Prosecution Insights
Last updated: July 17, 2026
Application No. 18/823,636

SECURE IN-LINE PAYMENTS

Non-Final OA §101
Filed
Sep 03, 2024
Priority
Nov 10, 2010 — provisional 61/412,307 +5 more
Examiner
NGUYEN, TIEN C
Art Unit
3694
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
PayPal Inc.
OA Round
1 (Non-Final)
68%
Grant Probability
Favorable
1-2
OA Rounds
1y 0m
Est. Remaining
86%
With Interview

Examiner Intelligence

Grants 68% — above average
68%
Career Allowance Rate
447 granted / 659 resolved
+15.8% vs TC avg
Strong +18% interview lift
Without
With
+18.2%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
28 currently pending
Career history
685
Total Applications
across all art units

Statute-Specific Performance

§101
38.9%
-1.1% vs TC avg
§103
34.9%
-5.1% vs TC avg
§102
4.6%
-35.4% vs TC avg
§112
3.4%
-36.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 659 resolved cases

Office Action

§101
Notice of Pre-AIA or AIA Status The present application is being examined under the pre-AIA first to invent provisions. DETAILED ACTION Status of the Claims The following office action in response to the preliminary amendments filed on 12/17/2024. Claims 2-21 are newly added. Claim 1 was canceled. Therefore, claims 2-21 are pending and addressed below. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 2-21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claims 2-21 are directed to a method, a system, and a non-transitory computer readable medium and thus a statutory category of invention (Step 1: YES). Claim 2 is rejected under 35 U.S.C. 101 because the claimed invention recites an abstract idea without significantly more. The claim recites the limitations of “…receiving a transaction request, determining information accessible by the service provider, wherein the information includes a value computed that validates the application; verifying the value; determining a first authorization token for the application based on the value, transmitting the first authorization token to the client; receiving the first authorization token and a credential from the application, wherein the credential authorizes the user to perform the in-line payments in the application; verifying the first authorization token and the credential; determining a second authorization token based on the first authorization token and the credential, wherein the second authorization token enables the application to collect an authorization for the transaction request; transmitting the second authorization token to the client; and receiving the second authorization token and the authorization, wherein the authorization received requests that a payment call be executed for the transaction request”. These recited limitations, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of commercial or legal interactions (including business relations, e.g., provide in-line payments via a service provider for a transaction request) but for the recitation of generic computer components. If a claim limitation, under its broadest reasonable interpretation, covers concepts of fundamental economic principles or practices but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. The additional limitations (besides those that recite the abstract idea) include the presence in the system claimed of a memory, one or more hardware processors, an application, a runtime platform, a client device, a payment library and a user authentication interface that are all recited at a high level of generality to perform the functions of “…receiving …a transaction request; determining …information accessible by the service provider, computes…a value; verifying… the value; determining …a first authorization token; display…a user interface; transmitting …the first authorization token; receiving… the first authorization token and a credential; verifying… the first authorization token and the credential; determining …a second authorization token; transmitting…the second authorization token; and receiving… the second authorization token and the authorization that a payment call be executed for the transaction request”, such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, the additional elements do not integrate the abstract idea into a particular application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception or amount to an inventive concept. As discussed above with respect to integration of the abstract idea into a practical application, the additional limitations of the memory, the one or more hardware processors, the application, the runtime platform, the client device, the payment library and the user authentication interface that are all recited at a high level of generality to perform the functions of “…receiving …a transaction request; determining …information accessible by the service provider, computes…a value; verifying… the value; determining …a first authorization token; display…a user interface; transmitting …the first authorization token; receiving… the first authorization token and a credential; verifying… the first authorization token and the credential; determining …a second authorization token; transmitting…the second authorization token; and receiving… the second authorization token and the authorization that a payment call be executed for the transaction request”, above amounts to mere instructions to apply the exception using the generic computer component. When viewing the additional elements either individually or as an ordered combination, the claim as a whole does not amount to significantly more than the judicial exception because the claim does not include improvements to another technology or technical field, improvements to the function of the computer itself, and does not provide meaningful limitations beyond general linking the use of an abstract idea to a particular technological environment. In effect, the additional limitations add the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer. Mere instructions to apply an exception using the generic computer component cannot provide an inventive concept. Thus, the claim is not patent eligible. Claim 9 is rejected under 35 U.S.C. 101 because the claimed invention recites an abstract idea without significantly more. The claim recites the limitations of “…receiving a transaction request, wherein the transaction request comprises a value computed that validates the application by the service provider; authenticating the application based on the value; determining an authorization token for the application, wherein the authorization token for collection of a credential for the user; transmitting the authorization token to the client; receiving an authentication request, wherein the authentication request comprises the credential entered and the authorization token; verifying the credential and the authorization token; and executing a payment call for the transaction request”. These recited limitations, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of commercial or legal interactions (including business relations, e.g., provide in-line payments via a service provider for a transaction request) but for the recitation of generic computer components. If a claim limitation, under its broadest reasonable interpretation, covers concepts of fundamental economic principles or practices but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. The additional limitations (besides those that recite the abstract idea) include the presence in the method claimed of a platform, a client device, a payment library and an interface that are all recited at a high level of generality to perform the functions of “…receiving…a transaction request; computes…a value that validates the application; authenticating …the application based on the value; determining… an authorization token for the application, displayed …an interface for collection of a credential; transmitting… the authorization token to the client; receiving …an authentication request; verifying… the credential and the authorization token; and executing …a payment call for the transaction request”, such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, the additional elements do not integrate the abstract idea into a particular application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception or amount to an inventive concept. As discussed above with respect to integration of the abstract idea into a practical application, the additional limitations of the platform, the client device, the payment library and the interface that are all recited at a high level of generality to perform the functions of “…receiving…a transaction request; computes…a value that validates the application; authenticating …the application based on the value; determining… an authorization token for the application, displayed …an interface for collection of a credential; transmitting… the authorization token to the client; receiving …an authentication request; verifying… the credential and the authorization token; and executing …a payment call for the transaction request”, above amounts to mere instructions to apply the exception using the generic computer component. When viewing the additional elements either individually or as an ordered combination, the claim as a whole does not amount to significantly more than the judicial exception because the claim does not include improvements to another technology or technical field, improvements to the function of the computer itself, and does not provide meaningful limitations beyond general linking the use of an abstract idea to a particular technological environment. In effect, the additional limitations add the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer. Mere instructions to apply an exception using the generic computer component cannot provide an inventive concept. Thus, the claim is not patent eligible. Claim 16 is rejected under 35 U.S.C. 101 because the claimed invention recites an abstract idea without significantly more. The claim recites the limitations of “…receiving an indication of transaction request, wherein the indication comprises a value computed that validates the application by the service provider; authenticating the application based on the value; determining an authorization token for the application, wherein the authorization token enables the application to authorize the transaction request based on information provided via the transaction request; transmitting the authorization token to the client device; receiving the information from the transaction request to authorize the transaction request; verifying the information and the authorization token; and processing the transaction request based on the information”. These recited limitations, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of commercial or legal interactions (including business relations, e.g., provide in-line payments via a service provider for a transaction request) but for the recitation of generic computer components. If a claim limitation, under its broadest reasonable interpretation, covers concepts of fundamental economic principles or practices but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. The additional limitations (besides those that recite the abstract idea) include the presence in the method claimed of a platform, a client device, a payment library that are all recited at a high level of generality to perform the functions of “receiving… an indication of transaction request, computes…a value that validates the application by the service provider; authenticating… the application based on the value; determining …an authorization token for the application; authorize… the transaction request; transmitting… the authorization token to the client; receiving …the information from the transaction request to authorize the transaction request; verifying… the information and the authorization token; and processing… the transaction request based on the information”, such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, the additional elements do not integrate the abstract idea into a particular application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception or amount to an inventive concept. As discussed above with respect to integration of the abstract idea into a practical application, the additional limitations of the platform, the client device, the payment library that are all recited at a high level of generality to perform the functions of “receiving… an indication of transaction request, computes…a value that validates the application by the service provider; authenticating… the application based on the value; determining …an authorization token for the application; authorize… the transaction request; transmitting… the authorization token to the client; receiving …the information from the transaction request to authorize the transaction request; verifying… the information and the authorization token; and processing… the transaction request based on the information”, above amounts to mere instructions to apply the exception using the generic computer component. When viewing the additional elements either individually or as an ordered combination, the claim as a whole does not amount to significantly more than the judicial exception because the claim does not include improvements to another technology or technical field, improvements to the function of the computer itself, and does not provide meaningful limitations beyond general linking the use of an abstract idea to a particular technological environment. In effect, the additional limitations add the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer. Mere instructions to apply an exception using the generic computer component cannot provide an inventive concept. Thus, the claim is not patent eligible. Dependent claims 3-8, 10-15 and 17-21 are dependent on claims 2, 9 and 16. Therefore, claims 3-8, 10-15 and 17-21 are directed to the same abstract idea of claim 2, 9 and 16. Claims 3-8, 10-15 and 17-21 further recite the limitations that merely refer back to further details of the abstract idea. In addition, the additional limitations (besides those that recite the abstract idea) of the user authentication interface and the client device included in the dependent claims 3, 7 and 14 that are all recited at a high level of generality to perform the functions of “verifying…a location…” (claim 3); “transmitting…a payment status…” (claim 7 and claim 14), such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea. The dependent claims 3-8, 10-15 and 17-21 does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception or amount to an inventive concept. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements amount to nothing more than an instruction to “apply it” with the judicial exception. In addition, the additional limitations (besides those that recite the abstract idea) of the user authentication interface and the client device included in the dependent claims 3, 7 and 14 that are all recited at a high level of generality to perform the functions of “verifying…a location…” (claim 3); “transmitting…a payment status…” (claim 7 and claim 14), above amounts to mere instructions to apply the exception using the generic computer components. When viewing the additional elements either individually or as an ordered combination, the claim as a whole does not amount to significantly more than the judicial exception because the claim does not include improvements to another technology or technical field, improvements to the function of the computer itself, and does not provide meaningful limitations beyond general linking the use of an abstract idea to a particular technological environment. In effect, the additional limitations add the words “apply it” (or an equivalent) to the judicial exception, or mere instructions to implement an abstract idea on a computer. Mere instructions to apply an exception using the generic computer component cannot provide an inventive concept. Thus, when considering the combination of elements and the claimed as a whole, the dependent claims 3-8, 10-15 and 17-21 are not patent eligible. Notes: Regarding the prior art rejections, Kranzley et al. (2005/0240522) teaches a method and system for conducting an online payment transaction, in which authentication data is sent from an authentication processor (e.g., a computer operated by a payment organization) to a user processor (typically a purchaser's computer), then to a merchant's processor, then to an acquirer processor or the payment organization processor, and then to an issuer processor (typically, a computer operated by the issuer of the purchaser's credit/debit card account or other payment account) for verification. The result of the verification is sent back to the merchant processor through the payment organization processor or the acquirer processor, whereupon the merchant processor either denies or completes the transaction. To generate the authentication data, the user processor sends payment account identification data (e.g., a credit card or debit card number) to the merchant processor, which sends an account holder participation request message to a registration database processor to determine whether the payment account is listed in a registration database. If the payment account is listed, the registration database sends a URL through the merchant processor which passes the URL on to the user processor. The user processor uses a Web browser to access a credential collection page provided by the payment organization. The user processor fills in the credential collection page and sends an authentication request message to the authentication processor, which authenticates the data and, if the authentication is successful, provides the aforementioned authentication data. Greenfield et al. (7,707,152) teaches systems and methods which facilitate search engine discovery of and/or access to application program content. A discoverable code, such as in the form of declarative code, is provided within the procedural or imperative code of a rich Internet application in order to identify content of the rich Internet application. Such discoverable code may additionally or alternatively identify different states within the dynamic runtime environment of the rich Internet application program. Accordingly, not only are Web crawlers or other automated means of content collection facilitated to identify content associated with a rich Internet application, but direct access to rich Internet application states associated with the identified content may be provided, such as through a search engine. The system further provides a tree type interface structure in which a user may navigate from page to page, is shown as an application program. The application program comprises web pages, each of which provides a relatively static display of content. For example, web page may present a home page of a store from which a user may navigate to pages displaying various items for purchase. The web page may identify items for purchase in a first category (in the illustrated example, a single item) and provide detail with respect to the item. The web page may identify items for purchase in a second category (in the illustrated example, three items) and provide detail with respect to respective ones of the items of web page. A search feature may be provided within the application program, such as to facilitate key word searching of an item and direct access to a respective one of web pages, the structure of application program is nevertheless available for independent discovery of each of these web pages. Hogan et al. (2002/0116341) teaches a method and system for conducting secure financial transactions over a communications network and more particularly to a method and system for transmitting payments securely over a computer network, such as the Internet, and for transmitting sensitive information securely over public communication channels. The method and the system further comprising: providing the pseudo account number with a control field indicating one of a plurality of key-generation processes to be used to generate an authentication key; generating an authentication key associated with the pseudo account number using one of the plurality of key-generation processes indicated in the control field of the pseudo account number; using the authentication key to generate a message authentication code specific to the transaction; generating an authorization request message including the message authentication code and the pseudo account number; and verifying the message authentication code using the indicated key-generation process and the authentication key; generating a per-card key associated with the account number; generating a message authentication code using the per-card key providing at least two different operating modes for forwarding in different manners the message authentication code with an authorization request having different fields, at least one of the operating modes for forwarding the message authentication code in an expiration date field and at least one of the operating modes for forwarding the message authentication code in a message authentication code field. However, the combination of prior arts of record would be hind-sight reasoning to combine the individual elements disclosed in the prior art in order to achieve Applicant's claimed invention. Thus, claims 2-21 are defined over the prior arts. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tien C. Nguyen whose telephone number is 571-270-5108. The examiner can normally be reached on Monday-Thursday (6am-2pm EST). If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bennett Sigmond can be reached on 303-297-4411. The fax phone number for the organization where this application or proceeding is assigned is 571-270-6108. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /TIEN C NGUYEN/ Primary Examiner, Art Unit 3694 /BENNETT M SIGMOND/ Supervisory Patent Examiner, Art Unit 3694
Read full office action

Prosecution Timeline

Sep 03, 2024
Application Filed
Apr 30, 2026
Non-Final Rejection mailed — §101
Jul 09, 2026
Interview Requested

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12668149
RENEWABLE ENERGY CREDIT MANAGEMENT SYSTEM AND METHOD FOR USE WITH ELECTRIC VEHICLES
2y 8m to grant Granted Jun 30, 2026
Patent 12664634
SYSTEMS AND METHODS FOR ANALYZING STRUCTURAL DAMAGE IMAGES USING MACHINE LEARNING
2y 3m to grant Granted Jun 23, 2026
Patent 12608743
MACHINE-LEARNING MODELS FOR IMAGE PROCESSING
11m to grant Granted Apr 21, 2026
Patent 12548020
THIRD PARTY PRODUCTS AND SERVICES VIA ATM
1y 10m to grant Granted Feb 10, 2026
Patent 12541790
DIGITAL MORTGAGE APPLICATION SYSTEM AND PROCESSES THEREOF
3y 11m to grant Granted Feb 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
68%
Grant Probability
86%
With Interview (+18.2%)
2y 10m (~1y 0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 659 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month