Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is a Non-Final Office Action in response to application 16/096,779 entitled "MOBILE PAYMENT METHOD AND APPARATUS" with claims 1 to 11 pending.
Response to Amendment
The amendment filed March 19, 2021, has been entered. Claims 1 to 11 remain pending in the application.  Applicant’s amendments to the Specification, Drawings, and/or Claims have been noted in response to the Non-Final Office Action mailed December 23, 2020. 
  Information Disclosure Statement
The information disclosure statements (IDS) submitted on October 26, 2018, October 18, 2018, and November 11, 2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-4, 6-9, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Smets (“SECURITY FOR MOBILE PAYMENT APPLICATIONS”, U.S. Publication Number: 2016/0217467 A1), in view of Popovich (“IDENTITY ASSERTION BASED ON BIOMETRIC INFORMATION”, U.S. Publication Number: 2016/0142404A1),in view of Sklovsky (“METHOD AND APPARATUS FOR AUTOMATIC NEAR FIELD COMMUNICATION APPLICATION SELECTION IN AN ELECTRONIC DEVICE”, U.S. Publication Number: 2009/0247077A1),SYSTEM AND METHOD FOR SELECTIVELY INITIATING BIOMETRIC AUTHENTICATION FOR ENHANCED SECURITY OF ACCESS CONTROL TRANSACTIONS”, U.S. Publication Number: 2016/0277396 A1),in view of Li (“FINGERPRINT RECOGNITION METHOD AND MOBILE TERMINAL”, U.S. Publication Number: 2018/0173862 A1)

Regarding Claim 1, 
Smets teaches,
A mobile payment method, (Smets [0008]: “Against this background, the present disclosure aims to provide a method of carrying out payment transactions securely using a mobile phone (or other mobile device)…” /Smets[0004]:“The present applicants have also appreciated that it would be possible to use a computing device such as a mobile telephone as a proxy for a payment card. They have also developed a mobile payment application, M/Chip Mobile, which can be downloaded to a mobile cellular telephone handset (hereafter “mobile phone”) to act as a proxy for a payment card using Near Field Communication (NFC) technology standards, which are built in to the majority of current mobile phones.”)
comprising the following steps: executing a non-contact protocol (Smets [0062]:“These communication means may comprise antennae and associated hardware and software to enable communication by NFC and associated contactless card protocols such as those defined under ISO/IEC 14443, or they may comprise an antenna and associated hardware and software to allow local wireless networking using 802.11 protocols or any combination of the above.” / Smets [0004]: “Near Field Communication (NFC) technology standards, which are built in to the majority of current mobile phones. NFC is a development upon RFID, and NFC-enabled devices are able to operate in the same manner as RFID devices—though an NFC-device is active rather than passive, as it is powered by the mobile phone battery rather than relying on inductive pickup from a reader device.” / Smets [0062]: “These communication means may comprise antennae and associated hardware and software to enable communication by NFC and associated contactless card protocols such as those defined under ISO/IEC 14443, or they may comprise an antenna and associated hardware and software to allow local wireless networking using 802.11 protocols or any combination of the above.”)
initialization process between a mobile payment terminal and an external device by the mobile payment terminal; (Smets [0038] “Advantageously, the present disclosure allows the functionality of the two applications to be set in an initialization or personalization step, where instructions for carrying out the process are provided to the applications, via a secure communications channel, from the application service provider prior to the process being executed.” / Smets [Abstract]: “a first application executable within the first execution environment; a second trusted application executable within the second execution environment; and a secure communications channel between the first application and the second trusted application” / Smets [0063]:“Other computer equipment in a conventional infrastructure is typically fixed, but in cases of interest point of interaction (POI) terminals 2 may also be mobile. The example shown is a mobile point-of-sale (MPOS) terminal 2 used by a merchant interacting with the user. This type of POI terminal may support NFC-enabled transactions and/or transactions that involve the use of magnetic stripe technology.”; The prior art includes an initialization process between the applications that reside within a first execution environment (“main operating system and is the environment for regular applications running on the mobile handset”) and a  second execution environment (point of interaction (POI) terminals / mobile point-of-sale (MPOS) terminal))
Smets does not teach determining, by the mobile payment terminal, whether the designated non-contact application supports a fingerprint verification mode; determining, by the mobile payment terminal, whether the designated non-contact application has passed the fingerprint verification, if the fingerprint verification mode is supported; and running the designated non-contact application by the mobile payment terminal to execute a payment operation, if the designated non-contact application has passed fingerprint verification or does not support the fingerprint verification mode; receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application; wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process.
Popovich teaches,
determining, by the mobile payment terminal, whether the designated non-contact application has passed the fingerprint verification, if the fingerprint verification mode is supported; (Popovich [0041]: “At step 603 assertion module 214 determines whether biometric information will be matched by device 101 prior to using the assertion.” / Popovich [0029]: “Assertion module 214 is configured to generate a user identity assertion as a function of the request from device 101.” / Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.” / Popovich[0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”)
and running the designated non-contact application by the mobile payment terminal to execute a payment operation, if the designated non-contact application has passed fingerprint verification or does not support the fingerprint verification mode (Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.”/ Popovich [0045]: “At step 807 logic circuitry determines if the first and the second biometric information matches. If so, the logic flow continues to step 809.” / Popovich [0002]: “Current single sign on identity and access management solutions include industry standard protocols like SAML and OAuth to issue identity assertions (such as tokens, cookies, etc.) to user devices for subsequent access to application servers. These issued identity assertions may have a limited lifetime, or time to live (TTL).” / Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; In the prior art, TTL informs the application how long to permit usage. So a positive first TTL permits the application to run when no biometric information is being matched or does not support the fingerprint verification mode and a positive second TTL permits the application to run when fingerprint verification passed)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Popovich does not teach receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application; wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process.
Sklovsky teaches,
 receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application; (Sklovsky [0028]  For instance, if the near field communication device is a payment terminal, the application identifier may be for a financial transaction application, such as a credit or debit card. / Sklovsky [0053] The application discovery manager 311 identifies this information from the communication signals 303 received from the remote near field communication device.  / Sklovsky [0074] With implicit selection, the remote near field communication terminal triggers the application discovery manager 311. For instance, a financial transaction may be about to transpire, with a plurality of cards in an electronic wallet being suitable for use with a particular near field communication device. The application discovery manager 311 coordinates the various possible selections with the routing switch 316 and the many execution environments, with the final selection being made by the remote near field communication device.")
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich to incorporate the contactless payment teachings of Sklovsky for   “an application discovery manager (311) is configured to automatically select and launch one or more of the near field communication applications.” (Sklovsky [Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. contactless payment application selection) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. easier and less cumbersome payment options)
Sklovsky does not teach wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process.
Gardiner teaches,
wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process. (Gardiner [0003] Electronic transactions—such as for payments or access to a facility or computer—can be conducted using electronic portable transaction devices, such as smart cards or mobile devices. /Gardiner [0004] Similarly, mobile devices such as smartphones, PDAs, tablets, and laptops can provide a platform for electronic transactions. For example, a user of a mobile device can conduct an electronic transaction for purchase of a product or service using an application that communicates with a mobile payment service. Mobile devices can be configured for a token-based authentication and/or a biometric authentication. / Gardiner [0052]  For example, card 410A in coordination with the POS terminal 420A and/or the payment processing system 432 can determine whether the nature of the transaction required additional security and, if so, initiate a token-based authentication procedure. Optionally, the card 410A, a biometric authentication procedure may be initiated. To further enhance security of the transaction, a reconciliation-based authentication procedure may be performed before, during, or after a token-based authentication and/or a biometric based-authentication.)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich and the contactless payment teachings of Sklovsky to incorporate the selective biometric authentication teachings of Gardiner “selectively initiation biometric security based on thresholds” (Gardiner [Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. selective biometric authentication) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. “Additional layers of security, however, may not always be necessary, or desired. For example, biometric authentication may not need to occur for low-value or routine transactions, such as purchases below a certain amount. What is needed is a method of enhanced security that may be selectively applied based on the nature of the transaction.” Gardiner [0005])
Li teaches,
determining, by the mobile payment terminal, whether the designated non-contact application supports a fingerprint verification mode;  (Li [0085] and if the mobile terminal determines, in the first operating system, that the first operating system includes the first fingerprint interface and the second operating system includes the second fingerprint interface)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich and the contactless payment teachings of Sklovsky and the selective biometric authentication teachings of Gardiner  to incorporate the fingerprint recognition teachings of Li “verification information and to-be-verified fingerprint information in a first operating system.” (Li [Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. tokenization) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced payment security)
Regarding Claim 2, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile payment of Claim 1 as described earlier.
Smets, Gardiner, Sklovsky, and Li do not teach the fingerprint verification process is 20executed before it is determined that the designated non-contact application supports the fingerprint verification mode.
Popovich teaches the fingerprint verification process is 20executed before it is determined that the designated non-contact application supports the fingerprint verification mode. (Popovich [0014]: “During operation a user will authenticate to an identity management server (also known as an authorization server or an authentication server) to obtain an identity assertion. An identity assertion will be provided upon successful authentication. The lifetime of the identity assertion will be based on whether or not biometric information of the user will be used by the device to which the assertion is being issued to identify the user prior to allowing the use of the identity assertion.” / Popovich [0023]: “In order to address this issue, identity management server 103 will issue an assertion having a longer lifetime when biometric data is being checked prior to the assertion being used.” /Popovich [0037]: “TTL 402 may be based on whether or not biometric information on a user is going to be used prior to assertion 105 being forwarded.” / Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; Prior art conducts the fingerprint verification process  before it is determined that the designated  application supports or will use a fingerprint verification mode)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Regarding Claim 3, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile payment of Claim 1 as described earlier.
Smets, Gardiner, Sklovsky, and Li do not teach wherein the fingerprint verification process is executed after it is determined that the designated non-contact application supports the 25fingerprint verification mode.
Popovich teaches wherein the fingerprint verification process is executed after it is determined that the designated non-contact application supports the 25fingerprint verification mode. (Popovich [0026]:“one embodiment has device 101 performing user authentication by comparing the user's biometric information periodically after the issuance of an identity assertion and disables or deletes the assertion when the user authentication fails a preconfigured number of attempts within a given time.”/ Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”;  Prior art also can perform fingerprint verification after it is determined that the application supports the fingerprint verification mode)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Regarding Claim 4, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile payment of Claim 1 as described earlier.
Smets does not teachwherein the mobile payment terminal determines whether the designated non-contact application supports the fingerprint verification mode by accessing an application registry, and the application registry saves fingerprint 16FPEL16150232US identification information associated with the non-contact application residing in the mobile payment terminal, the fingerprint identification information comprising an identifier indicating whether the non-contact application supports the fingerprint verification mode and a status flag indicating whether the fingerprint verification is passed 5when the fingerprint verification mode is supported.
Popovich teaches,
wherein the mobile payment terminal determines whether the designated non-contact application supports the fingerprint verification mode by accessing an application registry, and the application registry saves fingerprint 16FPEL16150232US identification information associated with the non-contact application residing in the mobile payment terminal,(Popovich [0045]:“The logic flow begins at step 801 where first biometric information is retrieved by logic circuitry 303 from memory 304. As discussed above, the first biometric information may have been acquired at the time the assertion was received, or alternatively may have been acquired at any point in time prior to the assertion being used. For example, device 101 may be “configured” with the first biometric information at some point in time.”/ Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; Under broadest reasonable interpretation, a memory storage unit may be considered as a registry)
the fingerprint identification information comprising an identifier indicating whether the non-contact application supports the fingerprint verification mode and a status flag indicating whether the fingerprint verification is passed 5when the fingerprint verification mode is supported.(Popovich [0048]: “In another embodiment, one time may represent the total lifetime of the SSO session if no biometric samples are captured subsequent to the assertion issuance, and the 2nd time may represent the total lifetime of the SSO session if biometric samples are captured and the user is successfully authenticated.” / Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.”/ Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; Prior art includes an identifier indicating whether the application supports the fingerprint verification mode (“the first TTL will indicate a TTL when no biometric information is being matched”) and a status flag indicating whether the fingerprint verification is passed 5when the fingerprint verification mode is supported(“2nd time”))
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Regarding Claim 6, 
Smets teaches,
A mobile payment terminal, (Smets[0003]: “Many payments are made at a retail location, typically with a physical transaction card interacting with a point of sale (POI) terminal to perform a transaction.” /Smets[0063]:“Other computer equipment in a conventional infrastructure is typically fixed, but in cases of interest point of interaction (POI) terminals 2 may also be mobile. The example shown is a mobile point-of-sale (MPOS) terminal 2 used by a merchant interacting with the user. This type of POI terminal may support NFC-enabled transactions and/or transactions that involve the use of magnetic stripe technology.”)
comprising: a near-field communication unit,(Smets[0021]: “The payment transaction may correspond to any one of: a remote payment transaction, an NFC-enabled transaction, and a magnetic stripe transaction.” /  Smets[0062]: “These communication means may comprise antennae and associated hardware and software to enable communication by NFC and associated contactless card protocols such as those defined under ISO/IEC 14443, or they may comprise an antenna and associated hardware and software to allow local wireless networking using 802.11 protocols or any combination of the above.” / Smets [0063]:“Other computer equipment in a conventional infrastructure is typically fixed, but in cases of interest point of interaction (POI) terminals 2 may also be mobile. The example shown is a mobile point-of-sale (MPOS) terminal 2 used by a merchant interacting with the user. This type of POI terminal may support NFC-enabled transactions and/or transactions that involve the use of magnetic stripe technology.”)
configured to execute a non-contact protocol initialization process between the mobile payment terminal and an external device, (Smets[0062]: “These communication means may comprise antennae and associated hardware and software to enable communication by NFC and associated contactless card protocols such as those defined under ISO/IEC 14443, or they may comprise an antenna and associated hardware and software to allow local wireless networking using 802.11 protocols or any combination of the above.” / Smets [0063]:“Other computer equipment in a conventional infrastructure is typically fixed, but in cases of interest point of interaction (POI) terminals 2 may also be mobile. The example shown is a mobile point-of-sale (MPOS) terminal 2 used by a merchant interacting with the user. This type of POI terminal may support NFC-enabled transactions and/or transactions that involve the use of magnetic stripe technology.”)
and receive a selection command from the external device, the selection command designating a 25non-contact application running in the mobile payment terminal; (Smets [0090]:“At Step 210, the user confirms the payment details and selects a digitized card to use, initiating the processing of a DSRP transaction by the MPA 14;”)
a fingerprint verification unit, configured to execute a fingerprint verification process; (Smets [0028]: “the mobile computing device further comprises a biometric sensor for use in authenticating a user of the device.”)
Smets, Sklovsky, and Li do not teach an embedded security element, which comprises a fingerprint triggering module configured to:  determine whether the designated non-contact application supports a fingerprint  verification mode;  determine whether the designated non-contact application has passed the fingerprint verification, if the fingerprint verification mode is supported; and instruct running the designated non-contact application in the mobile payment terminal to execute a payment operation, if the designated non-contact application has passed fingerprint verification or does not support the fingerprint verification mode; wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process
Popovich teaches,
 an embedded security element, which comprises a fingerprint triggering module (Popovich [0029]: “The authentication module 212 is configured to authenticate the identity of the user 104 via device 101 in response to a request for a user identity assertion from device 101.”  )
configured to:  determine whether the designated non-contact application supports a fingerprint 17FPEL16150232US verification mode; (Popovich [0036]: “Identity assertion 105 comprises …optional biometric data requirement bit 403.”/ Popovich [0041] : “information is received indicating whether or not device 101 will be performing biometric matching prior to using the identity assertion.” / Popovich[0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.)
determine whether the designated non-contact application has passed the fingerprint verification, if the fingerprint verification mode is supported;(Popovich [0041]: “At step 603 assertion module 214 determines whether biometric information will be matched by device 101 prior to using the assertion.” / Popovich [0029]: “Assertion module 214 is configured to generate a user identity assertion as a function of the request from device 101.” / Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.” / Popovich[0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”)
 and instruct running the designated non-contact application in the mobile payment terminal 5to execute a payment operation, if the designated non-contact application has passed fingerprint verification or does not support the fingerprint verification mode,(Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.”/ Popovich [0045]: “At step 807 logic circuitry determines if the first and the second biometric information matches. If so, the logic flow continues to step 809.” / Popovich [0002]: “Current single sign on identity and access management solutions include industry standard protocols like SAML and OAuth to issue identity assertions (such as tokens, cookies, etc.) to user devices for subsequent access to application servers. These issued identity assertions may have a limited lifetime, or time to live (TTL).” / Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”;   In the prior art, TTL informs the application how long to permit usage. So a positive first TTL permits the application to run when no biometric information is being matched or does not support the fingerprint verification mode and a positive second TTL permits the application to run when fingerprint verification passed )
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Popovich does not teach wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process.
Gardiner teaches,
wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process. (Gardiner [0003] Electronic transactions—such as for payments or access to a facility or computer—can be conducted using electronic portable transaction devices, such as smart cards or mobile devices. /Gardiner [0004] Similarly, mobile devices such as smartphones, PDAs, tablets, and laptops can provide a platform for electronic transactions. For example, a user of a mobile device can conduct an electronic transaction for purchase of a product or service using an application that communicates with a mobile payment service. Mobile devices can be configured for a token-based authentication and/or a biometric authentication. / Gardiner [0052]  For example, card 410A in coordination with the POS terminal 420A and/or the payment processing system 432 can determine whether the nature of the transaction required additional security and, if so, initiate a token-based authentication procedure. Optionally, the card 410A, a biometric authentication procedure may be initiated. To further enhance security of the transaction, a reconciliation-based authentication procedure may be performed before, during, or after a token-based authentication and/or a biometric based-authentication.)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich and the contactless payment teachings of Sklovsky to incorporate the selective biometric authentication teachings of Gardiner “selectively initiation biometric security based on thresholds” (Gardiner [Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. selective biometric authentication) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. “Additional layers of security, however, may not always be necessary, or desired. For example, biometric authentication may not need to occur for low-value or routine transactions, such as purchases below a certain amount. What is needed is a method of enhanced security that may be selectively applied based on the nature of the transaction.” Gardiner [0005])
Regarding Claim 7, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile payment terminal of Claim 6 as described earlier.
Smets teaches wherein the mobile payment terminal is a mobile phone. (Smets [0062]:“A user (not shown) is provided with a payment device—this may be for example a mobile computing device, such as a mobile phone 1”)
Regarding Claim 8, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile paymentterminal of Claim 6 as described earlier.
Smets, Gardiner, Sklovsky, and Li do not teach wherein the embedded security element further comprises an application registry that can be accessed by the fingerprint 15triggering module, wherein the application registry saves fingerprint identification information associated with the non-contact application residing in the mobile payment terminal, (Popovich [0045]:“The logic flow begins at step 801 where first biometric information is retrieved by logic circuitry 303 from memory 304. As discussed above, the first biometric information may have been acquired at the time the assertion was received, or alternatively may have been acquired at any point in time prior to the assertion being used. For example, device 101 may be “configured” with the first biometric information at some point in time.”/ Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; Under broadest reasonable interpretation, a memory storage unit may be considered as a registry)
the fingerprint identification information comprising an identifier indicating whether the non-contact application supports the fingerprint verification mode and a status flag indicating whether the fingerprint verification is passed when the fingerprint 20verification mode is supported.(Popovich [0048]: “In another embodiment, one time may represent the total lifetime of the SSO session if no biometric samples are captured subsequent to the assertion issuance, and the 2nd time may represent the total lifetime of the SSO session if biometric samples are captured and the user is successfully authenticated.” / Popovich [0036]: “In this case, the first TTL will indicate a TTL when no biometric information is being matched, while the second TTL will indicate a TTL when biometric information is being matched.”/ Popovich [0042]: “biometric information may be taken from the group consisting of … a finger print, … an iris scan, a finger/palm vein print.”; Prior art includes an identifier indicating whether the application supports the fingerprint verification mode (“the first TTL will indicate a TTL when no biometric information is being matched”) and a status flag indicating whether the fingerprint verification is passed 5when the fingerprint verification mode is supported(“2nd time”))
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)

Regarding Claim 9, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile paymentterminal of Claim 8 as described earlier.
Smets, Gardiner, Sklovsky, and Li do not teach wherein the embedded security element further comprises a fingerprint identification processing module which is configured to update the status flag in the application registry based on a result of 25fingerprint verification of the fingerprint verification unit.
Popovich teaches,
 wherein the embedded security element further comprises a fingerprint identification processing module which is configured to update the status flag in the application registry based on a result of 25fingerprint verification of the fingerprint verification unit. (	Popovich [Figure 2]: 
    PNG
    media_image1.png
    536
    853
    media_image1.png
    Greyscale
/Popovich [0029]: “Memory 210 may include an authentication module 212 and an assertion module 214. The authentication module 212 is configured to authenticate the identity of the user 104 via device 101 in response to a request for a user identity assertion from device 101” / Popovich [0040]: “At step 503 processor 230 accesses authentication module 212 to authenticate device 101. Once authenticated, processor 230 accesses assertion module 214 to obtain an identity assertion (step 505). As discussed above, the TTL for the identity assertion will be based on whether or not biometric information will be acquired prior to using the identity assertion.”; Prior art includes an identifier indicating whether the application supports the fingerprint verification mode (“the first TTL will indicate a TTL when no biometric information is being matched”) and a status flag indicating whether the fingerprint verification is passed 5when the fingerprint verification mode is supported(“2nd time”))
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Regarding Claim 11, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile paymentterminal of Claim 11 as described earlier.
Smets teaches wherein the designated non-contact application runs in the embedded security element. (Smets [0009]: “The mobile computing device comprises a first application executable within the first execution environment.” / Smets [0013]: “Optionally, a first one of the one or more data items comprises an authentication code for use in authenticating a process executed by the first application in the first execution environment.” / Smets[0032]:“The method comprises establishing a secure communications channel between a first application in the first execution environment and a second trusted application in the second execution environment.”)


Claims 5 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Smets, Popovich, Gardiner, Sklovsky , and Li view of Johnson (“FINGERPRINT COMPILER PROGRAM OF EXPLANATION”, U.S. Publication Number: 2007/0292006A1).
Regarding Claim 5, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile payment of Claim 4 as described earlier.
Smets, Gardiner, Sklovsky, and Li do not teach wherein the step of determining by the mobile payment terminal whether the fingerprint verification is passed comprises: a) reading the status flag;  10b) if the status flag is a first set value, determining that the designated non-contact application has passed the fingerprint verification, and if the status flag is a second set value, determining that the designated non-contact application has not passed the fingerprint verification;  c) if the status flag is a third set value, executing a fingerprint verification process and 15repeating steps a) and b), wherein in the process of executing fingerprint verification, if the fingerprint verification is passed, the status flag is set at the first set value, otherwise it is set at the second set value; and d) resetting the status flag at a third set value after the status flag has been set at the first set value or the second set value for a preset period of time.
Popovich teaches,
wherein the step of determining by the mobile payment terminal whether the fingerprint verification is passed, (Popovich [0048]: “if biometric samples are captured and the user is successfully authenticated.”) comprises: 
a) reading the status flag; (Popovich [0045]: “The logic flow continues to step 805 where the first and second biometric information are compared by logic circuitry 303.”/ Popovich [0047]: “the assertion may optionally contain two or more time values. In one embodiment, one time may represent the total lifetime (TTL) of the SSO session, and a second time may specify the maximum time allowed between biometric samples of the user 104 behind device 101.”; It is inherent that for two values to be compared, they had to have been read first. Time values may be interpreted as flags)  10
b) if the status flag is a first set value, determining that the designated non-contact application has passed the fingerprint verification, (Popovich [0048]: “the 2nd time may represent the total lifetime of the SSO session if biometric samples are captured and the user is successfully authenticated.”)
and if the status flag is a second set value, determining that the designated non-contact application has not passed the fingerprint verification;   (Popovich [0045]:“At step 807 logic circuitry determines if the first and the second biometric information matches…If not, the logic flow continues to step 811 where the assertion is locked, deleted, or rendered unusable by logic circuitry 303.”; The assertion that includes both times (TTL), locks, deletes, or renders unusable one or both values)
wherein in the process of executing fingerprint verification, if the fingerprint verification is passed, the status flag is set at the first set value, (Popovich [0045]: “At step 807 logic circuitry determines if the first and the second biometric information matches. If so, the logic flow continues to step 809.” /Popovich [0048]: “and the 2nd time may represent the total lifetime of the SSO session if biometric samples are captured and the user is successfully authenticated.”)
otherwise it is set at the second set value; (Popovich [0045]: “At step 807 logic circuitry determines if the first and the second biometric information matches....If not, the logic flow continues to step 811 where the assertion is locked, deleted, or rendered unusable by logic circuitry 303.”;  If verification fails, the assertion can be deleted which inherently creates a value of NULL)
d) resetting the status flag at… or the second set value for a preset period of time.(Popovich [0037]: “For example, assertion 105 may have a 5 minute time to live if no biometric information is required from the user, and have a 15 minute time to live when biometric information is required from the user.”)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Popovich does not teach c) if the status flag is a third set value, executing a fingerprint verification process and 15repeating steps a) and b), wherein in the process of executing fingerprint verification, if the fingerprint verification is passed, the status flag is set at the first set value, otherwise it is set at the second set value; and d) resetting the status flag at a third set value after the status flag has been set at the first set value
Johnson teaches,
c) if the status flag is a third set value, (Johnson [0069]: “so as each Individuals fingerprint a minute point signal value, and further, each minute point generating a signal in numerical value, where by each value generates a definite signal output value”)
executing a fingerprint verification process (Johnson [0069]: “as the transmitted fingerprint enters the fingerprint database Housing, it passes through a companion modem or like device, ... the sent fingerprint continues inside the Fingerprint database system...start means of the database's CPU to execute a search program for the seated Fingerprint once the fingerprint is identified in the database”)
and 15repeating steps a) and b), (Johnson [0069]: “at which Time the database will once again do all of the aforementioned order of operations in its Repetitive preprogrammed cycles.”; )
 and d) resetting the status flag at a third set value after the status flag has been set at the first set value(Johnson [0069]: “Meanwhile the output from the Interacting conversational database CPU continues its closing statements, signaling Release of the original fingerprint from the holding circuit housing, clearing the cache, all Registers along with all data associated with that particular sent fingerprint and switches The database off to a standby position, awaiting another fingerprints entrance”)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich and the contactless payment teachings of Sklovsky and the tokenization teachings of Gardiner and the fingerprint recognition teachings of Li incorporate the fingerprint compiler teachings of Johnson to “solve a lot of problems in the industries such as banks, Credit Card Airports (fraud, lost or stolen purses keys, passbooks,…)” (Johnson[Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. fingerprint assesment) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Regarding Claim 10, 
Smets, Popovich, Gardiner, Sklovsky, and Li teach the mobile paymentterminal of Claim 8 as described earlier.
Smets does not teachwherein the fingerprint triggering module is configured to determine whether the fingerprint verification is passed in the following manner:  18FPEL16150232US a) reading the status flag; b) if the status flag is a first set value, determining that the designated non-contact application has passed the fingerprint verification, and if the status flag is a second set value, determining that the designated non-contact application has not passed the 5fingerprint verification; c) if the status flag is a third set value, executing a fingerprint verification process and repeating steps a) and b), wherein in the process of executing fingerprint verification, if the fingerprint verification is passed, the status flag is set at the first set value by the fingerprint identification processing module, otherwise it is set at the second set value by 10the fingerprint identification processing module; and d) resetting the status flag at a third set value by the fingerprint identification processing module after the status flag has been set at the first set value or the second set value for a preset period of time.
Popovich teaches,
wherein the fingerprint triggering module is configured to determine whether the fingerprint verification is passed (Popovich [0048]: “if biometric samples are captured and the user is successfully authenticated.”) in the following manner:  18FPEL16150232US
a) reading the status flag; (Popovich [0045]: “The logic flow continues to step 805 where the first and second biometric information are compared by logic circuitry 303.”/ Popovich [0047]: “the assertion may optionally contain two or more time values. In one embodiment, one time may represent the total lifetime (TTL) of the SSO session, and a second time may specify the maximum time allowed between biometric samples of the user 104 behind device 101.”; It is inherent that for two values to be compared, they had to have been read first)  
b) if the status flag is a first set value, determining that the designated non-contact application has passed the fingerprint verification, (Popovich [0048]: “the 2nd time may represent the total lifetime of the SSO session if biometric samples are captured and the user is successfully authenticated.”)
and if the status flag is a second set value, determining that the designated non-contact application has not passed the 5fingerprint verification;(Popovich [0045]:“At step 807 logic circuitry determines if the first and the second biometric information matches…If not, the logic flow continues to step 811 where the assertion is locked, deleted, or rendered unusable by logic circuitry 303.”; The assertion that includes both times (TTL), locks, deletes, or renders unusable one or both values)
otherwise it is set at the second set value; (Popovich [0045]: “At step 807 logic circuitry determines if the first and the second biometric information matches....If not, the logic flow continues to step 811 where the assertion is locked, deleted, or rendered unusable by logic circuitry 303.”;  If verification fails, the assertion can be deleted which inherently creates a value of NULL )
d) resetting the status flag at… or the second set value for a preset period of time. (Popovich [0037]: “For example, assertion 105 may have a 5 minute time to live if no biometric information is required from the user, and have a 15 minute time to live when biometric information is required from the user.”)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets to incorporate the timed biometric authentication teachings of Popovich for scenarios “where higher assurance solutions are used (e.g. multi-factor user authentication is required), and where an identity management server may not always be reachable (public safety use cases such as at an incident scene)” (Popovich [0015]).The modification would have been obvious, because it is merely applying a known technique (i.e. time to live (TTL) and biometric security) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)
Popovich does not teach c) if the status flag is a third set value, executing a fingerprint verification process and repeating steps a) and b), wherein in the process of executing fingerprint verification, if the fingerprint verification is passed, the status flag is set at the first set value by the fingerprint identification processing module, otherwise it is set at the second set value by 10the fingerprint identification processing module; and d) resetting the status flag at a third set value by the fingerprint identification processing module after the status flag has been set at the first set value.
Johnson teaches,
c) if the status flag is a third set value, (Johnson [0069]: “so as each Individuals fingerprint a minute point signal value, and further, each minute point generating a signal in numerical value, where by each value generates a definite signal output value”)executing a fingerprint verification process (Johnson [0069]: “as the transmitted fingerprint enters the fingerprint database Housing, it passes through a companion modem or like device, ... the sent fingerprint continues inside the Fingerprint database system...start means of the database's CPU to execute a search program for the seated Fingerprint once the fingerprint is identified in the database”)
and 15repeating steps a) and b), (Johnson [0069]: “at which Time the database will once again do all of the aforementioned order of operations in its Repetitive preprogrammed cycles.”; )
 and d) resetting the status flag at a third set value after the status flag has been set at the first set value (Johnson [0069]: “Meanwhile the output from the Interacting conversational database CPU continues its closing statements, signaling Release of the original fingerprint from the holding circuit housing, clearing the cache, all Registers along with all data associated with that particular sent fingerprint and switches The database off to a standby position, awaiting another fingerprints entrance”)
It is prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the mobile payment system of Smets and the timed biometric authentication teachings of Popovich and the contactless payment teachings of Sklovsky and the selective biometric authentication teachings of Gardiner and the fingerprint recognition teachings of Li incorporate the fingerprint compiler teachings of Johnson to “solve a lot of problems in the industries such as banks, Credit Card Airports (fraud, lost or stolen purses keys, passbooks,…)” (Johnson[Abstract]).The modification would have been obvious, because it is merely applying a known technique (i.e. fingerprint assessment) to a known device (i.e. payment processing device) ready for improvement to yield predictable result (i.e. enhanced security)

Response to Remarks
Applicant's arguments filed on March 19, 2021 have been fully considered and Examiner’s remarks to Applicant’s amendments follow.   
Applicant made no changes to the claims.
Response Remarks on Claim Rejections - 35 USC § 103
Examiner maintains the previous prior art references, in combination, anticipate the Applicant’s invention. 
The Applicant states:
“In some cases, a plurality of non-contact applications are installed in a mobile payment terminal, e.g., mobile phone. In claim 1, the selection command received from the external device is used for indicating which non-contact application is to be executed and thus the mobile payment terminal can determine whether the application supports the fingerprint verification mode…. the Examiner alleges that Sklovsky teaches "receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application". At least based on the following reasons, the Applicant respectfully submits that Sklovsky has neither teaching nor suggestion on "receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application"…. As disclosed in Sklovsky, "During this communication, the portable electronic device can receive a communication request from the near field communication device. From this communication device request, the portable electronic device identifies the near field communication technology, the communication protocol, and an application identifier." (paragraph [0028]). The Examiner appears to equate the application identifier with the claimed selection command. Since it can determine from the communication device request the communication protocol and the application identifier, Sklovsky teaches the selection command is sent during, not after the non-contact protocol initialization process."
Examiner responds:
  Sklovsky anticipates the limitation, “receiving a selection command from the external device by the mobile payment terminal, the selection command designating a non-contact application.” The Examiner cited the following passages:
Sklovsky [0028]  For instance, if the near field communication device is a payment terminal, the application identifier may be for a financial transaction application, such as a credit or debit card.
Sklovsky [0053] The application discovery manager 311 identifies this information from the communication signals 303 received from the remote near field communication device. 
Sklovsky [0074] With implicit selection, the remote near field communication terminal triggers the application discovery manager 311. For instance, a financial transaction may be about to transpire, with a plurality of cards in an electronic wallet being suitable for use with a particular near field communication device. The application discovery manager 311 coordinates the various possible selections with the routing switch 316 and the many execution environments, with the final selection being made by the remote near field communication device.
Sklovsky accommodates a plurality of financial transaction applications. Sklovsky [0028] says “a financial transaction application, such as a credit or debit card.” It does not read “the financial transaction application.” Moreover, the abstract reads, “In a portable electronic device (100) having a plurality of near field communication applications stored within a plurality of execution environments, an application discovery manager (311) is configured to automatically select and launch one or more of the near field communication applications.”
Sklovsky teaches the selection command can be sent   after the non-contact protocol initialization process:
Sklovsky [0106] At step 704, the application manager (310) can initialize user pre-selected applications at an execution environment for a fast response to an external device communication request upon a further selection step. The application manager (310) then launches the application discovery manager (311) at step 705 to manage the automatic selection of a near field communication application at all protocol and application levels.
This illustrates that an initialization process first occurs, then the application selection proceeds. Furthermore, Sklovsky [0026] Relational terms such as first and second, top and bottom, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The Applicant states:
“That is, the application discovery manager 311 does not determine whether the application selected by the remote near field communication device supports a fingerprint verification mode based on the application identifier in the communication device request. 
Furthermore, Sklovsky at most teaches there is a need to facilitate automatic selection of a near field communication application (paragraph [0010]) and fails to recognizes the need of determining whether the application supports the fingerprint verification mode. Thus, one skilled artisan in the art would not be inspired to use the selection command to designate the non-contact application from Sklovsky.."
Examiner responds:
Examiner did not rely upon Sklovsky to teach “determining, by the mobile payment terminal, whether the designated non-contact application supports a fingerprint verification mode.” . Originally, in the first Office Action (January 7, 2020), Examiner used Popovich:
Popovich [0041]  information is received indicating whether or not device 101 will be performing biometric matching prior to using the identity assertion.
Popovich [0042] As discussed above, biometric information may be taken from the group consisting of a heart rate/rythm, a retina scan, a facial scan, a blood pressure, a respiration rate, a finger print, a heart rate/rhythm, a voice print, a brainwave, an iris scan, a finger/palm vein print.
This is further clarified by:  
[0016] Additionally, a biometric comparison may be performed each time the user tries to access an application using the assertion. Additionally, biometric comparisons may be performed periodically and continuously (e.g., once a second) in order to extend the lifetime of an identity assertion.
[0020] Device 101 stores the assertion 105 until the user attempts to gain access to application server 102. When requesting access to application server 102, device 101 sends the assertion 105 to application server 102 in lieu of entering a user name and password.
Later Examiner cited Li:
Li [0085] and if the mobile terminal determines, in the first operating system, that the first operating system includes the first fingerprint interface and the second operating system includes the second fingerprint interface
The application’s role is further clarified   by Li [0086] “before the mobile terminal obtains the verification information and the to-be-verified fingerprint information in the first operating system, optionally, an application on the mobile terminal sends a query request to the first operating system by using a query interface provided by the first operating system (where the query request is used to query information about a fingerprint interface included in the first operating system and/or the second operating system);”
Both references independently anticipate the claim limitation.

The Applicant states:
“In the present Office Action, the Examiner alleges that Gardiner has teaching on "wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process". At least based on the following reasons, the Applicant respectfully submits that Gardiner has neither teaching nor suggestion on this limitation.... The Examiner appears to equates the additional authentication with the fingerprint verification. Gardiner, however, fails to disclose the relationship between the additional authentication procedure and the procedure of establishing communications between the PTD 110 and the TPS 130….. Moreover, in Gardiner, a new transaction is initiated when a user presents the smart payment card 410A at the POS terminal 420A to pay for products and/or services by inserting the card 410A into the POS terminal 421 (paragraph [0052]). Thus, Gardiner has no suggestion that the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process as claimed…. Indeed, Gardiner merely describes the relationship between the authentication procedures. "
Examiner responds:
Examiner maintains that Gardiner describes the limitation "wherein the execution of the non-contact protocol initialization process is independent of the execution of the fingerprint verification process" :
Gardiner [0004] Similarly, mobile devices such as smartphones, PDAs, tablets, and laptops can provide a platform for electronic transactions. For example, a user of a mobile device can conduct an electronic transaction for purchase of a product or service using an application that communicates with a mobile payment service. Mobile devices can be configured for a token-based authentication and/or a biometric authentication.
Gardiner [0052]  For example, card 410A in coordination with the POS terminal 420A and/or the payment processing system 432 can determine whether the nature of the transaction required additional security and, if so, initiate a token-based authentication procedure. Optionally, the card 410A, a biometric authentication procedure may be initiated. To further enhance security of the transaction, a reconciliation-based authentication procedure may be performed before, during, or after a token-based authentication and/or a biometric based-authentication.
“Optionally” and “and/or” indicate the biometric authentication is independent of all other actions. Furthermore, an initialization process or  “reconciliation-based authentication procedure may be performed before, during, or after …. a biometric based-authentication” indicates an independence of the processes. 
Therefore, the rejection under  35 USC § 103 remains.
Prior Art Cited But Not Applied












The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:












Gerstner ("NEW WAYS TO PAY WITH YOUR PHONE", published in Kiplinger's Personal Finance on February 2016) discusses NFC payment technologies for mobile devices. 
Castinado (“System for tokenization and token selection associated with wearable device transactions”, U.S. Publication Number: 2017/0091745A1) discusses tokenization and token selection associated with wearable device transactions.
O'Regan (“METHOD AND SYSTEM FOR AUTHORIZING A TRANSACTION”, U.S. Publication Number: 2017/0169435 A1) proposes authorizing a transaction using biometric data.
Johnson (“APPROVING TRANSACTIONS USING A CAPTURED BIOMETRIC TEMPLATE”, U.S. Patent Number: 10,339,291 B2) teaches conducting transactions without a debit card or credit card may receive a request to complete a transaction including authentication data associated with a transaction account and a captured biometric template.
Stewart (“SYSTEM FOR VERIFYING AN IDENTITY OF A CARD HOLDER”, U.S. Publication Number: 2015/0081552 A1) proposes obtaining a geographically remote biometric scan of a card holder's fingerprint for verification of a performance of a transaction.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHINEDU EKECHUKWU whose telephone number is (571)272-4493.  The examiner can normally be reached on Mon-Fri 9 AM ET to 3:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christine M. Behncke can be reached on (571) 272-8103.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/C.E./Examiner, Art Unit 3697

/HAO FU/Primary Examiner, Art Unit 3697