DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This communication is responsive to the submission filed December 2, 2025.
Claims 1 and 6 are amended.
Claims 11-20 are canceled.
Claims 1-10 are pending.
Response to Remarks
35 U.S.C. § 103
Applicant’s arguments, see pp. 7-11, filed December 2, 2025, with respect to claims 1-10 have been fully considered and are persuasive. The rejection of September 19, 2025, has been withdrawn.
Claim Objections
Claims 6-10 are objected to because of the following informalities: Independent claim 6 recites “wherein the processing device includes”. However, the claim previously recited “a processing server”. Examiner suggests amending the claim so that the name of the processing entity is consistent. Claims 7-10 are objected to by reason of their dependency from claim 6. Appropriate correction is required.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-10 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-10 of U.S. Patent No. 11,915,233. Although the claims at issue are not identical, they are not patentably distinct from each other for the following reasons:
Claims 1, 6
‘233 Patent
A method for provisioning of a session key, said method comprising: receiving, by a processing server, from a computing device, a session key request including a single use key and an account identifier, wherein the single use key is a payment token that is associated with a transaction account;
Claim 1: A method for provisioning of a session key for use in generating an application cryptogram for use in a payment transaction, said method comprising: receiving, by a receiving device of the processing server, from a computing device, a session key request including a single use key and the account identifier, wherein the single use key is a payment token that is specifically associated with a transaction account;
generating, by the processing server, a session key based on the received single use key and an account identification number included in an account profile;
Claim 1: generating, by a generation module of the processing server, a session key based on at least the received single use key and the account identification number included in the account profile;
encrypting, by the processing server, the generated session key using a server encryption key;
Claim 1: encrypting, by an encryption module of the processing server, the generated session key using a server encryption key; and
transmitting, by the processing server, the encrypted session key and the server encryption key to the computing device; and
Claim 1: electronically transmitting, by a transmitting device of the processing server, at least the encrypted session key and the server encryption key to the computing device
generating, by the computing device, an application cryptogram without requiring input of a personal identification number (PIN).
the computing device where the application cryptogram is generated without requiring input of a personal identification number (PIN).
Claims 2, 7
‘233 Patent
receiving, by the processing server, a transaction message related to a payment transaction, wherein the transaction message includes at least a first application cryptogram;
Claim 2: receiving, by the receiving device of the processing server, a transaction message related to a payment transaction, wherein the transaction message includes at least a first application cryptogram;
generating, by the processing server, a second application cryptogram based on the generated session key; and
Claim 2: generating, by the generation module of the processing server, a second application cryptogram based on the generated session key; and
verifying, by the processing server, equivalence of the first application cryptogram and the second application cryptogram.
Claim 2: verifying, by a verification module of the processing server, equivalence of the first application cryptogram and the second application cryptogram.
Claims 3, 8
‘233 Patent
transmitting, by the processing server, a result of the verification to a financial institution associated with the transaction account for use in authorization of the related payment transaction.
Claim 3: electronically transmitting, by the transmitting device of the processing server, a result of the verification to a financial institution associated with the transaction account for use in authorization of the related payment transaction.
Claims 4, 9
‘233 Patent
receiving, by the processing server, an integrity check value from the computing device; and
Claim 4: receiving, by the receiving device of the processing server, an integrity check value from the computing device; and
verifying, by the processing server, device integrity of the computing device based on the received integrity check value.
Claim 4: verifying, by a verification module of the processing server, device integrity of the computing device based on the received integrity check value.
Claims 5, 10
‘233 Patent
wherein verification of the device integrity is performed prior to transmission of the encrypted session key and server encryption key to the computing device.
Claim 5: wherein verification of the device integrity is performed prior to transmission of the encrypted session key and server encryption key to the computing device.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: “receiving device”, “processing device” and “transmitting device” in claims 6-10.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S. Patent Pub. No. 2015/0088674 discloses systems and methods for facilitating payment transactions using quick-response (QR) codes are provided. A first machine readable code encoding first data generated by an access device is scanned by a communication device. The communication device generates a cryptogram based on the first data encoded within the first machine readable code. The communication device then obtains financial credentials data from a payment application being executed on the communication device. A second machine readable code encoding second data comprising the financial credentials data and the cryptogram is then generated. The second machine readable code is displayed on a display of the communication device, wherein the second machine readable code is scanned by the access device.
U.S. Patent Pub. No. 2015/0019443 discloses methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor. The transaction processor decrypts the re-encrypted payment information using a transaction processor private key and initiates a payment transaction.
U.S. Patent Pub. No. 2013/0227286 discloses a method of sending a secure encrypted communication between a first source computer and a second destination computer involves providing the source and destination computers each with an identical copy of a unique pre-distributed symmetric key and a first valid offset. The destination computer sends the source computer a random, previously unused token of variable length from the pre-distributed key beginning at the destination computer's last valid offset. The source computer generates the corresponding token from its last valid offset for the corresponding key in respect of the destination computer. If the source authenticates the destination computer, the source and destination computers update their offsets independently and a communication is sent encrypted by the pre-distributed key.
U.S. Patent Pub. No. 2009/0106551 discloses a distributed key encryption system and method is provided in which a key storage server provides a session key to the source and destination computers by encrypting the session key with unique distributed private keys that are associated with the respective source and destination computers by unique private key identifiers The destination computer then decrypts the encrypted session key using it's distributed private key and then decrypts the communication using the decrypted session key.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NILESH B KHATRI whose telephone number is (571)270-7083. The examiner can normally be reached 8:30 AM - 5:30 PM Monday-Friday, alternating Fridays off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NILESH B KHATRI/Primary Examiner, Art Unit 3699