Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-20 are pending and rejection this action is a non-final office action.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 USC 101 because the claimed invention is directed to an abstract idea without significantly more.
Claims 1-10, 11-20 are directed to a method and device respectively, both are statutory classes of invention.
Claim 1 which is representative recites the limitations of;
receiving, by a … from a service provider …, transaction information including data related to a first transaction and account identifying data, the first transaction initiated with a resource provider via a …; wherein the account identifying data consists of a device identifier…. executing, by the …, an individual token application stored on the …, the individual token application being provided with the transaction information upon its execution; authenticating … through the individual token application a user… obtaining, by the …, a first token from the individual token application;
upon successful authentication of the user wherein the individual token application generates the first token at least in part on the device identifier ….
transmitting, by the …, the first token to the service provider computer via a first communication channel, wherein the service provider … completes the first transaction on behalf of the resource provider over a second communication channel different from the first communication channel using the first token without providing the first token to the resource provider, for a subsequent transaction: generating, by the …, a second token from the first token using a function based on the first token and a transaction counter, wherein the first token and the second token are substitute values for a primary account number identifying a same account of a user.
These limitations under the broadest reasonable interpretation cover performance of the limitation as certain methods of organizing human activity. Thus the claims recite a fundamental economic practice.
If a claim limitation under its broadest reasonable interpretation covers performance of the limitation as a fundamental economic practice then it falls within certain methods of organizing human activity grouping of abstract ideas. Accordingly the claim recites an abstract idea. The non-abstract elements include;
The non abstract elements include a mobile device, service provider computer, client device. Claims 5, 15 includes a remote server claim 8, 18 has a cellular network and claims 10,20 includes an SMS message.
Thus claims 1 and 10 are just applying generic computing components to the recited abstract limitations. The recitation of generic computer components in a claim does not necessarily preclude that claim from reciting an abstract idea.
Step 2A prong 1, yes the claims recite an abstract idea.
The judicial exception is not integrated into a practical application. In particular the claims recite the additional elements of a mobile device, service provider computer, client device. Claims 5, 15 includes a remote server claim 8, 18 has a cellular network and claims 10,20 includes an SMS message. The computer hardware/software is/are recited at a high level of generality. Ie a generic processor performing a generic computing function such that it amounts to no more than mere instructions to apply the exception using a generic computing component. Accordingly these additional elements, when considered separately and as an ordered combination do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea without a practical application. Step 2A prong 2 no. The additional claimed elements are not integrated into a practical application.
The claims do not include elements that are sufficient to significantly more than the judicial exception because when considered separately and as an ordered combination thy do not add significantly more known as inventive concept to the exception. As discussed above with respect to integration of the abstract idea into a practical application the additional element of using computer hardware amounts to no more than mere instructions to apply a generic computer component. Mere instructions to apply an exception using a generic computing component cannot provide an inventive concept.
Applicant specification 0032 contains various computing devices though none are specifically required.. Apply a computer as a tool is not indicative of significantly more.
Thus claims 1,10 are not patent eligible. Step 2B No.
Dependent claims 2-9 and 11-20 are rejected because they depend on claims 1 or 10 respectively and do not integrate the abstract idea into a practical application or are sufficient to amount to significantly more than the judicial exception when considered both individually and as an ordered combination. Therefor the dependent claims are directed to an abstract idea.
In summary claims 1-20 are not patent eligible.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-9,11-19 is/are rejected under 35 U.S.C. 102 (a1)
in view of US Patent Publication to Ortiz 2016/0019536
As per claim 1, Ortiz discloses;
receiving, by a mobile device from a service provider computer, transaction information including data related to a first transaction and account identifying data,
Ortiz(fig. 9. )
the first transaction initiated with a resource provider via a client device, wherein the account identifying data consists of a device identifier for the mobile device;
Ortiz (0172, device id for a cell phone)
executing, by the mobile device,
an individual token application stored on the mobile device,
Ortiz(0174 stored cryptogram or token)
the individual token application being provided with the transaction information upon its execution;
Ortiz(0174)
authenticating, by the mobile device, through the individual token application,
Ortiz(0180, an application running on the mobile device to use the token and make a purchase)
a user of the mobile device; obtaining, by the mobile device, a first token from the individual token application
Ortiz(0180, an application running on the mobile device to use the token and make a purchase)
upon successful authentication of the user,
wherein the individual token application generates the first token based at least in part on the device identifier for the mobile device;
Ortiz(a token, based at least a little bit on the fact that it’s stored on the device, it’s based on the device 0172)
transmitting, by the mobile device, the first token to the service provider computer via a first communication channel,
wherein the service provider computer completes the first transaction on behalf of the resource provider over a second communication channel different from the first communication channel using the first token without providing the first token to the resource provider;
Ortiz(0179 the processing is on the merchant network after authorization by the customer)
for a subsequent transaction: generating, by the mobile device, a second token from the first token using a function based on the first token and a transaction counter, Ortiz (0163, a transaction counter)
wherein the function ensures the second token is uniquely associated with the device identifier for the mobile device, and wherein both first token and the second token are substitute values for a primary account number identifying a same account of [[a]]the user.
(0163, a transaction counter, 0314 second token…. The token, these are related to the user account 0335)
Claim 11 is similar to claim 1.
As per claims 2, 12 Ortiz discloses;;
The method of claim 1, further comprising: identifying, by the mobile device, a number of token applications installed on the mobile device capable of being used in the first transaction; displaying, by the mobile device, the number of token applications on a user interface displayed on the display; and receiving, via the user interface displayed on the display, an indication of an individual token application of the number of token applications to be used in the first transaction.
Ortiz(fig. 4d, capable is merely a capability but Ortiz discloses a token enabled process for using a mobile device, fig 19 as well)
As per claims 3, 13, Ortiz; discloses; The method of claim 1, wherein the first token is a token that is generated or retrieved by the individual token application, wherein the individual token application authenticates a user of the mobile device.
Ortiz(0034, 0067)
As per claims 4, 14, Ortiz discloses; The method of claim 3, further comprising: obtaining, via an input sensor of the mobile device, a biometric information from the user, wherein the individual token application authenticates the user based on a match between the obtained biometric information and biometric information stored in relation to the user.
See also Ortiz(0143, biometrics may be used as well)
As per claim 5,15 Ortiz discloses; The method of claim 1, wherein the first token is provided to the individual token application by a remote server associated with the individual token application.
See also Ortiz(0342-344,)
As per claims 6, 16 Ortiz discloses; The method of claim 1, wherein the first transaction is processed using the first token even when the resource provider does not accept the individual token application or tokens generated by the individual token application.
Ortiz(here, the limitation in the spec. 0104 it appears there is an alternative way to validate the user, see 0183-4 of Ortiz)
The motivation is similar to that provided for claims 1, 11
As per claims 7, 17 Ortiz discloses; discloses;
The method of claim 1, wherein the transaction information including data related to the first transaction and the account identifying data is received over the first communication channel using a mobile number associated with the mobile device, wherein account identifying information provided to the resource provider via the client device consists of the mobile number.
As per claims 8, 18 Ortiz discloses;
the method of claim 7, wherein the first communication channel includes a cellular network where the mobile device is identified using the mobile number. Ortiz(0172 cellular, wireless network)
as per claims 9, and 19 Ortiz discloses;
The method of claim 1, wherein the individual token application includes an electronic wallet application provisioned on the mobile device. Ortiz(0198)
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
10,20 is/are rejected under 35 U.S.C. 103 as being unpatentable over
US Patent Publication to Ortiz 2016/0019536 in view of US Patent Publication 20170091770 to Bacastow
As per claims 10 and 20 Discloses mobile purchases with a cell phone, however, Ortiz does not explicitly disclose what Bacastow teaches; The method of claim 1, wherein the transaction information including data related to the first transaction and the account identifying data are received in an SMS message. (0068)
It would therefore have been obvious to one of ordinary skill in the art before the effective filing date of the invention to combine the cellular disclosure of Ortiz with the sms teachings of Bacastow for the motivation of reducing “increased potential for fraud in card not present transactions”
Response to Arguments
Applicant filed an amendment on 3/18/26.
Claims 1-20 are, Claims 1, 6, 11, and 16 have been amended, and no claims have been canceled nor have new claims been added. After careful consideration of applicant arguments and amendments, the examiner finds them to be moot and/or non persuasive. This action is a Final Rejection.
Claim Objections – withdrawn
§ 101 Rejections
Claims 1-20 are rejected under 35 U.S.C. § 101 for allegedly being directed to non- statutory subject matter.
Applicant respectfully submits that the claims, as amended, are not directed to a judicial exception under Step 2A of the Alice analysis framework, and alternatively, recite significantly more than any alleged abstract idea under Step 2B. Accordingly, Applicant respectfully requests withdrawal of this rejection.
First, Applicant respectfully submits that the claims do not recite an abstract idea. In the Office Action, the Examiner asserts that claim limitations quoted at page 3 of the Office Action "cover performance of the limitation as certain methods of organizing human activity. The claims recite a fundamental economic practice. If a claim limitation under its broadest reasonable interpretation covers performance of the limitation as a fundamental economic practice then it falls within certain methods of organizing human activity grouping of abstract ideas. Accordingly the claim recites an abstract idea." In essence, the Office Action alleges that the claim recites an abstract idea without identifying what the alleged abstract idea would be. Moreover, Applicant respectfully submits that this characterization is a high-level abstraction that is "untethered from the language of the claims" (Enfish, LLC v. Microsoft Corp.). Applicant respectfully disagrees that the claim recites a fundamental economic practice. Rather, Applicant's claim 1 recites a mobile device executing an individual token application that generates a first unique token based on the mobile device identifier for a first transaction, and generates a second token from the first unique token for a subsequent transaction. This specific way of generating tokens is not a fundamental economic practice, and therefore the claim does not recite an abstract idea per Step 2A, prong 1 of the Alice analysis framework.
Here, Enfish was more directed to an improvement in software rather than an improvement in the business practice.
Second, under the USPTO's 2019 Revised Patent Subject Matter Eligibility Guidance ("2019 PEG"), a claim is not "directed to" a judicial exception if it is integrated into a practical application. The amended claims recite a specific, practical application that improves the functionality and security of computer systems and networks, and are therefore patent-eligible under Step 2A, prong 2.
Here “improve the functionality and security of the computer system and networks would be more persuasive if the functionality improved were directed to the security of the network versus the financial account.
Here, the claims are directed to a specific, unconventional technical method for securely processing remote transactions that is necessarily rooted in computer technology.
Here secure is not claimed nor is remote except for claim 5 where remote service is claimed. Applicant might be able to combine the user interface and the secure processing elements to create such a unconventional technical improvement.
The claimed method recites a specific technique that enables the mobile device executing an individual token application to generate a first token based on the device identifier of the mobile device, and a second token based on the first token. Amended claim 1 specifies "generating... a second token from the first token using a function... wherein the function ensures the second token is uniquely associated with the device identifier for the mobile device."This is not a generic calculation. It is a specific, unconventional step that improves computer efficiency by avoiding a redundant, full p.9 of the spec.
Here unconventional step may be in the eyes of the applicant. However, the “function ensures” and is “based on”. Neither of these is a specific element. It more of an intended use and based on means related to. If more specifically claimed then applicant might be persuasive.
token-provisioning process. More importantly, it is a technical security measure that maintains the cryptographic link between the payment credential and the physical device across the token's lifecycle. This specific method of token evolution is a technical improvement over the state of the art and is not an abstract concept.
Furthermore, the amended claims detail specific technical operations performed by the mobile device that are not abstract. Claim 1 now requires "authenticating, by the mobile device, through the individual token application, a user of the mobile device prior to generating the token. " As described in the specification at paragraphs [0065] and [0083], this is a specific technical function where the mobile device's processor executes a dedicated token application to perform a security check, such as by processing biometric data. This step transforms the mobile device from a generic communication tool into a secure authentication gateway for the transaction, thereby improving the functioning of the computer (e.g., the mobile device) itself.
Again applicant is providing software not, a device improvement.
Because the claims are directed to a specific technical improvement and a practical
application, they are not directed to a judicial exception and are patent-eligible under Step 2A.
Lastly, the claim limitations, particularly as amended, are not well-understood, routine, or conventional activities, and the ordered combination of claim limitations amounts to "significantly more" than the abstract idea itself.
“significantly more” is an interpretation of the examiner. This is generally not persuasive unless the improvement is directed to the technology.
The Examiner has not provided any evidence that the specific combination of steps
recited in the amended claims is routine or conventional, as required by Berkheimer v. HP Inc. The claimed method recites an unconventional workflow that confines the claim to a specific, practical application. This unconventional combination includes: (1) receiving, by a mobile device from a service provider computer, transaction information including data related to a first transaction and account identifying data that consists of a device identifier for the mobile device; (2) executing a specific user authentication step on the mobile device through a dedicated token application; (3) generating a device-specific token that is transmitted to a service provider but explicitly not to the merchant; and (4) for a subsequent transaction, generating a new, evolved token from the initial token, such that the new token preserves its unique association with the device identifier. This specific, ordered combination of technical steps is not a generic
application of an abstract idea but a concrete, inventive solution that provides meaningful limitations beyond simply using a computer to conduct a transaction. Therefore, the claims are patent-eligible under Step 2B as well.
For at least these reasons, the Applicant respectfully requests withdrawal of the § 101 rejection of the pending claims.
Under Berkheimer the examiner assumes the elements are routine and convention. Here the argument was that this is an abstract idea implemented by known computing devices. Here the devices are cited as mobile device, client device and service provider computer. None of these are more than generic elements.
Applicant should consider claim 2 and a specialized display or claim 4 biometric information as adding technical elements.
§ 103 Rejections
Claims 1-20 are rejected under 35 U.S.C. § 103 as being unpatentable over U.S.
Publication No. 2017/0272253 of Lavender et al. ("Lavender") in view of U.S. Publication No. 2016/0019536 of Ortiz et al. ("Ortiz").
Applicant submits that Lavender does not qualify as prior art under 35 U.S.C. 102, and accordingly, Lavender cannot be used as prior art under 35 U.S.C. 103.
The present application has an effective filing date of May 11, 2017.
Lavender was filed on March 10, 2017 and published on Sept. 21, 2017.
Lavender and the present application are commonly assigned to Visa International Service Association.
A reference is only available as prior art under 35 U.S.C. 103 if the reference is prior art under 35 U.S.C. 102. (MPEP 2141.01). A reference is prior art under 35 U.S.C. 102(a)(1) if the reference was "patented, described in a printed publication ... or otherwise available to the public before the effective filing date of the claimed invention." Because Lavender was published after the effective filing date of the claimed invention, Lavender is not prior art under 35 U.S.C. 102(a)(1).
Nor is Lavender prior art under 35 U.S.C. 102(a)(2). 35 U.S.C. 102(a)(2) art is "described in a patent ... or in an application for patent published, in which the patent or application ... names another inventor and was effectively filed before the effective filing date of the claimed invention." Under 35 U.S.C. 102(b)(2)(C) "A disclosure shall not be prior art to a claimed invention under subsection (a)(2) if.. . the subject matter disclosed and the
Here applicant argument re: Lavender is moot because in view of amendment and argument, secondary reference Ortiz is presented to anticipate the claims. This action is a Final rejection.
Conclusion
Top of Form
Bottom of Form
Leveraging Cellular Infrastructure to Improve Fraud Prevention, IEEE, 2009
Web services on mobile devices-implementation and experience, IEEE, 2003
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRUCE I EBERSMAN whose telephone number is (571)270-3442. The examiner can normally be reached 8:00 am - 5:00 pm Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael W Anderson can be reached at 571-270-0508. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BRUCE I EBERSMAN/Primary Examiner, Art Unit 3693
Prosecution Insights