DETAILED ACTION
Continued Examination Under 37 CFR 1.114
1. A request for continued examination (“RCE”) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/15/2025 has been entered.
Acknowledgements
This Office Action is in response to Applicant’s response/application filed on 12/15/2025.
The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 1, 10, 11, 19, 20 have been amended.
Claims 4, 13 have been canceled.
Claims 21 and 22 have been added.
Claims 1-3, 5-12, 14-22 are currently pending and have been examined.
Claim Rejections - 35 USC § 112(b)
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-3, 5-12, 14-22 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1, 10, and 19 include limitations “sending, from the banking device via the proximity-based communication protocol, the passkey to the mobile device of the customer”, and “wherein the passkey is provided from the mobile device…”. It’s unclear whether the passkey is provided to the mobile device or the passkey is provided from the mobile device. For examination purposes, the Examiner interprets the passkey is provided from the banking device to the mobile device.
The dependent claims are rejected since they inherit this deficiency.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
As per claims 1-3, 5-6, 8-12, 14-15, 17-22, the claimed invention is directed to an abstract idea without significantly more because:
• Claim 1 recites:
initiating an authentication of a customer at a banking device based on a mobile device of the customer being physically proximate to the banking device;
receiving, from the mobile device via a proximity-based communication protocol, information tied to the mobile device of the customer;
determining, at the banking device, that the customer is a registered mobile app user, based on verification of the received information tied to the mobile device with user information stored at a [bank] remote banking server;
receiving, from the [bank] remote banking server in response to determining that the customer is the registered mobile app user, a passkey paired to an account of the customer and paired to a mobile device of the customer; and
sending, from the banking device via the proximity-based communication protocol, the passkey to the mobile device of the customer,
wherein the passkey is a device-specific credential that is registered to the mobile device, and wherein the passkey is provided to the mobile device for additional proof of identity of the customer, in connection with access to or use of the account.
Under Step 1 of the Section 101 analysis, the claim(s) is/are directed to a method, a system, and a manufacture, which are statutory categories of invention.
Under Step 2A Prong One of the 2019 Revised Patent Subject Matter Eligiblity Guidance, the claimed invention as drafted includes language (see underlined language above) that recites an abstract idea of retrieving and sending a passkey to a customer if the customer is registered (a certain method of organizing human activity such as a commercial or legal interactions) but for the recitation of additional claim elements. Claims 10 and 19 recite similar abstract idea. That is, other than reciting “banking device”, “banking server”, “mobile device”, “processing circuitry”, “non-transitory machine-readable medium”, “proximity-based communication protocol”, “network”, nothing in the claim precludes the language from being considered as performed by a person.
Under Step 2A Prong Two of the 2019 Revised Patent Subject Matter Eligiblity Guidance, the additional claim element(s), considered individually, do not apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception and in a manner that integrates the exception into a practical application of the exception. The additional claim elements(s) merely add the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea. For example, the additional elements of “banking device”, “banking server”, “mobile device”, “processing circuitry”, “non-transitory machine-readable medium”, “network”, merely use a generic computer device and/or generic computer components as a tool to perform an abstract idea. Furthermore, the additional claim elements(s) such as “proximity-based communication protocol”, generally link the use of the judicial exception to a particular technological environment or field of use of near-field communication.
Under Step 2A Prong Two, the additional claim element(s), considered in combination, do not apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception and in a manner that integrates the exception into a practical application of the exception. The combination of elements is no more than the sum of their parts. Unlike the eligible claims in Diehr and Bascom, in which the elements limiting the exception taken together improve a technical field, the instant claim lacks an improvement to the functioning of a computer or to any other technology or technical field.
Under Step 2B, the additional claim element(s), considered individually and in combination, do not provide meaningful limitation(s) to transform the abstract idea into a patent eligible application of the abstract idea such that the claim(s) amounts to significantly more than the abstract idea itself for similar reasons outlined under Step 2A Prong Two.
A similar analysis can be applied to dependent claims 4, 5, 6, 8, 13, 14, 15, 17, 22 which further recite the abstract idea without extra additional elements.
A similar analysis can be applied to dependent claims 2, 3, 9, 11, 12, 18, 20, 21 which include additional claim elements that merely add the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea. For example, the additional claim elements(s) such as “near-field communication”, “Bluetooth technologies”, “radio frequency identification technology”, and “ultrawide band technologies” generally link the use of the judicial exception to a particular technological environment or field of use of wireless communication.
Therefore, claims 1-3, 5-6, 8-12, 14-15, 17-22 are rejected under 35 U.S.C. §101.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1, 2, 5, 6, 9, 10, 11, 14, 15, 18, 19, 20, 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Osborn (US 20250173705), in view of Murmfeld (US 20210049583), further in view of Kaladgi (US 20190303928).
Regarding claim(s) 1, 10, 19, Osborn discloses:
receiving, via the network from the remote banking server, in response to determining that the customer is a registered user, a passkey paired to an account of the customer and paired to a wallet of the customer; and sending, from the banking device via a proximity-based communication protocol, the passkey to the mobile device of the customer. (By disclosing, “As another nonlimiting example, the authentication credential can be associated with an account number, routing number, customer identification number, password, PIN number, or some other datum associated with a specific financial or banking account.” ([0097]); “Having validated the credential, the server in action 735 can retrieve the encrypted private key, encrypted public key, and KEK that were previously provisioned to the user.” ([0100]); “Next, in action 740 the server can transmit the encrypted private key, encrypted public key, and KEK to the ATM…. Having received the keys, the ATM in action 745 can transmit the encrypted private key, encrypted public key, and KEK to the user device.” ([0101]-[0102]); and “The private key can be used to access the crypto wallet.” ([0067])).
Osborn does not disclose:
initiating an authentication of a customer at a banking device based on a mobile device of the customer being physically proximate to the banking device;
receiving, from the mobile device via a proximity-based communication protocol, information tied to the mobile device of the customer;
determining, at the banking device, that the customer is a registered mobile app user, based on verification of the received information tied to the mobile device with user information stored at a remote banking server;
wherein the passkey is a device-specific credential that is registered to the mobile device, and wherein the passkey is provided to the mobile device for additional proof of identity of the customer, in connection with access to or use of the account.
However, Wurmfeld teaches:
initiating an authentication of a customer at a banking device based on a mobile device of the customer being physically proximate to the banking device (By disclosing, “The ATM 130 may detect the user device 120 in its immediate proximity. The user device 120 may then connect to the ATM 130 in order to initiate, conduct, or complete a financial transaction.” ([0039] of Wurmfeld); and “At step 602, the user device 120 may authenticate via the authentication system access to a customer account via a mobile application on the device. For example, the user device 120 may authenticate the user 160 to access a financial account of the user 160 stored on the financial service provider device 140 by communicating via the application 260 with the financial service provider device 140.” ([0084] of Wurmfeld));
receiving, from the mobile device via a proximity-based communication protocol, information tied to the mobile device of the customer (By disclosing, “At step 610, the user device 120 may send to the ATM 130 via the first communications means identifying information of a user who is using the user device 120. The user 160 may log into the financial service provider device 140 via the application 260 on the user device 120 to retrieve the identifying information and send the identifying information to the ATM 130” ([0090] of Wurmfeld));
determining, at the banking device, that the customer is a registered mobile app user, based on verification of the received information tied to the mobile device with user information stored at a remote banking server ([0091]-[0092], [0077]-[0079] of Wurmfeld).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the invention of Osborn in view of Wurmfeld to include techniques of initiating an authentication of a customer at a banking device based on a mobile device of the customer being physically proximate to the banking device; receiving, from the mobile device via a proximity-based communication protocol, information tied to the mobile device of the customer; and determining, at the banking device, that the customer is a registered mobile app user, based on verification of the received information tied to the mobile device with user information stored at a remote banking server. Doing so would result in an improved invention because this would leverage the advantages of using near-field communication (e.g., enhanced security, speed and efficiency, etc.).
And Kaladgi teaches
wherein the passkey is a device-specific credential that is registered to the mobile device, and wherein the passkey is provided to the mobile device for additional proof of identity of the customer, in connection with access to or use of the account. (By disclosing, “The public/private key pair may be unique to the user device 104 and the account of the user 102” ([0023] of Kaladgi); and “ A private key may be stored on a user device and a public key may be stored on a server device. The private key on the user device may be accessed through biometric verification and used to authenticate the user at a later time.” ([0002] of Kaladgi)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the invention of Osborn and Wurmfeld, in view of Kaladgi to include techniques of “wherein the passkey is a device-specific credential that is registered to the mobile device, and wherein the passkey is provided to the mobile device for additional proof of identity of the customer, in connection with access to or use of the account”. Doing so would result in an improved invention because this would allow the system to identify/authenticate the user/user device based on the passkey.
Additionally, regarding claim 10, Osborn discloses:
at least one non-transitory machine-readable medium including instructions ([0007]).
Additionally, regarding claim 19, Osborn discloses:
a banking server configured to: store a passkey and a corresponding public key; and store a list of registered mobile app users ([0093], [0040]).
Regarding claim(s) 2, Osborn discloses:
wherein the proximity-based communication protocol is a near-field communication (NFC) protocol. ([0095]-[0097]).
Regarding claim(s) 5, 14, and 22, Osborn discloses:
wherein the passkey is configured to be used in a stepped-up authentication for a login to the account or a transaction using the account ([0114]-[0118])).
Regarding claim(s) 6, 15, Osborn does not disclose, but Kaladgi teaches:
wherein the passkey conforms with a FIDO (Fast IDentity Online) authentication specification (By disclosing, “the public/private key pair are generated according to the Fast ID Online (FIDO) protocol” ([0023] of Kaladgi)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Osborn and Wurmfeld, in view of Kaladgi to include techniques of wherein the passkey conforms with a FIDO (Fast IDentity Online) authentication specification. Doing so would result in an improved invention because this would leverage the advantages of using FIDO protocol (e.g. simplifying user experience, reducing costs for business, enhancing security, etc.).
Regarding claim(s) 9, 18, Osborn discloses:
wherein the proximity-based communication protocol includes at least one of Bluetooth technologies, radio frequency identification (RFID) technologies, or ultrawide band technologies. ([0095]-[0097]).
Regarding claim(s) 11, 20, Osborn discloses:
wherein the proximity-based communication protocol includes at least one of Bluetooth technologies, radio frequency identification (RFID) technologies, ultrawide band technologies, or a near-field communication (NFC) protocol. ([0095]-[0097]).
Claim(s) 3, 12, and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Osborn (US 20250173705), in view of Murmfeld (US 20210049583), further in view of Kaladgi (US 20190303928), and Hou (CN 101807319 A).
Regarding claim(s) 3, 12, and 21 Osborn does not disclose, but Hou teaches:
wherein sending the passkey to the mobile device occurs in response to determining that the mobile device has tapped the banking device (By disclosing, a user taps the ATM to input user’s phone number, and the ATM sends a passcode to the user’s mobile device in response to detecting the tapped phone number ([0066] of Hou)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Osborn, Wurmfeld and Kaladgi, in view of Hou to include techniques of wherein sending the passkey to the mobile device occurs in response to determining that the mobile device has tapped the banking device. Doing so would result in an improved invention because this would allow the user obtain the passcode at an automatic teller machine.
Claim(s) 7, 8, 16, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Osborn (US 20250173705), in view of Murmfeld (US 20210049583), further in view of Kaladgi (US 20190303928), Androulaki (US 20220150073), and Arora (US 20190340584).
Regarding claim(s) 7, 16, Osborn does not disclose, but Androulaki teaches:
receiving, at the banking device, an indication from the mobile device corresponding to a transaction, the indication including the passkey; authenticating the passkey with a public key stored at a banking server; (By disclosing, “To use the signed certificate, the user may provide the machine-readable code to a verification entity (e.g., an employer, a stadium, an airline, an agency, etc.). …. The verification entity may transmit the identifier of the issuer to the blockchain which stores a registry of keys. In response, the blockchain may look-up the corresponding public key of the issuer based on the identifier of the issuer and provide the verifier with the public key. Thus, the verification entity can verify the digital signature (made with the issuer's private key) based on the issuer's public key retrieved from the blockchain.” ([0033], [0031] of Androulaki)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the invention of Osborn, Wurmfeld and Kaladgi, in view of Androulaki to include techniques of receiving, at the banking device, an indication from the mobile device corresponding to a transaction, the indication including the passkey; authenticating the passkey with a public key stored at a banking server. Doing so would result in an improved invention because this would leverage the advantages of using private/public key pair authentication (e.g. improved security, etc.).
And Arora teaches:
outputting, for display on the banking device, approval for the transaction in response to authenticating the passkey (By disclosing, “The display device 208 may be configured to, for example, display messages indicating successful or unsuccessful approval of use of the check 106 based on the validations discussed herein.” ([0036] of Arora)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the invention of Osborn, Wurmfeld, Kaladgi, and Androulaki, in view of Arora to include techniques of outputting, for display on the banking device, approval for the transaction in response to authenticating the passkey. Doing so would result in an improved invention because this would allow the user to acknowledge the result of the authentication from the bank.
Regarding claim(s) 8, 17, Osborn does not disclose, but Arora teaches:
wherein the transaction includes at least one of sending a wire transfer, opening a new account, or cashing a check ([0021] of Arora).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the invention of Osborn, Wurmfeld, Kaladgi, and Androulaki, in view of Arora to include techniques of wherein the transaction includes at least one of sending a wire transfer, opening a new account, or cashing a check. Doing so would result in an improved invention because this would allow the user to use a check to pay for a transaction.
Response to Arguments
Applicant’s arguments with regard to the 35 U.S.C. § 101 rejection have been considered but are not persuasive.
The Applicant argues that the claims are directed to patent-eligible subject matter because “The claims recite a specific sequence involving a mobile device, banking device, banking server, and the receipt and transmission of specific data with these devices to provide improved authentication and security and improved operation in the technical field in which these devices are used. This qualifies as a technical solution to a known technical problem (insufficient security) in the technical field of mobile device networks, which uses the recited mobile devices, networks, and computer systems.”
The Examiner, respectfully disagrees. The Examiner notes that:
the functions recited in the claim such as “initiating…”, “receiving…”, “determining…”, “receiving…”, and “sending…” are generic computer functions that can be performed by generic computers;
the functions recited in the claim such as “initiating…”, “receiving…”, “determining…”, “receiving…”, and “sending…” can also performed manually without any additional elements; and
even if the functions recited in the claim such as “initiating…”, “receiving…”, “determining…”, “receiving…”, and “sending…” are performed by generic computers and/or generic computer components, generic computers and/or generic computer components are used as a tool to perform the functions. The use of generic computers and/or generic computer components as a tool to implement the functions does not integrate the abstract idea into a practical application because it requires no more than a computer and/or network performing functions that correspond to acts required to carry out the abstract idea.
Applicant’s arguments with regard to the 35 U.S.C. § 103 rejection have been considered but are moot in view of new grounds of rejection initiated by applicant’s amendment to the claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20170330179 to Song for disclosing:
A method for issuing authentication information is provided. The method includes steps of: (a) a managing server, if identification information of a specific user is acquired from a user device in response to a request for issuing the authentication information and the identification information is determined to be registered, creating a transaction whose output includes: (i) the specific user's public key and (ii) a hash value of the identification information or its processed value to thereby record or support other device to record it on a blockchain; and (b) the managing server acquiring a transaction ID representing location information of the transaction recorded on the blockchain.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUAN ZHANG whose telephone number is (571)272-4642. The examiner can normally be reached Mon - Fri 10 AM-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at 571-270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DUAN ZHANG/Primary Examiner, Art Unit 3699