0027-0033 & 0045: It should be noted that, in this exemplary embodiment, a different wireless connection (WC2) other than the wireless connection (WC1) may be used to pass the payment account credential (i.e., the NFC connection, etc.).).
a display unit configured to display an application to communicate with a user of the mobile device; and a second controller communicatively coupled to the display unit; (Sharma: ¶0029-0033: The POS terminal 114 is further configured to then transmit the authorization request 120 to the acquirer 104 (associated with the merchant 102), along path A in the system 100.).
wherein the first controller is to instruct at least one of the one or more interfaces to transmit the first authentication information to the mobile device, and (Cummins: ¶0120-0121: In Figure 14, a method for conducting a contactless payment transaction using the mobile payment application 106 on the mobile device 104 using the card profile 116 and single use key 118 provisioned by the payment credentials management service 112. In step 1402, the user 102 may start the mobile payment application 106 on the mobile device 104. In step 1404, the mobile payment application 106 may prepare for payment. To prepare for payment, the mobile payment application 106 may regenerate the mobile storage key and may retrieve the payment credentials and generating key from the card profile 116 and the single use key 118 in the encrypted local storage 304. The generating key may be used by the mobile payment application 106 to generate a payment cryptogram for use in the payment transaction. The mobile payment application 106 may also indicate to the user 102 that the application is ready for payment.).
wherein the second controller is to instruct at least one of the one or more interfaces to transmit the second authentication information to the second communication interface. (Sharma: ¶0015 & 0029-0031: The POS terminal 114 is configured, by executable instructions, to receive payment account credentials from payment devices, to compile and transmit authorization requests for payment account transactions, to receive authorization replies as describe more below, and/or to further operate as described herein (e.g., to communicate with mobile devices, etc.). ).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Cummins regarding the authentication information to the method of Sharma in view of Yen, Sheets, Yang, and Rezayee in order to prevent unauthorized access and eavesdropping from occurring (Cummins: ¶0004 & ¶0064).
Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee does not disclose:
a memory to store a communication message;
wherein the communication message includes a hyperlink; one or more interfaces to: transmit the communication message to the message circuitry;
However, Pomeroy teaches a memory to store a communication message; (¶0058-0063: In an embodiment, the point of sale processing unit 105 stores and/or receives from the electronic value token transaction computer 150 (or a sub-administrator or unit associated therewith, such as a sub-wallet administrator) a transaction format associated with the POS retailer and/or associated with a given transaction type and/or value token, and such transaction format may be used to format the transaction request or message, to prompt the user for further information, or for other data gathering or transmit/receive features at the point of sale.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Pomeroy regarding communication message and the memory to the method of Sharma in view of Cummins, Yen, Sheets, Yang, and Rezayee in order to format transaction requests or messages, to prompt user for further information, and to confirm validity of the user (Pomeroy: ¶0008 & 0063).
Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy does not disclose:
wherein the communication message includes a hyperlink; one or more interfaces to: transmit the communication message to the message circuitry;
However, Dundigalla teaches wherein the communication message includes a hyperlink; (¶0023: activating, on the object-dispensing apparatus e.g., user-point-interaction apparatus), a short-range wireless communication reader to receive and read a token communicated from a user device in possession of a user (communication target). Further the method includes determining, based on the token, a mobile communication device identifier associated with a mobile communication device utilized by the user, and, using the mobile communication identifier, communicating a push notification to the mobile communication device. The push notification notifies the user of contactless use of the object-dispensing apparatus and provides an activatable link configured to launch a mobile application on the mobile communication device. In addition, the method further including receiving the push notification on a display) one or more interfaces to: transmit the communication message to the message circuitry; (¶0019-0020: ATM are further to receive notification from the backend system that the user is registered for contactless use of ATM and in response to receiving the notification, display a user interface on the ATM (second application programmable interface of the point-of-user-interaction) that instructs the user to view the display on the mobile communication device for contactless transaction ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Dundigalla regarding the communication message to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy in order to provide a way for users to physically contact object-dispensing machines (such as a ATM or a POS) and allow the user obtain the object within the same timeframe that a user would obtain the object if they were physically contact the machine (Dundigalla: ¶0002-0004).
With respect to claim 26, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 25 (see rejection of claim 25 above) wherein the point-of-user-interaction apparatus comprises a circuitry operable to modify the communication message. (Pomeroy: ¶0075: As seen in Figure 3B, showing the POS terminal includes a message modification unit may adjust the messages and requests so that multiple units, sub-components/processors, or third-party administrators can recognize and correctly interpret the messages.) .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Pomeroy regarding communication message and the memory to the method Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Dundigalla in order to format transaction requests or messages, to prompt user for further information, and to confirm validity of the user (Pomeroy: ¶0008 & 0063).
With respect to claim 27, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 25 (see rejection of claim 25 above) wherein the mobile device includes :an antenna to detect or read the communication message from the point-of-user- interaction apparatus near the mobile device; (Dundigalla: ¶0063: Further, mobile communication device 300 includes a communication interface that is operatively connected to the processing device(s) 304 and is configured to communicate with one or more other devices (e.g., backend processing system devices) on communication network. In this regard, the network communication interface may include an antenna operatively coupled to a transmitter and receiver (together a “transceiver”). The processing 304 is configured to provide signals and receive from the transmitter and receiver, respectively).
a reader to initiate a transmission of a command via a first application programmable interface to the point-of-user-interaction apparatus, and to read a response from the point-of-user-interaction apparatus (Dundigalla: ¶0024: selecting the activatable link in the push notification, launching a mobile application stored on the mobile communication device) to issue the hyperlink via a second application programmable interface in response to the command, (Dundigalla: ¶0032: No initial contact with the machine is made possible by communicating a digital token to the machine via short-range wireless communication, such as Near Field Communication (NFC) or the like. In response, a push notification is communicated to the user's wireless device, which includes an activatable link (hyperlink) for launching a mobile application.)
wherein the reader is coupled to the antenna; (Dundigalla: ¶0059-0060: Further, object-dispensing apparatus 200 includes a network communication interface that is operatively connected to the processing device(s) 204 and is configured to communicate with one or more other devices (e.g., backend processing system devices) on communication network. In this regard, the network communication interface may include an antenna operatively coupled to a transmitter and a receiver (together a “transceiver”). As seen in Figure 2, memory 202 of object-dispensing apparatus 200 includes first instructions 210 that are configured to activate the short-range wireless reader 200 to receive and read 220 a digital token 120 communicated from a short-range wireless device in possession of the user 110 (e.g., the mobile communication device 300 or another device, such as card device or the like).).
a display unit configured to display an application based on the response from the point-of-user-interaction apparatus and/or the communication message; and (Dundigalla: ¶0068: As seen in Figure 2, Figure In turn, the information in the token is communicated to the backend processing system 200-2 to determine the mobile communication device identifier 320 and, in specific embodiments of the invention, that the user has pre-registered for contactless dispensing of currency notes 280-1 at the ATM 200-1. The backend-processing system 200-2 subsequently communicates the push notification 250 to the mobile communication device 300.).
a circuitry to receive the first authentication information from the point-of-user- interaction apparatus, (Dundigalla: ¶0071: As seen in Figure 4, at Event 608-612, the backend processing system sends a push notification to the mobile communication device associated with the mobile communication device identifier. In response to the mobile communication device displaying the push notification, at Event 610, the user activates the mobile application link in the push notification and, at Event 612, the mobile application (e.g., associated financial institution mobile application) is launched and requests that the user provide user authentication credentials (i.e., username/passcode, biometrics or the like).). wherein the circuitry is to send the first authentication information to a first communication interface. (Sharma: ¶0054: receiving, by a computing device, via a first wireless connection, a credential from a mobile device in connection with a network transaction, the credential specific to an account associated with the mobile device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Dundigalla regarding the communication message to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, and Pomeroy in order to provide a way for users to physically contact object-dispensing machines (such as a ATM or a POS), allow the user obtain the object within the same timeframe that a user would obtain the object if they were physically contact the machine, and to initiate authentication between devices (Dundigalla: ¶0002-0004 & 00031).
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), Rezayee et al. (US PGPub No. 20160026990-A1), Pomeroy et al. (US PGPub No. 20160086166-A1), Dundigalla et al. (US PGPub No. 20220058906-A1), and Maes et al. (US PGPub No. 20220122056-A1 ) .
With respect to claim 13, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 6 (see rejection of claim 6 above) but does not disclose wherein the antenna is configured to continuously or regularly listen for communication messages near the mobile device.
However, Maes teaches wherein the antenna continuously or regularly initiates a transmission and listens for a response from communication targets near the mobile device. (¶0096-0098: As seen in Figure 4, in a step 82, the NFC module 29 and the associated antenna of the mobile device 20 are powered up such that a respective electromagnetic field (RFID field) is generated (POWER UP). This may be controlled by means the transaction application 22 or the operating system 25. In this way, the mobile device 20 may be set to the listening or scanning mode. ).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Maes regarding the antenna to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla in order to enable communication between terminal devices and the mobile device (Maes: ¶0011).
Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), Rezayee et al. (US PGPub No. 20160026990-A1), Pomeroy et al. (US PGPub No. 20160086166-A1), Dundigalla et al. (US PGPub No. 20220058906-A1), and Rule et al. (US PGPub No. 20200184462-A1 ) .
With respect to claim 14, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 6 (see rejection of claim 6 above) but does not disclose wherein the communication message comprises a near field communication (NFC) data exchange format (NDEF) tag.
However, Rule teaches wherein the communication message comprises a near field communication (NFC) data exchange format (NDEF) tag. (¶0059: In particular, this may occur upon a read, such as an NFC read, of a near field data exchange (NDEF) tag, which may be created in accordance with the NFC Data Exchange Format. For example, a reader, such as the logic 112, may transmit a message, such as an applet select message, with the applet ID of an NDEF producing applet.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Rule regarding the antenna to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla in order to enable contactless communication between application and the reader (Rule: ¶0058).
Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), Rezayee et al. (US PGPub No. 20160026990-A1), Pomeroy et al. (US PGPub No. 20160086166-A1), Dundigalla et al. (US PGPub No. 20220058906-A1), and Rule et al. (US PGPub No. 20200184462-A1 ) .
With respect to claim 22, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 4 (see rejection of claim 4 above) but does not disclose wherein: the processor is to notify the second controller of a valid transaction between the mobile device and the point-of-user interaction apparatus authenticated by decoding after the first cryptographic token and with the first key and decoding the second cryptographic token with the second key.
However, Killoran, Jr. teaches wherein: the processor is to notify the second controller of a valid transaction between the mobile device and the point-of-user interaction apparatus (¶0165-0172: If this is confirmed as a YES (step 716) then the e-commerce system 140 may decode the token and grants access to a server or processes the payment and send notifications to the customer and vendor server (step 717). The e-commerce system 140 may then execute the order (step 718).) authenticated by decoding after the first cryptographic token and with the first key and decoding the second cryptographic token with the second key. (¶0131: As seen in Figure 1, the e-commerce system 140 may identify a customer by their email address and may decode tokens included in the content of an email and process payments based on the data in the token.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Killoran Jr. regarding the notifying of a valid transaction to the method of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla in order to streamline the processing of the client and allowing a more secure way of payment for the client (Killoran Jr: ¶0050-00052).
Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Sharma et al. (US PGPub No.20200311712-A1) in view of Cummins et al. (US PGPub No.20140310182-A1), Yen et al. (US PGPub No. 20160260085-A1), Sheets et al. (US PGPub No. 20210264434-A1 ), Yang et al. (US PGPub No. 20190172056-A1), Rezayee et al. (US PGPub No. 20160026990-A1), Pomeroy et al. (US PGPub No. 20160086166-A1), Dundigalla et al. (US PGPub No. 20220058906-A1), and Collins et al. (US PGPub No. 20150332271-A1 ) .
With respect to claim 23, the combination of Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla teaches the method of claim 4 (see rejection of claim 4 above) but does not teach wherein the message circuitry comprises an NFC radio.
However, Collins teaches wherein the message circuitry comprises an NFC radio (¶0001: These mobile devices may utilize a secure element (SE) to store the payment card account number and associated data, keys and Personal Identification Number (PIN) to enable the consumer to perform a payment transaction using the NFC short-range radio communications provided by the mobile device and the contactless reader component of a POS terminal)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the known teachings of Collins regarding reader to the method Sharma in view of Cummins, Yen, Sheets, Yang, Rezayee, Pomeroy, and Dundigalla to in enable wireless communication between mobile device and the POS terminal (Collins: ¶0001 ).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TAYLOR P VU whose telephone number is (703)756-1218. The examiner can normally be reached MON - FRI (7:30 - 5:00).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ALEXANDER LAGOR/Supervisory Patent Examiner, Art Unit 2437
/T.P.V./Examiner, Art Unit 2437