DETAILED ACTION
Acknowledgements
This Office Action is in response to Applicant’s response/application filed on 02/27/2026.
The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 2-21 are currently pending.
Claims 13-21 have been withdrawn.
Claim 1 has been canceled.
No claims have been added.
Claims 2-12 have been examined.
Election/Restrictions
Applicant’s election without traverse of group I, claims 1-12 in the reply filed on 02/27/2026 is acknowledged.
Claims 13-21 are withdrawn from further consideration pursuant to 37 CFR 1.142(b) as being drawn to a nonelected group, there being no allowable generic or linking claim. Election was made without traverse in the reply filed on 02/27/2026.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 2-5, 7-11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miller (EP 1710760 A1), in view of Gruber (AT 512958 A1).
Regarding claim(s) 2, Miller discloses:
receiving, by a terminal, a card reader authorization request from a card reader to authorize the card reader for operation with the terminal (By disclosing, “After installation of the card reader 10 in the vending machine 2, this card reader 10 logs on [(authorization request)] via the data line 24 at the PinPad 6.” ([0058] of Miller); and the data is transmitted between the card reader and the PinPad via a microprocessor [(terminal)] ([0045], [0047], [0049], Fig. 1 of Miller),
wherein the card reader is integrated within the terminal as a first peripheral device, wherein the terminal is a self-service terminal or an automated teller machine (By disclosing, “Fig. 1 shows a vending machine 2 with a housed in a housing 4 PinPad 6 and accommodated in a housing 8 card reader 10. The vending machine 2 may for example be a ticket machine or ATM.” ([0039] of Miller));
providing, by the terminal, the card reader data to an Encrypted Personal Identification Number (PIN) Pad (EPP) of the terminal for authentication of the card reader, (By disclosing, “After installation of the card reader 10 in the vending machine 2, this card reader 10 logs on via the data line 24 at the PinPad 6. Upon registration, the card reader 10 may, for example, transmits its terminal identification (TID), its station number (STAT_ID) and its station issuer number (STAT_ISS) to PinPad 6.” ([0058] of Miller)),
wherein the EPP is integrated within the terminal as a second peripheral device (By disclosing, “Fig. 1 shows a vending machine 2 with a housed in a housing 4 PinPad 6 and accommodated in a housing 8 card reader 10. The vending machine 2 may for example be a ticket machine or ATM.” ([0039] of Miller)); and
enabling or disabling, by the terminal, the card reader based on whether the EPP returns an authorized message or a rejected message. (By disclosing, a release means for activating the card reader ([0034], [0058]-[0073] of Miller)).
Miller does not expressly disclose, but Gruber teaches:
requesting, by the terminal, card reader data from the card reader (By disclosing, “Challenge-response method known in the art: A system that wants to determine the authenticity of a device, first generates a random number (Challenge). This is sent to the device and encrypted there with a secret key (= response). The response is returned to the system.” (Page 5 paragraph 1 of Gruber)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller in view of Gruber to include techniques of requesting, by the terminal, card reader data from the card reader. Doing so would result in an improved invention because this would control the time of receiving the card reader data.
Regarding claim(s) 3, Miller does not disclose, but Gruber teaches:
wherein requesting the card reader data further includes obtaining a random number generated by the card reader (By disclosing, “the card reader (2) generates a random number, places it in a protected memory area and encrypts it as a first cryptogram (4); the first cryptogram is stored together with an identification number of the card reader (2) in a database (5); the card reader (2) encrypts the random number stored in its protected memory area together with further card data read from the card and sends it as a second cryptogram (6) together with its identification number to the end point (3); the endpoint (3) receives the second cryptogram (6), obtains the first cryptogram (4) by polling the database (5), decrypts the first cryptogram (4) and the second cryptogram (6) and compares the resulting first random number with the resulting second random number.” (Abstract of Gruber)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller in view of Gruber to include techniques of “wherein requesting the card reader data further includes obtaining a random number generated by the card reader” . Doing so would result in an improved invention because this would improve the security of the card reader data.
Regarding claim(s) 4, Miller does not disclose, but Gruber teaches:
wherein requesting the card reader data further includes obtaining a serial number for the card reader (By disclosing, “the card reader (2) generates a random number, places it in a protected memory area and encrypts it as a first cryptogram (4); the first cryptogram is stored together with an identification number of the card reader (2) in a database (5); the card reader (2) encrypts the random number stored in its protected memory area together with further card data read from the card and sends it as a second cryptogram (6) together with its identification number to the end point (3); the endpoint (3) receives the second cryptogram (6), obtains the first cryptogram (4) by polling the database (5), decrypts the first cryptogram (4) and the second cryptogram (6) and compares the resulting first random number with the resulting second random number.” (Abstract of Gruber)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller in view of Gruber to include techniques of “wherein requesting the card reader data further includes obtaining a serial number for the card reader” . Doing so would result in an improved invention because this would identify the card reader.
. Regarding claim(s) 5, Miller does not disclose, but Gruber teaches:
wherein requesting the card reader data further includes requesting a stored token from the card reader. (By disclosing, “the card reader (2) generates a random number, places it in a protected memory area and encrypts it as a first cryptogram (4); the first cryptogram is stored together with an identification number of the card reader (2) in a database (5); the card reader (2) encrypts the random number stored in its protected memory area together with further card data read from the card and sends it as a second cryptogram (6) together with its identification number to the end point (3); the endpoint (3) receives the second cryptogram (6), obtains the first cryptogram (4) by polling the database (5), decrypts the first cryptogram (4) and the second cryptogram (6) and compares the resulting first random number with the resulting second random number.” (Abstract of Gruber)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller in view of Gruber to include techniques of “wherein requesting the card reader data further includes requesting a stored token from the card reader” . Doing so would result in an improved invention because this would improve the security of storing the data in the token.
. Regarding claim(s) 7, Miller does not disclose, but Gruber teaches:
wherein requesting the stored token further includes obtaining a random number from the card reader along with the stored token. (By disclosing, “the card reader (2) generates a random number, places it in a protected memory area and encrypts it as a first cryptogram (4); the first cryptogram is stored together with an identification number of the card reader (2) in a database (5); the card reader (2) encrypts the random number stored in its protected memory area together with further card data read from the card and sends it as a second cryptogram (6) together with its identification number to the end point (3); the endpoint (3) receives the second cryptogram (6), obtains the first cryptogram (4) by polling the database (5), decrypts the first cryptogram (4) and the second cryptogram (6) and compares the resulting first random number with the resulting second random number.” (Abstract of Gruber)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller in view of Gruber to include techniques of “wherein requesting the stored token further includes obtaining a random number from the card reader along with the stored token” . Doing so would result in an improved invention because this would allow the random number to be used in card reader authentication process.
. Regarding claim(s) 8, Miller discloses:
wherein providing the card reader data further includes forwarding a cryptographic authorization request from the EPP to an online authentication service. (By disclosing, “The service technician 34 transmits (58) the device-related parameters together with his own personnel number (PNR_ST) via a communication link to the control center 42.” ([0058]-[0062] of Miller)).
. Regarding claim(s) 9, Miller discloses:
providing a cryptographic response returned by the online authentication service to the EPP. (By disclosing, “The control center 42 transmits (64) to the service technician 34 via the communication network 38 the generated order number AUFT_ID and the PIN_AT containing the encrypted personnel number PNR_RM *. Alternatively, the center 42 may also transmit this information directly to the PinPad 6.” ([0070] of Miller)).
. Regarding claim(s) 10, Miller discloses:
wherein enabling further includes receiving a new token from the EPP with the authorized message. (By disclosing, “In addition, 24 keys (key) for decrypting PIN are transmitted from the PinPad 6 to the card reader 10 via the data line (70).” ([0073] of Miller)).
. Regarding claim(s) 11, Miller discloses:
instructing the card reader to store the new token. (By disclosing, “In addition, 24 keys (key) for decrypting PIN are transmitted from the PinPad 6 to the card reader 10 via the data line (70). For this purpose, the keys (key) are transferred from the memory area 14 via the interface 20, the data line 24 and the interface 22 to the memory area 18.” ([0073] of Miller)).
Claim(s) 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miller (EP 1710760 A1), in view of Gruber (AT 512958 A1), further in view of Lewis (US 20140081874).
. Regarding claim(s) 6, Miller does not disclose, but Lewis teaches:
wherein the stored token was previously provided to the card reader by the EPP through the terminal. (By disclosing, “The EPP then sends this encrypted random number to the card reader” ([0446] of Lewis)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller and Gruber, in view of Lewis to include techniques of “wherein the stored token was previously provided to the card reader by the EPP through the terminal” . Doing so would result in an improved invention because this would allow the token to be used in card reader authentication process.
Claim(s) 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miller (EP 1710760 A1), in view of Gruber (AT 512958 A1), further in view of Quigley (US 20130333011).
. Regarding claim(s) 12, Miller does not disclose, but Quigley teaches:
wherein the new token is provided back to a terminal (By disclosing, “the card reader sends the encrypted unique ID to the mobile device” ([0082] of Quigley)). (Note: “when the card reader is subsequently initialized” is a contingent limitation therefore has no patentable weight because “[t]he broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met. For example, assume a method claim requires step A if a first condition happens and step B if a second condition happens. If the claimed invention may be practiced without either the first or second condition happening, then neither step A or B is required by the broadest reasonable interpretation of the claim. If the claimed invention requires the first condition to occur, then the broadest reasonable interpretation of the claim requires step A. If the claimed invention requires both the first and second conditions to occur, then the broadest reasonable interpretation of the claim requires both steps A and B” (MPEP 2111.04 II)).
Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Miller and Gruber, in view of Quigley to include techniques of “wherein the new token is provided back to a terminal” . Doing so would result in an improved invention because this would allow the terminal to authenticate the card reader by using the token.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 8915428 to Post for disclosing:
Methods, systems, and apparatus, for pairing a card reader and a computing device, including: determining, by the computing device, that an output connector of the card reader is connected to the computing device through a physical connector of the computing device; in response to determining, by the computing device, that the output connector of the card reader is connected to the computing device through the physical connector located on the computing device, sending, from the computing device and through the physical connector, data for establishing a wireless communication link between the card reader and the computing device; and pairing, using the data sent from the computing device through the physical connector, the card reader with the computing device, wherein, upon pairing, subsequent communications between the card reader and the computing device are performed over the wireless communication link.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUAN ZHANG whose telephone number is (571)272-4642. The examiner can normally be reached Mon - Fri 10 AM-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at 571-270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DUAN ZHANG/Primary Examiner, Art Unit 3699