Detailed Action
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on October 15, 2025 has been entered.
Acknowledgements
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to the RCE filed on October 15, 2025.
Claims 1-15 are pending.
Claims 1-15 are examined.
This Office Action is given Paper No. 20260121 for references purposes only.
Claim Rejections - 35 USC § 112, 2nd paragraph
The following is a quotation of 35 U.S.C. 112(b):
(B) CONCLUSION — The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 3, 8, and 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Claim 3 recites “a second account identifier.” This phrase is vague and indefinite because it is unclear whether this refers to “the second account identifier” previously recited in the independent claim, or to “a third account identifier.” For purposes of applying the prior art only, Examiner will interpret as “the second account identifier.” Claims 8 and 13 are similarly rejected.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Huffman et al. (US 2020/0403992), in view of Woods et al. (US 2018/0181955), and further in view of Krueger et al. (US 11,138,409).
Claims 1, 6, 11
Huffman discloses:
generating, with a transaction processing system comprising at least one processor, a virtual authenticator (master digital ID, see [0036]) comprising: (i) at least one authentication input (biometric, see [0036]), and (iii) at least one device identifier (device data, e.g. IP address, see [0036]) of at least one client device, the virtual authenticator associated with a virtual authenticator identifier (digital ID is alpha-numeric code, see [0036]),
receiving, with the transaction processing system, a transaction request message (attempt to login, transaction see [0039-0041]) associated with a transaction between a user (consumer, see [0039]) and a merchant made using an authentication input (e.g. biometric, see [0041]) of the at least one authentication input and a client device (mobile device, see [0041]) of the at least one client device, the transaction request message comprising a second account identifier (customer-specific ID, see [0065]) different (different from digital ID, see [0065]) than the at least one account identifier of the virtual authenticator;
linking (link, see [0053]), with the transaction processing system, the second account identifier (customer-specific identifier, see [0053]) to the virtual authenticator (master digital ID, see [0053]) in response to receiving the transaction request;
the authorization request message comprising the virtual authenticator identifier (digital ID, see [0098]);
updating (update, see [0088]), with the at least one processor of the transaction processing system, the virtual authenticator (digital ID, see [0088]) based on the authorization response message, resulting in an updated virtual authenticator;
receiving, with the at least one processor of the transaction processing system, a second transaction request message (request, see [0098]) associated with a second transaction (particular transaction, e.g. transfer of funds, see [0098]) between the user and a second merchant, the second transaction request message comprising the second account identifier (customer-specific ID, see [0065]); and
communicating, with the at least one processor of the transaction processing system, a second authorization request message (second authorization request, see [0014]) to the issuer system, the second authorization request message comprising the updated virtual authenticator
Huffman does not disclose:
At least one… account;
Communicating… authenticator;
Receiving… message;
Wherein the issuer… authenticator;
Receiving… message.
Woods teaches:
(ii) at least one account identifier (payment account identifier, see [0005, 0018]) associated with at least one payment account (account number, see [0018]);
communicating, with the transaction processing system, an authorization request message (payment authorization request message, see [0024]) to an issuer system (issuer, see [0024]), wherein the issuer system generates an authorization response message (authorization response message, see [0025]) based on the virtual authenticator;
receiving, with the at least one processor of the transaction processing system, the authorization response message (authorization response message, see [0025]);
wherein the issuer system generates a second authorization response message (authorization response message, see [0076]) based on the updated virtual authenticator;
receiving, with the at least one processor of the transaction processing system, the second authorization response message (authorization response message, see [0076]).
Huffman discloses generating a virtual authenticator, receiving a transaction request message, linking the account identifier to the virtual authenticator, updating the virtual authenticator, receiving a second request message, and communicating a second authorization message. Huffman does not disclose an account identifier associated with a payment account, communicating an authorization request message, receiving an authorization response message, generating and receiving a second authorization response message, but Woods does. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to combine the universal digital identity authentication service of Huffman with the account identifier associated with a payment account, communicating an authorization request message, receiving an authorization response message, generating and receiving a second authorization response message of Woods because 1) a need exists for identity authentication across multiple financial institutions using a single trusted mobile device as a proxy for a user login while allowing for an elevated trust level in authentication processes (see Huffman [0006]); and 2) a need exists for utilizing known protocols for communicating information between vehicle computing devices, merchant computing devices, and payment computing devices in order to enhance and automate processing transactions and payments (see Woods [0004]). Having an account identifier associated with a payment account, communicating an authorization request message, receiving an authorization response message, generating and receiving a second authorization response message can assist in allowing an elevated trust level for authentication.
Huffman in view of Woods does not disclose:
The virtual… identifier.
Krueger teaches:
the virtual authenticator comprising a graph data structure (graph, see C10 L54-67) comprising a plurality of nodes (a plurality of nodes, see C10 L54-67) representing the at least one authentication input (e.g. fingerprint, see C11 L25-35), the at least one account identifier, and the at least one device identifier.
One of ordinary skill in the art would have recognized that applying the known technique of a graph data structure with a plurality of nodes would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the technique of a graph data structure with a plurality of nodes, as taught by Krueger, to the teachings of Huffman in view of Woods would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate various tables and graphs into similar systems (KSR Rationale D).
Claims 2, 7, 12
Furthermore, Woods teaches:
the transaction request message further comprises a merchant identifier (merchant identifier, see [0028]), and wherein the virtual authenticator further comprises the merchant identifier.
Claims 3, 8, 13
Furthermore, Huffman discloses:
wherein at least one additional transaction request of the plurality of additional transaction requests comprises a second account identifier (child digital ID, see [0083]) and a second authentication input (e.g. biometric, see [0036]);
updating the virtual authenticator (update new data into the digital ID, see [0088]) based on the second authentication input (biometric, see [0036]) and a corresponding authorization response message (data feed, see [0088]) associated with the second authentication input; and
linking (associate, see [0083]) the second account identifier (child digital ID, see [0083]) to the virtual authenticator (single master digital ID, see [0083]), wherein the second account identifier is associated with a second virtual authenticator identifier.
Furthermore, Woods teaches:
receiving, with at least one processor of the transaction processing system, a plurality of additional transaction requests (a plurality of payment transactions, see [0026]) associated with a plurality of subsequent transactions (subsequent transactions, see [0026]) between the user and the merchant.
Claims 4, 9, 14
Furthermore, Huffman discloses:
associating an authentication identifier (internal ID, see [0060]) with the virtual authenticator, wherein the authentication identifier uniquely identifies the virtual authenticator and is not communicated to the issuer system.
Claims 5, 10, 15
Furthermore, Huffman discloses:
generating, with the issuer system comprising at least one processor, a registration code (unique code, see [0053]) based on account data (personally identifiable information, PII, see [0053]) associated with the payment account;
receiving, with the issuer system, a confirmation message (photo of the unique code, see [0053]) generated by the client device based on the registration code, the at least one device identifier, and the at least one authentication input;
communicating, with the issuer system, authentication data (authentication questions/challenges/answers, see [0055]) to the transaction processing system, the authentication data comprising the account identifier, the at least one device identifier, and the at least one authentication input (biometric, see [0055]);
generating, with the at least one processor of the transaction processing system, an authentication graph (graphs, e.g. bar, line, pie, status dials, see [0055]) based on the authentication data;
receiving, with the at least one processor of the transaction processing system, the transaction request message (transaction request, see [0077]) associated with the transaction between the user and the merchant, the transaction request message comprising the second account identifier;
determining, with at least one processor, the authentication result (results of the success, see [0102]) based on the transaction request message and the authentication graph; and
updating (real-time portals and presentations, see [0055]), with at least one processor, the authentication graph based on the authentication result.
Response to Arguments
103 arguments
Applicant argues that the prior art does not teach the amendments.
Please see new mapping.
Claim Interpretation
Examiner hereby adopts the following definitions under the broadest reasonable interpretation standard. In accordance with In re Morris, 127 F.3d 1048, 1056, 44 USPQ2d 1023, 1029 (Fed. Cir. 1997), Examiner points to these other sources to support her interpretation of the claims.1 Additionally, these definitions are only a guide to claim terminology since claim terms must be interpreted in context of the surrounding claim language. Finally, the following list is not intended to be exhaustive in any way:
configuration “(1) (A) (software) The arrangement of a computer system or component as defined by the number, nature, and interconnections of its constituent parts.” “(C) The physical and logical elements of an information processing system, the manner in which they are organized and connected, or both. Note: May refer to hardware configuration or software configuration.” IEEE 100 The Authoritative Dictionary of IEEE Standards Terms, 7th Edition, IEEE, Inc., New York, NY, Dec. 2000.
Conclusion
Any inquiry of a general nature or relating to the status of this application or concerning this communication or earlier communications from Examiner should be directed to Chrystina Zelaskiewicz whose telephone number is 571-270-3940. Examiner can normally be reached on Monday-Friday, 9:30am-5:00pm. If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, Neha Patel can be reached at 571-270-1492.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal/pair <http://pair-direct.uspto.gov>. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free).
/CHRYSTINA E ZELASKIEWICZ/Primary Examiner, Art Unit 3699
1 While most definition(s) are cited because these terms are found in the claims, Examiner may have provided additional definition(s) to help interpret words, phrases, or concepts found in the definitions themselves or in the prior art.