DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claim1-5, 7-9, 21-29 objected to because of informalities. The claims recite non-common acronyms throughout such as ESVA, ESVB, and LDB. The examiner prefers that Applicant replace the acronyms with their names as to more-easily form those of ordinary skill in the art what Applicant claims. Appropriate correction is required.
Drawings
The drawings are objected to under 37 CFR 1.83(a) because:
Paragraph [0080] of the specification describes FIG. 1 as an illustration of exemplary system 1000. FIG. 1 does not, however, include a depiction of unit 1000. Accordingly, the examiner recommends FIG. 1 be amended to include unit 1000 as pointing to the system at large.
Also, in paragraph [0080], presumably in connection with FIG. 1, applicant references "the plurality of vending terminals 10 5 0," but Applicant does not callout unit 1050 in FIG. 1. Unit 1050 is only shown in FIGs. 5 and 9.
Paragraph [0082] discusses figures 3 and 4. However, neither figures 3 or 4 include the value, as marked by unit 1400, nor the epoch starting value, as marked by unit 1140.
Any structural detail that is essential for a proper understanding of the disclosed invention should be shown in the drawing. MPEP § 608. 02( d). The examiner suggests Applicant correct the above-described objections and double check through the remaining drawings for any further corrections. Corrected drawing sheets in compliance with 37 CFR 1.121 ( d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as "amended." If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either "Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121( d). If the changes are not accepted by the examiner, the applicant will be notified and 
Specification
The disclosure is objected to for the reasons described with respect to the drawings.
Appropriate correction is required.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-30 provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-15 of copending Application No. 16/362,554 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other.
At the heart of both applications, and at a high level, is a system for allowing a user to purchase and store credits on a mobile user device, or on a server database connected to the user device, so the user, using those credits, can purchase items or services from a vending machine. Both the ’554 application and the current application teach sending to a user’s device data packages that represent a starting balance, where the data packages are cross encrypted. The only difference between the ’554 application and the current application is that the ’554 application includes some of the specifics of the vending machine and the server. For example, claim 1 of the ’554 application teaches that the servers are hosted remotely, claim 2 explains that the vending machine is “located where communications access is not possible,” and claim 3 teaches that “when payment has been received and authorized by a particular one of the plurality of vending terminals, it initiates the start or provision of the desired services, or the dispensing of goods.” As such, the difference between the current application and the ’554 application is that the ’554 applications sets forth some intended uses of the claimed invention. Accordingly, the claims are not different in a patentably distinct way. The Examiner will now address the double-patenting rejection claim-by-claim. 

Regarding Claim 1, claim 6 of the ’554 application teaches all the limitations. 
A system for offline mutual authentication for payment, the system comprising:
A user device, used by a user having a user account, and having a local database; Claim 6 of the ’554 application depends from claim 5, which depends from claim 1. Claim 1 discloses “a plurality of user devices used by users.” 
A vending terminal configured on a machine; Claim 6 of the ’554 application depends from claim 5, which depends from claim 1. Claim 1 discloses “a plurality of vending terminals.” 
a first package A of data, and a second package B of data; wherein the package A comprises epoch starting value A, which epoch starting value A is encrypted, and encryption key B; and the package B comprises epoch starting value B, which epoch starting value B is encrypted, and encryption key A; and wherein epoch starting value A and epoch starting value B contain the same value of epoch starting value; Claim 6 depends from claim 5 of the ’554 application, and claim 5 discloses “the collection server operates to generate a first package A of data, and the user database server operates to generate a second package B of data; wherein the package A comprises epoch starting value A, which epoch starting value A is encrypted, and encryption key B; and the package B comprises epoch starting value B, which epoch starting value B is encrypted, and encryption key A; and wherein epoch starting value A and epoch starting value B contain the same value of epoch starting value.” 
wherein each of ESVA and ESVB are encrypted with different encryption algorithms, and encryption key A can decrypt ESVA in package A, and encryption key B can decrypt ESVB in package B, and wherein each package encryption algorithm set, for encrypting each of package A and package B, is unique to the account for each user; and wherein the first package A of data, and the second package B of data are stored on the user device; Claim 6 of the ’554 application discloses “wherein each of ESVA and ESVB are encrypted with different encryption algorithms, and encryption key A can decrypt ESVA in package A, and encryption key B can decrypt ESVB in package B, and wherein each package encryption 
and a user database server, configured to store transaction logs in a user database. Claim 6 of the ’554 application depends from claim 5, which depends from claim 1. Claim 1 discloses “a plurality of user devices used by users, which each have a local database which stores local database transaction logs.” 
However, the reference ‘554 application does not disclose and wherein the user device is configured to open package A and package B, and to decrypt package A with encryption Key A, and to decrypt package B with encryption key B, and to compare ESVA and ESVB.
Nonetheless, Maeng teaches:
and wherein the user device is configured to open package A and package B, and to decrypt package A with encryption Key A, and to decrypt package B with encryption key B, and to compare ESVA and ESVB; Maeng teaches that “(recipient) 13190 may receive the first packet via the first communication path 13080 and the second packet via the second communication path 13090 . . . [and] may decrypt the first encrypted unit 13100 included in the first packet using the first cryptographic key 13130 and may decrypt the second encrypted unit 13120 included in the second packet using second key 13110.” Maeng, col. 13, ll. 4–11. 
A person of ordinary skill in the art would have found the ’558 application and obvious variant over the ’554 application in that the only difference between claim 1 of Applicant’s ’558 and claim 6 of Applicant’s ’554 application is that claim 6 of the ’554 application does not disclose the user device decrypting the encryption values. However, a person of ordinary skill in the art would understand that, as both applications are obvious over combinations including Maeng, and that Maeng teaches sending cross-encrypted packages to be decrypted a user’s device, the ’558 application’s recitation of decrypting packages is an obvious variant over the ’554 application’s teaching that the user device does not decrypt the packages. Accordingly, the ’558 application’s claims 1 and 9 are rejected for double patenting over the ’554 application’s claim 6. 
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:


Claims 1 through 29 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. 
Claim 1
Claim 1 discloses a “system for offline mutual authentication for payment” and positively recites “a user device, . . . having a local database;” “a vending terminal configured on a machine;” and “a user database server.” The Examiner determines that these structural limitations, taken alone, do not specify the system beyond an extremely broad recitation of elements. Furthermore, claim 1 includes no indication how the various elements are connected. Accordingly, the Examiner is unable to determine what the prior art would need to teach in order to map the art to the limitations of claim 1. 
Claim 9
Claim 9 discloses a method but then recites the same system elements described in claim 1. Claim 9’s method, as written, includes certain steps performed by the user device but none actually performed by applicant’s claimed system: “wherein the user device opens package A and package B, and the user device decrypts package A with encryption Key A, and the user device decrypts package B with encryption key B, and the user device compares ESVA and ESVB.” Accordingly, the examiner is unable to fully discern what claim 9 is directed to, or at least the Examiner does not believe the Applicant has fully set forth in claim 9 what the invention is directed to. 
Claims 2 and 21
Claims 2 and 21 depend from claims 1 and 9 respectively but otherwise recite the same limitations.  Accordingly claim 2 is discussed as representative of claim 21. 

The system of claim 1, the system further comprising configuration of the user device to stop and return an error if the values of ESVA and ESVB do not match, and block authorizing any future transaction desired, until the error is resolved.
Claim 2 further limits claim 1 by adding a further functioning of the user device. Claim 2 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 2 and 21 are rejected under 35 U.S.C. § 112(b). 
Claims 3 and 22


The system of claim 1, the system further comprising configuration of the user device to, if the values of ESVA and ESVB do match, search a plurality of LOB transaction logs in the local database, sum the transactions in the LOB transaction logs, deduct the sum from the LOB transaction logs from the ESV, yielding a token value, and compare the token value with the value of a transaction desired.

Claim 3 further limits claim 1 by adding a further functioning of the user device. Claim 3 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 3 and 22 are rejected under 35 U.S.C. § 112(b). 

Claims 4 and 23
Claims 4 and 23 depend from claims 3 and 22 respectively but otherwise recite the same limitations.  Accordingly claim 4 is discussed as representative of claim 22. Claim 4 recites:


Claim 4 further limits claim 3 by adding a further functioning of the user device. Claim 4 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 4 and 23 are rejected under 35 U.S.C. § 112(b). 

Claims 5 and 24
Claims 5 and 24 depend from claims 4 and 23 respectively but, otherwise, recite the same limitations. Accordingly, claim 5 is discussed as representative of claim 24. 

The system of claim 4, in which logging a record of the transaction desired into the LOB transaction logs comprises adding to the LOB transaction logs at least the following information: a timestamp, a machine ID of the machine that was authorized, a vending terminal ID 
Claim 5 further limits claim 4 by adding a further functioning of the user device. Claim 5 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 5 and 24 are rejected under 35 U.S.C. § 112(b). 

Claims 6 and 27
Claims 6 and 27 depend from claims 3 and 22 respectively but otherwise recite the same claim language. Accordingly, claim 6 is discussed as representative of claim 27. Claim 6 recites:

The system of claim 3, the system further comprising configuration of the user device to, if the token value is less than the value of the transaction desired, not authorize the transaction desired, and the user device will display a "not authorized" screen.
Claim 6 further limits claim 3 by adding a further functioning of the user device. Claim 6 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 6 and 27 are rejected under 35 U.S.C. § 112(b). 

Claims 7–8, 25, and 28


The system of claim 4, the system further comprising configuration of the user device to not store the available balance, and erase all decrypted values of ESV.
Claim 7 further limits claim 4 by adding a further functioning of the user device. Claim 7 does not overcome the 112(b) rejection set forth for claim 1. Accordingly, claims 7–8, 25, and 28 are rejected under 35 U.S.C. § 112(b). 

Claim 10
Claim 10 depends from claim 9 and recites: 

The method of Claim 9, the method further comprising the user device and the plurality of vending terminals engaging in the Advertising and Selection Module, in which:
each of the plurality of vending terminals is advertising its presence with a near-field communications protocol, which advertising comprises broadcasting a firmware ID; and

Claim 10 further limits claim 9 by adding a further functioning of the user device. Claim 10 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 10 is rejected under 35 U.S.C. § 112(b). 

Claim 11
Claim 11 depends from claim 10 and recites: 

The method of Claim 10, the method further comprising the user device, upon receiving a selection of a particular one of the plurality of vending terminals, or more than one of the plurality of vending terminals, sends the selection of the chosen one or more of the plurality of vending terminals.
Claim 11 further limits claim 10 by adding a further functioning of the user device. Claim 11 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 11 is rejected under 35 U.S.C. § 112(b). 

Claim 12
Claim 12 depends from claim 11 and further recites: 
The method of Claim 11, the method further comprising the user device and the first vending terminal engaging in the Exchange of Passcodes Module, in which:
the first vending terminal has stored on it at least three numbers: the firmware ID, a first 256-bit number, and a second 256-bit number; and
the user device takes the firmware ID as the salt, and the user device applies the first hash function, generating as the result the first passcode, and the user device then sends the first passcode to the first vending terminal;
and the first vending terminal compares the first passcode to the first 256-bit number.
Claim 12 further limits claim 11 by adding a further functioning of the user device. Claim 12 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 12 is rejected under 35 U.S.C. § 112(b). 

Claim 13


The method of Claim 12, wherein if the first passcode and the first 256-bit number match, then the first vending terminal accepts that the user device has authenticated its identity.
Claim 13 further limits claim 12 by adding a further functioning of the user device. Claim 13 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 13 is rejected under 35 U.S.C. § 112(b). 

Claims 14, 16, and 20
Claims 14, 16, and 20 depend from 12, 15, and 18 respectively but otherwise recite the same limitations.  Accordingly claim 14 is discussed as representative of claims 16 and 20. Claim 14 recites:

The method of Claim 12, wherein if the first passcode and the first 256-bit number do not match, then the first vending terminal does not accept that the user device has authenticated its identity, and the first vending terminal will not proceed with a transaction.


Claim 15
Claim 15 depends from claim 13 and recites:

The method of Claim 13, wherein the first vending terminal sends the second 256-bit number to the user device, and the user device uses the firmware ID as the salt for the second hash function, generating a second passcode, and if the second passcode matches the second 256-bit number, then the user device can accept that the first vending terminal has authenticated its identity.
Claim 15 further limits claim 13 by adding a further functioning of the user device. Claim 15 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 15 is rejected under 35 U.S.C. § 112(b). 

Claim 17
Claim 17 depends from claim 15 and recites:


Claim 17 further limits claim 15 by adding a further functioning of the user device. Claim 17 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 17 is rejected under 35 U.S.C. § 112(b). 

Claim 18
Claim 18 depends from claim 16 and recites: 

The method of Claim 16, wherein the first vending terminal uses a third hash function, combining the user device ID and the session ID to generate a third passcode, and wherein the user device uses the same third hash function, combining the user device ID and the session ID to generate the same third passcode, and the user device sends the third passcode to the first vending terminal, and the first 
Claim 18 further limits claim 16 by adding a further functioning of the vending terminal, not the system. Claim 18 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 18 is rejected under 35 U.S.C. § 112(b). 

Claim 19
Claim 19 depends from claim 18 and recites:
The method of Claim 18, wherein if the copies of the third passcode match, then the first vending terminal authorizes the transaction desired, and the user device presents a confirmation screen and receives input from the user with the user's selection of a good or service to be vended.
Claim 19 further limits claim 18 by adding a further functioning of the user device and the vending terminal, but not Applicant’s system. Claim 19 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claim 13 is rejected under 35 U.S.C. § 112(b). 


Claims 26 and 29


The method of Claim 25, the method further comprising the user device communicating with a user database server to upload all records of past transactions stored in the LOB transaction logs that have not been marked as already uploaded to the user database server, and wherein the not-previously-uploaded LOB transaction logs are stored in the transaction logs in the user database on the user database server; and upon upload of the not-previously uploaded LOB transaction logs, the user device marks all of the not-previously uploaded LOB transaction logs as having been uploaded to the user database server.
Claim 26 further limits claim 25 by adding a further functioning of the user device. Claim 26 does not overcome the 112(b) rejection set forth for claim 9. Accordingly, claims 26 and 29 are rejected under 35 U.S.C. § 112(b). 

For the reasons just described, claims 1 through 29 are rejected under 35 U.S.C. § 112(b) for indefiniteness. 


Claims 10, 12, and 17 are rejected for lack of antecedent basis
Claim 10 recites the limitation "the Advertising and Selection Module." There is insufficient antecedent basis for this limitation in the claim. Claim 12 recites the limitation "the Exchange of Passcodes Module." There is insufficient antecedent basis for this limitation in the claim. Claim 17 recites the limitation "the Establishing a Session Module." There is insufficient antecedent basis for this limitation in the claim.
Claims 7, 8, 25, and 28 are further rejected under 35 U.S.C. 112(b) for lack of clarity.
Claims 7-8, 25, and 28 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 7, 8, 25, and 28 depend from 4, 6, 23, and 27, but otherwise recite the same language.  Accordingly, the examiner addresses claim 7 as representative of claims 8, 25, and 28. Claim 7 recites: 

Claim 4 depends from claim 3, which depends from claim 1. Accordingly, claim 7 includes all the limitations of claims 4, 3, and 1. As such claim 7 further teaches decrypting packages to compare their data, the ESV, “deduct[ing] the sum from the LOB transaction logs from the ESV, yielding a token value,” see claim 3, and comparing the token value to “the value of the transaction desired. See claim 4. So essentially, claim 7 recites storing balance information, including a token representing the balance, to effect transactions while also “not stor[ing] the available balance, and eras[ing] all decrypted values of ESV.” While a device may be operative to delete data that was at one time stored, Applicant’s claim is written in such a way to convey to one of ordinary skill in the art that the available balance is not (never) stored. Thus, the examiner determines that claim 7, as well as claims 8, 25, and 28 lacks clarity. 
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.



Claims 1-30 rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 
The claim(s) recite(s) a mental process, a judicial exception. This judicial exception is not integrated into a practical application because the claims merely perform the judicial exception on a computer system and do not affect or solve a technological problem. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because when considered individually and in combination simply affect the judicial exception on a computer environment. The examiner addresses each of the claims in turn, with some addressed together. 

Claims 1 and 9
Claims 1 and 9 are two of Applicant’s independent claims. Claim 1 is directed to a system and claim 9 a method, but otherwise both claims recite essentially the same limitations. Accordingly, the examiner addresses claim 1 as representative of claim 9. 

A system for offline mutual authentication for payment, the system comprising:
a first package A of data, and a second package B of data; wherein the package A comprises epoch starting value A, which epoch starting value A is encrypted, and encryption key B; and the package B comprises epoch starting value B, which epoch starting value B is encrypted, and encryption key A; and wherein epoch starting value A and epoch starting value B contain the same value of epoch starting value; and 
wherein each of ESVA and ESVB are encrypted with different encryption algorithms, and encryption key A can decrypt ESVA in package A, and encryption key B can decrypt ESVB in package B, and wherein each package encryption algorithm set, for encrypting each of package A and package B, is unique to the account for each user; and wherein the first package A of data, and the second package B of data are stored on the user device;
and wherein the user device is configured to open package A and package B, and to decrypt package A with encryption Key A, and to decrypt package B with encryption key B, and to compare ESVA and ESVB;
. . . store transaction logs in a user database.

Claim 1 recites a mental process. Claim 1 recites encrypting packages of data, opening packages of data, and storing transaction logs. These are 
Apart from claim 1’s limitations directed to the judicial exception, Applicant’s claim 1 further recites the additional elements: a user device having a local database, a vending terminal configured on a machine, and a user database. These additional limitations do not, however, integrate applicant’s invention into a practical application. Applicant’s claim 1 includes these additional elements to perform the mental process on a system across a vending machine a user’s device. Applicant’s claim 1 does not affect or solve a problem associated with the functioning of the recited technology.
When considered individually and as an ordered combination, the additional elements do not demonstrate an inventive concept sufficient to transform the judicial exception into a patentable invention. When considered individually, applicant’s additional elements perform their native functions, communicating and performing data manipulation. In combination, Applicant’s claim 1 is directed to the judicial exception performed in a technological environment. 
Thus, for the reasons just described, Applicant’s claims 1 and 9 are rejected under 35 U.S.C. § 101. 

Claims 2 and 21
Claims 2 and 21 depend from claims 1 and 9 respectively but otherwise recite the same limitations.  Accordingly claim 2 is discussed as representative of claim 21. 

The system of claim 1, the system further comprising configuration of the user device to stop and return an error if the values of ESVA and ESVB do not match, and block authorizing any future transaction desired, until the error is resolved.

Claim 2 further adds a steps for determining if two values match. This too is a determination a human could make mentally and is therefore an abstract idea. Claim 2 recites no further additional elements. Accordingly for the reasons discussed above with respect to claims 1 and 9, claims 2 and 21 are rejected under 35 U.S.C. § 101. 

Claims 3 and 22
Claims 3 and 22 depend from claims 2 and 9 respectively but otherwise disclose the same limitations. Accordingly, the examiner addresses claim 3 as representative of claim 22. Claim 3 recites: 

The system of claim 1, the system further comprising configuration of the user device to, if the values of ESVA and ESVB do match, search a plurality of LOB transaction logs in the local database, sum the transactions in the LOB transaction logs, deduct the sum from the LOB transaction logs from the ESV, yielding a token value, and compare the token value with the value of a transaction desired.

Claim 3 further adds steps for searching through transaction logs, summing transaction logs, and subtracting the transaction logs from a value to yield a new value. These are steps a human could perform mentally or with pen and paper. Accordingly claim 3 recites an abstract idea. Claim 3 includes no other additional limitations.  Thus, for reasons set forth with respect to claim 1, claims 3 and 22 are rejected under 35 U.S.C. 101. 

Claims 4 and 23
Claims 4 and 23 depend from claims 3 and 22 respectively but otherwise recite the same limitations.  Accordingly claim 4 is discussed as representative of claim 22. Claim 4 recites:



Claim 4 adds steps for comparing values, indicating a confirmation, and recording a transaction in a transaction log. These steps are steps a human can perform mentally or with pen and paper.  Accordingly, claim 4 recites a mental process.  Apart from the claim elements reciting the abstract idea, claim 4 additionally recites a display screen. Applicant’s inclusion of the display screen does not, however, transform the abstract idea into a patentable invention. The use of the screen caries out the abstract idea, and when considered individually and in combination does not solve a technological problem. Thus claims 4 and 23 are rejected under 35 U.S.C. § 101.  

Claims 5 and 24



The system of claim 4, in which logging a record of the transaction desired into the LOB transaction logs comprises adding to the LOB transaction logs at least the following information: a timestamp, a machine ID of the machine that was authorized, a vending terminal ID of the vending terminal that was used, and the price of the transaction desired that was authorized.

Claim 5 further defines the step of recording a transaction in a transaction log, as recited in claim 4. As such, claim 5 further defines the abstract idea. Claim 5 does not recite any additional elements. Accordingly, claims 5 and 24 are rejected under 35 U.S.C. § 101. 

Claims 6 and 27
Claims 6 and 27 depend from claims 3 and 22 respectively but otherwise recite the same claim language. Accordingly, claim 6 is discussed as representative of claim 27. Claim 6 recites:

The system of claim 3, the system further comprising configuration of the user device to, if the token value is less than the value of the transaction desired, not authorize the transaction desired, and the user device will display a "not authorized" screen.

Claim 6 recites the same, but opposite, steps added in claim 4. Accordingly, for the reasons set forth with respect to claim 4, claims 6 and 27 is rejected under 35 U.S.C. § 101. 

Claims 7–8, 25, and 28
Claims 7–8, 25, and 28 depend from claims 4, 6, 23, and 27 respectively but otherwise disclose the same limitations. Accordingly, claim 7 is discussed as representative of claims 8, 25, and 28. Claim 7 recites: 

The system of claim 4, the system further comprising configuration of the user device to not store the available balance, and erase all decrypted values of ESV.


Claim 10
Claim 10 depends from claim 9 and recites: 

The method of Claim 9, the method further comprising the user device and the plurality of vending terminals engaging in the Advertising and Selection Module, in which:
each of the plurality of vending terminals is advertising its presence with a near-field communications protocol, which advertising comprises broadcasting a firmware ID; and
when a user device is in range of the communications protocol of a first vending terminal, or of more than one of the plurality of vending terminals, the user device receives the firmware ID and displays to the user a choice of all of the available ones of the plurality of vending terminals.

Claim 10 adds steps for broadcasting to a user various selections and allowing the user to select among the options. Allowing a user to select among options from which to purchase is a commercial activity, which is a method of organizing human activity, an abstract idea. 

	When considered individually and in combination, the limitations and elements of claim 10 do not transform the judicial exception into a patentable invention. Individually, the additional elements operations native to their design, communicating information and selecting information. As an ordered combination, the claims merely employ a user device and a near-field communications protocol to affect the judicial exception onto a user’s phone. The claim as a whole does not solve a technological problem. 
	Thus, for the reasons just discussed, applicant’s claim 10 is rejected under 35 U.S.C. § 101. 

Claim 11
Claim 11 depends from claim 10 and recites: 



Claim 11 reiterates the selection step set forth in claim 10. Accordingly claim 11 recites the same abstract idea and does not recite any further additional elements. Accordingly, for the same reasons as set forth with respect to claim 10, claim 11 is rejected under 35 U.S.C. § 101. 

Claim 12
Claim 12 depends from claim 11 and further recites: 
The method of Claim 11, the method further comprising the user device and the first vending terminal engaging in the Exchange of Passcodes Module, in which:
the first vending terminal has stored on it at least three numbers: the firmware ID, a first 256-bit number, and a second 256-bit number; and
the user device takes the firmware ID as the salt, and the user device applies the first hash function, generating as the result the first passcode, and the user device then sends the first passcode to the first vending terminal;
and the first vending terminal compares the first passcode to the first 256-bit number.

Claim 12 adds steps for sending and matching passcodes. Sending and matching passcodes is something humans have historically done with pen and paper. Accordingly, claim 12 recites an abstract idea, a judicial exception. Claim 12 additional recites the user device and vending terminal, but these limitations serve to carry out the abstract idea on a computerized system. The additional limitations do not solve a technological problem and, when considered individually and in combination, amount to the abstract idea itself. Accordingly, claim 12 is rejected under 35 U.S.C. § 101. 

Claim 13
Claim 13 depends from claim 12 and recites: 



Claim 13 further defines the abstract idea set forth in claim 12 and adds no additional elements. Accordingly, for the same reason set forth in claim 12, claim 13 is rejected under 35 U.S.C. § 101. 

Claims 14, 16, and 20
Claims 14, 16, and 20 depend from 12, 15, and 18 respectively but otherwise recite the same limitations.  Accordingly claim 14 is discussed as representative of claims 16 and 20. Claim 14 recites:

The method of Claim 12, wherein if the first passcode and the first 256-bit number do not match, then the first vending terminal does not accept that the user device has authenticated its identity, and the first vending terminal will not proceed with a transaction.


Claim 15
Claim 15 depends from claim 13 and recites:

The method of Claim 13, wherein the first vending terminal sends the second 256-bit number to the user device, and the user device uses the firmware ID as the salt for the second hash function, generating a second passcode, and if the second passcode matches the second 256-bit number, then the user device can accept that the first vending terminal has authenticated its identity.

Claim 15 recites the same abstract idea as for claim 12 and adds no additional elements. Accordingly, for the same reason set forth for claim 12, claim 15 is rejected under 35 U.S.C. § 101. 

Claim 17
Claim 17 depends from claim 15 and recites:



Claim 17 recites the abstract idea of establishing a mutual password. Humans have historically established mutual passwords mentally or using pen and paper. Accordingly, claim 17 recites an abstract idea. Claim 17 additionally recites user device and vending terminal. However, reciting these additional elements does not solve a technological problem and exists only to affect the abstract idea between a user device and a vending terminal. Thus claim 17 is rejected under 35 U.S.C. § 101. 
Claim 18
Claim 18 depends from claim 16 and recites: 

The method of Claim 16, wherein the first vending terminal uses a third hash function, combining the user device ID and the session ID to generate a third passcode, and wherein the user device uses the 

Claim 18 further defines the abstract set forth in claim 16, and so ultimately as set forth in claim 12. Claim 18 does not recite any additional elements. Accordingly, for the same reasons set forth for claim 12, claim 18 is rejected under 35 U.S.C. §101. 
Claim 19
Claim 19 depends from claim 18 and recites:
The method of Claim 18, wherein if the copies of the third passcode match, then the first vending terminal authorizes the transaction desired, and the user device presents a confirmation screen and receives input from the user with the user's selection of a good or service to be vended.

Claim 19 further defines the abstract set forth in claim 18, and so ultimately as set forth in claim 12. Claim 19 does not recite any additional elements. 

Claims 26 and 29
Claims 26 and 29 depend from claims 25 and 28 respectively but otherwise recite the same limitations. Accordingly, claim 26 is discussed as representative of claim 29. Claim 26 recites:

The method of Claim 25, the method further comprising the user device communicating with a user database server to upload all records of past transactions stored in the LOB transaction logs that have not been marked as already uploaded to the user database server, and wherein the not-previously-uploaded LOB transaction logs are stored in the transaction logs in the user database on the user database server; and upon upload of the not-previously uploaded LOB transaction logs, the user device marks all of the not-previously uploaded LOB transaction logs as having been uploaded to the user database server.


Apart from the limitations reciting the judicial exception, claim 26 includes the additional elements: user device, user database server, user database. These additional elements do not, however, transform the abstract idea into a practical application. The additional elements serve to perform the judicial exception in a computer, server environment. Their recitation does not affect the functioning of technology, nor do they exist to solve a technological problem. When considered individually and in combination, the additional elements do not amount to simply more than the abstract idea. Individually, the additional elements perform their native functioning, e.g., communicating, uploading, storing, etc. And when combined with the other elements of the claim, the additional elements simply perform the judicial exception across a user device and a server. Thus, claim 26 is rejected under 35 U.S.C. § 101.  
Claim 30
Claim 30 is an independent claim. Claim 30 recites:



Claim 30 recites “steps for . . . to communicate . . . ; and to store.” Communicating and storing are functions humans can perform, either mentally or with pen and paper, and accordingly constitute an abstract idea. Claim 30, thus, recites a judicial exception. 
Outside the judicial exception claim 30 recites additional elements: computer-readable instructions, non-transitory computer readable media, user device, local database, vending terminals, Advertising and Selection Module, Exchange of Passcodes Module, and Establishing a Session Module. These 
When considered individually and in combination the additional elements do not transform the claim such that it amounts to significantly more. Individually, the additional elements perform their native function. For example, the computer-readable instructions carry out computer instructions, the non-transitory computer readable media stores the instructions, the user device communicates, the local database stores data, and the vending terminals communicate. The additional elements Advertising and Selection Module, Exchange of Passcodes Module, and Establishing a Session Module are well-understood, routine, and conventional functions associated with legacy technologies such as Bluetooth. 
In the specification, the Applicant explains that “engaging in the Advertising and Selection Module” means that: 
each of the plurality of vending terminals is advertising its presence with a near-field communications protocol, which advertising comprises broadcasting a firmware ID; and when a user device is in range of the communications protocol of a first vending terminal, or of more than one of the plurality of vending terminals, the user device 
Spec., [0029]. This is how Bluetooth triggers a pairing. See, e.g., Bluetooth Low Energy, Wikipedia (citing Bluetooth, Technical Information (archived Feb. 14, 2014) (“BLE devices are detected through a procedure based on broadcasting advertising packets.”); see also generally How to Connect a Speaker to Your iPhone with Bluetooth, WikiHow (archived Apr. 25, 2018). Bluetooth is a widely adopted standard essential patent. See Patricia McDermott-Wells, What is Bluetooth, IEEE Xplore 33, Jan. 2005 (“Bluetooth is a standard for short range, low power, low cost wireless communication . . . originally envisioned . . . in 2004, [and] . . . becoming widespread in numerous types of devices. . . . Bluetooth Specification, is now an IEEE standard under the denomination of 802.15 WPANs.”). Accordingly, the Examiner determines that the functioning of Applicant’s Advertising and Selection Module performs well-understood, routine, and conventional functions covered by the well-known and widely adopted Bluetooth technology. 
In the specification, the Applicant explains that the Exchange of Passcodes module “allows the user device 1030 and the one or more relevant vending terminals to establish trust of each other.” Spec., [0090]. The specification explains that the Exchange of Passcodes module triggers the user device to take and hash See Bluetooth, Bluetooth Interface Flows for Bluetooth Secure Simple Pairing Devices 8.2.2 (Sep. 13, 2007) (describing the “numeric comparison” task flow). 
In the specification, the Applicant explains that the Establishing a Session Module causes the user device to send a unique user ID to the vending terminal whereupon the vending terminal generates a session ID and hashes a combination of the user ID and the session ID to generate a third passcode to be verified by the user device. Spec., [0036–37]. Applicant’s Establishing a Session Module is another layer of password exchange. As such, Applicant’s Establishing a Session Module performs functions well-understood, routinely, and conventionally performed by Bluetooth. See Bluetooth, Bluetooth Interface Flows for Bluetooth Secure Simple Pairing Devices 8.2.2 (Sep. 13, 2007) (describing the “numeric comparison” task flow).
Considering the additional elements, as well as Applicant’s three modules, together with the abstract idea, the Examiner determines that Applicant’s claim 30 merely applies the abstract using technology. Accordingly, the Examiner determines that the limitations of claim 30 do not represent an inventive concept. 



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-6, 9, 20-24, 26-27, and 29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Aabye and further in view of Maeng and Suelberg.
Claim 1 and 9
Regarding claim 1, Aabye teaches the following limitations: 
a user device, used by a user having a user account, and having a local database. Aabye teaches a portable consumer device, which “can include a memory element such as a flash memory, and a communications element such as an antenna.” Aabye teaches that the portable consumer device “may include smart cards, payment cards, keychain devices . . . . wireless phones, personal digital assistants (PDAs), pagers, transponders, and the like. . . . debit devices . . . , credit devices . . . , or stored value devices.”  Aabye, [0079]. 
Epoch starting value A, . . . Epoch starting value B, . . . value of epoch starting value. Aabye discloses loading a portable consumer device with a replacement value, a limit amount. Aabye, [0073]. Aabye discloses an accumulator record and a shadow record, which are compared to each other. Aabye, [0073] (“[T]he issuer can compare the value of the accumulator record on the portable consumer device with the value of the shadow accumulator record. If the values are the same, then . . . the issuer can add the funds to the portable consumer device in step 504.”). 
A user database server, configured to store transaction logs in a user database. Aabye teaches that the portable consumer device “contains at least two separate records—a ‘limit amount’ and an ‘accumulator record.’” Aabye, [0018]. Aabye additionally teaches that “in some embodiments, a shadow copy of the data on the portable consumer device can be stored remotely (e.g., in a server or other networked storage database).” Aabye, [0095]. 

Aabye teaches the limitations of applicant’s claim 1 directed to the epoch starting value and the user database server configured to store transaction logs. Aabye does not, however, teach the limitations of Applicant’s claim 1 directed to the encryption steps; specifically, Aabye does not teach “a first package A of data, and a second package B of data; wherein the package A comprises . . . value A, which . . . value A is encrypted, and encryption key B; and the package B comprises . . . value B, which . . . value B is encrypted, and encryption key A,” “wherein each of ESVA and ESVB are encrypted with different encryption algorithms, and encryption key A can decrypt ESVA in package A, and encryption key B can decrypt ESVB in package B, and wherein each package encryption algorithm set, for encrypting each of package A and package B, is unique to the account for each user,” “wherein the first package A of data, and the second package B of data are stored on the user device;” and “wherein the user device opens package A and package B, and the user device decrypts package A with encryption Key A, and the user device decrypts package B with encryption key B, and the user device compares ESVA and ESVB.” But a second reference Maeng discloses these limitations. 
In the first instance, Maeng teaches “a first package A of data, and a second package B of data; wherein the package A comprises . . . value A, which . . . value A is encrypted, and encryption key B; and the package B comprises . . . value B, which . . . value B is encrypted, and encryption key A.” Maeng discloses a mobile wallet operable to produce two packets of data. Maeng, col. 12, ll. 48–52 (“The first mobile wallet 13180 may produce a first packet by combining the first encrypted unit 13040 and the second key 13050 and may produce a second packet by combining the second encrypted unit 13060 and the first key 13070.”). Maeng’s mobile wallet creates a first packet of data by combining a first encrypted unit—a first transaction unit encrypted with a first key—with a second key. Maeng, col. 12, ll. 43–45, 48–50. Maeng’s mobile wallet also creates a second packet of data by combining a second encrypted unit—a second transaction unit encrypted with a second key—with a first key. Maeng, col. 12, ll. 46–48, 50–52. 
In the second instance, Maeng teaches “wherein each of ESVA and ESVB are encrypted with different encryption algorithms, and encryption key A can decrypt ESVA in package A, and encryption key B can decrypt ESVB in package B, and wherein each package encryption algorithm set, for encrypting each of package A and package B, is unique to the account for each user.” Maeng teaches sending the first and second data packets to a mobile wallet that “may decrypt the first encrypted unit 13100 included in the first packet using the first cryptographic key 13130 and may decrypt the second encrypted unit 13120 included in the second packet using second key 13110.” Maeng, col. 13, ll. 1–11. Albeit not express that Maeng teaches that the encryption set is unique to the account for each user, Maeng contemplates employing digital certificates to support encryption keys such that the encryption is uniquely assigned to a user. See Maeng, col. 5, ll. 43–62 (“In some examples, the public key is passed to the MTA 2100 in the form of a digital certificate . . . A digital certificate typically includes the name and other identification information of the holder, the holder’s public key, the name of the CA, a serial number and a validity period.”). Accordingly, a person of ordinary skill in the art would recognize Maeng to suggest using personalized and certificate-back encryption technology that would be specific to a user’s account. Maeng also does not expressly disclose that its two data packets are encrypted with different encryption algorithms, but Maeng discloses many sample cryptographic has functions, such as “MD5, SHA-1, SHA-2, SHA-3, BLAKE, BLAKE2.” Maeng, Col, 11, ll. 43–44. Accordingly, one of ordinary skill in the art would have 
In the third instance, Maeng inherently teaches “wherein the first package A of data, and the second package B of data are stored on the user device.” Maeng teaches that “(recipient) 13190 may receive the first packet via the first communication path 13080 and the second packet via the second communication path 13090 . . . [and] may decrypt the first encrypted unit 13100 included in the first packet . . . and may decrypt the second encrypted unit 13120.” Maeng, col. 13, ll. 4–11. A person of ordinary skill in the art would recognize that in order to perform the decrypting functions taught by Maeng, Maeng’s recipient device must be operable to store the data packets, even if only temporarily. 
In the fourth instance, Maeng teaches “wherein the user device opens package A and package B, and the user device decrypts package A with encryption Key A, and the user device decrypts package B with encryption key B, and the user device compares ESVA and ESVB.” Again, Maeng teaches that “(recipient) 13190 may receive the first packet via the first communication path 13080 and the second packet via the second communication path 13090 . . . [and] may decrypt the first encrypted unit 13100 included in the first packet using the first cryptographic key 13130 and may decrypt the second encrypted unit 13120 included in the second packet using second key 13110.” Maeng, col. 13, ll. 4–11. Maeng further teaches “combin[ing] the first transaction unit 13140 and the second transaction unit 13150 into a transaction message 13160.” Maeng, col. 13, ll. 10–11. 
A person of ordinary skill in the art would have been motivated to combine the teachings of Aabye with Maeng to arrive at Applicant’s claim 1. Aabye teaches systems and methods for completing offline transactions. Aabye, [0003–05]. In order to complete offline transactions, Aabye generally loads a portable consumer device with value that can be spent offline. See, e.g., Aabye, [0029]. And in order to maintain an offline balance, Aabye’s portable consumer device “contains at least two separate records—a ‘limit amount’ and an ‘accumulator record.’” Aabye, [0018]. Aabye’s limit amount represents “the upper limit of the balance of the card,” and Aabye’s accumulator record “reflects all past transactions involving the prepaid card.” Aabye, [0018–19]. To actually load value on the card, the bank “raise[s] the limit amount . . . by the extra funds.” Aabye, [0022]. Aabye teaches 
Maeng, on the other hand, relates to secure digital communications and teaches a mobile wallet that can store, among other things, payment elements such as “transaction cards, financial information, discount coupons, gift cards, subway passes, movie tickets, and so on.” Maeng, col. 1, ll. 5–7, col. 2, ll. 18–19, 23–29. Maeng’s mobile wallet is operable to “transfer money to others, access bank accounts, collect discount coupons, submit subway passes and the like.” Maeng, col. 2, ll. 36–38. In an embodiment specific to Applicant’s claimed invention, Maeng teaches that one way of securely sending messages, including transaction messages, is to divide the message into a first and second transaction unit, encrypt both transaction units with different keys, and attach the keys to the opposite transaction unit. Maeng, col. 12, ll. 43–58.
A person of ordinary skill in the art would be motivated by security to combine the teachings of Aabye with Maeng. A person of ordinary skill in the art reading the teachings of Aabye and Maeng would recognize the benefit of loading a prepaid balance according to the teachings of Aabye and would further recognize the benefit of employing the security teachings of Maeng. A person of ordinary skill in the art would recognize that as Aabye requires the issuer to send transaction 
A person of ordinary skill in the art would further understand that, because Maeng teaches a method of securely communicating, Maeng’s functioning could operate as a separate, independent step if combined with Aabye. In other words, a person of ordinary skill in the art would understand that just before Aabye’s bank communicates the new limit amount the communication, the information could be encrypted and organized according to the teachings of Maeng. A person of ordinary skill in the art would recognize that neither Maeng’s nor Aabye’s functioning would need to be changed in order to combine their respective teachings, and their combination could be accomplished through routine programming well within the skills of the ordinary artisan or programmer. 
Even when combined, neither Aabye nor Maeng teach the limitation “a vending terminal configured on a machine.” However, a third reference, Suelberg teaches the additional limitation.  Suelberg teaches a “[v]ending machine 110 [that] may also include a computer with a processor.” Suelberg, [0025]. A person of ordinary skill in the art would specify an intended use for the teachings of Suelberg with Maeng and Aabye as doing so would define a desired end result of Aabye and Maeng. Moreover a person of ordinary skill in the art would recognize that, because when combined Aabye and Maeng disclose a system for storing and 
For the reasons set forth above, a person of ordinary skill in the art, prior to filing the current application, would have found it obvious to combine the teachings of Aabye with Maeng and Suelberg to arrive at applicant’s claim 1. Accordingly, claim 1 is rejected under 35 U.S.C. § 103 as obvious over Aabye, Maeng, and Suelberg.  

Claims 2 and 21
Claims 2 and 21 depend from claims 1 and 9 respectively but otherwise recite the same limitations.  Accordingly claim 2 is discussed as representative of claim 21. Aabye teaches the following limitations of claim 2:

the system further comprising configuration of the user device to stop and return an error if the values of ESVA and ESVB do not match, and block authorizing any future transaction desired, until the error is resolved. Aabye teaches that the accumulator record, stored on the consumer device, and the shadow accumulator can be compared. Aabye, [0073]. Aabye explains that “[i]f the values are the same, then the records in the shadow account are up 

Aabye does not expressly teach “blocking and authorizing any future transaction,” but Aabye does explain that calculating the offline balance from multiple data records “makes the portable consumer device less accessible for fraudulent hacking (as two or more data records would need to be accessed and modified).”  Accordingly, a person of ordinary skill in the art would recognize that matching data records is important to protecting against fraudulent activity and would consider blocking or shutting down the transactions as a result of the detected fraud.
Aabye additionally differs from Applicant’s claim 2 in that, according to the teachings of Aabye, it is the issuer that compares records; specifically, the issuer compares the accumulator record with the shadow accumulator record. See Aabye, [0073]. Nevertheless, one of ordinary skill in the art would recognize that this functionality could be moved to user device—a change that one of ordinary skill in the art would recognize as requiring only routine programming well within the skillset of an ordinary programmer. 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s 

Claims 3 and 22
Claims 3 and 22 depend from claims 2 and 9 respectively but otherwise disclose the same limitations. Accordingly, the examiner addresses claim 3 as representative of claim 22. Abye teaches the limitations of claim 3.  

The system of claim 1, the system further comprising configuration of the user device to, if the values of ESVA and ESVB do match, search a plurality of LOB transaction logs in the local database, sum the transactions in the LOB transaction logs, deduct the sum from the LOB transaction logs from the ESV, yielding a token value, and compare the token value with the value of a transaction desired. Aabye teaches a method of conducting a purchase transaction with a POS terminal. Aabye explains that the “POS terminal 310 can communicate with prepaid card 304, to determine if the offline balance of prepaid card 304 is enough to cover the purchase.” Aabye, [0053]. Aabye explains that “the POS terminal 310 can query prepaid card 304 . . . to see if the difference between limit amount 302 and accumulator record 301 is greater than or equal to the purchase amount.” Aabye, [0053]. Aabye further 

As Aabye teaches the limitations of claim 3, for the reasons described for claim 1, a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 3 obvious over the combination of Aabye, Maeng, and Suelberg. Thus, claims 3 and 22 is rejected under 35 U.S.C. § 103 as obvious.  

Claims 4 and 23
Claims 4 and 23 depend from claims 3 and 22 respectively but otherwise recite the same limitations.  Accordingly claim 4 is discussed as representative of claim 22. Aabye teaches the limitations of claim 4. 

The system of claim 3, the system further comprising configuration of the user device to, if the token value is equal to or greater than the value of the transaction desired, authorize the transaction desired, . . . , and the user device will log a record of the transaction desired into the LOB transaction logs in the local database. Aabye teaches that “[i]f there was enough money 

While Aabye teaches that the portable consumer device may include wireless phones, personal digital assistants (PDAs), pagers, etc. and that the portable consumer device may include a display 32(d) “to allow a consumer to see phone numbers and other information and messages,” Aabye does not expressly discloses that “the user device will display a confirmation screen.” However, a person of ordinary skill in the art would understand that displaying a confirmation on the screen would be well known to one of ordinary skill in the art. See, e.g., Suelberg, [0045] (“Vending machine device 120 may send a confirmation message to data relay application 330 over the first network 130. Accordingly, vending machine 110 may utilize a graphical user interface physically located on vending machine 110 and data relay application 330 on user computing device 125 to purchase goods from vending machine 110.”). 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s 

Claims 5 and 24
Claims 5 and 24 depend from claims 4 and 23 respectively but, otherwise, recite the same limitations. Accordingly, claim 5 is discussed as representative of claim 24. Aabye teaches the limitations of claim 5. 
The system of claim 4, in which logging a record of the transaction desired into the LOB transaction logs comprises adding to the LOB transaction logs at least the following information: a timestamp, a machine ID of the machine that was authorized, a vending terminal ID of the vending terminal that was used, and the price of the transaction desired that was authorized. Aabye teaches that “in certain implementations the accumulator record is not reset . . . . [, which] allows the bank to keep track of all transactions over the lifetime of the prepaid card, and to know what transactions occurred offline.” Aabye, [0024]; see also id. at [0023, Table 1]. 

Aabye does not expressly teach that the accumulator record includes “a timestamp, a machine ID of the machine that was authorized, a vending terminal ID of the vending terminal that was used, and the price of the transaction desired that was authorized;” nevertheless, a person of ordinary skill in the art would recognize that such information is routinely included with transaction information in order to more-securely authorize transactions. For example, Keithley, Pub. No. 2006/0229996 teaches populating consumer/transaction data with “data data that is reflective of the consumer and/or the transaction information for the transaction” such as “data reflecting a consumer’s name, a consumer key, a consumer identification, an account number, . . . an order number, an authorization number, an authorization time, an authorization amount, . . . a merchant identity.” Keithley, [0022]. Accordingly, a person of ordinary skill in the art would recognize that including in Aabye’s accumulator record specific transaction information would be useful for any backend authentication.  Additionally, a person of ordinary skill in the art would recognize that including such fields in Aabye’s accumulator record would require routine programming well within the skillset of the ordinary programmer. 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 5 obvious over the combination of Aabye, Maeng, and Suelberg. Thus, claims 5 and 24 are rejected under 35 U.S.C. § 103 as obvious. 


Claims 6 and 27
Claims 6 and 27 depend from claims 3 and 22 respectively but otherwise recite the same claim language. Accordingly, claim 6 is discussed as representative of claim 27. Aabye teaches the limtations of claim 6. 

The system of claim 3, the system further comprising configuration of the user device to, if the token value is less than the value of the transaction desired, not authorize the transaction desired, and the user device will display a "not authorized" screen. Aabye teaches that “[i]f there was not enough money stored on the portable consumer device, the transaction may be canceled.” Aabye, [0059]. 

While Aabye teaches that the portable consumer device may include wireless phones, personal digital assistants (PDAs), pagers, etc. and that the portable consumer device may include a display 32(d) “to allow a consumer to see phone numbers and other information and messages,” Aabye does not expressly discloses that “the user device will display a confirmation screen.” However, a person of ordinary skill in the art would understand that displaying a confirmation on the screen would be well known to one of ordinary skill in the art. See, e.g., Suelberg, [0045] (“Vending machine device 120 may send a confirmation message 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 6 obvious over the combination of Aabye, Maeng, and Suelberg. Thus, claims 6 and 27 are rejected under 35 U.S.C. § 103 as obvious. 

Claims 26 and 29
Claims 26 and 29 depend from claims 25 and 28 respectively but otherwise recite the same limitations. Accordingly, claim 26 is discussed as representative of claim 29. Aabye teaches the limitations of claim 26.

The method of Claim 25, the method further comprising the user device communicating with a user database server to upload all records of past transactions stored in the LOB transaction logs that have not been marked as already uploaded to the user database server, and wherein the not-previously-uploaded LOB transaction logs are stored in the transaction logs in the user database on the user database server; and upon upload of the not-LOB transaction logs, the user device marks all of the not-previously uploaded LOB transaction logs as having been uploaded to the user database server. Aabye teaches that “[t]he issuer can maintain a shadow account related to the portable consumer device,” which is “stored entirely or partly on a server of the issuer or a payment processing network” Aabye explains that “[t]he shadow account can include shadow copies of each data element stored in the portable consumer device, such as a shadow accumulator record, a shadow limit amount, a shadow exception record, etc.”  Aabye, [0069].

While Aabye does not expressly teach the specifics of how records are uploaded to the server, these steps are inherent in Aabye.  A person of ordinary skill in the art would recognize that a program operating to transfer any files to a server would track through an indicator what files have or have not been uploaded. Accordingly, a person of ordinary skill in the art would determine Aabye to teach the limitations of claim 26. 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 26 obvious over the combination of Aabye, Maeng, and Suelberg. Thus, claims 26 and 29 are rejected under 35 U.S.C. § 103 as obvious. 

Claims 10-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Aabye and further in view of Maeng, Suelberg, Fransen, and Bluetooth Light Energy, Wikipedia.
Claim 10
Claim 10 depends from claim 9. Fransen and Bluetooth Light Energy, Wikipedia teach the limitations of claim 10. 

The method of Claim 9, the method further comprising the user device and the plurality of vending terminals engaging in the Advertising and Selection Module, in which:
each of the plurality of vending terminals is advertising its presence with a near-field communications protocol, which advertising comprises broadcasting a firmware ID; and
when a user device is in range of the communications protocol of a first vending terminal, or of more than one of the plurality of vending terminals, the user device receives the firmware ID and displays to the user a choice of all of the available ones of the plurality of vending terminals. Fransen teaches that “a source device that wants to be discovered broadcasts a 

Claim 10 is also generally directed to Bluetooth, more specifically Bluetooth light energy (BLE). Wikipedia explains that “BLE devices are detected through a procedure based on broadcasting advertising packets.” Bluetooth Low Energy, Wikipedia (archived February 8, 2019). Bluetooth additionally, at least when using an iPhone or smartphone, allows a person to select a device among a list of available devices. See Bluetooth Low Energy, Wikipedia; see also How to Connect a Speaker to Your iPhone with Bluetooth, WikiHow (archived through Wayback Machine 2018). 
The examiner relied on the teachings of Suelberg for the teachings of a vending machine capable of completing transactions with a user device. And since Suelberg’s vending machine is operable to connect to user devices through Bluetooth, a person of ordinary skill in the art would find Applicant’s claim 10 inherent in the teachings of Suelberg. See Suelberg, [0012] (“In embodiments, the vending machine device may be confirmed to communicate data over wired protocols, such as USB ports, or via wireless protocols, such as WiFi, Bluetooth, etc.). Nevertheless, a person of ordinary skill in the art might also look to a reference such as Fransen for the specifics of creating a secured connection 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 10 obvious over the combination of Aabye, Maeng, Suelberg, Fransen, and/or Bluetooth. Thus, claim 10 is rejected under 35 U.S.C. § 103 as obvious. 

Claim 11
Claim 11 depends from claim 10. Claim 11 is taught by the general functioning of Bluetooth. 

The method of Claim 10, the method further comprising the user device, upon receiving a selection of a particular one of the plurality of vending terminals, or more than one of the plurality of vending terminals, sends the selection of the chosen one or more of the plurality of vending terminals. Claim 11 is generally directed to functionality included in Bluetooth, more specifically Bluetooth light energy (BLE). Wikipedia explains that “BLE devices are detected through a procedure based on broadcasting advertising packets.” Bluetooth Low Energy, Wikipedia (archived February 8, 2019). See How to Connect a Speaker to Your iPhone with Bluetooth, WikiHow (archived through Wayback Machine 2018). 

The examiner relied on the teachings of Suelberg for the teachings of a vending machine capable of completing transactions with a user device. And since Suelberg’s vending machine is operable to connect to user devices through Bluetooth, a person of ordinary skill in the art would find Applicant’s claim 10 inherent in the teachings of Suelberg. See Suelberg, [0012] (“In embodiments, the vending machine device may be confired to communicate data over wired protocols, such as USB ports, or via wireless protocols, such as WiFi, Bluetooth, etc.).
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 11 obvious over the combination of Aabye, Maeng, Suelberg, and Bluetooth. Thus, claim 11 is rejected under 35 U.S.C. § 103 as obvious. 
Claim 12
Claim 12 depends from claim 11. Fransen and/or Bluetooth technology generally teach the limitations of claim 12. 

The method of Claim 11, the method further comprising the user device and the first vending terminal engaging in the Exchange of Passcodes Module, in which:
the first vending terminal has stored on it at least three numbers: the firmware ID, a first 256-bit number, and a second 256-bit number; and
the user device takes the firmware ID as the salt, and the user device applies the first hash function, generating as the result the first passcode, and the user device then sends the first passcode to the first vending terminal; Fransent teaches a four-step, three-way handshake procedure. At step one, Fransen explains that “[t]he source device sends a random (the challenge) to a target device in the same broadcast as the T-BID.” Fransen, [0045]. At step two, Fransen explains that “[t]he target device calculates the hash (challenge common secret), where the common secret can be e.g. a random, a salt or a common T-BID.” Fransen, [0046]. Fransen explains that “[t]he target device generates a further random replies with amessage including further random hash (challenge common secret).” Fransen, [0046]. At step three, Fransen explains that “[t]he source device can verify hash (challenge common secret) and replies with a message including hash (future random common secret).” Fransen, [0047]. And at step four, Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source 
and the first vending terminal compares the first passcode to the first 256-bit number. Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source device and the target device know that both have the same common secret and have authenticated each other.” Fransen, [0048]. 

A person of ordinary skill in the art would be motivated by added security, specifically to prevent a man-in-the-middle attack, to include the functional teachings of Fransen with those of Aabye, Maeng, and Suelberg to arrive at applicant’s claim 12. Suelberg generally teaches a vending machine operable to communicate and process transactions with a mobile device. See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to Fransen for example, as an example teaching of secured communications. And since Fransen teaches a secure method for pairing devices, a person of ordinary skill in the art would understand that adding Fransen would require routine programming well within the skillset of the ordinary programmer. 
Extracting the Security Features Implemented in a Bluetooth LE Connection, IEEE Int’l Conference on Big Data 2559 (2018). For example, Bluetooth LE utilizes Secure Connections, which pairs devices based on matching a 6-digit numeric code. Id. at 2560. Secure Connections utilizes the P-256 Elliptic Curve Diffie-Hellman key exchange for pairing and “establish[es] a shared secret between the two devices,” which “is used for authentication and generation of keys to encrypt all communication.” So since Suelberg’s device employs Bluetooth technology to communicate with a user’s mobile device, a person of ordinary skill in the art would expect Suelberg to employ a handshake method such as the one Applicant describes in claim 12. 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 12 obvious over the combination of Aabye, Maeng, Suelberg, Fransen, and/or Bluetooth. Thus, claim 12 is rejected under 35 U.S.C. § 103 as obvious.

Claim 13
Claim 13 depends from claim 12. Fransen teaches the limitations of claim 13. 
The method of Claim 12, wherein if the first passcode and the first 256-bit number match, then the first vending terminal accepts that the user device has authenticated its identity. Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source device and the target device know that both have the same common secret and have authenticated each other.” Fransen, [0048].
A person of ordinary skill in the art would be motivated by added security, specifically to prevent a man-in-the-middle attack, to include the functional teachings of Fransen with those of Aabye, Maeng, and Suelberg to arrive at applicant’s claim 12. Suelberg generally teaches a vending machine operable to communicate and process transactions with a mobile device. See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to Fransen for example, as an example teaching of secured communications. And since Fransen teaches a secure method for pairing devices, a person of ordinary 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 13 obvious over the combination of Aabye, Maeng, Suelberg, and Fransen. Thus, claim 13 is rejected under 35 U.S.C. § 103 as obvious.

Claims 14, 16, and 20
Claims 14, 16, and 20 depend from 12, 15, and 18 respectively but otherwise recite the same limitations.  Accordingly claim 14 is discussed as representative of claims 16 and 20. Fransen teaches the limitations of claim 14. 
The method of Claim 12, wherein if the first passcode and the first 256-bit number do not match, then the first vending terminal does not accept that the user device has authenticated its identity, and the first vending terminal will not proceed with a transaction. Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source device and the target device know that both have the same common secret and have authenticated each other.” Fransen, [0048].

See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to Fransen for example, as an example teaching of secured communications. And since Fransen teaches a secure method for pairing devices, a person of ordinary skill in the art would understand that adding Fransen would require routine programming well within the skillset of the ordinary programmer.
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 14 obvious over the combination of Aabye, Maeng, Suelberg, and Fransen. Thus, claims 14, 16, and 20 are rejected under 35 U.S.C. § 103 as obvious.

Claim 15
	Claim 15 depends from claim 13. Fransen and/or Bluetooth technology generally teach the limitations of claim 15. 

The method of Claim 13, wherein the first vending terminal sends the second 256-bit number to the user device, and the user device uses the firmware ID as the salt for the second hash function, generating a second passcode, and if the second passcode matches the second 256-bit number, then the user device can accept that the first vending terminal has authenticated its identity. Fransent teaches a four-step, three-way handshake procedure. At step one, Fransen explains that “[t]he source device sends a random (the challenge) to a target device in the same broadcast as the T-BID.” Fransen, [0045]. At step two, Fransen explains that “[t]he target device calculates the hash (challenge common secret), where the common secret can be e.g. a random, a salt or a common T-BID.” Fransen, [0046]. Fransen explains that “[t]he target device generates a further random replies with amessage including further random hash (challenge common secret).” Fransen, [0046]. At step three, Fransen explains that “[t]he source device can verify hash (challenge common secret) and replies with a message including hash (future random common secret).” Fransen, [0047]. And at step four, Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source device and the target device know that both have the same common secret and have authenticated each other.”

A person of ordinary skill in the art would be motivated by added security, specifically to prevent a man-in-the-middle attack, to include the functional teachings of Fransen with those of Aabye, Maeng, and Suelberg to arrive at applicant’s claim 12. Suelberg generally teaches a vending machine operable to communicate and process transactions with a mobile device. See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to Fransen for example, as an example teaching of secured communications. And since Fransen teaches a secure method for pairing devices, a person of ordinary skill in the art would understand that adding Fransen would require routine programming well within the skillset of the ordinary programmer. 
A person of ordinary skill in the art would additionally recognize that Applicant’s claim 12 recites common authentication techniques such as those used with Bluetooth Low Energy or Bluetooth LE. For example, a person of ordinary skill in the art would know that Bluetooth LE utilizes various “cryptographic algorithms and protocol exchanges that allow two devices to securely exchange data and privately detect each other.” Robles-Cordero et al., Extracting the Security Features Implemented in a Bluetooth LE Connection, IEEE Int’l Conference on Big Data 2559 (2018). For example, Bluetooth LE utilizes Secure Id. at 2560. Secure Connections utilizes the P-256 Elliptic Curve Diffie-Hellman key exchange for pairing and “establish[es] a shared secret between the two devices,” which “is used for authentication and generation of keys to encrypt all communication.” So since Suelberg’s device employs Bluetooth technology to communicate with a user’s mobile device, a person of ordinary skill in the art would expect Suelberg to employ a handshake method such as the one Applicant describes in claim 12. 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 15 obvious over the combination of Aabye, Maeng, Suelberg, Fransen, and/or Bluetooth. Thus, claim 15 is rejected under 35 U.S.C. § 103 as obvious.

Claim 17
Claim 17 depends from claim 15. Claim 11 is taught by the general functioning of Bluetooth. 
The method of Claim 15, wherein the user device and the first vending terminal proceed to the Establishing a Session Module, in which the user device sends its unique user device ID to the first vending terminal, and upon receiving the user device ID, the first vending terminal generates a 

A person of ordinary skill in the art would additionally recognize that Applicant’s claim 15 recites common authentication techniques such as those used with Bluetooth Low Energy or Bluetooth LE. For example, a person of ordinary skill in the art would know that Bluetooth LE utilizes various “cryptographic algorithms and protocol exchanges that allow two devices to securely exchange data and privately detect each other.” Robles-Cordero et al., Extracting the Security Features Implemented in a Bluetooth LE Connection, IEEE Int’l Conference on Big Data 2559 (2018). For example, Bluetooth LE utilizes Secure Connections, which pairs devices based on matching a 6-digit numeric code. Id. at 2560. Secure Connections utilizes the P-256 Elliptic Curve Diffie-Hellman key exchange for pairing and “establish[es] a shared secret between the two devices,” which “is used for authentication and generation of keys to encrypt all communication.” So since Suelberg’s device employs Bluetooth technology to communicate with a user’s mobile device, a person of ordinary skill in the art would expect Suelberg to employ a handshake method such as the one Applicant describes in claim 12. 


Claim 18
Claim 18 depends from claims 16. Fransen and/or Bluetooth technology generally teach the limitations of claim 18.
The method of Claim 16, wherein the first vending terminal uses a third hash function, combining the user device ID and the session ID to generate a third passcode, and wherein the user device uses the same third hash function, combining the user device ID and the session ID to generate the same third passcode, and the user device sends the third passcode to the first vending terminal, and the first vending terminal receives the copy of the third passcode from the user device, and verifies that the copies of the third passcode match. Fransent teaches a four-step, three-way handshake procedure. At step one, Fransen explains that “[t]he source device sends a random (the challenge) to a target device in the same broadcast as the T-BID.” Fransen, [0045]. At step two, Fransen explains that “[t]he target device calculates the hash (challenge common secret), where the common 

A person of ordinary skill in the art would be motivated by added security, specifically to prevent a man-in-the-middle attack, to include the functional teachings of Fransen with those of Aabye, Maeng, and Suelberg to arrive at applicant’s claim 18. Suelberg generally teaches a vending machine operable to communicate and process transactions with a mobile device. See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to Fransen for example, as an example teaching of secured communications. And since Fransen teaches a secure method for pairing devices, a person of ordinary 
A person of ordinary skill in the art would additionally recognize that Applicant’s claim 18 recites common authentication techniques such as those used with Bluetooth Low Energy or Bluetooth LE. For example, a person of ordinary skill in the art would know that Bluetooth LE utilizes various “cryptographic algorithms and protocol exchanges that allow two devices to securely exchange data and privately detect each other.” Robles-Cordero et al., Extracting the Security Features Implemented in a Bluetooth LE Connection, IEEE Int’l Conference on Big Data 2559 (2018). For example, Bluetooth LE utilizes Secure Connections, which pairs devices based on matching a 6-digit numeric code. Id. at 2560. Secure Connections utilizes the P-256 Elliptic Curve Diffie-Hellman key exchange for pairing and “establish[es] a shared secret between the two devices,” which “is used for authentication and generation of keys to encrypt all communication.” So since Suelberg’s device employs Bluetooth technology to communicate with a user’s mobile device, a person of ordinary skill in the art would expect Suelberg to employ a handshake method such as the one Applicant describes in claim 18.
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s 
Claim 19
	Claim 19 depends from claim 18. Fransen teaches the limitations of claim 19.  
The method of Claim 18, wherein if the copies of the third passcode match, then the first vending terminal authorizes the transaction desired, and the user device presents a confirmation screen and receives input from the user with the user's selection of a good or service to be vended. Fransen explains that “[t]he target device can verify hash (further random common secret) and now both the source device and the target device know that both have the same common secret and have authenticated each other.” Fransen, [0048].

A person of ordinary skill in the art would be motivated by added security, specifically to prevent a man-in-the-middle attack, to include the functional teachings of Fransen with those of Aabye, Maeng, and Suelberg to arrive at applicant’s claim 12. Suelberg generally teaches a vending machine operable to communicate and process transactions with a mobile device. See Suelberg, Abstract. Accordingly, one of ordinary skill in the art would look to methods for securely communicating data with a vending machine and would have looked to 
Fransen does not disclose the portion of claim 19 directed to “the user device presents a confirmation screen and receives input from the user with the user’s selection of a good or service to be vented,” however Suelberg discloses this limitation.  For example, Suelberg teaches that “the vending machine device may be configured to relay second data through a user computing device responsive to a user completing a transaction with the vending machine using the user computing device and a user interface on the vending machine, wherein the user interface on the vending machine is utilized to make a selection of items stored within the vending machine.” Suelberg, [0008].
As discussed above for claims 1 and 9, a person of ordinary skill in the art would have been motivated to combine the teachings of Suelberg with Maeng and Aabye as doing so would specify an intended use for the teachings of Aabye and Maeng. Moreover a person of ordinary skill in the art would recognize that, because when combined Aabye and Maeng disclose a system for storing and communicating transactions, Aabye and Maeng could be easily combined with any 
Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 19 obvious over the combination of Aabye, Maeng, Suelberg, and Fransen. Thus, claim 19 is rejected under 35 U.S.C. § 103 as obvious.
Claim 7-8, 25, and 28 is/are rejected under 35 U.S.C. 103 as being unpatentable over Suelberg and further in view of Maeng, Fransen, and Baker.
Claims 7–8, 25, and 28
Claims 7–8, 25, and 28 depend from claims 4, 6, 23, and 27 respectively but otherwise disclose the same limitations. Accordingly, claim 7 is discussed as representative of claims 8, 25, and 28. Claim 7 recites: 

The system of claim 4, the system further comprising configuration of the user device to not store the available balance, and erase all decrypted values of ESV. Baker teaches that “each station 30 purges all authorization messages identified in the purge list.” Baker, col. 5, ll. 43–45.
A person of ordinary skill in the art would have been motivated to combine the teachings of Baker with those of Suelberg to arrive at Applicant’s claim 13. Baker relates generally to “systems and methods for refilling or recharging smart 
	Thus, for the reasons just discussed, a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 30 obvious over the combination of Suelberg, Maeng, Fransen, and Baker. Thus, claim 30 is rejected under 35 U.S.C. § 103 as obvious.
Claim 30 is/are rejected under 35 U.S.C. 103 as being unpatentable over Suelberg and further in view of Maeng, Fransen, and/or Bluetooth Light Energy, Wikipedia.
Claim 30
Claim 30 is an independent claim. Suelberg teaches the following limitations of claim 30:
Computer-readable instructions stored in non-transitory computer readable media for offline mutual authentication for payment, the computer readable instructions comprising steps for a user device, used by a user having a user account, and having a local database, to communicate with a plurality of vending terminals configured on at least one machine. Suelberg, in the first instance, teaches that “one or more processing devices my include one or more devices executing some or all of the operations . . . in response to instructions stored electronically on an electronic storage medium.” Suelberg, [0049, 56]. In the second instance, Suelberg teaches a communications device 215, which “may be a device that allows vending machine device 120 to communication with another device, e.g., . . . usercomputing device 125.” Suelberg, [0034]. 

store and decrypt a first package A of data, and a second package B of data.” However, Maeng teaches this additional limitation. Maeng teaches sending the first and second data packets to a mobile wallet that “may decrypt the first encrypted unit 13100 included in the first packet using the first cryptographic key 13130 and may decrypt the second encrypted unit 13120 included in the second packet using second key 13110.” Maeng, col. 13, ll. 1–11.  Maeng adds additional security to communicating. Accordingly, a person of ordinary skill in the art would have been motivated to combine the teachings of Suelberg with Maeng. Furthermore, a person of ordinary skill in the would recognize that combining Suelberg with Maeng would require no changes to the teachings of either reference and would further require only routine programming well within the skillset of the ordinary programmer. 
Even when combined, Suelberg and Maeng do not teach “and containing instructions for the user device and at least one vending terminal to engage in an Advertising and Selection Module, an Exchange of Passcodes Module, and an Establishing a Session Module, to accept each other as verified.” However, Fransen and Bluetooth Light Energy, Wikipedia these limitations. 
The examiner construes Advertising and Selection Module, an Exchange of Passcodes Module, and an Establishing a Session Module according to their 
each of the plurality of vending terminals is advertising its presence with a near-field communications protocol, which advertising comprises broadcasting a firmware ID; and when a user device is in range of the communications protocol of a first vending terminal, or of more than one of the plurality of vending terminals, the user device receives the firmware ID and displays to the user a choice of all of the available ones of the plurality of vending terminals. 
Spec., [0029]. In the specification, the Applicant explains that the Exchange of Passcodes module “allows the user device 1030 and the one or more relevant vending terminals to establish trust of each other.” Spec., [0090]. The specification explains that the Exchange of Passcodes module triggers the user device to take and hash the vending terminal’s identifier to arrive at a passcode that is then verified by the vending terminal. Spec., [0090]. In the specification, the Applicant explains that the Establishing a Session Module causes the user device to send a unique user ID to the vending terminal whereupon the vending terminal generates a session ID and hashes a combination of the user ID and the session ID to generate a third passcode to be verified by the user device. Spec., [0036–37]. 
See, e.g., Bluetooth Low Energy, Wikipedia (citing Bluetooth, Technical Information (archived Feb. 14, 2014) (“BLE devices are detected through a procedure based on broadcasting advertising packets.”); see also generally How to Connect a Speaker to Your iPhone with Bluetooth, WikiHow (archived Apr. 25, 2018). Bluetooth additionally, at least when using an iPhone or smartphone, allows a person to select a device among a list of available devices. See How to Connect a Speaker to Your iPhone with Bluetooth, WikiHow (archived through Wayback Machine 2018). 
Fransen teaches Applicant’s Exchange of Passcodes module. Fransen teaches a four-step, three-way handshake procedure. At step one, Fransen explains that “[t]he source device sends a random (the challenge) to a target device in the same broadcast as the T-BID.” Fransen, [0045]. At step two, Fransen explains that “[t]he target device calculates the hash (challenge common secret), where the common secret can be e.g. a random, a salt or a common T-BID.” Fransen, [0046]. Fransen explains that “[t]he target device generates a further random replies with amessage including further random hash (challenge common secret).” Fransen, [0046]. At step three, Fransen explains that “[t]he source device can verify hash (challenge common secret) and replies with a message including hash (future random common secret).” Fransen, [0047]. And at step four, Fransen explains that 
Applicant’s Establishing a Session Module is generally taught by the functioning of Bluetooth. For example, a person of ordinary skill in the art would know that Bluetooth LE utilizes various “cryptographic algorithms and protocol exchanges that allow two devices to securely exchange data and privately detect each other.” Robles-Cordero et al., Extracting the Security Features Implemented in a Bluetooth LE Connection, IEEE Int’l Conference on Big Data 2559 (2018). For example, Bluetooth LE utilizes Secure Connections, which pairs devices based on matching a 6-digit numeric code. Id. at 2560. Secure Connections utilizes the P-256 Elliptic Curve Diffie-Hellman key exchange for pairing and “establish[es] a shared secret between the two devices,” which “is used for authentication and generation of keys to encrypt all communication.” So since Suelberg’s device employs Bluetooth technology to communicate with a user’s mobile device, a person of ordinary skill in the art would expect Suelberg to employ a handshake method such as the one Applicant describes in claim 12. 
A person of ordinary skill in the art would have been motivated to combine the teachings of Suelberg with Fransen and Bluetooth Light Energy, Wikipedia to arrive at Applicant’s claim 30. The examiner relied on the teachings of Suelberg See Suelberg, [0012] (“In embodiments, the vending machine device may be confirmed to communicate data over wired protocols, such as USB ports, or via wireless protocols, such as WiFi, Bluetooth, etc.). Nevertheless, a person of ordinary skill in the art might also look to a reference such as Fransen for the specifics of creating a secured connection between Suelberg’s vending machine a user’s device and would find combining Fransen’s teachings with Suelberg’s to require only routine programming well within the skillset of the ordinary programmer.	Accordingly, for the reasons just described a person of ordinary skill in the art would have, before Applicant filed the current application, found Applicant’s claim 30 obvious over the combination of Suelberg, Maeng, Fransen, and/or Bluetooth. Thus, claim 30 is rejected under 35 U.S.C. § 103 as obvious. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZACHARY MICHAEL COOTS whose telephone number is (571)270-7002.  The examiner can normally be reached on M-F 7:30 to 5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached on (571) 272-7575.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-




/Z.M.C./Examiner, Art Unit 3685                                                                                                                                                                                                        

/PATRICK MCATEE/Supervisory Patent Examiner, Art Unit 3685