DETAILED ACTION
Status of Claims
Claims 1, 3-4, 8, 10-11, 15, and 17-18 have been amended.
Claims 1-20 are currently pending and have been considered by the examiner.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 8 September 2020 has been entered.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 8 September 2020, 10 November 2020, and 19 January 2021 were considered by the examiner.

Response to Arguments
101 Rejection:
	Applicant asserts that the present claims recite eligible subject matter because the present claims do not fall within the “certain methods of organizing human activity” grouping of abstract ideas. The examiner respectfully disagrees on the provided rationale. The present claims recite the abstract of idea of performing an economic transaction which is a fundamental 
	However, when considering the additional elements of the present claims, specifically: “wherein the mobile computing device includes an embedded secure element (eSE), wherein a private key and a public key corresponding to the private key are generated by using the eSE” and “wherein a credit payment function of the mobile computing device is enabled by using the eSE”. These additional elements provide adequate technological security improvement through the use of an secure element to place the recited judicial exception into practical application. Therefore, the examiner will rescind the previously filed 101 rejection for this reason.

103 Rejection:
	Applicant’s arguments have been considered and are moot in view of new grounds of rejection.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4-5, 8, 11-12, 15, and 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ortiz et al. (US 20160019536 A1) in view of Khan (US 20150213433 A1) in further view of Hamilton et al. (US 20070162389 A1) and Iijima (US 20010044911 A1).

In regards to Claims 1, 8, and 15, Ortiz discloses:
A (Non-transitory, computer readable medium and a computer-implemented system capable of performing a)computer-implemented method, comprising: receiving, by a point of sale (POS) terminal, a payment request from a mobile computing device associated with a user account (See Ortiz: Para. [0065] – “At 1110, at the bottom of FIG. 1, the same or another purchaser device 102, 202 is used to participate in a purchase or other transaction at a vendor or merchant point-of-sale (POS) device 114”, See Ortiz: Para. [0063] – “a purchaser such as a smart card holder, or other user, 10 of a process or transaction request device 102 can use a keypad, keyboard, touchscreen, or other input device 103 to access a data processing application 104, which application can reside wholly or partially on any or all of request device 102 … Application(s) 104 can access persistent memory(ies) 106 to read or otherwise access identifiers associated with the purchaser or user; the request device 102, and/or application(s) 104, such as financial account information to be used in a purchase transaction”), 
wherein the mobile computing device communicates with the POS terminal using near field communication (NFC) (See Ortiz: Para. [0065] – “At 1110, at the bottom of FIG. 1, the same or another purchaser device 102, 202 is used to participate in a purchase or other transaction at a vendor or merchant point-of-sale (POS) device 114, such as an NFC (near-field communication) enabled device and/or card reader(s) 115”), 
wherein the mobile computing device includes an embedded secure element (eSE) (See Ortiz: Para. [0064] – “In the storage embodiment shown at 100A, a secure element 116 comprising purchaser financial data, which can for example include account and/or pre-authorized payment information (e.g., a secure payment token) is securely stored in persistent memory on the purchaser device 102”), 
wherein the private key is stored in the eSE (See Ortiz: Para. [0074] – “A secure element can, for example, comprise encrypted hardware (e.g., a suitably-configured SIM card), public/private keys and other cryptographic elements, and suitable communications devices for communication,”), and 
wherein a credit payment function of the mobile computing device is enabled by using the eSE (See Ortiz: Para. [0064] – “In the storage embodiment shown at 100A, a secure element 116 comprising purchaser financial data, which can for example include account and/or pre-authorized payment information (e.g., a secure payment token) is securely stored in persistent memory on the purchaser device 102” – The secure element of Ortiz provides payment account information which enables transaction functionality including credit payments); 

generating, by the POS terminal, payment information including a payment amount based on the payment request (See Ortiz: Para. [0140] – “To effect payment, the merchant POS device 114, may transmit purchase information or data to the customer mobile device 202 over the NFC or other communication link 510. Such transmitted information may include, at a minimum, a total payment amount owing.” – Ortiz discloses a merchant POS device sending payment information to a customer mobile device. For such a transmission to occur, said payment information must first be generated by the merchant POS device 114); 
sending, by the POS terminal, the payment information to the mobile computing device (See Ortiz: Para. [0162] – “To effect payment, the merchant POS device 114, may transmit purchase information or data to the customer mobile device 202 over the NFC or other communication link 510. Such transmitted information may include, at a minimum, a total payment amount owing.”); 
receiving, by the POS terminal, a payment authorization encrypted by the private key based on asymmetric encryption from the mobile computing device (See Ortiz: Para. [0163] – “The secure element 116 may then generate and transmit any required secure communications packages for transmission to the POS 114 and/or remote FI device(s) 110 to effect payment using selected currency, loyalty, and/or other account(s), using, for example, suitably-formatted cryptogram(s)”, See Ortiz: Para. [0074] – “A secure element can, for example, comprise encrypted hardware (e.g., a suitably-configured SIM card), public/private keys and other cryptographic elements, and ; 
using, by the POS terminal, the public key corresponding to the private key to verify the payment authorization (See Ortiz: Para. [0164] – “The secure cryptogram may then be passed from the merchant POS to an acquirer or other transaction processor 112 and then to one or more associated payment processors 420, such as one or more FI systems 110, for verification or other adjudication. For example, the receiving financial institution 110 may be equipped with software or other application program for decoding the secure cryptogram and extracting the payment instructions encoded within.” – Ortiz discloses a POS terminal verifying a payment authorization cryptogram by passing the cryptogram to a payment processor which verifies the cryptogram based on the contained credentials. As the cryptogram has been previously disclosed to contain private/public key encryption protocols, it is understood by one of ordinary skill in the art that the method by which one verifies information encrypted using a private key is using the corresponding public key); 

Ortiz fails to explicitly disclose:
the transaction being performed offline
wherein a private key and a public key corresponding to the private key are generated by using the eSE,
in response to successfully verifying the payment authorization, generating, by the POS terminal, an offline transaction log for collecting a payment according to the payment amount, wherein the offline transaction log includes the payment amount; and 
transmitting, by the POS terminal, the offline transaction log to a server in a credit authorization system managing payment transactions, wherein the payment amount is deducted from the user account to an account associated with the POS terminal based on the offline transaction log.

However, in a similar field of endeavor, Khan discloses:
wherein a private key and a public key corresponding to the private key are generated by using the eSE (See Khan: Para. [0005] – “The electronic device may also include a secure element that generates on the secure element a secure element public key and a secure element private key”),

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to substitute the embedded secure element capable of generating and storing a private key and a public key of Khan for the embedded secure element of Ortiz capable of storing a private key and public key in order to increase the overall security of the system by generating the cryptography credentials within the eSE rather than outside the eSE where the credentials are more vulnerable to malicious intent/manipulation. 

However, the combination of Ortiz and Khan fails to explicitly disclose:
the transaction being performed offline
in response to successfully verifying the payment authorization, generating, by the POS terminal, an offline transaction log for collecting a payment according to the payment amount, wherein the offline transaction log includes the payment amount; and 
transmitting, by the POS terminal, the offline transaction log to a server in a credit authorization system managing payment transactions, wherein the payment amount is deducted from the user account to an account associated with the POS terminal based on the offline transaction log.

Hamilton discloses:
the transaction being performed offline (See Hamilton: Fig. 3 – Step 306 – Hamilton discloses performing multiple offline transactions)
generating, by the POS terminal, an offline transaction log for collecting a payment according to the payment amount, wherein the offline transaction log includes the payment amount (See Hamilton: Para. [0019] - “If the transaction can be performed offline, then the ATM performs the transaction offline and logs the transaction” – Hamilton discloses recording a newly generated transaction log entry for each transaction performed); and 

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to substitute the offline transaction process disclosed by Hamilton for the standard transaction process disclosed by the combination of Ortiz and Khan in order to increase the robustness of the invention by allowing transactions to occur while the system is unable to connect to the internet. Additionally, it would have been obvious to one of ordinary skill in the art to apply the transaction log recording functionality of Hamilton to the end of the transaction process disclosed by the combination of Ortiz and Khan in order to increase the overall security of the system by recording a ledger which could be used for future comparison/risk mitigation techniques.

However, the combination of Ortiz, Khan, and Hamilton fails to explicitly disclose:
transmitting, by the POS terminal, the offline transaction log to a server in a credit authorization system managing payment transactions, wherein the payment amount is deducted from the user account to an account associated with the POS terminal based on the offline transaction log.

However, in a similar field of endeavor, Iijima discloses:
transmitting, by the POS terminal, the offline transaction log to a server in a system managing payment transactions, wherein the transactions are settled (See Iijima: Para. [0159] – “Further, the server controller 11 holds POS settlement management information. The server controller 11 performs a settlement process based on the transaction log information of the POS terminal apparatus 12 according to the given POS settlement management information”, See Iijima: Para. [0065] – “The server controller 11 performs the settlement process by accessing the POS terminal 12 according to the POS settlement management information 156” – Iijima discloses a POS terminal transmitting a transaction log to a separate system to be processed and settled which encompasses the process of moving funds from a payer account to a payee account).

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date to apply the transaction log settlement functionality disclosed by IIjima to process and settle the transactions present in the offline transaction log disclosed by the combination of Ortiz, Khan, and Hamilton in order to increase the robustness of the system by automating the settlement process and allowing for settlement to be performed at regular time intervals.

In regards to Claims 4, 11, and 18, the combination of Ortiz, Khan, Hamilton, and Iijima discloses:
The computer-implemented method of claim 1, wherein the offline transaction log includes at least one of, a payment log generation time, a payment collection device ID, a payment card number, an available balance, or a TAC, (See Iijima: Para. [0005] – “Each of the POS terminal apparatuses stores information such as a scan-input merchandise code, a sales amount, time, customer information and the like as transaction log information for each transaction”).

In regards to Claim 5, 12, and 19 the combination of Ortiz, Khan, Hamilton, and Iijima discloses:
The computer-implemented method of claim 1, wherein the offline payment request includes at least one of a payment account identifier, available balance of the payment account, a service entrance registration, or a service exit registration (See Ortiz: Para. [0064] – “For example, at 1002, a purchaser device such as a smart (or chip) card, or a mobile computing/communications device (PDA) such as a smart phone, tablet, or laptop computer, or networked processor such as a desktop computer, can be used to create, access, and/or otherwise process securely-stored data related to one or more purchaser accounts. In the storage embodiment shown at 100A, a secure element 116 comprising purchaser financial data, which can for example include account and/or pre-authorized payment information (e.g., a secure payment token) is securely stored in persistent memory on the purchaser device 102.”).

Claim 2, 9, and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ortiz, in view of Khan, in further view of Hamilton, Iijima and Yang (US 20150254637 A1).

In regards to Claims 2, 9, and 16, the combination of Ortiz, Khan, Hamilton, and Iijima discloses the method of claim 1 but fails to explicitly teach:
wherein the payment authorization includes the payment information encrypted by the private key and a transaction authentication code (TAC).

However, in a similar field of endeavor, Yang discloses:
wherein the payment authorization includes the payment information encrypted by the private key and a transaction authentication code (TAC) (See Yang: Para. [0064] – “the payment card 22 generates a transaction authentication code (TAC) based on the to-be-authenticated data .

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date to use the TAC of Yang in addition to the encryption protocols of the transaction system of the combination of Ortiz, Khan, Hamilton, and Iijima in order to increase the security of the system by including additional security measures through the use of a TAC.

Claim 3, 10, and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ortiz, in view of Khan, in further view of Hamilton, Iijima, Yang, and Rogers et al. (US 20140372743 A1)

In regards to Claim 3, 10 and 17, the combination of Ortiz, Khan, Hamilton, Iijima, and Yang discloses the method of claim 2 but fails to explicitly disclose:
the TAC is generated based on the payment information and the offline payment request by using a TAC sub-key that is pre-generated and stored on the eSE. 

However, in a similar field of endeavor, Rogers discloses:
the TAC is generated based on the payment information and the payment request by using a TAC sub-key that is pre-generated and stored on the eSE (See Rogers: Para. [0066] – “In order to address the problem of another device attempting to spoof the identity, there may be an identity having a private key associated with it (e.g., embedded in a secure element) so that it is not possible for another device to impersonate that identity.”).

Therefore, it would have been obvious to one of ordinary skill at the time of the effective filing date to substitute the TAC generated using an associated private sub-key disclosed by Rogers Ortiz, Khan, Hamilton, Iijima, and Yang in order to increase the overall security of the system by adding additional layers of security through the use of a security protocol for TAC generation.

Claim 6, 13, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fisher in view of Ortiz, Khan, Hamilton, Iijima, and Mobini (US 20150149365 A1).

In regards to Claims 6, 13, and 20 the combination of Ortiz, Khan, Hamilton, and Iijima discloses the method of claim 1 but fails to explicitly teach:
wherein the payment information includes the payment amount and at least one of a date and time of the payment request, a service entrance registration, a service exit registration, or station information associated with the payment request.

However, in a similar field of endeavor, Mobini teaches:
wherein the payment information includes the payment amount and at least one of a date and time of the payment request, a service entrance registration, a service exit registration, or station information associated with the payment request (See Mobini: Para. [0179] – “the first merchant system stores the first transaction. For example, the first merchant system stores the date, time, the total amount for the first transaction, identifying information for the user, account information for the payment card, etc.”).

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date to use the date and time logging method of Mobini in the transaction log generation method of the combination of Ortiz, Khan, Hamilton, and Iijima in order to improve the security of the issue by ensuring that transaction are legitimate based on time stamp analysis.

Claims 7 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ortiz in view of Khan in further view of Hamilton, Iijima and Karpenko et al. (US 20150052064 A1)

In regards to Claims 7 and 14, the combination of Ortiz, Khan, Hamilton, and Iijima discloses the method of claim 1 but fails to explicitly teach:
further comprising: sending a public key certificate request to the mobile computing device to retrieve a public key certificate after receiving the offline payment request; receiving the public key certificate from the mobile computing device; and using a credit authorization public key stored on a payment collection device to retrieve a public key from the public key certificate before generating the payment information.

However, in a similar field of endeavor, Karpenko teaches:
further comprising: sending a public key certificate request to the mobile computing device to retrieve a public key certificate after receiving the offline payment request; receiving the public key certificate from the mobile computing device; and using a credit authorization public key stored on a payment collection device to retrieve a public key from the public key certificate before generating the payment information (See Karpenko: Para. [0027] – “Accordingly, if the merchant application is validated, the mobile payment application may extract the public key from the merchant certificate and may use the public key to encrypt sensitive payment information (e.g., payment credentials (e.g., primary account number (PAN), token, expiration date, etc.), dynamic verification value, transaction amount, etc.) for delivery to a merchant computer 130 for remote transaction processing. The use of the merchant public key prevents unscrupulous applications or devices from gaining access to the sensitive data, since the payment information is unreadable without the corresponding validated transaction processor .

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date to apply the public key certificate validation method disclosed by Karpenko to the payment information generation method of the combination of Ortiz, Khan, Hamilton, and Iijima in order to improve the security of the system by using additional encryption technology to obfuscate transmitted data.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS K PHAN whose telephone number is (571)272-6748.  The examiner can normally be reached on M-F 8 am-5 pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 571-270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-






/NICHOLAS K PHAN/Examiner, Art Unit 3685     

/JAY HUANG/Primary Examiner, Art Unit 3685