DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1- 20 are rejected under 35 U.S.C. 102 (a) (1) as being clearly anticipated by Wong et al. (US 20150180836 A1, hereinafter, Wong)
Regarding to claims 1, 9 , 13 and 20,  taking claim 9 as exemplary,  Wong teaches A portable communication device comprising: a processor; and  a computer readable medium, the computer readable medium comprising code, executable by the processor to implement a method comprising: initiating communication between a portable communication device comprising a token and a first limited use key, and an access device; ([Abstract] enhancing the security of a communication device (i.e. portable communication device) when conducting a transaction using the communication device may include using a limited-use key (LUK) ( i.e. first receiving from a remote server via the access device, a second limited use key, ([0044] A dynamic account parameter may be an account parameter that has a limited lifespan, and which once expired, can no longer be used to conduct a transaction until the account parameter is replenished, refreshed, or renewed (i.e. a second limited use key received by the portable device). [0051]The dynamic set of data may include one or more keys (i.e. second limited use key and further key updates as needed to complete a transaction) , information associated with the one or more keys, and/or other dynamic data that has a limited lifespan, and are repeatedly refreshed or replenished during the lifetime of an account. The dynamic set of data can be used for or relates to on-device generation of dynamic transaction cryptograms, or represent dynamic transaction data during payment transactions; [0052] for example, the dynamic set of data may include a limited-use key (LUK) that is used as an encryption key to generate a transaction cryptogram during a transaction. (//examiner note: a portable device receiving dynamic account parameters data update, including second limited user key, during a transaction discloses the inherent capability of the system receiving the second limit use key via the access device.))wherein the portable communication device is in short range communication or in contact with the access device; [0311] A contactless payment can be initiated by the consumer tapping and replacing the first limited use key with the second limited use key.  ([0163] When the mobile application of portable communication device 701 receives the new set of account parameters (e.g., new LUK and new key index associated with the LUK), the mobile application delete (i.e. replacing the first limited use key with the second limited use key) the previous set of account parameters and associated transaction verification log details and usage tracking, and store the new set of account parameters.)
Claims 1 and 13 related to method claims are rejected based on same rational as the device of claim 9.
Claim 20 related to a device claim is rejected based on same rational as the device of claim 9.
Regarding to claim 2, the combination of Wong teaches the method of claim 1, wherein the portable communication device is in a form of a wearable device.  [0032] a portable communication device may be in the form of a mobile device such as a mobile phone … wearable computing device (e.g., watch), electronic reader device, etc.)
Claim 10 is rejected based on same rational as claim 2.
Regarding to claim 3, the combination of Wong teaches the method of claim 1, wherein the second limited use key is received by the portable communication device after an authorization response message is received by the access device. ([00195] the transaction log 
Regarding to claim 4, the combination of Wong teaches the method of claim 1, wherein the access device is configured to generate and transmit authorization request messages and receive authorization response messages.  ([0087] Access device 160 or a merchant computer coupled to access device 160 may then generate an authorization request message including the account identifier or token, and additional information such as a transaction cryptogram and other transaction data;  [0090] Acquirer 174 then sends the authorization response message to the merchant computer and/or access device 160. The authorization response results, which may include transaction data for the transaction can be displayed by access device 160 (i.e. receive authorization response message), or be printed out on a physical receipt.)
Claim 17 is rejected based on same rational as claim 4.
Regarding to claim 5, the combination of Wong teaches the method of claim 1, further comprising: encrypting, using the second limited use key and by the portable communication device, transaction data for a transaction to form a cryptogram; ([0195] discloses receiving second LUK.  [00184] the transaction cryptogram 820 may be generated by encrypting dynamic transaction data 816 using the LUK 814 as an encryption key in encryption function 818.)and transmitting, by the portable communication device, the token and the cryptogram to the access device to conduct the transaction. [Abstract] the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction.)
Claim 11 is rejected based on same rational as claim 5.
Regarding to claim 6, the combination of Wong teaches the method of claim 5, wherein the transaction is an access transaction to access a location.  ([0192] At block 1004, a transaction (e.g., a payment transaction, access transaction, or other transaction that is performed using an account) can be initiated (i.e. to access a location that is using contactless secure buildings.), for example, by placing the communication device in proximity to a contactless reader of an access device such as a POS terminal;  [0038] The authorization request message may also include other information such as information that identifies the access device that generated the authorization request message, information about the location of the access device, etc.  (i.e.  The system can provide the location access since it can identify location of the request and authenticate and authorize the portable device making the location access request.)
Regarding to claim 7, the combination of Wong teaches the method of claim 1, wherein the portable communication device 2 does not have a secure element. ([0110 In some embodiments, the mobile application may communicate with the contactless reader using card emulation APIs of the mobile operating system of portable communication device 301, and thus the transaction can be carried out without requiring the use of a secure element (although a 
Claim 12 is rejected based on same rational as claim 7.
Regarding to claim 8, the combination of Wong teaches the method of claim 1, wherein the second limited use key is received in a message from the access device, ([0162] After the new set of account parameters are generated, CBPP 780 may send the new set of account parameters 730 to MAP 770. The new set of account parameters 730 may include a new key index, a new LUK, etc., and in some embodiments, may also include a new set of one or more limited-use thresholds associated with the account parameters or LUK that may have different usage limits than the previous thresholds (i.e. second limit use key). MAP 770 then forwards the data as the new set of account parameters 732 to the mobile application of portable communication device 701.)the message being one of multiple messages passing between the portable communication device and the access device in a single physical interaction between the portable communication device and the access device.  ([0192] At block 1004, a transaction (e.g., a payment transaction, access transaction, or other transaction that is performed using an account) can be initiated (i.e. to access a location that is using contactless secure buildings.), for example, by placing the communication device in proximity to a contactless reader of an access device such as a POS terminal.)
Regarding to claim 14, the combination of Wong teaches the method of claim 13, wherein the access device comprises a contactless reader, and wherein the portable communication device is capable of communicating with the contactless reader through a wireless communication medium.  ([0311] A contactless payment can be initiated by the 
Regarding to claim 15, the combination of Wong teaches the method of claim 13, further comprising: receiving, by the access device, a cryptogram and the token from the portable communication device. ([Abstract] the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction.)
Regarding to claim 16, the combination of Wong teaches the method of claim 15, wherein the cryptogram is created using the second limited use key. ([0195] discloses receiving second LUK.  [00184] the transaction cryptogram 820 may be generated by encrypting dynamic transaction data 816 using the LUK 814 as an encryption key in encryption function 818.)
Regarding to claim 17, the combination of Wong teaches the method of claim 15, further comprising: generating, by the access device, an authorization request message comprising the cryptogram and the token; and transmitting, by the access device, the authorization request message to an authorizing entity computer.  ([0087] Access device 160 or a merchant computer coupled to access device 160 may then generate an authorization request message including the account identifier or token, and additional information such as a transaction cryptogram and other transaction data;  [0090] Acquirer 174 then sends the 
Regarding to claim 18, the combination of Wong teaches the method of claim 17, further comprising: receiving, an authorization response message comprising the token. ([0042] the token format may be configured to allow the entity receiving the token (i.e. portable communication device) to identify it as a token and recognize the entity that issued the token (i.e.  The access device receiving a token as part of the authorization response message); [0090] Acquirer 174 (i.e. remote server) then sends the authorization response message to the merchant computer and/or access device 160. The authorization response results, which may include transaction data for the transaction can be displayed by access device 160 (i.e. receive authorization response message), or be printed out on a physical receipt.)
Regarding to claim 19, the combination of Wong teaches the method of claim 15, wherein the cryptogram is generated using the second limited use key and a TDES encryption function. ([0184] For an integrated chip based transaction, the transaction cryptogram 820 may be generated by encrypting dynamic transaction data 816 using the LUK (i.e. second limited use key) 814 as an encryption key in encryption function 818.; The encryption function 806 used to generate the second encryption key 808 may be, for example, triple data encryption standard 


Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20130262317 A1 -SYSTEMS AND METHODS FOR PROCESSING MOBILE PAYMENTS BY PROVISONING CREDENTIALS TO MOBILE DEVICES WITHOUT SECURE ELEMENTS.  The reference discloses a method for generating and provisioning payment credentials to a mobile device lacking a secure element using limited use key and token to secure transaction.
US 20160140545 A1 - CLOUD-BASED TRANSACTIONS WITH MAGNETIC SECURE TRANSMISSION.
US 20050238174 A1 - Method And System For Secure Communications Over A Public Network
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SOLOMON AREGA whose telephone number is (571)272-0122. The examiner can normally be reached on Monday - Friday from 8:30 AM to 5:00 PM (EDT).

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

/SOLOMON AREGA/Examiner, Art Unit 4164      
                                                                                                                                                                  /LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431