Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office action is responsive to Applicant's submission filed on 3/10/2026. Applicant canceled claims 12-20 and added claim 21. The claims 1-11 and 21 are pending.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 3/19/2026 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Double Patenting
The current elected claims are directed to the non-elected set of claims in parent application 17/216,593.
Response to Arguments
Applicant’s arguments with respect to claims 1-11 and 21 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Specifically, the new ground of rejection uses prior art, Pravin Parekh (US Pub No 2019/0026735), that teaches “wherein the first and second identifiers are distinguished from payment tokens”.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-11 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Law et al. (US Pub No 2017/0163629) in view of Pravin Parekh (US Pub No 2019/0026735 – assignee MasterCard International Incorporated, provided with IDS 3/19/26).
With respect to claim 1, Law teaches a system for processing a data transfer comprising:
a first entity configured to request a first identifier by providing information relating to the first entity (e.g., a merchant requesting a token requestor ID, TRID, ¶ 0044-0048 & Fig. 3 #311);
a second entity configured to request a second identifier and to link the second identifier to the first identifier (e.g., once a TRID is obtained, the token requestor using this TRID to request a token linking the TRID, as first identifier, with subsequent received token ID, as second identifier, to via a token provisioning request message ¶ 0050 & 0059 & Fig. 3 #315), [wherein the first and second identifiers are distinguished from payment tokens];
a first server configured to generate a message comprising at least the first identifier, the second identifier, and a name associated with the first identifier (e.g., the token provider composing a message to forward the token that is linked to the TRID ¶ 0060-0061 & Fig. 3 #316 with the message being digitally signed ¶ 0059 & Fig. 3 #314, and the message including data fields showing merchant ID, a terminal ID, ¶ 0057 and merchant name, business tax ID, etc. ¶ 0089); and
a second server configured to authenticate the data transfer based at least on the information contained in the message (e.g., the authorization computer, as an issuer, authenticating subsequent transaction based on the received token ¶ 0061-0062 & Fig. 5 #515-516).
Law discloses the claimed subject matter as discussed above with regards to using tokens, but does not explicitly disclose “wherein the first and second identifiers are distinguished from payment tokens”. However, analogous art from the same field of endeavor, Parekh teaches this with at least “It will be appreciated that in many instances, when payment device data is stored in a digital wallet, it is the token (which is typically device and/or context specific) and not the actual PAN which is stored on the device executing the digital wallet application (or on a secure remote server with which the device may communicate). It will also be appreciated that when a token is used as part of a payment transaction, the token is to be mapped back to the actual PAN by a tokenization service, such as Mastercard® Digital Enablement Service (MDES )” (¶ 0045). Specifically, the “token is used as part of a payment transaction”, of Parekh discloses this token as teaching the claim’s “payment token” and is distinguished from other identifiers since a database is needed to associate payment tokens to transaction details and primary account number (¶ 0045-0047). Therefore, based on Law in view of Parekh, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Parekh to the system of Law in order to “improve security and to prevent, or lessen the risk of, frauds for card-not-present transactions” (¶ 0007) . Hence, it would have been obvious to combine the references to obtain the invention as specified in the instant claim(s).
With respect to claim 2, Law further teaches wherein the first entity is verified based at least on the first and second identifiers (e.g., verifying the merchant using the received token and TRID ¶ 0061-0062).
With respect to claim 3, Law further teaches wherein the first server is further configured to generate a token based at least on the first identifier and the second identifier (e.g., token provider generate a second token associating the second token with the TRID ¶ 0068-0070).
With respect to claim 4, Law further teaches wherein the message further comprises a name associated with the second identifier and a cryptogram (e.g., the consumer may initiate the transaction with a cryptogram and the new token, with each message containing information usable for identifying to include the second identifier ¶ 0029-0030, 0073 & Fig. 4 #411 and Fig. 5. 411).
With respect to claim 5, Law further teaches wherein the message further comprises a validation result of the cryptogram (e.g., messaging indicative of a successful validation ¶ 0061-0062 & 0064).
With respect to claim 6, Law further teaches wherein the first entity and the second entity are the same (e.g., “FIG. 3 shows a flowchart illustrating a process for provisioning a token in a system that includes a resource provider computer 12, a transport computer 22, a token provider computer 33, and an authorization computer 40. In at least one example, the resource provider computer 12 may be operated by, or on behalf of, the token requestor 10 of FIG. 1 (e.g., a merchant)” ¶ 0055 and multiple entity being the same entity ¶ 0045 & 0050).
With respect to claim 7, Law further teaches wherein the first server generates the first identifier upon receiving a request from the first entity (e.g., the first server returning the TRID ¶ 0048 and Figs. 1, 3 and 4).
With respect to claim 8, Law further teaches wherein the first server generates the first identifier receiving a request from the second entity on behalf of the first entity (e.g., receiving from registration authority ¶ 0045 & Fig. 1).
With respect to claim 9, Law further teaches wherein the first server generates the second identifier upon receiving a request from the second entity (e.g., ¶ 0045 & Fig. 1).
With respect to claim 10, Law further teaches wherein the data transfer is a transaction processed by the first or second entity for a customer (e.g., payment transaction ¶ 0022 and payment card to request authorization for a purchase transaction for a customer ¶ 0036).
With respect to claim 11, Law further teaches wherein the first server is a transaction- enabling service provider and the second server is an issuer (e.g., the first server teaching a transport computer or token provider, or a combination of both, enabling of transactions ¶ 0055-0059 & and the second server as an authorization computer or an issuer ¶ 0061).
With respect to claim 21, the references above further teach wherein the first entity or the second entity is configured to initiate the data transfer by sending, to the first server, the first and second identifiers, the name associated with the first identifier, and the token (e.g., token provisioning request message at step 413 @ Law ¶ 0066 and communicate verification response to the issuer server to generate a transaction authorization ¶ 0051-0052).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAU LE whose telephone number is (571)270-7217. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LINGLAN EDWARDS can be reached at (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHAU LE/Primary Examiner, Art Unit 2408
Prosecution Insights