DETAILED ACTION
Status of Application
This action is a Non-Final Rejection. This action is in response to the request for continued examination filed on March 19, 2026.
Claims 3, 10, and 17 have been canceled.
Claims 1, 5, 8, 12, 14, 15, and 20 have been amended.
Claims 1, 2, 4-9, 11-16, and 18-23 are pending and rejected.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on April 20, 2026 has been considered by the examiner.
Response to Arguments
Regarding the rejection under 35 U.S.C. 101, Applicant argues that “the claims recite elements that are integrated into a practical application because the claimed invention improves relevant, existing technology.” Remarks at 9. Applicant asserts that “the claims in this case improve security with a specific technique that departs from earlier approaches to solve a specific computer problem.” Id. at 9-10. In support of this argument, Applicant points to limitations of claim 1 and asserts that “this specific and ordered technique can provide for enhanced security and prevent fraud while securely and efficiently storing and retrieving data. Id. at 10. However, Applicant has not shown that there is an improvement to technology. For example, existing technology is being used to allegedly improve the business process of transaction security. The technology that is being used has not been improved or invented by Applicant. Therefore, the rejection is maintained.
Regarding Applicant’s arguments with respect to the rejection under 35 U.S.C. 103, the arguments are moot because the rejection has been withdrawn. The rejection is withdrawn in light of Applicant’s amendments and remarks regarding the differences between the claims and the prior art. Although the claims recite limitations that are known in the art, the combination of claim limitations is not obvious in light of the prior art.
Claim Rejections - 35 USC § 101
35 U.S.C. § 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 2, 4-9, 11-16, and 18-23 are rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter because the claimed invention is directed to an abstract idea without significantly more.
Step 1: Does the Claim Fall within a Statutory Category? (see MPEP 2106.03)
Yes, with respect to claims 1, 2, 4-7, and 21, which recite a method and, therefore, are directed to the statutory class of process.
Yes, with respect to claims 8, 9, 11-14, and 22, which recite a non-transitory computer readable medium and, therefore, are directed to the statutory class of manufacture.
Yes, with respect to claims 15, 16, 18-20, and 23, which recite a server device which comprises a processor and, therefore, are directed to the statutory class of machine or manufacture.
Step 2A, Prong One: Is a Judicial Exception Recited? (see MPEP 2106.04(a))
The following claims (Claims 1, 2, 4-7, and 21 are representative) identify the limitations that recite the abstract idea in regular text and that recite additional elements in bold:
1. A method comprising:
receiving, by a processor executing on a server and via a short-range communication antenna of a mobile device, encrypted data from a contactless card;
successfully decrypting, by the processor, the encrypted data;
authenticating, by the processor, the contactless card in response to successfully decrypting the encrypted data;
receiving, by the processor and via the mobile device, first biometric data;
storing, by the processor, the first biometric data in a biometric profile of a customer account associated with the contactless card;
receiving, by the processor, a request to authorize a digital transaction in connection with the customer account from a merchant website;
identifying, by the processor, the mobile device and the biometric profile as being associated with the customer account;
transmitting, by the processor, a solicitation message to the mobile device in response to receiving the request to authorize the digital transaction and identifying the mobile device as being associated with the customer account;
receiving, by the processor and from the mobile device, second biometric data in response to the solicitation message;
comparing, by the processor, the second biometric data with the biometric profile in response to receiving the second biometric data and identifying the biometric profile as being associated with the customer account;
transmitting an authorization message from the processor to the merchant website when the second biometric data matches the biometric profile; and
transmitting a denial message from the processor to the merchant website when the second biometric data fails to match the biometric profile.
2. The method of claim 1 further comprising:
transmitting the solicitation message to the mobile device when the digital transaction satisfies at least one predetermined risk factor.
4. The method of claim 1 wherein the solicitation message includes a link to a website for verifying transaction details of the digital transaction or activating a user input device of the mobile device for receiving the second biometric data.
5. The method of claim 1 wherein the biometric profile is stored on the server.
6. The method of claim 5 further comprising:
receiving the second biometric data via a biometric profile identification field of an application program interface hosted by the server.
7. The method of claim 1 wherein successfully decrypting the encrypted data and authenticating the contactless card include:
identifying the customer account associated with the contactless card;
decrypting protected data in the encrypted data;
comparing the protected data to record data stored in a data profile of the customer account; and
authenticating the contactless card when the protected data matches the data profile.
21. The method of claim 1 wherein the first biometric data, the biometric profile, and the second biometric data are unshared with the merchant website.
Yes. But for the recited additional elements as shown above in bold, the remaining limitations of the claims recite certain methods of organizing human activity. The claims are directed to transaction authorization. This type of method of organizing human activity is a fundamental economic practice because it includes the processing of a payment and a commercial interaction such as sales activities or behaviors and business relations. Thus, the claims recite an abstract idea.
Step 2A, Prong Two: Is the Abstract Idea Integrated into a Practical Application? (see MPEP 2106.04(d))
No. The claims as a whole merely use a computer as a tool to perform the abstract idea. The computing components (i.e., additional elements that are in bold above) are recited at a high level of generality and are merely invoked as a tool to implement the steps. For example, only a programmed general purpose computing device and an existing mobile device are needed to implement the claimed process. Simply implementing the abstract idea on a generic computer is not a practical application of the abstract idea. Additionally, there is no improvement to the functioning of a computer or technology. Therefore, the abstract idea is not integrated into a practical application.
Step 2B: Does the Claim Provide an Inventive Concept? (see MPEP 2106.05)
No. As discussed with respect to Step 2A, Prong 2, the additional elements in the claims, both individually and in combination, amount to no more than tools to perform the abstract idea. Merely performing the abstract idea using a computer cannot provide an inventive concept. Therefore, the claims do not provide an inventive concept.
As such, the claims are not patent eligible.
Relevant Prior Art
The following references are relevant to Applicant’s invention:
Capurso et al., U.S. Patent Application Publication Number 2021/0192494 A1. This reference teaches secure authentication based on data stored on a contactless card.
Lal et al., U.S. Patent Application Publication Number 2025/0053984 A1. This reference teaches enabling a payment based on biometric input.
Email Communications
Per MPEP 502.03, Applicant may authorize email communications by filing Form PTO/SB/439, available at https://www.uspto.gov/sites/default/files/documents/sb0439.pdf, via the USPTO patent electronic filing system.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELIZABETH H ROSEN whose telephone number is (571) 270-1850 and email address is elizabeth.rosen@uspto.gov. The examiner can normally be reached Monday - Friday, 10 AM ET - 7 PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Anderson, can be reached at 571-270-0508. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ELIZABETH H ROSEN/Primary Examiner, 3693
Prosecution Insights