SECURE AUTHENTICATION BASED ON IDENTITY DATA STORED IN A CONTACTLESS CARD

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED CORRESPONDENCE Acknowledgements The Amendment of claims 6, 12 and 19, filed on 02/17/2026 is acknowledged. Claims 1, 4-8, 11-14 and 17-26 are pending. Claims 6, 12 and 19, are cancelled, and Claims 27-29, are newly added, therefore Claims 1, 4-5, 7-8, 11, 13-14, 17-18 and 20-29 are hereby examined. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 02/17/2026 has been entered. Examiner’s Response to Amendment/Remarks The previous issues in the claim interpretation disclosed by the Examiner in the Office Action mailed out on 11/12/2025, has not been adequately addressed, and the amendment has resulted in the claims having issues of a non-functional descriptive material. Applicant is of the opinion, in page11-14, of the response filed on 02/17/2026, that the prior art on file (Keys, Fitch, Hayhow, Peart and Cheng) does not, either singly or in combination, teach the amended claims. Examiner respectfully disagrees with this characterization as the way the claims had been amended, most of the amendments are about the content of the data and not really the underlying functions using that data. For example, the step of “receiving, by the computing device from the contactless card, encrypted customer ID data and encrypted additional data indicating an age of a customer associated with the contactless card, the encrypted customer ID data based on a diversified key of the contactless card, wherein the diversified key is based on a master key and a counter value of the contactless card, and the encrypted additional data comprises a passport image or a driver license image;”, prior art only need to teach “receiving, by the computing device from the contactless card, encrypted customer ID data/information, as the recitation of “…and encrypted additional data indicating an age of a customer associated with the contactless card, the encrypted customer ID data based on a diversified key of the contactless card, wherein the diversified key is based on a master key and a counter value of the contactless card, and the encrypted additional data comprises a passport image or a driver license image;” are not positively recited, as the amendments are about the content of the data (i.e., customer ID data/information) and not really the underlying functions using these data/information. Additionally, Examiner would also like to disclose that, in response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). In this instant application, Keys in view of Fitch, in view of Haywood, and further in view of Peart and Cheng, still teaches these amended limitations, as disclosed below. Additionally, Examiner acknowledge the correction requested in the Advisory Action mailed out on 02/05/2026, as regards naming the keys appropriately to match the Applicant’s specification, and further agree that the amendment helps to apprise the support provided (paragraphs 0027-0028) for the diversified key generation objected to in the Advisory Action. The 103 rejection is hereby maintained. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 4-5, 7-8, 11, 13-14, 17-18, 20 and 23-26 are rejected under 35 U.S.C. 103 as being unpatentable over John B. Keys (US Pat. 7931194 B2) in view of Fitch et al., (US Pat. 7472825 B2) and further in view of Hayhow et al., (US 20150073995 A1) and Peart et al., (US 20050033688 A1). With respect to claims 1, 8 and 14, Keys teaches a method, a computer device and a non-transitory computer-readable storage medium, the computer-readable storage medium including instructions that when executed by a processor of the computer device (Fig. 1, col 2:24-41), cause the processor to: enabling or restricting, by the computing device, the age-restricted purchase based on […] and whether a similarity between the captured image of the customer and an image of the customer included in the […] additional data indicates the age of the customer meets an age requirement for the age-restricted purchase (Fig 3B, col 2:51-66 “The user interface 102 further includes elements used to collect data to be used in verifying the age of a purchaser, and the transaction processing module 120 includes components for processing and acting on this data. The user interface 102 includes an identification document reader 132 and an image capture device Such as a digital camera 133. When an age restricted product is to be purchased, the identification document reader 132 accepts and collects information from documents submitted by the purchaser and the digital camera 133 provides the ability to capture a purchaser image. The transaction processing module 120 retrieves identification information for each product as it is submitted for purchase. When an age restricted product is identified, for example, by retrieving identification information associated with a bar code, the transaction processing module 130 invokes an age verification module 131”, and also col 5:15-30 “…The age verification module examines the document information elements 164A, 164B and 164C to identify the document format and identity and the jurisdiction issuing the document, and checks this information against information for known documents stored in a document format and authentication database 176, Suitably stored on the server 122 and retrieved or consulted when needed. If the document was not found in the database, or if the document fails to meet formatting requirements, automatic age authentication is rejected and an attendant is summoned, suitably by sending an alert to the attendant console 159. If the document meets formatting and authentication requirements, the verification module 131 suitably compares information in the document information elements 164A, 164B and 164C…” and col 5:35-44 “…the birth date information entry for one of the document information Zones is examined and evaluated to determine whether the purchaser meets age requirements. If the purchaser does not meet age requirements, automatic age evaluation fails, and an attendant is Summoned. If the purchaser appears to meet age requirements, the age verification module 131 directs display of a message or presentation of an audible message instructing or directing the purchaser to position himself or herself for photographing…”, and also {col 3:67-col 4:20, col 5:44-62 “A photograph of the purchaser is captured with the digital camera 133. A purchaser image 182 is then captured and stored. The age verification module 131 performs image processing on the document image 166 and the purchaser image 182. The document image 166 is examined to isolate the document holder photograph. Suitably, document format information stored in the merchant preference table 150 or the document format and authentication database 176 may be consulted to assist in isolating the document holder photograph. The document holder photograph and the purchaser image 182 are processed and compared using facial recognition techniques. If the document holder photograph matches the captured image of the purchaser, age verification passes and the purchaser is allowed to buy the presented product, and all other products presented in the transaction for which the customer meets the age requirements. If the document holder photograph does not match the captured image of the purchaser, automatic age verification fails, and an attendant is summoned”}. wherein the method further comprises: prior to enabling or restricting the age-restricted purchase, receiving by the computing device receives from the contactless card, the […] additional data indicating the age of the customer […] {col 3:24-36 “…the optical reader 136 is able to scan numerous different bar code types, in order to accommodate different standards used by different jurisdictions for encoding of driver license and state identification card information, and to accommodate different types of identification documents, such as military identification cards, immigration documents or the like. The document may also be scanned by the smart card reader 139, which identifies and reads a smart card chip, if such a chip is present. In addition, the image capture device 140 is able to capture an image of the document in order to allow processing of a photograph of the document holder presented on the document”}. receiving “…and the […] additional data comprises a passport image or a driver license image” {col 3:24-36 “…the optical reader 136 is able to scan numerous different bar code types, in order to accommodate different standards used by different jurisdictions for encoding of driver license and state identification card information, and to accommodate different types of identification documents, such as military identification cards, immigration documents or the like. The document may also be scanned by the smart card reader 139, which identifies and reads a smart card chip, if such a chip is present. In addition, the image capture device 140 is able to capture an image of the document in order to allow processing of a photograph of the document holder presented on the document” and also col 5:44-62}. capturing, by the computing device, an image of the customer {col 3:67-col 4:20, col 5:44-62 “A photograph of the purchaser is captured with the digital camera 133. A purchaser image 182 is then captured and stored. The age verification module 131 performs image processing on the document image 166 and the purchaser image 182…}. Keys does not explicitly disclose, however, Fitch discloses receiving, by a computing device, a request to perform an age verification via a contactless card for an age-restricted purchase {col 10:60-col 11:30 “…In accordance with the invention, cash register 340 can be configured to change a state of a trigger signal when cash register 340 receives from a bar code reader 340 a decoded out message comprising a product code corresponding to a "proof-of-age” product as determined with reference to the lookup table (LUT). Cash register 340 when receiving a decoded-out message having a product code corresponding to a "proof-of-age” product… when cash register 340 receives a decoded-out message corresponding to a “proof-of-age” product. The red light or another visible light emitted by LEDs 6316 provides a visual feedback indicating to a customer and a store clerk that proof-of-age is required for purchase of the product just subjected to bar code decoding by reader 340. The store clerk may then place customer driver license or other customer identification card in a field of view of module 263-2 to decode a bar code on the identification card indicating the customer's date of birth. After a customer identification card bar code is read, transaction terminal 10 may communicate with cash register 340 so that cash register 340 displays on cash register display 340d the customer's date of birth or an appropriate text message indicating that the customer is or is not of Sufficient age to purchase the product…”}. presenting, on a display device of the computing device, an indication to provide the contactless card to the computing device to perform the age verification {col 11:15-30 “…when cash register 340 receives a decoded-out message corresponding to a "proof-of-age" product. The red light or another visible light emitted by LEDs 6316 provides a visual feedback indicating to a customer and a store clerk that proof-of-age is required for purchase of the product just subjected to bar code decoding by reader 340. The store clerk may then place customer driver license or other customer identification card in a field of view of module 263-2 to decode a bar code on the identification card indicating the customer's date of birth. After a customer identification card bar code is read, transaction terminal 10 may communicate with cash register 340 so that cash register 340 displays on cash register display 340d the customer's date of birth or an appropriate text message indicating that the customer is or is not of sufficient age to purchase the product…”}. receiving, by the computing device from the contactless card, encrypted customer ID data and encrypted additional data indicating an age of a customer associated with the contactless card, the encrypted customer ID data based on a diversified key of the contactless card, wherein the diversified key is based on a master key and a […] value of the contactless card, and the encrypted additional data […] {Fig 2c -2h, col 11: 24-42, and also col 37:43-col 38:33] “Transaction terminal 10 is adapted so that certain information previously designated as secure information is stored in a designated IC chip. Such information may include, for example, encryption keys or other information which may be designated as secure such as card identification numbers, signature information, fingerprint information, and retinal signature information, decoded-out message data decoded from e.g., an optical or RF card reader. In accordance with applicable banking standards (ANSI ISO), PIN information, when entered into a POS device such as transaction terminal 10 should be encrypted at terminal 10… The Data Encryption Standard (DES) is the most common form of master session keys. Under a master-session scheme, terminal 10 has a strong "master" key and a second "session" key…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys to include the elements of Fitch. One would have been motivated to do so, in order to have a protected and verified transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction. Fitch is merely relied upon to illustrate the functionality of having a platform for messaging and verification of age in a purchase transaction, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, as well as having a platform for messaging and verification of age in a purchase transaction are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys, as well as Fitch would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch. The combination of Keys in view of Fitch does not explicitly disclose, however Hayhow discloses “…wherein the diversified key is based on a master key and a counter value of the contactless card” {¶ 0024 “…The financial institution associated with the issuer server 300 issues payment cards to cardholders (or authorizes a third party to issue the payment cards). Each issuer server 300 is configured to communicate with the acquirer servers 270 via the payment network 108, and maintains a secure accounts database that includes a plurality of clusters each associated with a respective financial account. Each cluster typically identifies an account number that is uniquely associated with the payment card 210, the current value of a transaction counter internal to the payment card 210…”, ¶ 0036 “…the payment card 210 may have a contact form factor and/or a contactless form factor, and may be implemented as a plastic smartcard, chip card or integrated circuit card that includes a built-in micro-controller and protected memory. The micro-controller and protected memory together provide a secure self-contained computing environment for running cryptographic (e.g., data encryption standard (DES), triple-DES, advanced encryption standard (AES)) algorithms. Preferably, the plastic payment card 210…”}. transmitting, by the computing device, the encrypted customer ID data and the encrypted additional data to an authentication server {Fig. 3b S336-S338, ¶¶ 0034, 0061 “…The payment card 210 may generate the online cryptogram ARQC by (i) generating a cryptographic session key from the payment card cryptographic master key and the transaction counter, and (ii) applying the Terminal Verification Results, adjusted/preliminary authorization amount, unpredictable number, transaction date, account number and transaction counter (collectively the Issuer Authorization Data) and the session key as inputs to a cryptographic algorithm”}. determining, by the computing device by receiving from the authentication server an indication of a verification of the encrypted customer ID data and the encrypted additional data, that the authentication server decrypted the encrypted customer ID data based on a copy of the diversified key maintained by the server and decrypted the encrypted additional data, wherein the copy of the diversified key is based on a copy of the master key maintained by the authentication server and a copy of the counter value maintained by the authentication server{Fig 3b S342-S344, ¶ 0036 “…the payment card 210 may have a contact form factor and/or a contactless form factor, and may be implemented as a plastic smartcard, chip card or integrated circuit card that includes a built-in micro-controller and protected memory. The micro-controller and protected memory together provide a secure self-contained computing environment for running cryptographic (e.g., data encryption standard (DES), triple-DES, advanced encryption standard (AES)) algorithms. Preferably, the plastic payment card 210…”, ¶ 0064 “…the issuer server 300 verifies that the payment card 210 generated the online cryptogram ARQC. To do so, the issuer server 300 may (i) recover the payment card's session key by applying the account number, payment card internal transaction counter and a card issuer cryptographic master key as inputs to a suitable cryptographic algorithm, (ii) decrypt the online cryptogram ARQC with the recovered session key, (iii) compute a message authentication code from the Issuer Authorization Data, and (iv) compare the computed message authentication code against the decrypted cryptogram”, and also ¶¶ 0065-0068“}. “…the determination that the authentication server decrypted the encrypted customer ID data…” {¶¶ 0065-0068 “…the payment terminal 200 examines the authorization response code of the Authorization Response Message. If the authorization response code indicates that the card issuer authorized the transaction and that the payment card 210 generated the online cryptogram ARQC from the adjusted/preliminary authorization amount and the cryptographic master key (or session key) of the payment card 210, at step S348 the transaction processor 220 transmits to the payment card 210…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys in view of Fitch to include the elements of Hayhow. One would have been motivated to do so, in order to have a protected and verified transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, and Fitch discloses having a platform for messaging and verification of age in a purchase transaction, Hayhow is merely relied upon to illustrate the functionality of protecting and securing transaction cryptogram using encryption and decryption algorithm, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, and having a platform for messaging and verification of age in a purchase transaction as well as protecting and securing transaction cryptogram using encryption and decryption algorithm, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys in view of Fitch, as well as Hayhow would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow. Although Keys teaches … the data indicating the age of the customer” in a cryptogram above, the combination of Keys in view of Fitch and Hayhow does not explicitly disclose, however Peart discloses “prior to enabling or restricting the age-restricted purchase… “receive a cryptogram” …along with a digital signature of the encrypted additional “the cryptogram” data indicating the age of the customer, the digital signature being generated by the contactless card using the diversified key and the master key of the contactless card {¶ 0085 Table 12, Exemplary authentication EF, - Signed Static Application Data, ¶¶ 0104, 0108 “…Each card 100 may also include an issuing partner Public Key certificate, which may be signed by the issuer EMV CA public key. Additionally, each payment application stored on the card 100 may hold an application DDAPrivate Key and Public Key Certificate which is signed by the issuer CA Private Key…”, and also ¶¶ 0109-0110 “…the card 100 generate a cryptogram using dynamic data, which is unique to the transaction, and which is retrieved from the card 100 and the merchant 704, and a card DDA Authentication Private Key. The merchant system 704 may decrypt the dynamic signature using the card 100 application DDA Public key recovered from the card data. The merchant system 704 may then compare the decrypted dynamic signature (e.g., hash) to the hash of the original data on the card 100 to see if a match exists. If so, then the merchant system 704 may be assured that the card 100 presented for transaction completion is not counterfeit”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys and Fitch in view of Hayhow to include the elements of Peart. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, and Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm. Peart is merely relied upon to illustrate the functionality of the interaction between the cryptogram and the POS terminal, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, and protecting and securing transaction cryptogram using encryption and decryption algorithm, as well as the interaction between the cryptogram and the POS terminal, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys and Fitch in view of Hayhow, as well as Peart would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart. With respect to claims 4 and 17, the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 1, 8 and 14 above. Furthermore, Peart discloses wherein the counter value of the contactless card is synchronized with the copy of the counter value maintained by authentication server {¶¶ 0116, 0120, 0126 “…the card 100 performs issuer authentication by validating that the cryptogram came from a genuine issuer (or its agent). This prevents villainous third parties from circumventing the card 100 security features by simulating online processing and fraudulently approving a transaction to reset counters and indicators”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys and Fitch in view of Hayhow to include the elements of Peart. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, and Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm. Peart is merely relied upon to illustrate the functionality of the interaction between the cryptogram and the POS terminal, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, and protecting and securing transaction cryptogram using encryption and decryption algorithm, as well as the interaction between the cryptogram and the POS terminal, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys and Fitch in view of Hayhow, as well as Peart would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart. With respect to claims 5, 11 and 18, the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 1, 8 and 14 above. Furthermore, Keys discloses “…data indicating the age of the customer” in {see at least col 5:11-22 “Once the document information has been stored, the age verification module 131 examines the information stored in each document information Zone in order to verify the information and confirm that the purchaser meets the age requirements for the product to be purchased. The age verification module examines the document information elements 164A, 164B and 164C to identify the document format and identity and the jurisdiction issuing the document, and checks this information against information for known documents stored in a document format and authentication database 176, Suitably stored on the server 122 and retrieved or consulted when needed…”}. And Peart discloses, further comprising prior to enabling or restricting the age-restricted purchase: verifying, by the computing device, the digital signature based on a public key for the contactless card {¶ 0108 “…Each card 100 may also include an issuing partner Public Key certificate, which may be signed by the issuer EMV CA public key. Additionally, each payment application stored on the card 100 may hold an application DDAPrivate Key and Public Key Certificate which is signed by the issuer CA Private Key…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys and Fitch in view of Hayhow to include the elements of Peart. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, and Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm. Peart is merely relied upon to illustrate the functionality of the interaction between the cryptogram and the POS terminal, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, and protecting and securing transaction cryptogram using encryption and decryption algorithm, as well as the interaction between the cryptogram and the POS terminal, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys and Fitch in view of Hayhow, as well as Peart would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart. With respect to claims 7, 13, 20 and 23-25, the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 1, 8 and 14 above. Furthermore, Keys discloses determining, by the computing device, that the age of the customer does not meet the age requirement for the age-restricted purchase {col 5:11-26}, and restricting, by the computing device, the age-restricted purchase based on the determination that the age of the customer does not meet the age requirement for the age-restricted purchase {col 5:35-44}. With respect to claim 26 the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 1, 8 and 14 respectively above. Furthermore, Fitch discloses “wherein the rule is a first rule of a plurality of rules, wherein the type of operation is a first type of a plurality of types of operations, wherein a second type of the plurality of types of operations is associated with a second rule of the plurality of rules” {(104)/[11:15-30 “…when cash register 340 receives a decoded-out message corresponding to a "proof-of-age" product. The red light or another visible light emitted by LEDs 6316 provides a visual feedback indicating to a customer and a store clerk that proof-of-age is required for purchase of the product just subjected to bar code decoding by reader 340. The store clerk may then place customer driver license or other customer identification card in a field of view of module 263-2 to decode a bar code on the identification card indicating the customer's date of birth. After a customer identification card bar code is read, transaction terminal 10 may communicate with cash register 340 so that cash register 340 displays on cash register display 340d the customer's date of birth or an appropriate text message indicating that the customer is or is not of sufficient age to purchase the product…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys and Fitch in view of Hayhow to include the elements of Peart. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, and Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm. Peart is merely relied upon to illustrate the functionality of the interaction between the cryptogram and the POS terminal, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, and protecting and securing transaction cryptogram using encryption and decryption algorithm, as well as the interaction between the cryptogram and the POS terminal, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys and Fitch in view of Hayhow, as well as Peart would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart. Claims 21-22 and 27-29 are rejected under 35 U.S.C. 103 as being unpatentable over John B. Keys (US Pat. 7931194 B2) in view of Fitch et al., (US Pat. 7472825 B2), Hayhow et al., (US 20150073995 A1) and Peart et al., (US 20050033688 A1), and further in view of Russel C.H. Cheng, (US 20060231610 A1). With respect to claims 21-22, the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 1, 8 and 14 above, but does not explicitly disclose, however, Cheng disclose further comprising: determining, by the computing device based on a rule, to perform the age verification based on the decrypted encrypted additional data {¶¶ 0003, 0008-0009, 0021 “The device 120 captures a substantially complete image of the ID 110 and saves it to working memory 210 (FIG. 2) in TIFF or other format. The image is then displayed on a display 240 (FIG. 2) to verify legibility of the ID scan. The device 120 keys in on the upper right corner of the ID 110 where the date of birth is written (if a Japanese driver's license). The device 120 then determines if the date of birth correlates with the person's age as being at least a minimum age on that particular day when the ID 110 is handed to the operator to begin the age verification process”}. And Cheng further disclose encrypting the OCR text of the ID holder for verification matching in {¶¶ 0042 “The OCR engine 325 translates an image of text on the ID 110 into computer-editable text in ASCII or other format for storage in the database 355… The authentication engine 320 can also authenticate the ID 110 by comparing the OCR text with the electronically recorded text on the ID 110 to confirm they match”, ¶¶ 0043-0045 “The encryption engine 340 encrypts some or all data stored in the database 355 and decrypts the data for viewing on the display 240. Further, the encryption engine 340 also decrypts data stored in the database when transferring to a computer with the transfer engine 335. Encrypting the data ensures unauthorized users cannot view the data in case of the loss of the device 120…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys, Fitch and Hayhow in view of Peart to include the elements of Cheng. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm, and Peart discloses the interaction between the cryptogram and the POS terminal. Cheng is merely relied upon to illustrate the functionality of having an option of authenticating the user’ ID card, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, protecting and securing transaction cryptogram using encryption and decryption algorithm, and having the interaction between the cryptogram and the POS terminal, as well as having an option of authenticating the user’ ID card, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys, in view of Fitch, in view of Hayhow, and in view of Peart, as well as Cheng would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart/Cheng. With respect to claims 27-29, the combination of Keys, Fitch and Hayhow in view of Peart teaches all the subject matter as disclosed in claims 8, 14 and 27 above, but does not explicitly disclose, however, Cheng disclose wherein the instructions further cause the processor to, determine, based on a rule, to perform the age verification based on the decrypted encrypted additional data {¶¶ 0003, 0008-0009, 0021 “The device 120 captures a substantially complete image of the ID 110 and saves it to working memory 210 (FIG. 2) in TIFF or other format. The image is then displayed on a display 240 (FIG. 2) to verify legibility of the ID scan. The device 120 keys in on the upper right corner of the ID 110 where the date of birth is written (if a Japanese driver's license). The device 120 then determines if the date of birth correlates with the person's age as being at least a minimum age on that particular day when the ID 110 is handed to the operator to begin the age verification process”, and also ¶¶ 0043-0045 “The encryption engine 340 encrypts some or all data stored in the database 355 and decrypts the data for viewing on the display 240. Further, the encryption engine 340 also decrypts data stored in the database when transferring to a computer with the transfer engine 335. Encrypting the data ensures unauthorized users cannot view the data in case of the loss of the device 120…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Keys, Fitch and Hayhow in view of Peart to include the elements of Cheng. One would have been motivated to do so, in order to provide a protected and secured transaction request data in a payment transaction. Furthermore, Keys discloses age verification in a purchase transaction, Fitch discloses having a platform for messaging and verification of age in a purchase transaction, Hayhow discloses protecting and securing transaction cryptogram using encryption and decryption algorithm, and Peart discloses the interaction between the cryptogram and the POS terminal. Cheng is merely relied upon to illustrate the functionality of having an option of authenticating the user’ ID card, in the same or similar context. Because both having a protected and verified transaction request data in a payment transaction, having a platform for messaging and verification of age in a purchase transaction, protecting and securing transaction cryptogram using encryption and decryption algorithm, and having the interaction between the cryptogram and the POS terminal, as well as having an option of authenticating the user’ ID card, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Keys, in view of Fitch, in view of Hayhow, and in view of Peart, as well as Cheng would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Keys/Fitch/Hayhow/Peart/Cheng. Conclusion The prior art made of record and not relied upon: 1) (US 20120323621 A1) – Carlegren et al., Assisting Customers at A Self- Checkout Terminal - relates to the most prevalent uses of these powerful computer systems and networks is for self-checkout terminals in retail establishments such as, for example, grocery stores, restaurants, hotels, stadiums, and so on. Each self-checkout terminal is typically located on a checkout counter and used by a shopper to complete customer sales. 2) (US 20030177102 A1) – Timothy Robinson., System and Method for Biometric Authorization for Age Verification – relates generally to age verification. More particularly, the present invention relates to a tokenless system and method for age verification using a biometric and a system identification number (SID). 3) (US 20080071674 A1) – James D. Thackston, System and Method for On-line Commerce Operations Including Payment Transactions – generally relates to a system and method to provision a secure payment for consumer purchases of products and services such as from on-line merchants and, more particularly, for making payments using a virtual stored value account. 4) Ghosh et al., (US 20180349889 A1) - Accessing digital wallet information using a point-of-sale device relates to systems and methods are provided for accessing digital wallet information using a point-of-sale (POS) device. 5) Jeffery J. Jessamine, (US 2019/0066063 A1) - Method and System for Secure Identity Transmission with Integrated Service Network and Application Ecosystem – relates to Method of generating a secure user identity data set, using timestamps and algorithms which can be encrypted, whose structure is generated in an initial communication between the communication device of the user and a remote identity server. 6) Zhao et al., (US 20160239887 A1) – Age Verification Through Mobile Wallet Method and Apparatus - include a system, device, method and computer-readable medium to Verify minimum age of accountholders, to enable age restrictions on purchases. Any inquiry concerning this communication or earlier communications from the examiner should be directed to VINCENT IDIAKE whose telephone number is (571)272-1284. The examiner can normally be reached on Mon-Fri from 10:30AM to 7:30PM ET. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PATRICK MCATEE, can be reached at telephone number (571)272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated-interview-request-air-form /V.I./Examiner, Art Unit 3698 /PATRICK MCATEE/Supervisory Patent Examiner, Art Unit 3698