SYSTEMS AND METHODS FOR SECURE ELECTRONIC TRANSFERS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Applicant filed a response dated October 14, 2025 in which claims 1, 3, 6-9, 11, 16-19, 21, and 26 have been amended and claim 24 has been canceled. Therefore, claims 1-23 and 25-26 are currently pending in the application. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1 .114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Because this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on October 14, 2025 has been entered. Priority Reference to this application as a continuation-in-part under 35 U.S.C. 120 is acknowledged. Applicant is advised that the invention claimed in the present application is not disclosed in the parent application 17/191,358 filed on March 3, 2021. Specifically, the claim limitations not supported by the parent application include, e.g., claim 1, claim 11, and claim 21, which relate to a “fraud risk score”. Therefore, the parent application does not satisfy the written description requirement of 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph, under 35 U.S.C. 120 for the invention claimed in the present application and the present application is not entitled to the benefit of the earlier filing date. However, the invention is disclosed in the provisional application 63/281,855 filed on November 22, 2021. As such, the priority date for the present application is November 22, 2021. Examiner Request The Applicant is requested to indicate where in the specification there is support for amendments to claims should Applicant amend. The purpose of this is to reduce potential 35 U.S.C. § 112(a) or § 112 1st paragraph issues that can arise when claims are amended without support in the specification. The Examiner thanks the Applicant in advance. Claim Rejections - 35 USC § 101 35 U.S.C. § 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-23 and 25-26 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. (MPEP 2106). The claims are directed to a method, system, and apparatus which is one of the statutory categories of invention (Step 1: YES). The recitation of the claimed invention is analyzed as follows, in which the abstract elements are boldfaced. Claim 1 recites the limitations of: A system comprising: one or more processors; and one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, cause the one or more processors to perform: receiving, from a payee system for a payee, a request for a transfer of a digital asset from a payor to a payee account of the payee, wherein: the request is sent by the payee without the payor selecting to use the system for the transfer; the payor is associated with a payor user profile of the payee system; and the request comprises a custom transfer token that is temporary, that is encrypted, at least in part, that comprises the payee account, and that is associated with the payor and the payee, wherein the custom transfer token is configured to inhibit unauthorized use of the custom transfer token and to inhibit fraud; the custom transfer token is convertible into a long-standing token to replace the custom transfer token or a subsequent custom transfer token for one or more subsequent transfers from the payor to the payee; and the payee account is owned by the payee and is maintained by a payee financial institution; determining that the custom transfer token is valid to inhibit fraud by verifying that (1) the custom transfer token is not counterfeited, (2) the custom transfer token is not intended to be used for a different financial transaction, and (3) access to resources of the payor is authorized for the transfer; upon determining that the custom transfer token is valid, retrieving, via a transfer application programming interface from a shared directory, transfer data based on the custom transfer token, wherein: the shared directory is hosted by the system and configured to store data accessible to (a) the system and (b) one or more of the payee financial institution or a payor financial institution; the transfer data: is associated with the custom transfer token, the payor financial institution for the payor, and a payor account owned by the payor and maintained by the payor financial institution; and comprises (a) an access token for the payor financial institution and the payor that comprises an expiration date after which the access token becomes unusable and (b) a refresh token associated with the access token and different from the access token; and the access token is configured to: allow access to protected resources for the payor at the payor financial institution; and inhibit unauthorized access of confidential information of the payor or the protected resources at the payor financial institution; and the refresh token is configured to extend an expiration time for the access token; determining the payor financial institution based on the custom transfer token; determining a fraud risk score for the transfer; transmitting, to the payee financial institution for the payee via the shared directory, the fraud risk score, wherein: the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on the fraud risk score and information about the payee account for the transfer, and when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the payor account of the payor financial institution, as determined, to the payee account. Claim 21 recites the limitations of: A non-transitory computer-readable medium storing computing instructions that, when run on a processor, cause the processor to perform operations comprising: receiving, at a system from a payee system for a payee, a request for a transfer of a digital asset from a payor to a payee account of the payee, wherein: the request is sent by the payee without the payor selecting to use the system for the transfer; the payor is associated with a payor user profile of the payee system; and the request comprises a custom transfer token that is temporary, that is encrypted, at least in part, that comprises the payee account, and that is associated with the payor and the payee, wherein the custom transfer token is configured to inhibit unauthorized use of the custom transfer token and to inhibit fraud; the custom transfer token is convertible into a long-standing token to replace the custom transfer token or a subsequent custom transfer token for one or more subsequent transfers from the payor to the payee; and the payee account is owned by the payee and maintained by the payee financial institution; and determining that the custom transfer token is valid to inhibit fraud by verifying that (1) the custom transfer token is not counterfeited, (2) the custom transfer token is not intended to be used for a different financial transaction, and (3) access to resources of the payor is authorized for the transfer; upon determining that the custom transfer token is valid, retrieving, via a transfer application programming interface from a shared directory, transfer data based on the custom transfer token, wherein: the shared directory is hosted by the system and configured to store data accessible to (a) the system and (b) one or more of the payee financial institution or a payor financial institution; the transfer data: is associated with the custom transfer token, the payor financial institution for the payor, and a payor account owned by the payor and maintained by the payor financial institution; and comprises (a) an access token for the payor financial institution and the payor that comprises an expiration date after which the access token becomes unusable and (b) a refresh token associated with the access token and different from the access token; the access token is configured to: allow access to protected resources for the payor at the payor financial institution; and inhibit unauthorized access of confidential information of the payor or the protected resources at the payor financial institution; and the refresh token is configured to extend an expiration time for the access token; determining whether the access token is expired; determining the payor financial institution based on the custom transfer token; when the access token is not expired, determining a fraud risk score for the transfer by using a first risk model; transmitting, to the payee financial institution for the payee via the shared directory, the fraud risk score, wherein the payee financial institution is configured to determine a transfer decision for the transfer based at least in part on: (a) the fraud risk score, (b) information about the payee account for the transfer, and (c) a second fraud risk score determined by the payee financial institution using a second risk model that is different from the first risk model; and when the transfer decision comprises an approval of the transfer by the payee financial institution, facilitating the transfer from the payor account of the payor financial institution, as determined, to the payee account, comprising: transmitting, to the payor financial institution, the fraud risk score for the payor financial institution to determine a second transfer decision based at least in part on the fraud risk score and a third risk model different from the first and second risk models. The claim as a whole recites a method that, under its broadest reasonable interpretation, covers collecting, analyzing, and transmitting data to facilitate a financial transaction. This is a fundamental economic practice of a financial transaction; a commercial interaction, such as for business relations; and managing personal behavior or relationships or interactions between people, which are certain methods of organizing human activity. Thus, the claims recite an abstract idea. (Step 2A, prong 1: YES). Moreover, the judicial exception is not integrated into a practical application. Other than reciting a “A system comprising: one or more processors; and one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, cause the one or more processors to perform:”, “payee system for a payee”, “digital asset”, “a transfer application programming interface from a shared directory”, “shared directory is hosted by the system and configured to store”, and “A non-transitory computer-readable medium storing computing instructions that, when run on a processor, cause the processor to perform operations comprising:” to perform the steps of “requesting”, “facilitating”, “validating”, “determining”, and “transferring”, nothing in the claim elements preclude the steps from practically being a certain method for organizing human activity. The claim as a whole does not integrate the exception into a practical application. The claim merely describes how to generally “apply” the concept of collecting, analyzing, and transmitting data to facilitate a financial transaction in a computer environment. The additional computer elements recited in the claim limitations are recited at a high-level of generality such that it amounts to no more than mere instructions to apply the exception utilizing generic computer components. For example, the Specification discloses “[0083] In many embodiments, third party device 350 can comprise a register or some other type of transaction processing machine. In some embodiments, user device 340 and/or third party device 350 can be mobile devices. A mobile electronic device can refer to a portable electronic device (e.g., an electronic device easily conveyable by hand by a person of average size) with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.). For example, a mobile electronic device can comprise at least one of a digital media player, a cellular telephone (e.g., a smartphone), a personal digital assistant, a handheld digital computer device (e.g., a tablet personal computer device), a laptop computer device (e.g., a notebook computer device, a netbook computer device), a wearable user computer device, or another portable computer device with the capability to present audio and/or visual data (e.g., images, videos, music, etc.). Thus, in many examples, a mobile electronic device can comprise a volume and/or weight sufficiently small as to permit the mobile electronic device to be easily conveyable by hand. For examples, in some embodiments, a mobile electronic device can occupy a volume of less than or equal to approximately 1790 cubic centimeters, 2434 cubic centimeters, 2876 cubic centimeters, 4056 cubic centimeters, and/or 5752 cubic centimeters. Further, in these embodiments, a mobile electronic device can weigh less than or equal to 15.6 Newtons, 17.8 Newtons, 22.3 Newtons, 31.2 Newtons, and/or 44.5 Newtons.” Thus, the specification supports that general purpose computers or computer components are utilized to implement the steps of the abstract idea. Merely implementing the abstract idea on a generic computer is not a practical application of the abstract idea. The claim as a whole, in viewing the additional elements both individually and in combination, does not integrate the judicial exception into a practical application. Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. (Step 2A prong two: No) The claim does not include additional elements, when considered both individually and as an ordered combination, that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of using “A system comprising: one or more processors; and one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, cause the one or more processors to perform:”, “payee system for a payee”, “digital asset”, “a transfer application programming interface from a shared directory”, “shared directory is hosted by the system and configured to store”, and “A non-transitory computer-readable medium storing computing instructions that, when run on a processor, cause the processor to perform operations comprising:” to perform the steps of “requesting”, “facilitating”, “validating”, “determining”, and “transferring”, amounts to no more than mere instructions to apply the exception using generic computer component. The claim merely describes how to generally “apply” the concept of collecting, analyzing, and transmitting data to facilitate a financial transaction in a computer environment. Thus, even when viewed as a whole, nothing in the claim adds significantly more (i.e. an inventive concept) to the abstract idea. Such additional elements are determined to not contain an inventive concept according to MPEP 2106.05(f). It should be noted that (1) the “recitation of claim limitations that attempt to cover any solution to an identified problem with no restriction on how the result is accomplished and no description of the mechanism for accomplishing the result, does not provide significantly more because this type of recitation is equivalent to the words “apply it”, and (2) “Use of a computer or other machinery in its ordinary capacity for economic or other tasks (e.g., to receive, store, or transmit data) or simply adding a general purpose computer or computer components after the fact to an abstract idea (e.g., a fundamental economic practice, commercial interaction, or managing personal behavior or relationships or interactions between people, mental process, or mathematical calculation) does not integrate a judicial exception into a practical application or provide significantly more”. Claim 11 is substantially similar to claim 1, thus, it is rejected on similar grounds. Claim 11 recites the additional elements of “A computer-implemented method comprising:”. For similar reasons as explained above with regard to claim 1, under Step 2A, prong two, these additional elements are merely applying generic computer components to implement the abstract idea. Under Step 2B, when viewing the additional elements individually and in combination, the additional elements do not amount to an inventive concept amounting to significantly more than the judicial exception itself as the claimed computer-related technologies are mere tools for implementing the abstract idea as explained with regard to claim 1. Dependent claims 2-10, 12-20, 22-23, and 25-26 merely limit the abstract idea and do not recite any further additional elements beyond the cited abstract idea and the elements addressed above, thus, they do not amount to significantly more. The dependent claims are abstract for the reasons presented above because there are no additional elements that integrate the abstract idea into a practical application or are sufficient to amount to significantly more than the judicial exception when considered both individually and as an ordered combination. Thus, the dependent claims are directed to an abstract idea. (Step 2B: No) Therefore, claims 1-23 and 25-26 are not patent-eligible. Response to Arguments Applicant’s arguments filed on October 14, 2025 have been fully considered but are not persuasive for the following reasons: With respect to Applicant’s arguments as to the § 101 rejections for now pending claims 1-23 and 25-26, Examiner notes the following: Applicant argues that the claims would integrate the abstract idea into a practical application, the examiner respectfully disagrees. In particular, the applicant argues that “the claims recite an improvement to other technology or technical field, and also recite use of the ideas in a meaningful way beyond generally linking to a particular technological environment . . . that (a) improves the technical field of secure electronic transfers, specifically, inhibiting fraud via the unauthorized use of a custom access code and a custom transfer token and (b) uses the combination of steps in a meaningful way that is not generally linking to a technological environment.” Examiner notes that the Specification merely discloses the use of generic computer components to implement the abstract idea. For example, the Specification discloses “[0083] In many embodiments, third party device 350 can comprise a register or some other type of transaction processing machine. In some embodiments, user device 340 and/or third party device 350 can be mobile devices. A mobile electronic device can refer to a portable electronic device (e.g., an electronic device easily conveyable by hand by a person of average size) with the capability to present audio and/or visual data (e.g., text, images, videos, music, etc.). For example, a mobile electronic device can comprise at least one of a digital media player, a cellular telephone (e.g., a smartphone), a personal digital assistant, a handheld digital computer device (e.g., a tablet personal computer device), a laptop computer device (e.g., a notebook computer device, a netbook computer device), a wearable user computer device, or another portable computer device with the capability to present audio and/or visual data (e.g., images, videos, music, etc.). Thus, in many examples, a mobile electronic device can comprise a volume and/or weight sufficiently small as to permit the mobile electronic device to be easily conveyable by hand. For examples, in some embodiments, a mobile electronic device can occupy a volume of less than or equal to approximately 1790 cubic centimeters, 2434 cubic centimeters, 2876 cubic centimeters, 4056 cubic centimeters, and/or 5752 cubic centimeters. Further, in these embodiments, a mobile electronic device can weigh less than or equal to 15.6 Newtons, 17.8 Newtons, 22.3 Newtons, 31.2 Newtons, and/or 44.5 Newtons.” Thus, the specification supports that general purpose computers or computer components are utilized to implement the steps of the abstract idea. Furthermore, the additional elements of the computer system - a “A system comprising: one or more processors; and one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, cause the one or more processors to perform:”, “payee system for a payee”, “digital asset”, “a transfer application programming interface from a shared directory”, “shared directory is hosted by the system and configured to store”, and “A non-transitory computer-readable medium storing computing instructions that, when run on a processor, cause the processor to perform operations comprising:” to perform the steps of “requesting”, “facilitating”, “validating”, “determining”, and “transferring”, in all steps is recited at a high-level of generality such that it amounts to no more than mere instructions to apply the exception using a generic computer component. The claims at issue covers the facilitation of a financial transaction. The claims invoke the “A system comprising: one or more processors; and one or more non-transitory computer-readable media storing computing instructions that, when executed on the one or more processors, cause the one or more processors to perform:”, “payee system for a payee”, “digital asset”, “a transfer application programming interface from a shared directory”, “shared directory is hosted by the system and configured to store”, and “A non-transitory computer-readable medium storing computing instructions that, when run on a processor, cause the processor to perform operations comprising:” to perform the steps of “requesting”, “facilitating”, “validating”, “determining”, and “transferring”, merely as tools to execute the abstract idea. Use of a computer or other machinery in its ordinary capacity for economic or other tasks (e.g., to receive, store, or transmit data) or simply adding a general purpose computer or computer components after the fact to an abstract idea (e.g., a fundamental economic practice or mental process) does not integrate a judicial exception into a practical application. (MPEP 2106.05 (f)) Finally, the Applicant argues that the claims are directed to significantly more than the abstract idea. Examiner disagrees, however, and notes that, as explained above in the instant rejection under 35 U.S.C. § 101, that the various specific, discrete steps carried out by the computer system are a routine, well-understood, and conventional function of a generic computer and, thus, are not sufficient to add significantly more. Per the specification, the recited computer elements are described only at a high level of generality, (see Spec. at paras. [0079]-[0088]). In view of the specification, the application of the computer elements is merely being applied to the abstract idea. The other limitations which are simply supporting the abstract idea correspond to insignificant extra-solution activity which do not transform the abstract idea into a patent eligible subject matter. Also, the functionality here is already present in the recited hardware, which is merely routine and conventional. Collecting, analyzing, and transmitting data is routine and conventional. There is no technological problem or solution identified. This is merely a business solution to transfer data between devices. (MPEP 2106.05 (f)) With respect to Applicant’s arguments as to the § 103 rejections for now pending claim 1-23 and 25-26, Examiner notes that the rejection is withdrawn. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure and is available for review on Form PTO-892 Notice of References Cited. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MERRITT J HASBROUCK whose telephone number is (571)272-3109. The examiner can normally be reached M-F 9:00-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christine Tran can be reached on 571-272-8103. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MERRITT J HASBROUCK/Examiner, Art Unit 3695 /CHRISTINE M Tran/Supervisory Patent Examiner, Art Unit 3695