DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This non-final action is in response to the applicant’s communication received on September 6, 2024.
Claims 1-20 have been canceled with preliminary amendment. Claims 21-34 are pending.
Information Disclosure Statement (IDS)
IDS’s received on August 22, 2024 are being considered by the examiner.
While 37 CFR 1.97 and 1.98 do not require that the information be material, rather they allow for submission of information regardless of its pertinence to the claimed invention and there is no requirement to explain the materiality of submitted references, the cloaking of a clearly relevant reference by inclusion in a long list of citations may not comply with Applicant's duty of disclosure, see Penn Yan Boats, Inc. V. Sea Lark Boats Inc., 359 F. Supp. 948, aff'd 479 F. 2d. 1338.
Continuation
This application is a continuation application of U.S. application no. 17/752,212 filed on May 24, 2022, now U.S. Patent 12,100,003 ("Parent Applications") which is a continuation of U.S. application no. 15/919,621 filed on March 13, 2018, now U.S. Patent 11,361,313 ("Parent Applications") which is a continuation of U.S. application no. 14/557,974 filed on December 2, 2024, now U.S. Patent 9,953,315 (“Parent Applications”). See MPEP §201.07. In accordance with MPEP §609.02 A. 2 and MPEP §2001.06(b) (last paragraph), the Examiner has reviewed and considered the prior art cited in the Parent Application. Also in accordance with MPEP §2001.06(b) (last paragraph), all documents cited or considered ‘of record’ in the Parent Applications are now considered cited or ‘of record’ in this application. Additionally, Applicant(s) are reminded that a listing of the information cited or ‘of record’ in the Parent Application need not be resubmitted in this application unless Applicant(s) desire the information to be printed on a patent issuing from this application. See MPEP §609.02 A. 2.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 21-34 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does not fall within at least one of the four categories of patent eligible subject matter because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
MPEP 2106 provides step(s) in determining eligibility under 35 U.S.C. § 101. Specifically, it must be determined whether the claim is directed to one of the four statutory categories of invention, i.e., process, machine, manufacture, or composition of matter. If the claim does fall within one of the statutory categories, it must then be determined whether the claim is directed to a judicial exception (i.e., law of nature, natural phenomenon, and abstract idea), and if so, it must additionally be determined whether the claim is a patent-eligible application of the exception. If an abstract idea is present in the claim, any additional elements in the claim must integrate the judicial exception into a practical application. If not, the inquiry continues to see whether any element or combination of elements in the claim must be sufficient to ensure that the claim amounts to significantly more than the abstract idea itself. Examples of abstract ideas include mathematical concepts, mental processes, and certain methods of organizing human activities.
Under Step 1, claims 21-27 are directed to a directed to a method (i.e. process) while claims 28-34 are directed to a system. Thus, the claimed inventions are directed towards one of the four statutory categories under 35 USC § 101. Nevertheless, the claims also fall within the judicial exception of an abstract idea without significantly more.
Step 2A, 1st prong:
Claim 1 recites: A method for generating an advanced storage key, comprising:
receiving, by a processing server, a random value and an instance identifier from a mobile device, the random value and the instance identifier being included in a first application program on the mobile device, and the instance identifier being unique to an instance of the first application program;
generating, by the processing server, an advanced storage key by encrypting the random value using an encryption key;
encrypting, by the processing server, payment credentials using the generated advanced storage key; and
transmitting, by the processing server, the encrypted payment credentials to the mobile device.
(Emphasis added on the additional element(s))
The claim recites provisioning of payment credentials to a user which falls within a certain method of organizing human activity, i.e., economic practices. The claim further recites step(s) in protecting of the payment credentials using information received from the user, i.e., mitigating risk. The claim achieves this by receiving a random value and instance identifier, generating a key by encrypting the random value using an encryption key, encrypting the payment credentials using the generated advanced storage key, and transmitting the encrypted payment credentials to the user. The recitations of the using information received from user and encryption using a key in generating a second key which is then used to encrypt the payment credentials are abstract idea as these step(s) under the broadest reasonable interpretation could be performed in human mind using pen and paper.
The other independent claim, i.e., claim 28, is significantly similar to claim 21. As such, claim 28 also recites abstract idea.
Under the Step 2A (prong 2), this judicial exception is not integrated into a practical application. Specifically, the additional elements in the claim(s), i.e. system comprising a processing server and a mobile device, are recited at a high-level generality such that it amounts to no more than mere instructions to implement the abstract idea, and/or merely uses a computer as a tool to perform an abstract idea – see MPEP 2106.05(f). These limitation do not represent: Improvements to the functioning of the computing system or the components of the computing system(s) or to any other technology or technical field - see MPEP 2106.05(a).
Under Step 2B, examiners should evaluate additional elements individually and in combination to determine whether they provide an inventive concept (i.e. whether the additional elements amount to significantly more than the exception itself). Here, the claim(s) do not include additional elements that are sufficient to amount to significantly more than the judicial exception. Specifically, the claims as a whole, taken individually and in combination, do not provide an inventive concept. As explained above with respect to the integration of the abstract idea into a practical application, the additional elements used to perform the claimed judicial exception amount to no more than mere instructions to implement the abstract idea on a computer or computer components, and/or merely uses a computer as a tool to perform an abstract idea. Mere instructions to implement the abstract idea on a computer, or merely using the computer as a tool to perform an abstract idea to apply the exception using a generic computer component cannot provide an inventive concept. Looking at the limitations as a combination adds nothing that is not already present when looking at the elements taken individually. There is no indication that the combination of the elements improves the functioning of the recited computer system or its components individually or in combination.
For these reasons, the claims are rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter.
Dependent claims 22-27 and 29-34 further expand and recite the abstract idea without further additional element(s). The additional elements recited in claims 26-27 and 33-34, i.e., local database, is recited at a high-level generality such that it amounts to no more than mere instructions to implement the abstract idea, and/or merely uses a computer as a tool to perform an abstract idea – see MPEP 2106.05(f). These limitation do not represent: Improvements to the functioning of the computing system or the components of the computing system(s) or to any other technology or technical field - see MPEP 2106.05(a). Furthermore, the additional element(s) individually and in combination do not provide an inventive concept. Regarding recitation that the mobile device lacks a secure element, the recitation is merely a negative limitation.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 21-34 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 2014/0297438 A1 (“Dua”) in view of US Patent No. 6,266,415 B1 (“Campinos”) and US 2010/0174919 A1 (“Ito”).
Per claim 21 and 28, Dua fairly teaches a method comprising:
receiving, by a processing server (wireless credential manager), an instance identifier from a mobile device (wireless device) ([0042], wireless credential manager that causes the credential or set of credentials to be transmitted to wireless device; [0044]-[0046], wireless device initiate the credential issuance process to receive the credential using SIP, Internet; [0059], WCM received user’s mobile number);
encrypting, by the processing server, payment credentials using the generated advanced storage key ([0052], encrypted credentials; [0110], encrypted transport mechanism; [0149], session to exchange encryption key … authenticate the mobile user’s identity; [0173]; [0183], encryption of the credentials); and
transmitting, by the processing server, the encrypted payment credentials to the mobile device ([0042]; [0059]; [0062]; [0105], WCM delivers credential to wallet application on a wireless device).
Dua further teaches system comprising: a mobile device (wireless device) and a processing server (WCM).
Dua does not particularly teach receiving a random number and an instance identifier, the random value and the instance identifier being included in a first application program on the mobile device, and the instance identifier being unique to an instance of the first application program and advanced storage key by encrypting the random value using an encryption key.
Campinos discloses receiving a random number and generating an encryption key by encrypting the random value (col. 3, ll. 46-57, the transmitted random number is encrypted to produce an encryption key).
Hence, as Dua generally teaches use of encryption key in encrypting credential sent to the mobile device, it would have been obvious to one of ordinary skill in the art before the effective filing of instant claim to utilize any known technique of generation of the encryption key, including the key generation technique as taught by Campinos, as a key generation technique in Dua since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Furthermore, it would have been obvious to one of ordinary skill in the art prior to the effective filing of instant claim(s) to include the encryption technique to prevent any pirate from discovering the encryption/decryption key K. (col. 3, ll. 64-65).
Dua/Campinos does not particularly teach that the random value and the instance identifier being included in a first application program on the mobile device, and the instance identifier being unique to an instance of the first application program.
Ito, however, discloses the random value and the instance identifier being included in a first application program on the mobile device, and the instance identifier being unique to an instance of the first application program ([0287]-[0288], terminal information, random number, and hash value of the application program).
Hence, as Dua/Campinos generally teaches utilizing characteristics of device in generating of encryption key, it would have been obvious to one of ordinary skill in the art prior to the effective filing of the claim(s) to utilize any known characteristics of the mobile device, including the instance identifier being included in a first application program on the mobile device, and the instance identifier being unique to an instance of the first application program as taught by Ito, as the characteristics in Dua/Campinos in generating of the encrypting key.
The applicant is reminded that the description of the random value and the instance identifier in the claim is non-functional descriptive material that does not move to distinguish over prior art.
As per claims 22 and 29, Dua/Campinos/Ito further teaches wherein the random value is a random or pseudo-random number (see Campinos: col. 3, ll. 46-57, random number).
As per claims 23 and 30, Dua/Campinos/Ito further teaches wherein the encryption key is a dynamic key (Campinos: col. 3, ll. 46-57, generated dynamically).
As per claims 24 and 31, Dua/Campinos/Ito further teaches generating, by the processing server, one or more parameters; encrypting, by the processing server, the one or more parameters using the advanced storage key; transmitting, by the processing server, the one or more encrypted parameters to the mobile device (Dua: [0126]-[0127]).
As per claims 25 and 32, Dua is absent of secure element in description of mobile device (i.e., wireless device).
As per claims 26 and 33, Dua/Campinos/Ito further teaches receiving, by the mobile device, the encrypted payment credentials from the processing server; and storing, by the mobile device, the encrypted payment credentials in a local storage (Dua: [0149], decrypt credential that is transmitted to the wireless device, [0245], stored within the wallet application).
Dua does not particularly teach that the local storage is a database. However, as Dua teaches storage means including database, it would have been obvious to one of ordinary skill in the art prior to the effective filing of the claim(s) to include any storage techniques, including database, as a storage technique of the wallet application in Dua.
As per claims 27 and 34, Dua/Campinos/Ito teaches receiving, by the mobile device, the one or more encrypted parameters from the processing server (Dua: [0126]-[0127]). Dua/Campinos/Ito does not particularly teach storing by the mobile device the one or more encrypted parameters in a local database. However, as Dua generally teaches storing information received from the processing server as described above in within the wallet application as described above, it would have been obvious to one of ordinary skill in the art prior to the effective filing of the claim(s) to store any information received from the processing server in the wallet application for record keeping.
Dua does not particularly teach that the local storage is a database. However, as Dua teaches storage means including database, it would have been obvious to one of ordinary skill in the art prior to the effective filing of the claim(s) to include any storage techniques, including database, as a storage technique of the wallet application in Dua.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20160119312A1 discloses encryption technique in which key is generated based on generated key;
US 20150254645 A1discloses a method and system for providing supplemental account information in digital wallets. The disclosure also discloses a digital wallet maintained on a user’s mobile device and the financial institution provisioning payment credential for use within the digital wallet;
US 9536243 B2 discloses wallet application that is stored in a secure memory element of NFC device or in a non-secured baseband memory.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEVEN S KIM whose telephone number is (571)270-5287. The examiner can normally be reached on Monday -Friday: 7:00 - 3:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached on 571-272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/STEVEN S KIM/Primary Examiner, Art Unit 3698