METHODS AND SYSTEMS FOR SECURE CROSS-PLATFORM TOKEN EXCHANGE

§101 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This office action is in response to the application filed on or reply to the remarks of 1/2/2026. The instant application has claims 21-40 pending. The system, method and medium for cross-platform token exchange for use with service provider There a total of 20 claims. Response to Arguments The applicant’s argument relating to integrated into a practical application is not persuasive. There are several court cases that illustrate a practical concept is still deemed abstract idea and ineligible by Fed. Circuit Court. The examples include device profiles for imaging device, playing bingo, or guarantee online transaction, data analysis on documents. See Digitech Image Tech's v. Electronics For Imaging, 758 F.3d 1344 (Fed. Cir. 2014); Planet Bingo, LLC v. VKGS, LLC, 576 Fed. Appx. 1005 (Fed. Cir. 2014) ; Buysafe, Inc. v. Google, Inc., 765 F.3d 1350 (Fed. Cir. 2014); Content Extraction and Transmission. v. Wells Fargo Bank, 776 F.3d 1343 (Fed. Cir. 2014). The applicant argument relating to obtaining sensitive data from first token and second token is absent in cited prior art is not persuasive. Makhotin discloses account identifier and mobile account identifier being included with request see Par. 009-010. Thus the token represent an identifier that further used to retrieve application data and corresponding services to be provided see Par. 0029. Marhotin further discloses the multiple service providers for providing services based on account identifiers see Par. 0032 & Par. 0120-0122. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 21-41 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites exchanging the first token for second token, which effectively represents an trusted person changing the issued number from first provider to an second provider, .e. g credit card from an first provider to and second credit card number based on trusted intermediary. That is, the steps can be performed by an human using an generic computer. The limitation of “ obtaining sensitive data corresponding to the first token from a first token service provider, based on the token exchange request”, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “by a processor,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “by a processor” language, “ obtaining sensitive data corresponding to the first token from a first token service provider, based on the token exchange request” in the context of this claim encompasses the user manually finding the credit card number of the issued card. Similarly, the limitation of “ obtaining a second token corresponding to the sensitive data from a second token service provider, wherein the first token is incompatible with the second token service provider, the second token is incompatible with the first token service provider, and both the first token and the second token correspond to the sensitive data”, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation done in the mind but for the recitation of generic computer components the 2019 Revised Patent Subject Matter Eligibility Guidance (“2019 PEG”) Federal Register January 7, 2019. For example, but for the “by a processor” language, “ obtaining a second token corresponding to the sensitive data from a second token service provider, wherein the first token is incompatible with the second token service provider, the second token is incompatible with the first token service provider, and both the first token and the second token correspond to the sensitive data” in the context of this claim encompasses the user issuing an second token or identifier or account, e. g new credit card, being issued to the user based on the first identifier or account number on the credit card. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” & “Certain methods of organizing human activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – using a processor to perform both the “ obtaining sensitive data corresponding to the first token from a first token service provider, based on the token exchange request” and steps. The processor in both steps is recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of checking the credit card number and issuing an new credit card with new number i.e. Visa card being changed to Mastercard) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to perform checking the credit card number and issuing an new credit card with new number, i.e. Visa card being changed to Mastercard steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible. Furthermore, similar to instant application of trading/exchanging one token for another in another service provider, there are several court cases which was found ineligible under 35 USC 101-abstract idea like authorizing an transit ride without monthly voucher using credit card see Smart Systems Innovations v. Chicago Transit Authority, 873 F.3d 1364 (Fed. Cir. 2017); relating to using one-time code for financial transactions see Universal Secure Registry LLC v. Apple Inc., (Fed. Cir. 2021); detecting fraud in financial transaction see Bozeman Financial LLC v. Federal Reserve Bank of Atlanta, 955 F.3d 971 (Fed. Cir. 2020). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under pre-AIA 35 U.S.C. 103(a) are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 21-40 is/are rejected under 35 U.S.C. 103 as being unpatentable over US Patent Pub 2014/0250006 to Makhotin in view of US Patent Pub 2017/0063840 to Krishnaiah. Regarding claim 21, 28, 35, Makhotin discloses A method for cross-platform token exchange, comprising: receiving, from an upstream merchant system, a primary token exchange request for exchanging a an input first token associated with an input token vault of a first token service provider for an output second token associated with an output token vault of a second token service provider, the primary token exchange request including the input first token1(Abstract & Fig. 5 item 511, account reference identifier & Par. 009-0010, the first protocol routing exchanged for second routing protocol & Par. 0029, the application data and services is provided based on the token information); obtaining sensitive data corresponding to the input first token from the first token service provider, based on the primary token exchange request(Par. 00133, the trusted hub has access to issuer and the account details); obtaining the output second token corresponding to the sensitive data from the second token service provider, wherein the input first token is incompatible with the output second token service provider, the output second token is incompatible with the input first token service provider, and both the input first token and the output second token correspond to the sensitive data(Par. 009-0010 & Par. 0076-0079 & Par. 0082, the protocol established during onboarding is changed via protocol adapter at hub and the information is corrected & Par.0067, account information about user & Par. 0032 & Par. 0120-0122 & Fig. 12 item 130). Makhotin does not disclose transmitting, to the merchant system, the second token that is exchanged for the first token in response to the token exchange request. In the same field of endeavor as the claimed invention, Krishnaiah discloses transmitting, to the upstream merchant system, the output second token that is exchanged for the input first token in response to the primary token exchange request(Abstract & Fig. 5 & Par. 0017-0018, the token issued for cross-platform merchants). It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Makhotin invention to incorporate transmitting, to the merchant system, the second token that is exchanged for the first token in response to the token exchange request for the advantage of providing the cross-token across various platforms as taught in Krishnaiah see Par. 0059. Regarding claim 22, 29, 36, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Makhotin discloses the method of claim 21, further comprising: generating a detokenization request based on the token exchange request; transmitting the detokenization request to the first token service provider(Fig. 12 item 137A, 139, hub has profiles about the users for changing & Par. 0094) ; and receiving a detokenization response including the sensitive data from the first token service provider, wherein the obtaining the sensitive data corresponding to the first token from the first token service provider comprises obtaining the sensitive data based on receiving the detokenization response including the sensitive data(Fig. 6 item 130, 131, the mobile payment is change & Par. 0028-0029). Regarding claim 23, 30, 37, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Makhotin discloses the method of claim 21, further comprising: generating a tokenization request including the sensitive data(Par. 0094, the protocols adapter for another protocol & Par. 0092 issued protocol changed to meet the services). transmitting the tokenization request to the second token service provider(Par. 0092-0094, the protocols adapter for another protocol and issued protocol changed to meet the services). and receiving a tokenization response including the second token from the second token service provider, wherein the obtaining the second token corresponding to the sensitive data from the second token service provider comprises obtaining the second token based on receiving the tokenization response including the second token from the second token service provider (Par. 0094, the protocols adapter for another protocol & Par. 0092 issued protocol changed to meet the services). Regarding claim 24, 31, 38, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Makhotin discloses the method of claim 21, wherein the token exchange request includes a first identifier of the first token service provider, and includes a second identifier of the second token service provider(Par. 0068, account authorization & Par.0067, account information about user & Par. 0063, different protocols). Regarding claim 25, 32, 38, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Krishnaiah discloses the method of claim 21, wherein the sensitive data comprises a primary account number (PAN), a social security number, a bank routing number, or a driver's license number(Par. 0028-0030, account identifier and details). Regarding claim 26, 33, 39, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Krishnaiah discloses the method of claim 21, further comprising: obtaining a third token corresponding to the sensitive data from a third token service provider, based on the token exchange request (Par. 0033-0034 & Par. 0031, various token and new accounts being created & Fig. 5).; and transmitting the third token to the merchant system(Par. 0033-0034 & Par. 0031, various token and new accounts being created & Fig. 5). Regarding claim 27, 34, 40, The combined method/system/medium of Makhotin and Krishnaiah, mutatis mutandis, Krishnaiah discloses the method of claim 26, wherein the token exchange request includes a first identifier of the first token service provider, a second identifier of the second token service provider, and a third identifier of the third token service provider(Par. 0033-0034 & Par. 0031, various token and new accounts being created). Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213. The examiner can normally be reached 9-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492 Email: venkatanarayan.perungavoor@uspto.gov 1 The account reference identifier represents the token similar to instant application Spec. Par. 0030-0031.