Prosecution Insights
Last updated: July 17, 2026
Application No. 18/430,727

SYSTEMS AND METHODS FOR NEAR FIELD CONTACTLESS CARD COMMUNICATION AND CRYPTOGRAPHIC AUTHENTICATION

Non-Final OA §103
Filed
Feb 02, 2024
Priority
Jan 28, 2021 — continuation of 11/562,358 +1 more
Examiner
IDIAKE, VINCENT I
Art Unit
3698
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Capital One Services LLC
OA Round
4 (Non-Final)
71%
Grant Probability
Favorable
4-5
OA Rounds
4m
Est. Remaining
92%
With Interview

Examiner Intelligence

Grants 71% — above average
71%
Career Allowance Rate
115 granted / 161 resolved
+19.4% vs TC avg
Strong +20% interview lift
Without
With
+20.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
16 currently pending
Career history
189
Total Applications
across all art units

Statute-Specific Performance

§101
5.1%
-34.9% vs TC avg
§103
75.1%
+35.1% vs TC avg
§102
5.7%
-34.3% vs TC avg
§112
8.2%
-31.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 161 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED CORRESPONDENCE Acknowledgements The Amendment of claims 2, 12 and 17, filed on 01/29/2026 is acknowledged. Claims 2-6 and 8-22 was pending, and are hereby examined. Examiner’s Comment The independent claims 2, 12 and 17 limitation step of “performing…” has been amended to include previous limitation “…wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device;” Examiner is introducing a new prior art Chiori Naito (JP 2004355256 A) to teach this limitation. And because the prior art rejection constitutes a new ground of rejection. This communication is a Non-Final Office Action rejection on the merits, as per MPEP 1207.03(a). Claims 2-6 and 8-22 are currently pending and have been addressed below. Examiner’s Response to Amendment/Remarks Double Patenting Rejection The Double Patenting rejection on this application is still outstanding as applicant has requested for the rejection be held in abeyance until all other objections and rejections are withdrawn. Notwithstanding applicant’s remarks, the rejection has been maintained. 35 USC § 103 Applicant’s response and remarks/comments filed 01/29/2026 is acknowledged. Claims 2, 12 and 17 have been amended to include a new limitation “receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram;” and also amended the performing step to recite “ performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device; Examiner has already addressed this elements by declaring that the data set comprising an identifier and a method of entry, being non-functional descriptive material, as disclosed in the office action mailed out on 10/29/2025, therefore, the argument presented from the response filed on 01/29/2026 is not persuasive. In page 10-12 of the response, [Applicant submits that Davis, UHR, and Chew do not teach or suggest all features of claims 2-6 and 8-22. For example, Applicant submits that Davis, UHR and Chew, either taken alone or in combination thereof, do not teach or suggest at least "receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram... performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device," as recited by the amended claim 2. In the rejection of claim 2, the Non-Final Office Action concedes that the combination of Davis and UHR does not teach or suggest performing a second factor authentication comprising verifying a data set. However, the Non-Final Office Action asserts that Chew describes perform a second factor authentication comprising verifying a data set. Non-Final Office Action, page 11. Applicant respectfully disagrees. The Non-Final Office Action mapped the claimed data set to the second authentication data of Chew that includes the identifier of the secure processor, the application identifier, and a second cryptogram calculated by the application server by applying a cryptographic calculation using a secret key specific to the application to the application identifier. See Non-Final Office Action, page 11. However, the data set of Chew does not comprise "an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device [that is used in the first factor authentication]" as recited in the amended claim 2. As such, Applicant submits that Chew does not cure the deficiencies of Davis and UHR. The Non-Final Office Action further asserts that the claimed data set is directed to non-functional descriptive material and does not serve to differentiate the claims from the prior art. Non-Final Office Action, page 12. Applicant respectfully disagrees. Applicant submits that each and every claim limitation should be examined and here, the specific content of the claimed data set matters and differentiates the claims from the prior art. Applicant further submits that "the method of entry of the contactless card into the communication field of the intermediary device," as recited by claim 2… For at least these reasons, Applicant submits that Davis, UHR and Chew do not teach or suggest all features of claim 2. Accordingly, Applicant respectfully requests that the rejection of claim 2 be withdrawn. Applicant further respectfully requests that the rejection of claims 12 and 17 also be withdrawn…] Examiner respectfully disagrees with this characterization and assertions quoted above. UHR teaches the newly added limitation receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram in {see at least claim 9}. And “performing a second factor authentication comprising verifying a data set…” in Chew ¶¶ 0026-0029, And a new prior Chiori Naito (JP 2004355256 A) teaches “…wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device” in ¶ 0028 “…The R/W unit 132 performs transmission/reception of data between the contactless card and the antenna 131, that is, a demodulation of radio waves and a read/write process for the contactless card. Specifically, the R/W unit 132 transmits the contactless card entry information from the control unit 121 from the antenna 131, and receives from the antenna 131 a signal indicating that the entry information has been normally written…”, ¶ 0033 “Specifically, the R/W unit 542 reads the entry information of the non-contact IC card, the card ID, and the like through the antenna 541 and sends the information to the control unit 531, and transmits the information of the toll collection processing from the control unit 531 to the antenna 541”. As regards the amended limitation “performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device;” Chew disclose “performing a second factor authentication comprising verifying a data set…” {¶¶ 0026-0029}. Although, Chew teaches that the data set comprise an identifier, but fail to expressly disclose that the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device. However, information contained in the data set are non-functional descriptive material and are not functionally involved in the steps recited. The performing, receiving, decrypting, verifying and performing steps would be performed the same regardless of the descriptive material since none of the steps explicitly interact therewith. Limitations that are not functionally interrelated with the useful acts, structure, or properties of the claimed invention carry little or no patentable weight. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Ngai, 70 USPQ2d 1862 (CAFC 2004); In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). Double Patenting The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 2, 12, and 17 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 21, 30, and 37 of U.S. Patent No. 11/922,417 (Jeffrey Rule), respectively. The claims at issue are not patentably distinct from each other as shown in bold in the table below, using claim 12 (method) as illustrative of claims 2 (computer readable non-transitory medium) and 17 (authentication server) in both this application and against the reference patent. Patent. No 11/922,417 Present Application: 18/430,727 Examiner’s Notes 21, 30, and 37. A method for secure data communication, comprising: receiving, by a server, a cryptogram, the cryptogram comprising user identification information; performing, by the server, a first factor authentication, wherein the first factor authentication comprises: decrypting the cryptogram, and verifying by the server, the user identification information; transmitting, by the server in response to a successful first factor authentication, a first message to an application executing on a device; receiving, by the server, a data set from the application; performing, by the server, a second factor authentication comprising verifying the data set; and generating, by the server, a second message indicative of a two-factor authentication. 2, 12, and 17. A method performed by an authentication server comprising a processor and a memory, the method comprising: …Moved up for mapping… receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram, performing a first factor authentication, wherein the first factor authentication comprises: decrypting an encrypted cryptogram to yield user identification information, and verifying the user identification information; performing a second factor authentication comprising verifying a data set wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device; generating an authentication message indicative of a two-factor authentication, This preamble is essentially the same, as this is a method of performing a user authentication This limitation is essentially the same This limitation is the same This limitation is essentially the same This limitation is essentially the same, as the server is performing and verifying a data set, and what the data set comprises is a mere non-functional descriptive data. This limitation is the same Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 3 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 2-6 and 8-22 are rejected under 35 U.S.C. 103 as being unpatentable over Davis et al., (US Pat. 6105008 A) in view of UHR Joon Sun (KR 20210112264 A) – a Korean NPL document, and further in view of Chew et al., (US 20120011572 A1) and Chiori Jun-sun (JP 2004355256 A) – a Japanese NPL document. With respect to claims 2, 12 and 17, Davis teaches a method, a computer readable non-transitory medium and an authentication server {e.g., authentication server 206”, col 23:6-17}, comprising: a processor {Fig. 19 item 902}; and a memory {Fig. 19 item 904, 906, 908, 914}, wherein the authentication server configured to: perform a first factor authentication, wherein the first factor authentication {see at least col 21:53-col 22:6 “…This card number is transmitted to the Web server as part of the card signature, or in a similar fashion. Thus, an authenticated card used in this embodiment to redeem services may be matched to the appropriate consumer… The present invention then operates to authenticate the consumer's stored-value loyalty application on the card, and delivers a confirmation of authentication message to the Web server for the airline… In this instance, an authentication application is used to validate the presence of the card or to obtain access to the Web server site”}. Davis does not explicitly disclose, receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram, decrypting the encrypted cryptogram to yield user identification information, and verifying the user identification information; performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device; generating an authentication message indicative of a two-factor authentication, and transmitting, to the intermediary device, the authentication message. However, UHR discloses receiving, from a contactless card via an intermediary device through a method of entry of the contactless card into a communication field of the intermediary device, an encrypted cryptogram {see at least claim 9 “…requesting the user to tag a user contactless card for payment, and when the user contactless card is tagged, obtaining card identification information and encrypted card information [i.e. encrypted cryptogram] of the user contactless card through wireless communication with the user contactless card and transmitting the card identification information and the payer DID to a payment agent …”}. decrypting an encrypted cryptogram to yield user identification information, wherein the encrypted cryptogram is received from a contactless card via an intermediary device, and verify the user identification information {see at least claim 9 “A contactless card payment method based on a decentralized identifier (DID) of a blockchain network, comprising: (a) a step of a payer mobile terminal of a payment agent corresponding to a service server that has provided a service to a user requesting payment information for a service provided to the user from the service server, and when the payment information is obtained from the service server, providing the payment information to the user and requesting the user to tag a user contactless card for payment, and when the user contactless card is tagged, obtaining card identification information and encrypted card information of the user contactless card through wireless communication with the user contactless card, and transmitting the card identification information and the payer DID to a payment agent (VAN: value added network) server so as to cause the payment agent server to generate a signature verification value and transmit card information request information including the signature verification value to the payer mobile terminal; And(b) the payer mobile terminal generates an encrypted card information VC (verifiable credential) using the signature verification value, the card identification information, and the encrypted card information, and transmits the payer DID, the encrypted card information VC, and the payer signature value that signs the encrypted card information VC with a payer private key to the payment agency server, thereby causing the payment agency server to (i) obtain a payer public key from a blockchain network using the payer DID, or obtain the payer public key from the blockchain network using the payer DID through a resolver server, and verify the payer signature value and the encrypted card information VC using the payer public key, (ii) obtain decrypted card information using the encrypted card information obtained from the encrypted card information VC, and generate a decrypted card information VC using the decrypted card information, and transmit the payment agency server DID, the decrypted card information VC, and the decrypted card information VC to the payment agency server…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis to include the elements of UHR. One would have been motivated to do so, in order to use a contactless card transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram. UHR is merely relied upon to illustrate the functionality of using a contactless card for payment, in the same or similar context. Because both use of authentication server to verify a cryptogram, as well as using a contactless card for payment, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis, as well as UHR would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR. The combination of Davis and UHR does not explicitly disclose, performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device; generating an authentication message indicative of a two-factor authentication, and transmitting, to the intermediary device, the authentication message. However, Chew discloses perform a second factor authentication comprising verifying a data set […] { see at least ¶ 0021 “…the second authentication data includes the identifier of the secure processor, the application identifier, and a second cryptogram calculated by the application server by applying a cryptographic calculation using a secret key specific to the application to the application identifier”, and also ¶ 0022 “…the second cryptogram is calculated by applying the cryptographic calculation to the application identifier and to the first cryptogram”}, and generate an authentication message indicative of a two-factor authentication, and transmitting, to the intermediary device, the authentication message {see at least Fig. 7 ¶ 0054 “ At step S67, the server HSRV emits to the destination of server ASRV, an authentication response message AuthRep indicating the success or failure of the authentication, that is to say whether the received cryptograms ED1, ED2 are authentic, and whether the application having identifier APID is really linked to the identifier NID of device HD1 connected to the device POI. At step S68, the server ASRV tests the authentication response message and if the authentication was successful, it executes steps S69 and S70 where it executes the transaction corresponding to the application and it transmits, to the device POI, a transaction response message TTRep to the request transmitted at step S61. The server ASRV may thus be assured of the authenticity of identifiers NID and APID”}. Although Davis teaches the limitation “perform a first factor authentication, wherein the first factor authentication “ as disclosed above, additionally, Chew also discloses perform a first factor authentication, wherein the first factor authentication { see at least ¶ 0020 “…the first authentication data includes the identifier of the secure processor and a first cryptogram calculated by the secure processor by applying a cryptographic calculation using a secret key stored by the secure processor to the identifier of the secure processor”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR to include the elements of Chew. One would have been motivated to do so, in order to have a cryptographic calculation in securing cryptogram. Furthermore, Davis discloses use of authentication server to verify a cryptogram, and UHR discloses using a contactless card for payment. Chew is merely relied upon to illustrate the functionality of using cryptographic calculation to encrypt and decrypt the cryptogram, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment as well as using cryptographic calculation to encrypt and decrypt the cryptogram, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, as well as Chew would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew. The combination of Davis in view of UHR, and in view of Chew does not explicitly disclose “…wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device;” However, Chiori discloses “…wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device” {see at least ¶ 0028 “…The R/W unit 132 performs transmission/reception of data between the contactless card and the antenna 131, that is, a demodulation of radio waves and a read/write process for the contactless card. Specifically, the R/W unit 132 transmits the contactless card entry information from the control unit 121 from the antenna 131, and receives from the antenna 131 a signal indicating that the entry information has been normally written…”, ¶ 0033 “Specifically, the R/W unit 542 reads the entry information of the non-contact IC card, the card ID, and the like through the antenna 541 and sends the information to the control unit 531, and transmits the information of the toll collection processing from the control unit 531 to the antenna 541”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to the amended limitation “performing a second factor authentication comprising verifying a data set, wherein the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device;”. Chew disclose “performing a second factor authentication comprising verifying a data set…” {¶¶ 0026-0029}. Although, Chew teaches that the data set comprise an identifier, but fail to expressly disclose that the data set comprises an identifier associated with the data set and the method of entry of the contactless card into the communication field of the intermediary device. However, information contained in the data set are non-functional descriptive material and are not functionally involved in the steps recited. The performing, receiving, decrypting, verifying and performing steps would be performed the same regardless of the descriptive material since none of the steps explicitly interact therewith. Limitations that are not functionally interrelated with the useful acts, structure, or properties of the claimed invention carry little or no patentable weight. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Ngai, 70 USPQ2d 1862 (CAFC 2004); In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). With respect to claims 3 and 18, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 2 above. Furthermore, Chew discloses the procedures further comprising, after a successful first factor authentication and prior to verifying the data set: transmitting, to an application executing on the intermediary a device, a first factor message, and receiving, from the application, the data set { see at least Fig. 7 ¶ 0054 “…At step S68, the server ASRV tests the authentication response message and if the authentication was successful, it executes steps S69 and S70 where it executes the transaction corresponding to the application and it transmits, to the device POI, a transaction response message TTRep to the request transmitted at step S61. The server ASRV may thus be assured of the authenticity of identifiers NID and APID”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 4, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 2 above. Furthermore, Chew discloses wherein the data set comprises transaction data for one or more transactions { see at least ¶ 0054}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 5, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 3 above. Furthermore, Chew discloses, further comprising, after performing a successful second factor authentication, converting at least one of the one or more transactions from a first type of transaction to a second type of transaction {see at least ¶ 0022 “…the second cryptogram is calculated by applying the cryptographic calculation to the application identifier and to the first cryptogram”, see also ¶ 0054 “ED1 and ED2”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 6, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 5 above. Furthermore, Davis discloses, wherein: the first type of transaction comprises a card-not-present transaction, and the second type of transaction comprises a card-present transaction {see at least col 7:24-64 “…Stored-value card 5 may take a variety of forms and is useful in many situations where it is desirable to store monetary value on a card that a consumer may use. In general, a stored-value card is any card or similar device that is able to store a value that is decremented when the card is used… Further, the functionality of stored-value card 5 may be implemented in software on client terminal 204, that is, card 5 may be a "virtual" card…” see also col 13:15-40}. With respect to claim 8, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 2 above. Furthermore, Davis discloses, the procedures further comprising, prior to performing the second factor authentication: extracting metadata from the data set, wherein the second factor authentication is based on the metadata {see at least col 13:15-45}. . With respect to claim 9, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 2 above. Furthermore, Davis discloses, the procedures further comprising receiving, from an application executing on the intermediary device, the encrypted cryptogram {, “draw request”, see at least col 13:1-45}. With respect to claim 10, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 2 above. Furthermore, Davis discloses, wherein the data set comprises one or more sets of data associated with prior transactions conducted with the contactless card {see at least, col 13:1-45}. With respect to claim 11, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 7 above. Furthermore, Davis discloses, wherein the verifying of the data set comprises matching the data set with one or more reference sets of data associated with prior transactions conducted with the contactless card {see at least, col 13:1-45}. With respect to claims 13 and 19, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 11 above. Furthermore, UHR discloses, further comprising: receiving, from an application executing on the intermediary device, the encrypted cryptogram, wherein the encrypted cryptogram is retrieved via a read of the contactless card {see at least ¶ 0071 “That is, the mobile terminal 100 requests physical tagging of the contactless card from the user through the payment and settlement app (S9), and tags the contactless card 10 that the user wants to register to the mobile terminal 100, the mobile terminal ( The payment and settlement app of 100) obtains card information, for example, card identification information and encryption card information, from the contactless card 10 (S10), and also ¶ 0072 For example, when the user tags the contactless card 10 to the mobile terminal 100 in response to a tagging request from the mobile terminal 100 , the contactless card 10 performs wireless communication, for example, near field communication (NFC). The card identification information is transmitted to the mobile terminal 100 through After acquiring from PSAM (purchase secure application module) stored in or PSAM stored in SE (secure element) of the mobile terminal 100, it is transferred to the contactless card 10 in the NFC method and the first block from the contactless card 10 Acquire data…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 14, the combination of Davis, in view of UHR, in view of Chew, and in view of Bo, teaches all the subject matter as disclosed in claim 13 above. Furthermore, UHR discloses, wherein the retrieval of the encrypted cryptogram comprises a first near field communication (NFC) read of the contactless card by the device {see at least ¶ 0071 “That is, the mobile terminal 100 requests physical tagging of the contactless card from the user through the payment and settlement app (S9), and tags the contactless card 10 that the user wants to register to the mobile terminal 100, the mobile terminal ( The payment and settlement app of 100) obtains card information, for example, card identification information and encryption card information, from the contactless card 10 (S10), and also ¶ 0072 For example, when the user tags the contactless card 10 to the mobile terminal 100 in response to a tagging request from the mobile terminal 100 , the contactless card 10 performs wireless communication, for example, near field communication (NFC). The card identification information is transmitted to the mobile terminal 100 through After acquiring from PSAM (purchase secure application module) stored in or PSAM stored in SE (secure element) of the mobile terminal 100, it is transferred to the contactless card 10 in the NFC method and the first block from the contactless card 10 Acquire data…”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 15, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 13 above. Furthermore, UHR discloses, further comprising: receiving, from the application executing on the intermediary device, the data set, wherein the data set is retrieved via a read of the contactless card {see at least ¶ 0071 “That is, the mobile terminal 100 requests physical tagging of the contactless card from the user through the payment and settlement app (S9), and tags the contactless card 10 that the user wants to register to the mobile terminal 100, the mobile terminal ( The payment and settlement app of 100) obtains card information, for example, card identification information and encryption card information, from the contactless card 10 (S10)”}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 16, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 14 above. Furthermore, Chew discloses the retrieval of the data set comprises a second NFC read of the contactless card by the device {“ED1 and ED2”, see at least ¶¶ 0048, 0054, 0057}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 20 , the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 20 above. Furthermore, UHR discloses wherein the processor is further configured to, after performing a successful third factor authentication, convert a transaction from a first type of transaction to a second type of transaction {see at least ¶ 0071-0072}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 21, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 20 above. Furthermore, UHR discloses wherein: the first type of transaction comprises a card-not-present transaction, and the second type of transaction comprises a card-present transaction {see at least ¶ 0071-0072}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. With respect to claim 22, the combination of Davis, in view of UHR, in view of Chew, and in view of Chiori, teaches all the subject matter as disclosed in claim 17 above. Furthermore, Chew discloses wherein, wherein the processor is further configured to, after a successful first factor authentication and prior to verifying the data set: transmit, to an application executing on the intermediary device, a first factor message, and receive, from the application, the data set {see at least ¶¶ 0048, 0054, 0057}. Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, to modify Davis in view of UHR and in view of Chew to include the elements of Chiori. One would have been motivated to do so, in order to have a verified data set in a payment transaction. Furthermore, Davis discloses use of authentication server to verify a cryptogram, UHR discloses using a contactless card for payment, and Chew discloses using cryptographic calculation to encrypt and decrypt the cryptogram. Chiori is merely relied upon to illustrate the functionality of having a verified data set in a payment transaction, in the same or similar context. Because both use of authentication server to verify a cryptogram, and using a contactless card for payment, and using cryptographic calculation to encrypt and decrypt the cryptogram, as well as having a verified data set in a payment transaction, are implemented through well-known computer technologies in the same or similar context, combining their features as outlined above using such well-known computer technologies (i.e., conventional software/hardware configurations), would be reasonable, according to one of ordinary skill in the art. Moreover, since the elements disclosed by Davis in view of UHR, and in view of Chew, as well as Chiori, would function in the same manner in combination as they do in their separate embodiments, it would be reasonable to conclude that their resulting combination would be predictable. Accordingly, the claimed subject matter is obvious over Davis/UHR/Chew/Chiori. Conclusion The prior art made of record and not relied upon: 1) (US 20130290191 A1) – Dischamp et al., Method of Transferring Access Rights to a Service from One Device to Another - relates to transferring (or lending) a right to access a service, and it relates more particularly to transferring such rights from the device of a lender to the device of a borrower so that the borrower can access the service(s) in question. 2) (US 20140364058 A1) – Gary Chew, Method for Executing an Application in An NFC Device – relates to the installation and execution of a secure application in a portable device of the type of mobile phone or the like. 3) (US 20160036790 A1) – Shastry et al., System and Method for Identity Verification across Mobile Applications – directed to methods, apparatuses, computer readable media and systems for authenticating a user on a user device across multiple mobile applications. The identity of the user is validated by encoding and subsequently validating cryptographically encrypted data in a shared data store accessible by the mobile applications tied to the same entity. Any inquiry concerning this communication or earlier communications from the examiner should be directed to VINCENT IDIAKE whose telephone number is (571)272-1284. The examiner can normally be reached on Mon-Fri from 10:30AM to 7:30PM ET. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PATRICK MCATEE, can be reached at telephone number (571)272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated-interview-request-air-form /V.I./Examiner, Art Unit 3698 /PATRICK MCATEE/Supervisory Patent Examiner, Art Unit 3698
Read full office action

Prosecution Timeline

Show 6 earlier events
May 20, 2025
Final Rejection mailed — §103
Aug 20, 2025
Request for Continued Examination
Aug 21, 2025
Response after Non-Final Action
Oct 29, 2025
Non-Final Rejection mailed — §103
Nov 12, 2025
Applicant Interview (Telephonic)
Nov 12, 2025
Examiner Interview Summary
Jan 29, 2026
Response Filed
Jun 22, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675604
CONTROL TOWER FOR PROSPECTIVE TRANSACTIONS
1y 8m to grant Granted Jul 07, 2026
Patent 12646056
METHOD AND SYSTEM OF INTEGRATING BLOCKCHAIN TECHNOLOGY WITH EXISTING COMPUTER ARCHITECTURE
1y 9m to grant Granted Jun 02, 2026
Patent 12639712
System and Computer Implemented Method for Generating and Transmitting Tokenized Card Information
1y 6m to grant Granted May 26, 2026
Patent 12632858
CRYPTOGRAPHIC DIGITAL ASSET ARCHITECTURE WITH SELECTIVELY-LOCKABLE DYNAMIC EVOLUTION
2y 3m to grant Granted May 19, 2026
Patent 12561669
SYSTEMS AND METHODS FOR A TRANSACTION CARD HAVING A CRYPTOGRAPHIC KEY
1y 9m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

4-5
Expected OA Rounds
71%
Grant Probability
92%
With Interview (+20.3%)
2y 10m (~4m remaining)
Median Time to Grant
High
PTA Risk
Based on 161 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month