DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Restriction to one of the following inventions is required under 35 U.S.C. 121:
I. Claims 1-5 and 7, drawn to a system comprising a payment processing server and a server, classified in 709/238.
II. Claims 8-14, drawn to a system comprising a payment facilitator server, classified in 705/64.
The inventions are distinct, each from the other because of the following reasons:
Inventions I and II are related as subcombinations disclosed as usable together in a single combination. The subcombinations are distinct if they do not overlap in scope and are not obvious variants, and if it is shown that at least one subcombination is separately usable. In the instant case, subcombination I has separate utility such as transmit an acknowledgement indicative of a success of the transaction, wherein the payment processing server transmits from outside the restricted computer network firewall to the merchant inside the restricted computer network firewall a notification of payment. Subcombination II has separate utility such as receive a transaction ID and an acknowledgement indicative of a success of the transaction.. See MPEP § 806.05(d).
The Examiner has required restriction between subcombinations usable together. Where applicant elects a subcombination and claims thereto are subsequently found allowable, any claim(s) depending from or otherwise requiring all the limitations of the allowable subcombination will be examined for patentability in accordance with 37 CFR 1.104. See MPEP § 821.04(a). Applicant is advised that if any claim presented in a continuation or divisional application is anticipated by, or includes all the limitations of, a claim that is allowable in the present application, such claim may be subject to provisional statutory and/or nonstatutory double patenting rejections over the claims of the instant application.
Restriction for examination purposes as indicated is proper because all these inventions listed in this action are independent or distinct for the reasons given above and there would be a serious search and examination burden if restriction were not required because one or more of the following reasons apply:
(a) the inventions have acquired a separate status in the art in view of their different classification;
(b) the inventions have acquired a separate status in the art due to their recognized divergent subject matter;
(c) the inventions require a different field of search (for example, searching different classes/subclasses or electronic resources, or employing different search queries);
(d) the prior art applicable to one invention would not likely be applicable to another invention;
(e) the inventions are likely to raise different non-prior art issues under 35 U.S.C. 101 and/or 35 U.S.C. 112, first paragraph.
Since applicant has received an action on the merits for the originally presented invention, this invention has been constructively elected by original presentation for prosecution on the merits. Accordingly, claims 1-5 and 7 are withdrawn from consideration as being directed to a non-elected invention. See 37 CFR 1.142(b) and MPEP § 821.03. To preserve a right to petition, the reply to this action must distinctly and specifically point out supposed errors in the restriction requirement. Otherwise, the election shall be treated as a final election without traverse. Traversal must be timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are subsequently added, applicant must indicate which of the subsequently added claims are readable upon the elected invention.
Should applicant traverse on the ground that the inventions are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the inventions to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner finds one of the inventions unpatentable over the prior art, the evidence or admission may be used in a rejection under 35 U.S.C. 103 or pre-AIA 35 U.S.C. 103(a) of the other invention.
Claims 15-20 link inventions I and II. The restriction requirement between the linked inventions is subject to the nonallowance of the linking claims, claims 15-20. Upon the indication of allowability of the linking claim(s), the restriction requirement as to the linked inventions shall be withdrawn and any claim(s) depending from or otherwise requiring all the limitations of the allowable linking claim(s) will be rejoined and fully examined for patentability in accordance with 37 CFR 1.104. Claims that require all the limitations of an allowable linking claim will be entered as a matter of right if the amendment is presented prior to final rejection or allowance, whichever is earlier. Amendments submitted after final rejection are governed by 37 CFR 1.116; amendments submitted after allowance are governed by 37 CFR 1.312.
Applicant(s) are advised that if any claim presented in a continuation or divisional application is anticipated by, or includes all the limitations of, the allowable linking claim, such claim may be subject to provisional statutory and/or nonstatutory double patenting rejections over the claims of the instant application. Where a restriction requirement is withdrawn, the provisions of 35 U.S.C. 121 are no longer applicable. In re Ziegler, 443 F.2d 1211, 1215, 170 USPQ 129, 131-32 (CCPA 1971). See also MPEP § 804.01.
Acknowledgements
This Office Action addresses the response filed on 01/02/2026.
Claims 8-11 and 14-19 were amended.
Claim 6 was canceled.
Claims 1-5 and 7 were withdrawn.
Claims 8-20 are pending.
Claims 8-20 were examined.
Specification
The disclosure is objected to because of the following informalities: The claims were amended to recite a "payment facilitator server". This newly claimed element is not sufficiently described in the specification as filed. CFR 37 (d)(1) establishes "The claim or claims must conform to the invention as set forth in the remainder of the specification and the terms and phrases used in the claims must find clear support or antecedent basis in the description so that the meaning of the terms in the claims may be ascertainable by reference to the description". Appropriate correction is required.
Claim Rejections - 35 USC § 101
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 8-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
With respect to the Eligibility Step 1 of the Alice/Mayo two-part test of the subject matter eligibility analysis (see MPEP 2106), in the instant case, claims 8-14 are directed to a system, and claims 15-20 are directed to a method. Therefore, these claims fall within the four statutory categories of invention.
Following step 2A, prong one of the analysis, the language of the independent claims reciting an abstract idea are marked in bold below:
a. register with the payment processing server by obtaining an identifier identifying the serverb. receive an encrypted payload for a payment transaction from the wallet application within the restricted computer network firewall, wherein the encrypted payload comprises information of the payment transactionc. decrypt the encrypted payload to form a decrypted payload comprising the information of the payment transactiond. after decryption of the encrypted payload, transmit the decrypted payload in one payment packet to the payment processing server outside the restricted computer network firewall, wherein the payment packet comprises the information of the payment transactione. receive a transaction ID and an acknowledgement indicative of a success of the transaction (Claim 8)
Therefore, the portions highlighted in bold above recite payment transactions, which is an abstract idea grouped within the certain methods of organizing human activity and mental processes grouping of abstract ideas in prong one of step 2A. The claims are grouped within certain methods of organizing human activity because the steps recited describe the fundamental economic practice of processing of payments and the commercial or legal interaction of processing information through a clearing-house. Additionally, the claims are also grouped within mental processes because the steps recited describe collecting information, analyzing it, and displaying certain results of the collection and analysis, which is a concept that can be performed in the human mind or by pen and paper. In situations like this where a series of steps recite judicial exceptions, examiners should combine all recited judicial exceptions and treat the claim as containing a single judicial exception for purposes of further eligibility analysis. See MPEP 2106.04 and 2106.05(II). Thus, the language identified in the certain methods of organizing human activity and mental processes groupings were considered as a single abstract idea. Accordingly, the claims recite an abstract idea.
With respect to step 2A, prong two of the analysis, this judicial exception is not integrated into a practical application. Specifically, with respect to using a payment facilitator, a server to perform the recited steps/functions, these additional elements performs the steps or functions such as: “register… by obtaining an identifier…”, “receiving… payload…”, “decrypting… payload…”, “transmitting… payload…”, “receive… ID and acknowledgement… (Claim 8)”. These additional elements are recited at a high-level of generality such that it represents no more than mere instructions to apply the exception using a generic computer component, which only serves to use computers as a tool to perform the abstract idea. Therefore, these elements do not integrate the abstract idea into a practical application because they require no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional element(s) of a payment processing server, a wallet application, a merchant, a restricted computer network firewall amount to generally linking the use of the judicial exception to a particular technological environment or field of use.. Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Therefore, following the analysis of step 2A, prong two, the claims are still directed to an abstract idea.
With respect to step 2B of the analysis, the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to the integration of the abstract idea into a practical application, the additional computer elements, such as a payment facilitator, a server, a payment processing server, a wallet application, a merchant, a restricted computer network firewall. The payment facilitator, a server perform the steps/functions of “register… by obtaining an identifier…”, “receiving… payload…”, “decrypting… payload…”, “transmitting… payload…”, “receive… ID and acknowledgement… (Claim 8)”, and amount to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using generic computer components cannot provide an inventive concept beyond the abstract idea of payment transactions. The additional element(s) of a payment processing server, a wallet application, a merchant, a restricted computer network firewall amount to generally linking the use of the judicial exception to a particular technological environment or field of use.. As discussed above, taking the claim elements separately, these additional elements perform the steps or functions that correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of payment transactions. Therefore, the independent claims are not eligible.
Examiner notes that, for elements recited in the dependent claims which were previously analyzed as additional elements of the independent claims above (i.e. a payment facilitator, a server), the assessment of these elements under step 2A and step 2B for the dependent claims is inherited from the analysis of the independent claims and omitted for brevity, unless noted by Examiner below. Dependent claims 9-14 and 16-20 further recite the following additional language, in which elements which merely further define the identified abstract idea are marked in bold below:
f) wherein the payment facilitator server is configured to: receive a token from a URL of a webpage, a merchant ID, and an amount for the transaction; and append the token to the URL as a fragment to the URL. g) wherein the payment facilitator server is configured to process the webpage; and execute a function call to a payment processor. h) wherein the payment facilitator server is configured to facilitate the transaction for a consumer and the merchant. i) wherein the encrypted payload includes at least the following data: data of a payment device, information of the merchant, and information of the payment transaction. j) wherein the restricted computer network firewall limits outbound transactions except for permitted URL sites, wherein the encrypted payload is transmitted via a URL formatted address, and wherein the URL formatted address is one of the permitted URL sites. k) wherein the payment facilitator server is configured to store a unique ID and encryption key.
With respect to the eligibility analysis of claim 12, the claim recites item i) above, which do not introduce additional elements/functions. The additional language merely represents statements directed to non-functional descriptive material by describing what the payload "includes" (i.e. data). Those statements are insufficient to significantly alter the eligibility analysis.
With respect to the eligibility analysis of claims 13 and 20, the claims recite item j) above, which do not introduce additional elements/functions. The additional language merely represents statements directed to non-functional descriptive material by describing what a URL formatted address is (i.e. a type of data). Those statements are insufficient to significantly alter the eligibility analysis.
Therefore, the additional language i), j) of dependent claims 12, 13 and 20 do not alter the analysis provided with respect to independent claims 8 and 15. In other words, the claims do not introduce additional elements that would alter the analysis with respect to Steps 2A or 2B above in any meaningful way. Therefore, these dependent claims are also ineligible.
With respect to the eligibility analysis of claims 9 and 16, the claims recite item f) above, which represents the additional elements/functions of loading a webpage, retrieve a token and appending token to URL. This language further elaborates the abstract idea of payment transactions identified in the analysis of independent claims 8 and 15. The additional elements/functions, alone or in combination, are insufficient to integrate the abstract idea into a practical application because the additional elements/functions do not pertain to an improvement to the functioning of a computer or to another technology. The additional elements/functions, alone or in combination, do not offer significantly more than the abstract idea, because the additional elements/functions merely further recite additional instructions to implement the abstract idea on a computer. Examiner notes the claim further detail the mental process of collecting information, analyzing it, and displaying certain results of the collection and analysis
With respect to the eligibility analysis of claims 10 and 17, the claims recite item g) above, which represents the additional elements/functions of processing a webpage and executing a call. This language further elaborates the abstract idea of payment transactions identified in the analysis of independent claims 8 and 15. The additional elements/functions, alone or in combination, are insufficient to integrate the abstract idea into a practical application because the additional elements/functions do not pertain to an improvement to the functioning of a computer or to another technology. The additional elements/functions, alone or in combination, do not offer significantly more than the abstract idea, because the additional elements/functions merely further recite additional instructions to implement the abstract idea on a computer. Examiner notes the claim further detail the mental process of collecting information, analyzing it, and displaying certain results of the collection and analysis
With respect to the eligibility analysis of claims 11 and 18, the claims recite item h) above, which represents the additional elements/functions of facilitating a transaction. This language further elaborates the abstract idea of payment transactions identified in the analysis of independent claims 8 and 15. The additional elements/functions, alone or in combination, are insufficient to integrate the abstract idea into a practical application because the additional elements/functions do not pertain to an improvement to the functioning of a computer or to another technology. The additional elements/functions, alone or in combination, do not offer significantly more than the abstract idea, because the additional elements/functions merely further recite additional instructions to implement the abstract idea on a computer. Examiner notes the claims further detail the fundamental economic practice of processing payments.
With respect to the eligibility analysis of claims 14 and 19, the claims recite item k) above, which represents the additional elements/functions of storing an ID and a key. This language further elaborates the abstract idea of payment transactions identified in the analysis of independent claims 8 and 15. The additional elements/functions, alone or in combination, are insufficient to integrate the abstract idea into a practical application because the additional elements/functions do not pertain to an improvement to the functioning of a computer or to another technology. The additional elements/functions, alone or in combination, do not offer significantly more than the abstract idea, because the additional elements/functions merely further recite additional instructions to implement the abstract idea on a computer. Examiner notes the claim further detail the mental process of collecting information
Therefore, while the additional language f)- h) and k) of dependent claims 9-11, 14 and 16-19 slightly modify the analysis provided with respect to independent claims 8 and 15, these additional elements/functions are insufficient to render the dependent claims eligible, as detailed above. Therefore, these dependent claims are also ineligible.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 8-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claims 8 and 15 recite “register with the payment processing server by obtaining an identifier identifying the server”. The specification as filed does not appear to reasonably disclose this newly introduced step. The closest language in the specification as filed recites:
[0024] :"In one embodiment, one or more payment facilitators may enroll and register with the server or payment processor 102 and may call or place a request to the WPS 122 (as illustrated below)."
[0040]: "Since the payment processor 124 has registered with the server or the payment processor 102, the payment facilitator 124 may be configured to execute computer-executable instructions or function calls to the payment processor 102 with the data packet."
The specification, however, does not appear to recite the manner in which a payment facilitator server registers with a payment processing server by obtaining an identifiers identifying itself (i.e. the server). Therefore, the specification as filed does not provide sufficient written description for the claimed language (see MPEP 2161.01). In other words, the algorithm or steps/procedure taken to perform the function must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed. Dependent claims 9-14 and 16-20 are also rejected since they depend on claims 8 and 15, respectively.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 8-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 8-11 and 14-19 recite the language “payment facilitator server”. There is insufficient antecedent basis for this language in the claims. The claims were amended to introduce the entity "payment facilitator server". The specification as filed does not provide a meaning for this claimed term. For purposes of examination, the term is interpreted under its broadest reasonable interpretation, i.e. a computer. Dependent claims 9-14 and 16-20 are also rejected since they depend on claims 8 and 15, respectively.
Claim 8 recites “the server” in line 6. There is insufficient antecedent basis for this language in the claim since it is unclear which “a payment facilitator server" and "a payment processing server"” the claim is referring to (Claim 8 introduces “a payment facilitator server" and "a payment processing server"” more than once, in lines ). See MPEP 2173.05(e): “… if two different levers are recited earlier in the claim, the recitation of “said lever” in the same or subsequent claim would be unclear where it is uncertain which of the two levers was intended”. Examiner notes the language causes a duality as one of ordinary skill in the art would not be able to reasonably determine which "server" the identifier is associated with. Dependent claims 9-14 are also rejected since they depend on claim 8.
Claim 13 is indefinite because it is unclear to one of ordinary skill in the art whether Applicants are claiming the subcombination of a “a system comprising a payment facilitator server” or the combination of a “a system comprising a payment facilitator server” and “a restricted computer network firewall”. If it is Applicants’ intent to claim only the subcombination, the body of the claims must be amended to remove any positive recitation of the combination. If it is Applicants’ intent to claim the combination, the preamble of the claim must be amended to be consistent with the language in the body of the claim. For purposes of Examination, Examiner considers the scope set by the preamble of the claims.
Claim 15 was amended to recite “the payment processing server” in line 3. There is insufficient antecedent basis for this language in the claim. Dependent claims 16-20 are also rejected since they depend on claim 15.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 8-20 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Shearer et al. (US 2017/0213206 A1), hereinafter Shearer, in view of Quentin et al. (US 2015/0347988 A1), hereinafter Quentin, and in view of Angrish et al. (US 2015/0178862 A1), hereinafter Angrish.
With respect to claims 8 and 15, Shearer teaches a computer-implemented system for streamlining encryption payload of a card transaction from a merchant inside a restricted computer network firewall comprising: a payment facilitator server within the restricted computer network firewall coupled between a payment processing server and a wallet application (see paragraph [0096]); and a computer-implemented method for limiting a number of encrypted transaction data packet transmission between a merchant and a server (Conducting transactions using electronic devices with geographically restricted non-native credentials) comprising:
receiving, by a payment facilitator server within a restricted computer network firewall, an encrypted payload for a payment transaction comprising at least the following data: data of a payment device, information of the merchant, and information of the payment transaction; (see Fig. 5, 502 and Fig. 6, 678, paragraph [0049], Transaction data 666, paragraph [0064]);
decrypting, by the payment facilitator server, the encrypted payload to form a decrypted payload comprising the data; and (see Fig. 6, 630, paragraph [0072]: paragraph [0074]: “...However, if a voucher ought to be used, encrypted SP credential data 681 generated at operation 631 may then be stored against such a voucher by AE subsystem 400 at operation 632. In such embodiments, at operation 632, second security subsystem 492 may be configured to generate or otherwise access voucher data 682 that may be indicative of a unique host transaction voucher and then to store such a voucher against encrypted SP credential data 681 (e.g., by linking the voucher of voucher data 682 and SP credential data 681 with any suitable data link) in any suitable memory component of second security subsystem 492, such as in a table 435 or any other suitable data structure. Such a unique host transaction voucher may be any suitable data element of any suitable size, such as an 8- or 9-character alphanumeric string that may be randomly or uniquely generated by AE subsystem 400 or otherwise for association with encrypted SP credential data 681, such that the voucher may not include any data indicative of the host transaction credential data of encrypted SP credential data 681. Such voucher data 682 used at operation 632 may then be transmitted along with any other suitable data, such as a URL of second security subsystem 492 or other data indicative of the entity at which to redeem the voucher, as secured host transaction data 683 from AE subsystem 400 to host device 100 at operation 633." Examiner notes the "decrypted payload" formed is the "voucher");
after decryption of the encrypted payload, transmitting, by the payment facilitator server, the decrypted payload in one payment packet to a payment processing server outside the restricted computer network firewall, wherein the payment packet comprises the data. (see Fig. 6, 683, forwarding to Host, paragraph [0074]: “However, if a voucher ought to be used, encrypted SP credential data 681 generated at operation 631 may then be stored against such a voucher by AE subsystem 400 at operation 632. In such embodiments, at operation 632, second security subsystem 492 may be configured to generate or otherwise access voucher data 682 that may be indicative of a unique host transaction voucher and then to store such a voucher against encrypted SP credential data 681 (e.g., by linking the voucher of voucher data 682 and SP credential data 681 with any suitable data link) in any suitable memory component of second security subsystem 492, such as in a table 435 or any other suitable data structure. Such a unique host transaction voucher may be any suitable data element of any suitable size, such as an 8- or 9-character alphanumeric string that may be randomly or uniquely generated by AE subsystem 400 or otherwise for association with encrypted SP credential data 681, such that the voucher may not include any data indicative of the host transaction credential data of encrypted SP credential data 681. Such voucher data 682 used at operation 632 may then be transmitted along with any other suitable data, such as a URL of second security subsystem 492 or other data indicative of the entity at which to redeem the voucher, as secured host transaction data 683 from AE subsystem 400 to host device 100 at operation 633..."); and
receive a transaction ID and an acknowledgement indicative of a success of the transaction (Claim 8) (see Fig. 6, 636, voucher redemption, e.g., an entity identified by redemption entity identification data of data 683/684, paragraph [0075]: “...Then, at operation 636, client device 100? may be operative to detect voucher data 682 of host transaction data 684 and then to attempt to redeem the voucher of voucher data 682 at second security subsystem 492 for host transaction credential data that may fund or otherwise further the transaction, such as encrypted SP credential data 681, by communicating host transaction data voucher redemption request data 686 that may include voucher data 682 to second security subsystem 492 (e.g., an entity identified by redemption entity identification data of data 683/684). Client device 100? may be operative to detect voucher data 682 and/or the identity of target second security subsystem 492 and/or the manner in which to redeem voucher data 682 using any suitable data that may be communicated to client device 100? from host device 100 as part of host transaction data 683 (e.g., data 683 may include an appropriate URL for second security subsystem 492 (e.g., as may be determined and used by host device 100 at operation 628)). Host transaction data voucher redemption request data 686 may include voucher data 682 and any data indicative of client device 100? (e.g., client device ID 119?) such that second security subsystem 492 may communicate the host transaction credential data redeemed by the voucher back to client device 100.”).
Shearer does not explicitly disclose a system and method comprising: registering with the payment processing server by obtaining an identifier identifying the server; the computer network firewall is "restricted".
However, Quentin discloses a system and method (Method for delegating an implementation of transactions, corresponding devices and programs) comprising: registering with the payment processing server by obtaining an identifier identifying the server (see paragraph [0027]: “According to one particular embodiment, said second phase of the method comprises: [0028] a step for receiving a registration request by a user, coming from a communications terminal, said request comprising at least one identifier of said user, at least one identifier of a payment server and at least one identifier of said user with said payment server; [0030] a step for receiving a piece of data representing a decision to register said user; and [0031] when said data representing a decision to register the user is positive, a step for recording, within said provisioning data structure, an association between said user identifier, said payment server identifier and said user identifier with said payment server”; paragraph [0032]: “Thus, the users and the payment service providers are registered within one and the same intermediate server capable of implementing a list of predetermined transactions. This means that from the user's viewpoint, the execution of transactions is simplified.”).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the registration mechanisms as disclosed by Quentin in the system and method of Shearer, the motivation being to enable an intermediate server to carry out transactions on behalf of a payment server (see Quentin, paragraph [0013]).
The combination of Shearer and Quentin does not explicitly disclose a system and method comprising: the computer network firewall is "restricted".
However, Angrish discloses a system and method (Mobile payments) comprising:
the computer network firewall is "restricted" (see paragraph [0048]: "In some embodiments, merchant LAN 108 may include or incorporate a firewall or other protective computing device that regulates the entry of messages, requests or command from computers that are on or outside of the public internetwork 120.").
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the firewall or other protective computing devices as disclosed by Angrish in the system and method of Shearer and Quentin, the motivation being to regulate the entry of messages, requests or command from computers that are on or outside of a public network (see Angrish, paragraphs [0048] and [0081]).
With respect to claims 9 and 16, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system and method as described above with respect to claims 8 and 15. Furthermore, Shearer disclose a system and method wherein the payment facilitator server is configured to: receive a token from a URL of a webpage, a merchant ID, and an amount for the transaction; and append the token to the URL as a fragment to the URL (see voucher redemption URL, paragraph [0078]: "...second security subsystem 492 may include a particular voucher redemption URL with voucher data 682 in data 683, where that URL may only address a portion (e.g., server) of second security subsystem 492 that may be associated with redeeming vouchers for host transaction credential data geographically restricted for use within second geographical region 92, and that portion (e.g., server) of second security subsystem 492 may be configured not to receive any voucher redemption request data 686 from any requesting entity located outside of second geographical region 92 (e.g., second security subsystem 492 may use a firewall or other suitable technology to only receive voucher redemption request data 686 for geographically restricted host credential data that is transmitted from within second geographical region 92 (e.g., to restrict allowed traffic only from entities that are suitable for redeeming a voucher for geographically restricted host credential data))..."). Regarding the BRI of the claims, Examiner notes that claim 16 is a method claim and recites “wherein the payment facilitator server is configured to: receive a token from a URL of a webpage, a merchant ID, and an amount for the transaction; and append the token to the URL as a fragment to the URL...”, language directed to not positively recited method steps. The motivation for combining the references remain unaltered from the motivation described above in conjunction with the rejection of the independent claims.
With respect to claims 10 and 17, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system and method as described above with respect to claims 9 and 16. Furthermore, Shearer disclose a system and method wherein the payment facilitator server is configured to process the webpage; and execute a function call to a payment processor (see Fig. 6, voucher redemption 636-638, URL for second security subsystem 492, paragraph [0075]: “...Then, at operation 636, client device 100′ may be operative to detect voucher data 682 of host transaction data 684 and then to attempt to redeem the voucher of voucher data 682 at second security subsystem 492 for host transaction credential data that may fund or otherwise further the transaction, such as encrypted SP credential data 681, by communicating host transaction data voucher redemption request data 686 that may include voucher data 682 to second security subsystem 492 (e.g., an entity identified by redemption entity identification data of data 683/684). Client device 100′ may be operative to detect voucher data 682 and/or the identity of target second security subsystem 492 and/or the manner in which to redeem voucher data 682 using any suitable data that may be communicated to client device 100′ from host device 100 as part of host transaction data 683 (e.g., data 683 may include an appropriate URL for second security subsystem 492 (e.g., as may be determined and used by host device 100 at operation 628)). Host transaction data voucher redemption request data 686 may include voucher data 682 and any data indicative of client device 100′ (e.g., client device ID 119′) such that second security subsystem 492 may communicate the host transaction credential data redeemed by the voucher back to client device 100′.”). Regarding the BRI of the claims, Examiner notes that claim 17 is a method claim and recites “wherein the payment facilitator server is configured to process the webpage; and execute a function call to a payment processor ...”, language directed to not positively recited method steps. The motivation for combining the references remain unaltered from the motivation described above in conjunction with the rejection of the independent claims.
With respect to claims 11 and 18, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system and method as described above with respect to claims 10 and 17. Furthermore, Shearer disclose a system and method wherein the payment facilitator server is configured to facilitate the transaction for a consumer and the merchant (see paragraph [0094]: “In some embodiments, at least a portion of process 600 and/or any other process of this disclosure may be operative to transfer money between a user of host device 100 and a user of client device 100′ (e.g., client device 100′ may request funds from host device 100 independent of any transaction between client device 100′ and an SP subsystem). In some embodiments, this may be enabled by an acquiring bank and/or one or more entities of issuer subsystem 300 to enable host transaction data to facilitate the transfer of funds between an account associated with a credential on a host device and an account associated with a user of a client device...). Regarding the BRI of the claims, Examiner notes that claim 18 is a method claim and recites “wherein the payment facilitator server is configured to facilitate the transaction for a consumer and the merchant ...”, language directed to not positively recited method steps. The motivation for combining the references remain unaltered from the motivation described above in conjunction with the rejection of the independent claims.
With respect to claim 12, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system as described above with respect to claim 8. Furthermore, Shearer disclose a system wherein the encrypted payload includes at least the following data: data of a payment device, information of the merchant, and information of the payment transaction (see Fig. 5, 502 and Fig. 6, 678, paragraph [0049]; Transaction data 666, paragraph [0064]). The motivation for combining the references remain unaltered from the motivation described above in conjunction with the rejection of the independent claims.
With respect to claims 13 and 20, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system and method as described above with respect to claims 8 and 15. Furthermore, Angrish disclose a system and method wherein the restricted computer network firewall limits outbound transactions except for permitted URL sites, wherein the encrypted payload is transmitted via a URL formatted address, and wherein the URL formatted address is one of the permitted URL sites (see paragraph [0048]: "...As a result, typically the service provider computer system 130 cannot issue HTTP calls to the payment logic 118, payment plug-in 114, or other functional units of the merchant booking computer 110 and/or merchant POS computer 112. Therefore, in some embodiments, the elements of FIG. 1 are configured to use socket level third party protocols and messaging systems to communicate with the merchant POS computer 112 and other units that are behind firewalls. In one embodiment, HTTP long polling is used to implement a publish-subscribe mechanism. In this embodiment, payment plug-in 114, which resides on the merchant POS computer 112 within the restaurant firewall, subscribes to a channel that is hosted by a third-party server such as the service provider computer system 130. The booking application 132 and/or payment application 134 of computer system 130 sends messages to the in-restaurant POS plug-in 114 by publishing to this channel. Pubnub is an example of one third-party service providing this functionality."; Fig. 4, paragraph [0081]: "In an embodiment, at block 416, a success or failure message is received from the payment network gateway computer 140 at the service provider computer system 130. Operations performed in response to a failure of the payment transaction are not critical and may vary in various embodiments. If the payment transaction was successful, then at block 418, an electronic receipt is generated and communicated both to the merchant POS computer 112 and to the mobile computing device 102. For example, the e-receipt may be sent to the payment plug-in 114 and then communicated from the plug-in to the merchant POS computer 112 using an appropriate request or message. Concurrently the e-receipt is sent over the network to the mobile app 103."). Regarding the BRI of the claims, Examiner notes that claim 20 is a method claim and recites “wherein the restricted computer network firewall limits outbound transactions except for permitted URL sites, wherein the encrypted payload is transmitted via a URL formatted address, and wherein the URL formatted address is one of the permitted URL sites...”, language directed to not positively recited method steps. The motivation for combining the references remain unaltered from the motivation described above in conjunction with the rejection of the independent claims.
With respect to claims 14 and 19, the combination of Shearer, Quentin and Angrish teaches all the subject matter of the system and method as described above with respect to claims 8 and 15. Furthermore, Shearer disclose a system and method wherein the payment facilitator server is configured to store a unique ID and encryption key (see paragraph [0023]: "...For example, AE subsystem 400 (e.g., at least one of a first security subsystem 491 and a second security subsystem 492 of AE subsystem 400, each of which may include any suitable processing, data accessing, and data communicating components of AE subsystem 400) may be operative to maintain any suitable shared secret (e.g., a password, passphrase, array of randomly chosen bytes, one or more symmetric keys, public-private keys (e.g., asymmetric keys), etc.) between/available to AE subsystem 400 and SP subsystem 200, and AE subsystem 400 (e.g., at least one of first security subsystem 491 and second security subsystem 492) may be operative to use such a shared secret to encrypt or otherwise modify host transaction credential data generated by host device 100 as SP-secured host transaction credential data (e.g., host transaction credential data from host device 100 that has been secured using a shared secret of SP subsystem 200)..."; paragraph [0024]: "...In such embodiments, second security subsystem 492 may be configured to generate or otherwise access a unique host transaction voucher in conjunction with generating the geographically restricted SP-secured host transaction credential data and may then be configured to store such a unique host transaction voucher against the SP-secured host transaction credential data (e.g., in any suitable memory component of second security subsystem 492), after which the unique host transaction voucher may be returned to host device 100 instead of the SP-secured host transaction credential data...").
Response to Arguments/Amendments
Claim rejections - 35 USC § 101
Applicant’s amendments and arguments (see remarks, pages 6-7, filed on 01/02/2026), with respect to the rejection of claims 8-20 under 35 USC § 101 as being directed to an abstract idea have been fully considered but are not persuasive. With respect to Step 1 , Applicant asserts “Applicant disagrees that the claims are directed to an abstract idea without significantly more. First, the claims are directed to the structuring and handling of payloads, specific firewall- limited outbound transactions, and decryption to implement the payment processing. These are not mental steps.”. Examiner respectfully disagrees. Examiner notes the abstract idea groupings identified fall into certain methods of organizing human activity and mental processes. These groupings were analyzed as a single abstract idea. Examiner is in the position that the amended claims are still directed to an abstract idea as discussed above.. With respect to Steps 2A and 2B , Applicant asserts “claim 1 includes additional elements that amount to more than an abstract idea. For example, claim 1 is directed to encryption and decryption for a payment transaction with a restricted computer network firewall. Additionally, the server decrypts the encrypted payload to transmit outside the restricted firewall. The claims therefore limit the operation to environments with a "restricted computer network firewall." ”. Examiner respectfully disagrees. Examiner notes the additional elements were fully considered, and the additional elements are insufficient to represent a practical application of the abstract idea identified. The additional elements also do not offer significantly more than the abstract idea. Therefore, the amended claims are still rejected under 35 U.S.C. 101. The new and amended claims do not offer significantly more than the abstract idea itself, therefore the claims are still rejected under 35 USC § 101 as further detailed above.
Claim rejections - 35 USC § 112(a)
Applicant’s amendments and arguments (see remarks, pages 6 and 8, filed on 01/02/2026), with respect to the rejection of claims 8-14 under 35 USC § 112(a) have been fully considered. With respect to insufficient written description in claims 9 and 16Examiner finds Applicant's arguments persuasive in view of the submitted amendments, therefore the rejection was withdrawn. With respect to insufficient written description in claim 10Examiner finds Applicant's arguments persuasive in view of the submitted amendments, therefore the rejection was withdrawn. With respect to lack of written description of claim terms interpreted under the 35 U.S.C. 112(f) in claims 8 and 9-14Examiner finds Applicant's arguments persuasive in view of the submitted amendments, therefore the rejection was withdrawn. Examiner notes the amended language is not being interpreted under 35 U.S.C. 112(f), therefore the rejections under 35 U.S.C. 112(a) were withdrawn.
Claim rejections - 35 USC § 112(b)
Applicant’s amendments and arguments (see remarks, pages 6, 8 and 9, filed on 01/02/2026), with respect to the rejection of claims 8-14 under 35 USC § 112(b) have been fully considered and are persuasive, in part. With respect to lack of antecedent basis, term "restricted computer network firewall" in claim 8Examiner finds Applicant's arguments persuasive in view of the submitted amendments, therefore the rejection was withdrawn. With respect to claim scope, as the claim further attempts to limit "a restricted computer network firewall" not comprised by the system in claim 13, Applicant asserts “Applicant has amended claims accordingly to overcome the rejection. ”. Examiner respectfully disagrees. Examiner notes the issue persists, as it is unclear whether the firewall is/should be comprised by the claimed "system" or not. The attempt to further limit this element renders the scope of claim 13 unclear.. Therefore the claims are still rejected under 35 USC § 112(b) as further detailed above.
Claim rejections - 35 USC § 103
Applicant’s amendments and arguments (see remarks, pages 9 and 10, filed on 01/02/2026), with respect to the rejection of claims 8-20 under 35 USC § 103 have been fully considered , but are moot because the arguments do not apply to the reference being used in the current rejection of the amended claims.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDUARDO D CASTILHO whose telephone number is (571)270-1592. The examiner can normally be reached Mon-Fri 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached at (571) 272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/EDUARDO CASTILHO/Primary Examiner, Art Unit 3698