DETAILED ACTION
The following NON-FINAL Office action is in response to Application 19/969,116 filed on December 4, 2024.
Acknowledgements
Claims 1-14 and 33 are pending.
Claims 1-14 and 33 have been examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after December 13, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Claims 15-32 and 34 are withdrawn from further consideration pursuant to 37 CFR 1.142(b) as being drawn to a nonelected species B, there being no allowable generic or linking claim. Election was made without traverse in the reply filed on 01/26/2026.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-14 and 33 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
In the instant case, claims 1-14 are directed to a method and claim 33 is directed to a product/apparatus. Therefore, these claims fall within the four statutory categories of invention.
The claims recite facilitating secured payments which is an abstract idea. Specifically, the claim recites “determining that a secure communication is being established between the user and a secure agent; determining that a user is about to convey information that should not be disclosed; causing the secure communication between the user and the [merchant] to be prevented; causing the secure communication between the user device and the secure agent to be established; and facilitating an exchange of sensitive information between the user and the secure agent over the secure communication.” which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test, classified under “fundamental economic principles or practices”, specifically “mitigating risk” as part of a transaction such as a payment or settlement (See MPEP 2106, specifically 2106.04(a)) because – for example, in this case, the claims involve a series of steps for facilitating secured payments for transactions between a user ( or a buyer) and a merchant or agent of the selling organization by providing user attestation without exposing sensitive user information to other parties. Accordingly, the claim recites an abstract idea (See MPEP 2106, specifically 2106.04(a)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106.04(d)), the additional elements of the claims such as the use of a secure gateway, a user device, and a second communication device on a first communication channel merely involves using a computer as a tool to perform an abstract idea and/or generally links the use of a judicial exception to a particular technological environment. The use of a secure gateway, a user device, and a second communication device on a first communication channel to implement the abstract idea and/or generally linking the use of the abstract idea to a particular technological environment] does not render the claim patent eligible because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. Specifically, a secure gateway, a user device, and a second communication device on a first communication channel perform the steps or functions of the “determining that a secure communication is being established between the user and a secure agent; determining that a user is about to convey information that should not be disclosed; causing the secure communication between the user and the [merchant] to be prevented; causing the secure communication between the user device and the secure agent to be established; and facilitating an exchange of sensitive information between the user and the secure agent over the secure communication”. The additional claim elements are not indicative of integration into a practical application, because the claims do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106, specifically 2106.05), the additional elements of the secure gateway, a user device, and a second communication device on a first communication channel, to perform the steps amounts to no more than using the secure gateway, a user device, and a second communication device on a first communication channel to automate and/or implement the abstract idea of facilitating secured payments. As discussed above, taking the claim elements separately the secure gateway, a user device, and a second communication device on a first communication channel perform the steps of Claim 1. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of facilitating secured payments. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of the secure gateway, a user device, and a second communication device on a first communication channel to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible.
Dependent claims further describe details regarding the sensitive information and how it’s exchanged between the user and secure agent to complete the transaction further elaborating on the abstract idea of facilitating secured payments. The dependent claims recite additional elements such as “second communication device, merchant device and a call manager device”, however, they do not integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Claim Rejections - 35 USC § 102
-The following is a quotation of the appropriate paragraphs of 35
U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on sale in this country, more than one year prior to the date of application for patent in the United States.
Claims 1, 2-4, 7-11, 13-14 and 33 are rejected under 35 U.S.C. 102(b) as being unpatentable over Critchley et al. (US 2016/0104145 A1).
Regarding Claims 1 and 33, Critchley discloses a method, comprising:
determining, by a secure gateway and during a communication between a user device (“device 20 or user 10- ¶0152 & ¶0160”) and a second communication device (“Agent 30 ¶0195”) on a first communication channel, that a secure communication is being established between the user device and a secure agent (¶0001, ¶0013, ¶0014, ¶0025, ¶0026, ¶0033-¶0034, ¶0097, ¶0201)
determining, by the secure gateway, that a user is about to convey information that should not be disclosed to the second communication device; (¶0013, ¶0014, ¶0026, ¶0214
causing, by the secure gateway, the secure communication between the user device and the second communication device to be prevented; (¶0013, ¶0026, ¶0027)
causing, by the secure gateway, the secure communication between the user device and the secure agent to be established; and (¶0021, ¶0228, ¶0235)
facilitating, via the secure gateway, an exchange of sensitive information between the user device and the secure agent over the secure communication (¶0064, ¶0065, ¶0096 “the authorisation/authentication processes require the provision of sensitive information by the electronic wallet of the user to the appropriate entity without the sensitive information becoming available to the agent of merchant”, ¶0097)
Regarding Claim 2, Critchley discloses: wherein the sensitive information comprises information associated with the user to complete a transaction (¶0228)
Regarding Claim 3, Critchley discloses: wherein:
the secure agent comprises a secure payment agent, (¶0228)
the information associated with the user comprises payment information, and (¶0228)
the transaction comprises a payment for a good or a service (¶0001)
Regarding Claim 4, Critchley discloses: wherein the sensitive information comprises personally identifying information (¶0001, ¶0160, ¶0228)
Regarding Claim 7, Critchley discloses: wherein: the second communication device comprises a merchant device (¶0195)
Regarding Claim 8, Critchley discloses: wherein: the user device initiates the communication with the second communication device through a call manager device that forwards the communication to the second communication device over the first communication channel (¶0001, ¶0013, ¶0014, ¶0025, ¶0026, ¶0033-¶0034, ¶0097, ¶0201)
Regarding Claim 9, Critchley discloses: obfuscating, from the second communication device, the sensitive information conveyed from the user device (¶0013, ¶0026, ¶0027)
Regarding Claim 10, Critchley discloses: providing the sensitive information as encrypted information that is unreadable by the second communication device and the secure agent (¶0075, ¶0172, ¶0186)
Regarding Claim 11, Critchley discloses: providing the sensitive information as encrypted information that is unreadable by the second communication device, the secure agent, and the secure gateway (¶0075, ¶0132, ¶0172, ¶0186)
Regarding Claim 13, Critchley discloses: maintaining a communication channel between the user device and the second communication device while the user device is in communication with the secure agent, while ensuring that the second communication device is not privy to communication between the user device and the secure agent (¶0001, ¶0013, ¶0014, ¶0025, ¶0026, ¶0033-¶0034, ¶0097, ¶0201)
Regarding Claim 14, Critchley discloses: sending, to the user device, a link to initiate communication between the user device and the secure agent (¶0244)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all
obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 5 and 6 are rejected under 35 U.S.C. 103(b) as being unpatentable over Critchley in further view of Sharma (US 11,321,474 B2).
Regarding Claim 5, Critchley does not disclose: determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is complete; and terminating, by the secure agent, the communication from the user device in response to the exchange of sensitive information between the user device and the secure agent being complete.
Sharma however discloses:
determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is complete; and (Col. 24 lines 50-63)
terminating, by the secure agent, the communication from the user device in response to the exchange of sensitive information between the user device and the secure agent being complete (Col. 24 lines 50-63)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Critchley to include [determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is complete; and terminating, by the secure agent, the communication from the user device in response to the exchange of sensitive information between the user device and the secure agent being complete], as disclosed in Sharma, in order to provide for the use of secure communication channels to facilitate the exchange of data objects containing potentially sensitive information in a network environment (see Sharma abstract)
Regarding Claim 6, Critchley does not disclose: determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is incomplete; re-establishing the first communication channel; and transferring the communication from the user device back to the second communication device on the first communication channel or a third communication channel.
Sharma however discloses:
determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is incomplete; (Col. 42 lines 44-64)
re-establishing the first communication channel; and (Col. 42 lines 44-64)
transferring the communication from the user device back to the second communication device on the first communication channel or a third communication channel (Col. 42 lines 44-64)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Critchley to include [determining, by the secure agent, that the exchange of sensitive information between the user device and the secure agent is incomplete; re-establishing the first communication channel; and transferring the communication from the user device back to the second communication device on the first communication channel or a third communication channel], as disclosed in Sharma, in order to provide for the use of secure communication channels to facilitate the exchange of data objects containing potentially sensitive information in a network environment (see Sharma abstract)
Claim 12 is rejected under 35 U.S.C. 103(b) as being unpatentable over Critchley in further view of Georgiadis et al. (US 2021/0312447 A1).
Regarding Claim 12, Critchley does not disclose: wherein a public key of the user is compared to the encrypted information to verify the sensitive information.
Georgiadis however discloses: wherein a public key of the user is compared to the encrypted information to verify the sensitive information (¶0044, ¶0046, ¶0050-¶0053, ¶0260)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the invention to modify the system of Critchley to include [wherein a public key of the user is compared to the encrypted information to verify the sensitive information], as disclosed in Georgiadis, in order to provide an authentication technique that uses encrypted data that can be used to authenticate a principal to a verifier (see Georgiadis abstract)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZEHRA RAZA whose telephone number is (571)272-8128. The examiner can normally be reached 10AM-6:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached at (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZEHRA RAZA/Examiner, Art Unit 3697
/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3697