Detailed Action
Acknowledgements
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to the Amendment filed on October 28, 2025.
Claims 3-4 are cancelled.
Claims 18-22 are added.
Claims 1-2 and 5-22 are pending.
Claims 7-17 are withdrawn.
Claims 1-2, 5-6, and 18-22 are examined.
This Office Action is given Paper No. 20260312 for references purposes only.
Claim Objections
Claim 1 recites “receiving, by a token provider server computer.” Examiner assumes that Applicant intended “receiving, by the token provider server computer.” Appropriate correction is required.
Claim 1 recites “the request for a token.” Examiner assumes that Applicant intended “the request for the token.” Appropriate correction is required.
Claim 1 recites “a mobile device identification.” Examiner assumes that Applicant intended “the mobile device identification.” Appropriate correction is required.
Claim 1 recites “wherein the token gateway server computer to validate the PAN information.” Examiner assumes that Applicant intended “wherein the token gateway server computer validates the PAN information.” Appropriate correction is required.
Claim 18 recites “a mobile device number, a mobile device identification, a card validity information, and a card postal code to a token provider server computer.” Examiner assumes that Applicant intended “the mobile device number, the mobile device identification, the card validity information, and the card postal code to the token provider server computer.” Appropriate correction is required.
Claim Rejections - 35 USC § 112b
The following is a quotation of 35 U.S.C. 112(b):
(B) CONCLUSION - The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-2, 5-6, and 18-22 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Claim 1 recites “the mobile device.” There is lack of antecedent basis for this term. For purposes of applying the prior art only, Examiner will interpret as “a mobile device.”
Claim 5 recites “a token.” This phrase is vague and indefinite because it is unclear whether this refers to “the token” previously recited, or to “a second token.” For purposes of applying the prior art only, Examiner will interpret as “the token.”
Claim 18 recites “a request for the token.” This phrase is vague and indefinite because it is unclear whether this refers to “the request for the token” previously recited, or to “a second request for the token.” For purposes of applying the prior art only, Examiner will interpret as “the request for the token.”
Claim 19 recites “the trusted public certificate.” There is lack of antecedent basis for this term. For purposes of applying the prior art only, Examiner will interpret as “a trusted public certificate.”
Claim 21 recites “the card issuer.” There is lack of antecedent basis for this term. For purposes of applying the prior art only, Examiner will interpret as “a card issuer.”
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 5-6, 18, and 20-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Mehrhoff et al. (US 2021/0217005), in view of Kallugudde (US 2019/0213596), and further in view of Seton et al. (US 2023/0067507).
Claim 1
Mehrhoff discloses:
receiving, by a token provider server computer (token requesting device, see [0072]), a request for the token (requests a token, see [0073]) from the third-party banking application (banking application, see [0035]), the request for a token comprising a personal account number (PAN) information (PAN, see [0072]) associated with the third-party banking application (banking application, see [0035]), a mobile device number (phone number, see [0074]), a mobile device identification (device hardware identifier, see [0074]), a card validity information (expiry date, see [0073]), and a card postal code, wherein the card validity information is related to a card (contactless card, see [0073]) associated with the third-party banking application;
enrolling (via a registration system, see [0073]), by the token provider server computer (token requesting device, see [0073]), the PAN information (PAN, see [0073]), the mobile device number (a phone number, see [0074]), a mobile device identification (device hardware identifier, see [0074]), the card validity information (expiry date, see [0073]), and the card postal code;
sharing, by the token provider server computer, the PAN information (PAN, see [0073]), the mobile device number (phone number, see [0074]), a mobile device identification (device hardware identifier, see [0074]), the card validity information (expiry date, see [0073]), and the card postal code with a token gateway server computer (token service system, see [0074]), wherein the token gateway server computer to validate (verifies the collected authentication data, see [0075]) the PAN information, the card validity information, and the card postal code;
receiving, by the token provider server computer (token requesting device, see [0077]), a pending state token (contactless token, see [0077]) from the token gateway server computer (token service system, see [0077]) upon completion of validation of the PAN information, the card validity information (expiry date, see [0073]), and the card postal code;
transmitting, by the token provider server computer (token requesting device, see [0077]), the pending state token (contactless token, see [0077]) to the third-party banking application running on the mobile device to associate the pending state token with the mobile device (provisions the token to the contactless card, see [0077]).
Mehrhoff does not disclose:
Receiving… value;
Transmitting… OTP;
Receiving… computer;
Sending… device.
Kallugudde teaches:
receiving, by the token provider server computer (token requestor server, see [0072]), a token validation request (request, see [0072]) from the third-party banking application (payment application on customer device, see [0072, 0076]), the token validation request comprising a push one time password (OTP) value (one-time password, see [0072]);
transmitting, by the token provider server computer (token requestor server, see [0072]), the push OTP (request, see [0072]) to the token gateway server computer (tokenization platform, see [0072]), wherein the token gateway server validates the push OTP;
receiving, by the token provider server computer, a token validated state message (token in an encrypted format, see [0072]) from the token gateway server computer; and
sending, by the token provider server computer (token requestor server, see [0072]), the token validated state message (token in an encrypted format, see [0072]) to the mobile device (customer device, see [0072]).
Mehrhoff discloses a PAN and mobile device number, enrolling the PAN and mobile number, establishing communication with a gateway server, receiving a pending state token, and transmitting the pending state token to the mobile device. Mehrhoff does not disclose receiving a validation request, transmitting the push OTP, receiving a message from the gateway server, and sending the validated state message to the device, but Kallugudde does. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to combine the tokenization of contactless cards of Mehrhoff with the receiving a validation request, transmitting the push OTP, receiving a message from the gateway server, and sending the validated state message to the device of Kallugudde because 1) a need exists for securing data stored on a contactless payment card through the use of tokens (see Mehrhoff [0001]); and 2) a need exists for reducing payment transaction time at a merchant terminal (see Kallugudde [0004]). Receiving a validation request, transmitting the push OTP, receiving a message from the gateway server, and sending the validated state message to the device can assist in contactless payment through the use of tokens, while helping to reduce payment transaction time.
Mehrhoff in view of Kallugudde discloses the limitations above. Mehrhoff in view of Kallugudde does not disclose:
a card postal code.
Seton teaches:
and a card postal code (postal code of card, see Table 1).
Mehrhoff in view of Kallugudde discloses a PAN and mobile device number, enrolling the PAN and mobile number, establishing communication with a gateway server, receiving a pending state token, transmitting the pending state token to the mobile device, receiving a validation request, transmitting the push OTP, receiving a message from the gateway server, and sending the validated state message to the device. Mehrhoff in view of Kallugudde does not disclose a card postal code, but Seton does. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to combine the tokenization of contactless cards of Mehrhoff, in view of Kallugudde, with the card postal code of Seton because a need exists for an improved system for allowing users to address bills from various providers (see Seton [0004]). A card postal code can be used for transactions.
Claim 2
Furthermore, Mehrhoff discloses:
the third-party banking application running on the mobile device is an open banking application (banking application, see [0035]).
Claim 5
Furthermore, Mehrhoff discloses:
creating a token (creates a token, see [0077]) based on the PAN information and the mobile device number on the mobile device.
Claim 6
Furthermore, Seton teaches:
receiving, by the token provider server computer, from the third-party banking application a notification of a high risk transaction (assessing risk of requesting device, see [0114]); and
declining (decline the transaction, see [0071-0072]) the token for the high-risk transaction.
Claim 18
Furthermore, Mehrhoff discloses:
generating an application proxy interface instance (interface, see [0062]) associated with the third-party banking application on the mobile device; and
sending a request for the token (requests a token, see [0073]) based on a user input at the third-party banking application, the request comprising the PAN information (PAN, see [0072]), a mobile device number (phone number, see [0074]), a mobile device identification (device hardware identifier, see [0074]), a card validity information (expiry date, see [0073]), to a token provider server computer.
Furthermore, Seton teaches:
and a card postal code (postal code of card, see Table 1).
Claim 20
Furthermore, Mehrhoff discloses:
the token gateway server computer (token service system, see [0074]) is associated with a payment network of the card (payment card network system, see [0039]).
Claim 21
Furthermore, Mehrhoff discloses:
the user does not have a direct relationship (goes through token requesting device, see [0077]) with the card issuer and the payment network for creating tokens.
Claim 22
Furthermore, Mehrhoff discloses:
the card issuer (issuer, see [0039]) is enrolled on the payment network (payment network, see [0039]) to enable tokenization on the card for the third party banking application.
Response to Arguments
101 arguments
Applicant argues that the claimed invention is integrated into a practical application by securely validating the token through the third-party banking application (see Amendment p 10). Examiner has removed the 101 rejection.
103 arguments
Applicant argues that the claimed invention requests and validates a token from a third-party banking application without direct interaction of an issuer.
Please see revised rejection. Mehrhoff discloses the user does not have a direct relationship (goes through token requesting device, see [0077]) with the card issuer.
Claim Interpretation
The prior art made of record and not relied upon is considered pertinent to Applicant's disclosure (see attached form PTO-892).
Burgess et al. (US 2015/0350211) discloses securely integrating third-party applications with banking systems.
Kinch et al. (US 10,891,618) discloses protecting online payments through one-time payment cards.
Applicant is reminded that functional recitation(s) using the word and/or phrases “for”, “adapted to”, or other functional language (e.g. see claim 22 which recites “to enable”) have been considered but are given little patentable weight because they fail to add any structural limitations and are thereby regarded as intended use language. To be especially clear, all limitations have been considered. However, a recitation of the intended use of the claimed product must result in a structural difference between the claimed product and the prior art in order to patentably distinguish the claimed product from the prior art. If the prior art structure is capable of performing the intended use, then it reads on the claimed limitation. In re Casey, 370 F.2d 576, 152 USPQ 235 (CCPA 1967) ("The manner or method in which such a machine is to be utilized is not germane to the issue of patentability of the machine itself.”); In re Otto, 136 USPQ 458, 459 (CCPA 1963). See also MPEP §§ 2106 II (C.), 2114 and 2115. Unless expressly noted otherwise by Examiner, the claim interpretation principles in the paragraph apply to all examined claims currently pending.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry of a general nature or relating to the status of this application or concerning this communication or earlier communications from Examiner should be directed to Chrystina Zelaskiewicz whose telephone number is 571-270-3940. Examiner can normally be reached on Monday-Friday, 9:30am-5:00pm. If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, Neha Patel can be reached at 571-270-1492.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal/pair <http://pair-direct.uspto.gov>. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free).
/CHRYSTINA E ZELASKIEWICZ/
Primary Examiner, Art Unit 3699