DETAILED ACTION
Status of Claims
Applicant has elected Group I (Claims 1-20) in regards to previously filed Restriction Requirement.
Claims 1-20 are currently pending and have been considered by the examiner.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 28 September 2018 was considered by the examiner.

Election/Restrictions
Claim 21-22 are withdrawn from further consideration pursuant to 37 CFR 1.142(b) as being drawn to a nonelected invention, there being no allowable generic or linking claim. Election was made without traverse in the reply filed on 4 December 2020.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:


This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: 
the one or more settlement devices are configured to issue to the entity device a public key and a private key
one or more unique symmetric encryption keys employing cryptographic techniques configured to encrypt communications, and create and install credentials into the cryptographically secure credentials device
wherein the one or more settlement devices are configured to perform authentication
wherein the entity device creates a secure credential comprising at least one of the group consisting of a certificate and a version structured document
wherein the entity device is configured to communicate with a payee device of the one or more payee device anonymously
herein the entity device then updates the current account transaction history with data from the certificate sent to the payee device
wherein the one or more settlement devices are configured to authenticate the payment settlement request received from the payee device
wherein the one or more settlement devices are configured to complete the transaction between the entity device and the payee device
In claims 1-17 and
receiving, at one or more settlement devices managed by a settlement service, information from an entity device
issuing to the entity device, using the one or more settlement devices, a public key, a private key and one or more unique symmetric encryption keys configured to encrypt communications; 
creating using the one or more settlement devices, credentials 
designating, by the one or more settlement devices, a linked entity account 
authenticating and debiting, using the one or more settlement devices, payment from the entity device 
creating, using the entity device, a secure credential 
communicating, using the entity device and a payee device of one or more payee devices, by anonymously using secured credentials 
confirming, using the entity device, an amount requested 
sending, using the payee device, the amount requested 
updating, using the entity device, the current account transaction history 
authenticating, using the one or more settlement devices, the payment settlement request
completing, using the one or more settlement devices, the transaction between the entity device and the payee device 
in claims 18-20.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.


In regards to claims 6-7, the claims recite: “wherein governmental authentication will verify the entity uniquely across a class of records of the government authority, and each government authority will be independently authorized with a rigorous and explicit identification process, creating credentials mandated to be stored on one or more of the group consisting of federal information processing standard publication 140-2 (FIPS-140-2) smart and Java cards, with card reading hardware, wherein verification by the government authority of the entity corporeally present and registered uniquely under the purview of the government authority will provide unique singular credential creation for that government authority.”
The recited limitations discloses a governmental authentication entity independent of the government authority performing various functionality as seen in the aforementioned claim limitations. As the governmental authentication is outside the scope of the claimed invention, in view of the original disclosure, these limitations cannot be given patentable weight.

Claim Rejections - 35 USC § 112(b)
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:



Claims 1-20 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Additionally, the claims as a whole recite a plethora of grammatical errors and contain multiple instances of improper sentence structure. For purposes of compact prosecution in regards to examination, examiner will exercise best judgement in determining the invention applicant intended to claim, where possible, as outlined in the subsequent 35 USC 103 rejection.
Specifically, claims 1-17 recite the limitation “wherein the entity device is enrolled with the settlement service, and the one or more settlement devices are configured to issue to the entity device a public key and a private key, using public key infrastructure, wherein the settlement service is a certificate authority, and one or more unique symmetric encryption keys employing cryptographic techniques configured to encrypt communications, and create and install credentials into the cryptographically secure credentials device”. The recited limitation lacks proper grammatical structure to the extent it is not possible for the examiner to reasonably determine the invention that is being claimed as it unclear what structure performs the function of creating and installing credentials as well as what function the one or more unique symmetric encryption keys perform. Therefore, the claims must be considered indefinite and are rejected under 35 USC 112(b). 
For purposes of compact prosecution, examiner interprets the previously stated limitation as stating: “wherein the entity device is enrolled with the settlement service, and the one or more settlement devices are configured to issue to the entity device a public key and a private key, using public key infrastructure, wherein the settlement service is a certificate authority, and uses one or more unique symmetric encryption keys to perform cryptographic techniques to encrypt communications, and creates and installs credentials into the cryptographically secure credentials device.
Additionally, claim 17 recites the limitation “wherein the designated destination belonging to the payee comprises one of the group consisting of a payee secure credential, a payee settlement address linked account, and creation of a cryptographically generated and public key infrastructure generated digital object sent to the payee secure credential or settlement address.” The recited limitation lacks proper grammatical structure to the extent it is not possible for the examiner to reasonably determine the invention that is being claimed as it unclear what structure performs the function of creating a generated digital object. Therefore, the claims must be considered indefinite and are rejected under 35 USC 112(b).
11.	For purposes of compact prosecution, examiner interprets the previously stated limitation as stating: “wherein the designated destination belonging to the payee comprises one of a group consisting of a payee secure credentials, a payee settlement address linked account, and a digital object constructed using public key infrastructure and cryptographic processes.
Claims 1-17 recite the limitation "then use the private key to sign the amount requested together with other data, and send the certificate created by the entity device to the payee device" in lines 29-31 .  There is insufficient antecedent basis for this limitation in the claim because the claim previously states “wherein the entity device creates a secure credential comprising at least one of the group consisting of a certificate and a version structured document”. Therefore, an embodiment of claimed invention exists wherein the claim certificate lacks proper antecedent basis. Therefore, the claims must be considered indefinite and are rejected under 35 USC 112(b).
Claims 1-17 recite limitations containing multiple instances of the terminology “one of the group consisting of”. There is insufficient antecedent basis for this term in these claims. Therefore, the claims must be considered indefinite and are rejected under 35 USC 112(b).
Claim 9 recites the limitation "wherein credentials comprise one or more industry defined proprietary use ASN.1 data structures" in lines 1-2.  There is insufficient antecedent basis for this limitation in the claim. Therefore, the claim must be considered indefinite and is rejected under 35 USC 112(b).
Claim 11 recites the limitation “wherein the credentials are one more of the group consisting of defined type credentials and expandable type credentials”. There is insufficient antecedent basis for this limitation in the claims
Claims 13 and 14 recite the limitation “wherein communication” in line 1. There is insufficient antecedent basis for this limitation in the claims. Therefore, the claim must be considered indefinite and is rejected under 35 USC 112(b).
Claim 10 recites the limitation “wherein the one or more settlement devices are configured to provide for the creation of many different credentials”. The term “many different credentials” does not enable one of ordinary skill in the art to sufficiently determine the metes and bounds of the claim so as to understand how to avoid infringement or reasonably determine the scope of the invention. Therefore, the claim must be considered indefinite and is rejected under 35 USC 112(b).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5 and 11-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Haldenby et al. (US 20180276666 A1) in view of Ortiz et al. (US 20140108263 A1) in further view of Bugrov et al. (US 20160112406 A1).

In regards to Claims 1 and 18, Haldenby discloses:
A system for performing anonymous settlement of transactions between parties (configured to perform at least the method of claim 18), the system comprising: one or more settlement devices managed by a settlement service (See Haldenby: Para. [0057] – “Referring back to FIG. 1, issuer system 142, acquirer system 162, and payment network system 182 may each represent a computing system that includes one or more servers (e.g., not depicted in FIG. 1) and tangible, non-transitory memory devices storing executable code and application modules. Further, the servers may each include one or more processor-based computing devices, which may be configured to execute portions of the stored code or application modules to perform operations consistent with the disclosed embodiments”, See Haldenby: Para. [0166] – “Consensus module 610 may receive digitally countersigned signed settlement data 626, and may decode the digital signatures applied by issuer and acquirer systems 142 and 162 (e.g., as payment network system 182 acts as a certificate authority for both issuer and acquirer systems 142 and 162” – Haldenby discloses a certificate authority acting as a settlement service for an issuer device, an acquirer device as well as for the server devices comprising the certificate authority); 
an entity device of an entity, the entity device having information comprising account information associated therewith (See Haldenby: Para. [0041] – “In one aspect, payment application data 110 may include one or more SV payment applications and application extensions, such as the exemplary SV payment application described above.”, See Haldenby: Para. [0021] – “Payment instruments consistent with the disclosed embodiments may include, but are not limited to, credit and debit card accounts (e.g., Visa.TM. credit card accounts, etc.) held by the customer ; 
one or more payee devices (See Haldenby: Fig. 1 – POS Terminal 122); 
the one or more settlement devices, the settlement service, the one or more payee devices, the credentials device, and the entity device, being in communication (See Haldenby: Fig. 1 – The payment network system (containing servers in communication with a settlement service), POS Terminal, and Client device all communicate via Communications Network 120B); 
wherein the settlement service is a certificate authority, and one or more unique symmetric encryption keys employing cryptographic techniques are configured to encrypt communications (See Haldenby: Para. [0166] – “Consensus module 610 may receive digitally countersigned signed settlement data 626, and may decode the digital signatures applied by issuer and acquirer systems 142 and 162 (e.g., as payment network system 182 acts as a certificate authority for both issuer and acquirer systems 142 and 162”, See Haldenby: Para. [0084] – “POS terminal 122 may receive data package 224 through terminal interface unit 126, and an application data module 226 of POS terminal 122 may parse received data package 224 to obtain identifiers of the required data elements (e.g., SV block-chain ledger 113, issuer public key certificate 118, device public key certificate 120, and the EMV-specific data) and the locations of these required data elements within data repository 106 of client device 102” – Haldenby discloses a certificate authority acting as a settlement service as well as unique symmetric encryption keys (public and private keys) for both the POS and Client devices used during communications), and 
wherein the one or more settlement devices are configured to perform authentication and designate a linked entity account from the account information and debit payment from the entity device to alter the linked entity account for use in authentication for settlement services (See Haldenby: Para. [0024] – “In certain aspects, the payment application stored and executed by the client device may include an EMV payment application may be compatible with one or more EMV-based transaction protocols, and the POS terminal device and the client device may each perform certain operations consistent with these EMV-based transaction protocols to authorize the initiated payment transaction and submit the authorized transaction to an appropriate payment network (e.g., a payment rail) for settlement and clearance.”, See Haldenby: Para. [0021] – “Payment instruments consistent with the disclosed embodiments may include, but are not limited to, credit and debit card accounts (e.g., Visa.TM. credit card accounts, etc.) held by the customer and issued by one or more financial institutions (e.g., issuers), checking or savings accounts held by the customer at one or more financial institutions, electronic funds transfers (e.g., e-transfers), units of one or more digital currencies held by the customer in one or more corresponding accounts (e.g., units of Bitcoin.TM., Litecoin.TM., etc.), and other accounts held by or available to the customer and capable of funding the initiated purchase transaction.” – Haldenby discloses a POS device/settlement device performing transaction authorization/authentication using information received from a client device containing account information for the purposes of transaction settlement which includes debiting of related accounts);
wherein the entity device creates a secure credential comprising at least one of the group consisting of a certificate and a version structured document, indicating an amount and signed by an entity private key (See Haldenby: Para. [0040-0041] – “In some aspects, client device 102 may store data within data repository 106 in accordance a hierarchical tree structure. For example, data repository 106 may be structured in accordance with a conventional EMV-based file structure … As illustrated by FIG. 1, data repository 106 may include payment application , 
that then transforms into a current account transaction history that is appended with each transaction amount, iteratively updated with each new transaction, and securely stored in both a database of the settlement service associated with the entity and the entity device (See Haldenby: para. [0044] – “Ledger data 112 may include the cryptographically secure distributed ledger data that tracks an evolving balance of funds loaded onto client device 102 through a prior SV load transaction (e.g., the "last" load transaction) authorized and completed by issuer system 142”, See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.” – Haldenby discloses the use of a blockchain for maintaining current account transaction history which, due to the nature in which a blockchain operates, is updated with each new transaction and is maintained a stored in both the client device as well as in a database of the settlement service/payment network system); 
wherein the entity device is configured to communicate with a payee device of the one or more payee device anonymously using secured credentials the payee device accepts as sufficient for engaging in a transaction (See Haldenby: Para. [0078] – “POS terminal 122 may transmit selection data 208 to client device 102 across direct communications channel 120A, e.g., through terminal interface unit 128, using a standard EMV communications protocol, such as an application processing data unit (APDU) communications protocol. In one instance, POS terminal 122 may format selection data 208 (and other data exchanged with client device 102 in order to identify the AID of the SV payment application) in accordance with standard EMV command protocols, e.g., as a SELECT EMV command.” – Haldenby discloses communication between a client device and a POS device using standard EMV protocol which uses secured credentials such as a Chip and PIN to anonymously provide proof of identity), and then 
confirm an amount requested, stipulated data and additional credential data from the payee, then 
use the private key to sign the amount requested together with other data, and send the certificate created by the entity device to the payee device as a commitment to pay by the settlement service acting as agent for the entity (See Haldenby: Para. [0024] – “In certain aspects, the payment application stored and executed by the client device may include an EMV payment application may be compatible with one or more EMV-based transaction protocols, and the POS terminal device and the client device may each perform certain operations consistent with these EMV-based transaction protocols to authorize the initiated payment transaction and submit the authorized transaction to an appropriate payment network (e.g., a payment rail) for settlement and clearance.”, See Haldenby: Para. [0084] – “Initiation module 220 may, in some instances, may generate a data package 224 that includes AIP and AFL 222, and client device 102 may transmit data package 224 across direct communications channel 120A to POS terminal 122”, See Haldenby: Para. [0083] – “In other aspects, if initiation module 220 were to determine that the received terminal parameter values correspond to and satisfy the requested , 
wherein the entity device then updates the current account transaction history with data from the certificate sent to the payee device, re-signs and sends a copy to the settlement service (See Haldenby: Para. [0047] – “Referring back to FIG. 1, cryptographic data 114 may include a private cryptographic key 116A and a corresponding public cryptographic key 116B. In certain instances, client device 102 may input device-specific private cryptographic key 116A to one or more hash-generation algorithms and digital signature operations, the output of which may form portions of SV block-chain ledger 113, as described below.”, See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to ; 
wherein the payee device is configured to send the amount requested, the certificate, and information unique to the transaction to the settlement service in a payment settlement request (See Haldenby: Para. [0053] – “Further, and in some aspects, POS terminal 122 may store portions of the authorized transaction data in transaction log 134 before transmitting that authorized transaction data to acquirer system 162 and payment network system 182 for near-real-time clearance and settlement.”, See Haldenby: Para. [0116] – “In response to the confirmed offline authorization, SV transaction module 410 may generate authorized transaction data 412 that characterizes the authorized SV purchase transaction and includes, but is not limited to, the transaction value (e.g., $2.50), the product identifier (e.g., the UPC of the cup of coffee), additional or alternate data identifying the authorized SV purchase transaction (e.g., a transaction counter of the authorized SV purchase transaction, a transaction time or date, etc.), and additionally of alternatively, data identifying POS terminal 122 (e.g., a location of POS terminal 122, a device identifier, etc.)”); 
wherein the one or more settlement devices are configured to authenticate the payment settlement request received from the payee device, using the amount requested approved by the payee certificate and match the payee request and signed entity digital content, certificate credentials, and current account transaction history sent from the entity device; and (See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.”, See , 
wherein the one or more settlement devices are configured to complete the transaction between the entity device and the payee device, upon authentication, by debiting the linked entity account and crediting a designated destination belonging to the payee device, and then securely storing results of the transaction (See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.”).

Haldenby fails to explicitly disclose:
A cryptographically secure credentials device;
wherein the entity device is enrolled with the settlement service, and the one or more settlement devices are configured to issue to the entity device a public key and a private key, using public key infrastructure,
create and install credentials into the cryptographically secure credentials device;

However, in a similar field of endeavor, Ortiz discloses:
A cryptographically secure credentials device (See Ortiz: Para. [0171] – “In the embodiment shown, one or more secure element(s) 116 are provided on SIM cards and/or other, optionally removable, memories” – Based on applicant’s description provided in [0008] of the specification, a SIM card can be considered a cryptographically secure credentials device);
create and install credentials into the cryptographically secure credentials device (See Ortiz: Para. [0171] – “FIG. 7 illustrates aspects of implementation of one or more secure elements and devices 116, including for example the storage therein of credentials or other identifiers useful in transaction authorization and adjudication processes, in secure memory(ies) 106 of mobile or other communication devices 102, 202, 204, 402, etc.”, See Ortiz: Para. [0129-0132] - Services provided by such servers/systems can include: Hardware based Cryptographic operation using HSM servers 416, etc. Key management operations Generation of payment credentials QVSDC, MSD DCVV, etc., for all card/payment types, including Debit, Gift, Visa, MC and/or others);

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to substitute the generic data repository disclosed by Haldenby with the cryptographically secure SIM card disclosed by Ortiz in order to increase the overall security of the system by 

The combination of Haldenby and Ortiz fails to explicitly disclose:
wherein the entity device is enrolled with the settlement service, and the one or more settlement devices are configured to issue to the entity device a public key and a private key, using public key infrastructure,

However, in a similar field of endeavor, Bugrov discloses:
wherein an entity device is enrolled with a system/service, service/system devices are configured to issue to the entity device a public key and a private key, using public key infrastructure (See Bugrov: Para. [0051] – “Enrolling a new device in the industrial control system may include, e.g., connecting the new device to a network maintained by the industrial control system, configuring the new device with appropriate configuration settings, generating a public key and a corresponding private key for the new device”),

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to substitute the communications relationship between the entity device and settlement service disclosed in the combination of Haldenby and Ortiz with the enrollment relationship between a device and service/system, wherein the system issues a public key and private key to the device as disclosed by Bugrov in order to increase the overall security of the system by leveraging a public key/private key pair independent from the entity device thus increasing overall security by diverting fraud risk from the singular entity device to the much larger settlement service.

In regards to Claim 2, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein the cryptographically secure credentials device comprises a hardware device, wherein the hardware device of the cryptographically secure credentials device is one of the group consisting of an external device, an external token, an external card, an internal device component, a subscriber identity module (SIM) card, an internal secure co-processor, and a field-programmable gate array (FPGA) (See Ortiz: Para. [0171] – “In the embodiment shown, one or more secure element(s) 116 are provided on SIM cards and/or other, optionally removable, memories”).

In regards to Claim 3, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein the cryptographically secure credentials device is possessed by the entity and leased to the entity by the settlement service (See Ortiz: Para. [0171] – “In the embodiment shown, one or more secure element(s) 116 are provided on SIM cards and/or other, optionally removable, memories”, See Ortiz: Para. [0055] – “EMV is a standard created by Europay, MasterCard and VISA for interoperability of smart cards, including SEs stored on SIM cards, etc., and POS (point of sale) terminals” – Ortiz discloses a SIM card acting as a secure credentials device for a mobile device which a user has possession of. It is known to one of ordinary skill in the art that SIM cards are leased/provided to subscribers to access provided subscriber functionality).

In regards to Claim 4, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein the account information corresponds with one of the group consisting of a credit card, debit card, bank account, vendor account, a social security number, membership identifier, report, and other personally identifiable transactable information (See Haldenby: Para. [0021] – “Payment instruments consistent with the disclosed embodiments may include, but are not limited to, credit and debit card accounts (e.g., Visa.TM. credit card accounts, etc.) held by the customer and issued by one or more financial institutions (e.g., .

In regards to Claims 5 and 19, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of Claim 1, wherein the entity device is enrolled with the settlement service by providing a request containing information comprising authentication information and the account information, that is then authenticated by the settlement device based on the authentication information and the account information (See Bugrov: Para. [0051] – “Enrolling a new device in the industrial control system may include, e.g., connecting the new device to a network maintained by the industrial control system, configuring the new device with appropriate configuration settings, generating a public key and a corresponding private key for the new device”, See Haldenby: Para. [0078] – “POS terminal 122 may transmit selection data 208 to client device 102 across direct communications channel 120A, e.g., through terminal interface unit 128, using a standard EMV communications protocol, such as an application processing data unit (APDU) communications protocol. In one instance, POS terminal 122 may format selection data 208 (and other data exchanged with client device 102 in order to identify the AID of the SV payment application) in accordance with standard EMV command protocols, e.g., as a SELECT EMV command.”), See Haldenby: Para. [0024] – “In certain aspects, the payment application stored and executed by the client device may include an EMV payment application may be compatible with one or more EMV-based transaction protocols, and the POS terminal device and the client device may each perform certain operations consistent with these EMV-based transaction protocols to authorize the initiated payment transaction and submit the , 
wherein the one or more settlement devices are configured to authenticate the entity device using one or more of the group consisting of an asynchronous process and a paused then parallel process (See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.” – Haldenby discloses a settlement device capable of authenticating communications from an entity device (which constitutes an authentication of said device) in real-time/upon receipt of a received transaction indication a.ka. as an asynchronous process),
wherein payment information must match components of the authenticating information provided by the entity device and establish a confirmation response from a trusted party and transmitted by one or more of the group consisting of the entity device to the settlement service and the settlement service to an authorized account of entity, to determine that a request is from an authorized device under an authorized policy of use, wherein an authentication result is available to be communicated (See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.”, See Haldenby: Para. [0092] – “Using the corresponding issuer public key, issuer key validation module 302 may re-compute the digital signature of the .

In regards to Claim 11, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein the one or more settlement devices are further configured to distinguish credentials by labels that are offered for the entity device to use in a transaction and wherein the credentials are one more of the group consisting of defined type credentials and expandable type credentials (See Haldenby: Para. [0078-0079] – “POS terminal 122 may transmit selection data 208 to client device 102 across direct communications channel 120A, e.g., through terminal interface unit 128, using a standard EMV communications protocol, such as an application processing data unit (APDU) communications protocol. In one instance, POS terminal 122 may format selection data 208 (and other data exchanged with client device 102 in order to identify the AID of the SV payment application) in accordance with standard EMV command protocols, e.g., as a SELECT EMV command … Client device 102 may receive selection data 208 through device interface unit 108, and a selection module 209 of client device 102 may process selection data 208 and extract the application identifier assigned to the .

In regards to Claim 12¸ the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein the additional credential data comprises GPS location data of the entity (See Haldenby: Para. [0116] – “In response to the confirmed offline authorization, SV transaction module 410 may generate authorized transaction data 412 that characterizes the authorized SV purchase transaction and includes, but is not limited to, the transaction value (e.g., $2.50), the product identifier (e.g., the UPC of the cup of coffee), additional or alternate data identifying the authorized SV purchase transaction (e.g., a transaction counter of the authorized SV purchase transaction, a transaction time or date, etc.), and additionally of alternatively, data identifying POS terminal 122 (e.g., a location of POS terminal 122, a device identifier, etc.)”).

In regards to Claim 13, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein communication comprises one or more of the group consisting of electronic communication and wireless communication, and communication uses a communication protocol that is one of the group consisting of an industry standard and a vendor specific communications protocol (See Haldenby: Para. [0023] – “The disclosed embodiments are, however, not limited to these exemplary client devices, and in other aspects, the client device 102 may include any additional or alternate device (e.g., a NFC sticker or dongle) .

In regards to Claim 14, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein communication is presented to the entity using one or more of the group consisting of web page, text, short message service (SMS) and an application interface (See Haldenby: Para. [0049] – “POS terminal 122 may, in some instances, include a display unit 125A that displays information to user 101 and an input unit 125B that allows user 101 to input information to POS terminal device 122 (e.g., a keypad, keyboard, touchscreen, voice activated control technologies, or any other type of known input device).”).  

In regards to Claim 15, the combination of Haldenby, Ortiz, and Bugrav discloses:
wherein the payee is a second entity also enrolled to use the settlement service such that the settlement service achieves entity-to-entity payment that is agnostic to any communication protocol and preserves the anonymity of both the entity and the payee from each other where neither has access to any personally identifying information about any other party (See Bugrov: Para. [0051] – “Enrolling a new device in the industrial control system may include, e.g., connecting the new device to a network maintained by the industrial control system, configuring the new device with appropriate configuration settings, generating a public key and a corresponding private key for the new device”, See Haldenby: Para. [0030] – “Environment 100 also includes an issuer system 142, an acquirer system 162, and a payment network system 182, each of which may be interconnected to POS terminal 122 (and in some aspects, client device 102) through any appropriate combination of communications networks, such as network 120B. Examples of network 120B include, but are not limited to, a wireless local area network (LAN), e.g., a "Wi-Fi" network, a network utilizing radio-frequency (RF) communication .

In regards to Claim 16, the combination of Haldenby, Ortiz, and Bugrov discloses:
The system of claim 1, wherein upon receipt of the certificate sent by the payee device and the current account transaction history sent from the entity device, the one or more settlement devices are configured to authenticate the payment settlement request by retrieving the entity public key and testing any signature of the entity, testing the amount requested, testing use constraints, and test any additional information supplied in the payment settlement request received from the payee, using any amount approved by payee certificate, certificate credentials and current account transaction history sent from the entity, and upon positive authentication of the tests the one or more settlement devices securely store results and trigger actions associated with credentials used by the entity and requested responses (See Haldenby: Para. [0061] – “Payment network system 182 may perform operations that clear and settle authorized SV purchase transactions in near real-time using one or more of the exemplary SV purchase transaction clearance and settlement processes described herein. In certain aspects, and to facilitate a performance of these exemplary clearance and settlement processes, payment network system 182 may maintain settlement account data 184 and global block-chain ledger data 186 within the one or more tangible, non-transitory memories.”, See Haldenby: Para. [0092] – “Using the corresponding issuer public key, issuer key validation module 302 may re-compute the digital signature of the contents of the issuer public key certificate 118 (e.g., by concatenating the contents of the issuer key certificate and applying a hash algorithm consistent with the hash algorithm indicator to the concatenated contents), and compare the re-computed .

In regards to Claim 17¸ the combination of Haldenby, Ortiz, and Bugrov discloses:
wherein the designated destination belonging to the payee comprises one of the group consisting of a payee secure credential, a payee settlement address linked account, and creation of a cryptographically generated and public key infrastructure generated digital object sent to the payee secure credential or settlement address (See Haldenby: Para. [0027] – “a time at which the payment-network computing system clears and settles the authorized purchase transaction, and further, credits the acquirer settlement account with funds available for disbursement to the merchant account.”).

Claims 8 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Haldenby in view of Ortiz in further view of Bugrov and Upp (US 20090172798 A1)
In regards to Claims 8 and 20, the combination of Haldenby, Ortiz, and Bugrov discloses the system of claim 1 but fails to explicitly disclose:
wherein the certificate is a secure sealed digital object that cannot be changed after creation by the entity and contains use constraints comprising one or more of the group consisting of a single use X.509 certificate limiting the number of transactions that may be attempted and an expiry constraint, wherein the use constraints are stipulated in an ASN.1 extension that causes a transaction to be blocked when a use constraint is violated.

However, in a similar field of endeavor, Upp discloses:
An immutable digital certificate consisting of an X.509 certificate (See Upp: Para. [0027] – “In one embodiment, the wireless device 102 includes a service manager 118 and one or more authentication contexts 120. An authentication context 120 includes authentication elements such as (but not limited to) a digital certificate 121 (e.g., a X.509 device certificate)”, See Upp: Claim 4 – wherein the immutable digital certificate is a X.509 digital certificate)

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date to substitute the certificate disclosed by the combination of Haldenby, Ortiz, and Bugrov for the immutable X.509 digital certificate and use said certificate in a single-use form in order to increase the overall security of the system by leveraging the X.509 digital certificate’s inherent security benefits.

Claims 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Haldenby in view of Ortiz in further view of Bugrov and Bryant (US 20170061405 A1).

In regards to Claim 6, the combination of Haldenby, Ortiz, and Bugrov discloses the system of claim 5 but fails to explicitly disclose:
wherein the one or more settlement devices are further configured to authenticate the entity device by a government authority, 
wherein the government authority functions as a trusted party and precedes payment and credential creation with a separated payment and the government authority confirmation responses as authentication for credential creation

However, in a similar field of endeavor, Bryant discloses:
A first device configured to authenticate a second device by a government entity
wherein a government authority functions as a trusted party and provides confirmation responses (See Bryant: Para. [0039] – “In some embodiments, authenticating a wearable device may comprise sending an authentication request to the system and/or an entity (for example: a financial institution, an employer, a merchant, a government agency) to associate (e.g., enroll) the wearable device with the user and or the user's relationship with the entity”)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to apply the government entity/authority performing authentication of a device process as disclosed by Bryant to the settlement device disclosed the combination of Haldenby, Ortiz, and Bugrov to authorize the entity device of the combination of Haldenby, Ortiz, and Bugrov preceding payment, in order to increase the overall security of the system by providing an additional method of verification prior to transaction settlement, decreasing the likelihood of fraudulent activity occurring.

Claims 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Haldenby in view of Ortiz in further view of Bugrov, Bryant, and Norman et al. (US 20180332008 A1).

In regards to Claim 7, the combination of Haldenby, Ortiz, Bugrov, and Bryant discloses the system of claim 6 but fails to explicitly disclose:
wherein credentials produced by the government authority, authorized to produce said credentials by the settlement service, operating as a registration authority in a public key infrastructure architecture, produces a first version of credentials and one of the group consisting of an X.509 certificate and a versioned structured document, and a second version of credentials and one of the group consisting of an X.509 certificate and a versioned structured document, wherein the first version comprises information with no personally identifiable information therein, and wherein the second version comprises personally identifiable information that is publicly available and under control and maintenance by the government authority.

However, in a similar field of endeavor, Norman discloses:
A first version of data and a second version of data, wherein the first version comprises information with no personally identifiable information, and wherein the second version comprises personally identifiable information (See Norman: para. [0018] – “The communication system 116 facilitates and manages the communications between customers 140 and end users devices 150. In some embodiments, communication system 116 performs authentication services that authenticates customers 140, users 149 or both with the server system 122 and, optionally, with a selected service providers 161 and 165. The anonymization manager 112 manages the anonymization of end user data. In some embodiments described herein, anonymization may include complete removal of PII or the encryption/obfuscation of PII.” – Norman discloses a method for converting a set a data containing PII to another version/data set containing no PII)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date to apply the data anonymization process disclosed by Norman to the produced credentials by a government authority disclosed by the combination of Haldenby, Ortiz, Bugrov, and Bryant .

Claim 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Haldenby in view of Ortiz in further view of Bugrov and Upp (US 20090172798 A1)

In regards to Claim 9, the combination of Haldenby, Ortiz, and Bugrov discloses the system of claim 1 but fails to explicitly disclose:
wherein credentials comprise one or more industry defined proprietary use ASN.1 data structures to store data unique to the type and use of the credential created, such that the data structure also comprises additional credential data and one or more encryption keys wrapped by the settlement device produced public key that are sent to the entity device and upon response are installed in the cryptographically secure credentials device.

However, in a similar field of endeavor, Kapoor discloses:
A transaction request, acting as a credential, containing transaction unique comprising an ASN.1 data structure, also comprising additional credential data (See Kapoor: Para. [0021] – “The cash request may include, for example, at least the desired amount entered by the requesting user, the current location of the client terminal 4a, the user credentials of the requesting user, etc. The request may be sent using various data formats including Extensible Markup Language (XML), Comma-separated values (CSV), Structured Data eXchange Formats, Abstract Syntax Notation One ( ASN.1), Property list, Hypertext Markup Language (HTML), or similar formats. The request may be sent to the cash-dispensing server 2 over the network 3 using appropriate network protocols.”)

Kapoor for the credential storing unique data as well as additional credential data and encryption keys the combination of Haldenby, Ortiz, and Bugrov transmitted to the entity device of the combination of Haldenby, Ortiz, and Bugrov in order to increase the overall robustness of the invention by transmitting data in a more conventional notation, allowing for the system to communicate with a larger number of peripheral devices.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Oshima et al. (US 7054845 B2) discloses a settlement management device configured to facilitate transaction settlement between and personal computer controlled by a user and a store device connected via a communication system so as to enable bidirectional communication.
Karpenko et al. (US 20150052064 A1) discloses a transaction processing system comprising a consumer mobile device, a merchant computer, a certificate authority, and a payment processing network; wherein the system is configured to process and validating transaction using provided, encrypted data credentials.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS K PHAN whose telephone number is (571)272-6748.  The examiner can normally be reached on M-F 8 am-5 pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 571-270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/NICHOLAS K PHAN/Examiner, Art Unit 3685                                                                                                                                                                                                        
/JAY HUANG/Primary Examiner, Art Unit 3685