DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
This communication is in respond to the applicant’s request for continued examination filed on 01/21/2021. Claims 1-2, 8-10, and 15, Claim 18 was added, and Claims 3, 7, 11, and 14 were cancelled. Claims 1-2, 4-6, 8-10, 12-13, and 15-18 are currently pending and have been examined.

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because reference characters "111" and "110" have both been used to designate ‘Electronic Device’.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 4-6 and 9-10, and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Neumann (US20180198614), and Graylin, et al (US20140249948).

Regarding claim 1, Neumann teaches:  An electronic device (authentication server 201) comprising:
	a plurality of communication circuits including a first communication circuitry (e.g. personal local authentication factor 301) of the electronic device (e.g. first authentication device 101) and a second communication circuitry (e.g. communication a memory (e.g. memory on the second authentication device 102) and a processor (e.g. authentication server 201) configured to: 
	[0141]-[0143] The method of direct transmission of the Authentication device secret 10 may use any suitable communication technologies 402 between the technical means of Authentication devices 101 and 102, such as taking photo of QR code, infrared communication, NFC communication, direct connection, etc.
	Examiner notes that one of ordinary skill in the art would understand from reading the reference that the term memory and processor are not explicitly recited in the prior art as being part of the electronic devices, however, it is implicit that the authentication server 201 contains a memory and a processor (see further 2144.01 Implicit Disclosure: "In considering the disclosure of a reference, it is proper to take into account not only specific teachings of the reference but also the inferences which one skilled in the art would reasonably be expected to draw therefrom." In re Preda, 401 F.2d 825, 826, 159 USPQ 342).
	control the memory to store verification information (e.g. ADS) including first verification information (e.g. sensitive information) which is received from a [token] server (e.g. second authentication server 202) via a payment server (e.g. Sp2), ([0012] These authentication devices transfer various synchronization information to each other as needed. Preferably, at least the sensitive information transferred between the authentication devices mapped to an account of one user is encrypted; more preferably, an authentication device secret (hereinafter ADS) shared by all the authentication devices belonging to the account of said user is used. [0136] In order to verify the correspondence of the entered value of Personal local authentication factor 301 with the reference value, Personal local authentication factor administration module 1 in co-operation with Personal local authentication factor administration support module 2 of Authentication server 202 of the service provider SP2 process the entered value in order to be able to check in the future that the same or a different Personal local authentication factor 301 value was entered.
	in response to a [verification] request input through the electronic device, control to transmit, through the first communication circuitry, payment data (e.g. transaction authentication data) including the first verification information (e.g. sensitive information) from among the stored verification information to a payment device (authentication server),  [0148] Primary module 7 of the replica of the First authentication device 101 in co-operation with the Personal local authentication factor administration module 1 of the First authentication device 101 requests input of Personal local authentication factor 301.	
	Examiner considers that the phrase “payment data including first verification information from among the stored verification information’ is non-functional descriptive material as it only describes, at least in part, the ‘characteristics of the payment data.’ However, the characteristics of the ‘payment data’ fail to affect how to perform any of the recited steps.  It has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. (In re Gulack, 217 USPQ 401 (Fed. Cir. 1983), In re Ngai, 70 USPQ2d (Fed. Cir. 2004), In re Lowry, 32 USPQ2d 1031 (Fed. Cir. 1994); MPEP 2111.05), Ex parte Nehls 88 USPQ2d 1883 (BPAI 2008) (precedential).
	in response to the payment data  (e.g. transaction authentication information) being transmitted by the first communication circuitry (e.g. personal local authentication factor 301), receive a payment response message (e.g. correspondence) including information related to a payment execution corresponding to the payment data through the second communication circuitry (e.g. communication technology 402) from the payment server (e.g. Sp2), ([0136] In order to verify the correspondence of the entered value of Personal local authentication factor 301 with the reference value, Personal local authentication factor administration module 1 in co-operation with Personal local authentication factor administration support module 2 of Authentication server 202 of the service provider SP2 process the entered value in order to be able to check in 
	in response to the payment response message (e.g. correspondence) indicating that the first verification information was used to verify a payment approval (e.g. authenticate), delete the first verification information (e.g. sensitive information) from among the stored verification information and ([0105] At the moment of connection of a different authentication device to one of the authentication servers and after its authentication, the contents of the queue are transmitted to the authentication device, wherein they are processed according to the timestamps, in the order according to the authentication server timestamps. Timestamps of the authentication device are used to group the individual parts of the data set and to distinguish and potentially exclude duplicate synchronization via different authentication servers. [0106] During processing of the synchronization data for deletion of the Personal Local Authentication Factor, the second authentication device requests user confirmation of the deletion. [0107] In the event the user confirms the deletion, the authentication device deletes the relevant data of the deleted Personal Local Authentication Factor from the internal records of the authentication device and prepares synchronization messages about deletion of the Personal Local Authentication Factor.
	in response to deleting the first verification information (e.g. sensitive information), control the second communication circuitry (e.g. communication technology 402) to transmit a request for a new verification information to the [token] server (e.g. second authentication server 202) and control the memory to store the new verification information received from the [token] server (e.g. second authentication server 202) via the payment server (e.g. Sp2),wherein ([0181] The User maps to his user account the Second authentication device 102 to serve as a backup and for manual recovery from an extraordinary situation (e.g. theft or malfunction of the First authentication device 101). [0182] In co-operation with the Secondary module 8 of the replica of the Second authentication device 102 and in co-operation with the Support module 9 of the replica of Authentication server 201 or 202 of service provider SP1 or SP2, Primary module 7 of the replica of the First authentication device 101 creates a secured communication channel 12 between the First authentication device 101 and the Second authentication device 102 via Authentication server 201 or 202 ensuring secure communication via Unsecured network 401.
	the first communication circuitry is configured to transmit using [close contact technologies], the payment data and wherein ([0023] ADS can be transferred between authentication devices e.g. using close contact technologies such as NFC, Bluetooth, QR code, etc. This preferred embodiment thus improves the security of data transferred subsequently between authentication devices using the authentication servers.
	Examiner considers that one of ordinary skill in the art would understand from reading the reference that, ‘close contact technologies’ reads to magnetic swipe transmission (MST) methods.
	the second communication circuitry (e.g. communication technology 402) is configured to receive, through a cellular communication network, the payment response message ([0009] The possibility of using multiple authentication appliances can, however, serve to significantly improve user comfort and security. When the user accesses the services of the providers from multiple devices and in different situations (from home, at work, while travelling), he may find it advantageous to use a variety of devices (personal computer, laptop, tablet, smart phone).


	Neumann does not explicitly teach the limitation of using a Token Server, however Graylin, et al from a same or analogous art teaches at least Token Server: 
	including first verification information which is received from a token server ([0056] The system can control if the magnetic stripe data is stored as payment or non-payment card data, thus the system can be used in disconnected mode in different ways. Applications of this method can include sending dynamic payment card tokens from the server for one-time payment use, and remote check-in for hotel rooms without going to the front desk.) 	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify the processes of Neumann, with the types of tokens created by a server presented by Graylin, et al. Processors, and networks authorize transaction tokens for the purpose of ecommerce and other transactions. Merchants, users, and banks all need verification through secure networks that transaction information is accurate in order to protect assets. Using various types of secure communication methods for two-factor authentication only serves to improve security.

	Neumann does not explicitly teach the limitation of using a Payment request, however Graylin, et al from a same or analogous art teaches at least Payment request: 
	in response to a payment request (e.g. request for card swipe at POS) input through the electronic device ([0013] The MST is configured to transmit card track data to a merchant checkout application on the mobile communication device to create a card-present transaction for the merchant. The MST may also be configured to read payment cards and to transmit payment card data to the mobile communication device and associated POS application that in turn then transmits the transaction and card data to the payment servers and processors like a POS.


Neumann does not explicitly teach the limitation of using MST, however Graylin, et al from a same or analogous art teaches: 
	the first communication circuitry is configured to transmit, using magnetic stripe transmission (MST), the payment data and wherein (Fig. 1, [0054] ‘In an aspect, another process of loading the MST is to dynamically send the magnetic stripe data from the server through the mobile device and application to the MST’).
	It would be obvious to one skilled in the art before the effective filing date of the claimed
invention to combine the processes of Neumann, with the types of communications presented by Graylin, et al. Processors, and networks authorize transactions for the purpose of ecommerce and other transactions. Merchants, users, and banks all need verification through secure networks that transaction information is accurate in order to protect assets. Using various types of secure communication methods for two-factor authentication only serves to improve security.
In regards to claim 9, method claim 9 corresponds generally to system claim 1, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 2, Neumann teaches: The electronic device of claim 1, wherein the 
stored verification information includes key information for decrypting a cryptogram included in the payment data ([0014] an ADS encrypted using the one-time 
wherein the information related to the payment execution includes information indicating whether the first verification information of the stored verification information has been used for the payment request, and ([0036] If a second (here, the term "second" means "second and each subsequent") authentication device where a Personal Local Authentication Factor different from the Personal Local Authentication Factor created on the first authentication device is being mapped to the same user account, and if it is required that both authentication devices use the same Personal Local Authentication Factor after mapping).
wherein the payment response message includes at least one piece of verification information used for payment, newly issued verification information, payment amount information, or payment execution result ([0036] Then, after synchronization data are transferred from the first authentication device to the second authentication device, the entered values of each Personal Local Authentication Factor are first verified by the second authentication device with at least one authentication server where the given Personal Local Authentication Factor has been created, using the set of information needed for authentication with the authentication server, and in case of a positive result of this verification, the original Personal Local Authentication Factor of the second authentication device is replaced by the Personal Local Authentication Factor transferred from the first authentication device). 
In regards to claim 10, method claim 10 corresponds generally to system claim 2, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 4, Neumann teaches: The electronic device of claim 1, wherein the processor if further configured to:
	identify a number of pieces of the stored verification information to thus make a request to a server for issuing new verification information through the second communication circuitry (e.g. communication technology 402), ([0018] A Personal Local Authentication Factor is a secret information held by the user. It can be in the form of information obtained by the authentication device directly from the user (password, PIN, face image recognition, fingerprint, gesture, etc.) or information stored in a medium (e.g. a card, chip, bracelet, smartwatch) or information obtained by the authentication device from the environment (information from a Wi-Fi network, QR code, wireless payment card, etc.). The form of the Personal Local Authentication Factor may also depend on the technology which the authentication device is capable of using (e.g. keyboard, multimedia-based input device, camera, chip reader, NFC, Bluetooth, USB, etc.).
	Examiner notes that one of ordinary skill in the art, from reading the applicant’s reference would understand that the second communication circuitry uses cellular communication technology.”
	receive newly issued verification information through the second communication circuitry in response to the request for new verification information, and ([0036] Then, after synchronization data are transferred from the first authentication device to the second authentication device, the entered values of each Personal Local Authentication Factor are first verified by the second authentication device with at least one authentication server where the given Personal Local Authentication Factor has been created, using the set of information needed for authentication with the authentication server, and in case of a positive result of this verification, the original Personal Local Authentication Factor of the second authentication device is replaced by the Personal Local Authentication Factor transferred from the first authentication device).
store at least one piece of the received verification information in the memory to thus manage the stored verification information ([0018] It can be in the form of information obtained by the authentication device directly from the user (password, PIN, face image recognition, fingerprint, gesture, etc.) or information stored in a medium (e.g. a card, chip, bracelet, smartwatch) or information obtained by the authentication device from the environment (information from a Wi-Fi network, QR code, wireless payment card, etc.). 
In regards to claim 12, method claim 12 corresponds generally to system claim 4, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 5, Neumann teaches: The electronic device of claim 4, wherein the processor is further configured to:
transmit identification information of the electronic device through the second communication circuitry for communication with the server, and ([0186] In creation of Personal local authentication factor 301, the Personal local authentication factor administration module 1 may allow to choose the technology of Personal local authentication factor 301 if the technical means of the First authentication device 101 support multiple different technologies suitable for the use of Personal local authentication factor 301. If Authentication device 101 is e.g. a smart phone application and the smart phone has the necessary technical means, it can for example offer the user the choice of entering the Personal local authentication factor 301 using the phone touch screen, the NFC, Bluetooth or using a fingerprint scanner.
wherein the identification information of the electronic device includes at least one of a telephone number, an internet protocol (IP) address, or a media access control (MAC) address of the electronic device ([0069] A data set containing unique identifier of the Personal Local Authentication Factor and other technical and user data is attached to the Personal Local Authentication Factor upon its creation. This may be for example user help, technological identifier, pictures of keyboard icons, keyboard secret data, 
	In regards to claim 13, method claim 13 corresponds generally to system claim 5, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 6, Neumann teaches: The electronic device of claim 4, wherein the processor is further configured to: 
	perform communication with the server through a secure channel ([0010] The present invention provides a method for mapping at least two authentication devices to a user account using an authentication server, wherein each authentication device connects to the authentication server using a secured channel).

Claims 7-8 and 14-15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Neumann (US20180198614), Graylin, et al (US20140249948) and further in view of Jain (US20140068328).

Regarding claim 7, Neumann nor Graylin, et al explicitly teach the limitation of: The electronic device of claim 1, wherein the processor is further configured to:
manage the stored verification information such that first verification information of the stored verification information is not deleted when the payment response message is not received within a predetermined time.



 Jain, from a same or analogous field of endeavor teaches: 
manage the stored verification information such that first verification information of the stored verification information is not deleted when the payment response message is not received within a predetermined time ( [0041] According to one embodiment herein, the method for marking the entities comprises, storing IDs of all the entities in the application database and syncing only those entities who's ID exists in the application database. Once entry is made in the database, it won't get removed and new entities meeting criteria will be added to the store at every polling. For example, when a user configures the abovementioned criteria F1=1 and polling time to t1, the poller will search, in a source system, for all entities created/updated after t1, where F1=1 and the entry is saved in the database with entity ID and sync=true. Once criteria entry is saved into the database, the poller will move ahead and get all entities created or updated after time t1. But only those entities with an entry for sync=true in the context field are synced. The rest of the creates or updates are skipped. This process eliminates the need for creating a custom field.
It would be obvious to one skilled in the art before the effective filing date of the claimed invention to combine the processes of Neumann, with the communication and control of Graylin, et al and adding time out response of Jain. One would not want to delete data stored in memory unless it was requested by the user. One skilled in the art would also understand that processors do not delete identification data stored in memory on a brief server time-out unless a significant amount of time goes by or multiple attempts fail (see further Ramachandran, Column 16, Line 52, US74813608B1 for more information about ATM machine functionality). 	Regarding method claim 14, the step ‘further comprising managing the stored verification information such that first verification information is not to be deleted when the payment response message is not received within a predetermined period of time.’
Examiner notes that this step may never occur in the process and therefore does not move to differentiate from the prior art. The patentable weight on conditional expression only 
In regards to claim 14, method claim 14 corresponds generally to system claim 7, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 8, neither Neumann nor Graylin explicitly teach, ‘a predetermined time’, however, Jain from a same or analogous art teaches: The electronic device of claim 1, wherein the processor if further configured to:
	in response to the payment response message being not received within a predetermined time, generate second payment data using the first verification information when the second payment data is requested, and transmit the generated second payment data to the payment device through the first communication circuitry ([0042]Now, for a given event, if step 1 is done but some error occurred at step 2, then next time when the event comes for retrial, execution must begin from step 2 rather than 1. In order to ensure this or achieve this, the time of source system and the step ID that we last processed is stored for each entity synced. So, when we have stored the time of processing and last step Id for entity E1 in store so that last processing was done for time t1 and the last step ID is step 1 for entity E1, then next time only those events on E1 will be entertained, whose time is >t1 or time is equal to t1 but step ID is greater than 1. 
	It would be obvious to one skilled in the art before the effective filing date of the claimed invention to combine the processes of Neumann, with the communication and control of Graylin, et al and adding time out response of Jain. One would not want to delete data stored in memory unless it was requested by the user. One skilled in the art would also understand that processors do not delete identification data stored in memory on a brief server time-out unless a significant amount of time goes by or multiple attempts fail (see further Ramachandran, Column 16, Line 52, US74813608B1 for more information about ATM machine functionality).  

Examiner notes that this step may never occur in the process and therefore does not move to differentiate from the prior art. The patentable weight on conditional expression only applies to method, e.g. process, claims (see further: Ex parte Schulhauser, 2013-007847 (April 28, 2016) [conditional language]).
	In regards to claim 15, method claim 15 corresponds generally to system claim 8, and recites similar features in system form, and therefore is rejected under the same rationale.

Regarding claim 18, neither Neumann nor Graylin explicitly teach ‘failure information’, however, Jain, from a same or analogous art teaches: The electronic device of claim 1, wherein the processor is further configured to: 
	when a payment response message (e.g. notified) is received including the information related to the payment execution and when the information related to the payment execution includes payment failure information ([0024] According to an embodiment herein, the failure manager catches the entire failed events during synchronization and creates a failure queue, and wherein the failure manager retries the synchronization process for a preset attempts, when an event fails, and wherein all the failed events are notified and are processed after a manual intervention.)
	delete the first verification information from among the stored verification information ([0066] If any failure is detected, the process manager 205 redirects the detected failures to the failure manager 208. Then the failure manager 208 redirects the received failures to recovery manager 207 to recover the failures. The recover manager 207 recovers the failures and sends the recovery to the process manager 205. The process manager 205 sends the processed information to the destination system 203 through adapter components 206. When 
	Examiner notes that one of ordinary skill in the art, from reading the reference, would understand that if a recovery occurs, old information would be deleted from the memory.
	It would be obvious to one skilled in the art before the effective filing date of the claimed invention to combine the processes of Neumann, with the communication and control of Graylin, et al and adding time out response of Jain. One would not want to delete data stored in memory unless it was requested by the user or a security breach or failure. One skilled in the art would also understand that processors do not delete identification data stored in memory on a brief server time-out unless a significant amount of time goes by or multiple attempts fail (see further Ramachandran, Column 16, Line 52, US74813608B1 for more information about ATM machine functionality).  

Claims 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Neumann (US20180198614), Graylin, et al (US20140249948) and further in view of Raziel (US20160350761 ). 

Regarding claim 16, neither Neumann nor Graylin explicitly teach: The electronic device of claim 1, wherein
	the first communication circuitry comprises circuitry in a trusted execution environment within the electronic device.


Raziel from a same or analogous art, teaches: 
	the first communication circuitry comprises circuitry in a trusted execution environment within the electronic device (Fig. 2, [0029] As shown in FIG. 2, the trusted execution environment 210 stores an entry table 211, heap 212, stack 213, and code 214. The trusted execution environment 210 may be implemented as a secure mode of a processor where locations in memory 200).
	It would be obvious to one skilled in the art before the effective filing date of the claimed invention to combine the processes of Neumann, with the communication and control of Graylin and adding the Trusted Execution Environment of Raziel. Processors, and networks authorize transactions for the purpose of ecommerce and other transactions. Merchants, users, and banks all need verification through secure networks that transaction information is accurate in order to protect assets. Using various types of secure communication methods for two-factor authentication only serves to improve security. To combine this system with a TEE would even be more secure, therefore more advantageous to combine.

Regarding claim 17, neither Neumann nor Graylin explicitly teach: The electronic device of claim 1, wherein
	the second communication circuitry comprises circuitry in a trusted execution environment within the electronic device

However, Raziel, from a same or analogous art, teaches: 
	the second communication circuitry comprises circuitry in a trusted execution environment within the electronic device ([0068] The IC card processor 840 may subsequently transmit the indication to the payment terminal 850 along with an authorization request cryptogram (ARC). The authorization request cryptogram may include a signature of a trusted execution environment which the computing device 800 utilizes to 
	It would be obvious to one skilled in the art before the effective filing date of the claimed invention to combine the processes of Neumann, with the communication and control of Graylin and adding the Trusted Execution Environment of Raziel. Processors, and networks authorize transactions for the purpose of ecommerce and other transactions. Merchants, users, and banks all need verification through secure networks that transaction information is accurate in order to protect assets. Using various types of secure communication methods for two-factor authentication only serves to improve security. To combine this system with a TEE would even be more secure, therefore more advantageous to combine.

Response to Arguments

	Applicant argues on page 7-8 concerning the 35 U.S.C. 101 rejection. Applicant claims that the Examiner has incorrectly applied the 2019 PEG in reference to Revised Step 2A-prong one.
	Examiner acknowledges the applicant’s arguments but respectfully disagrees. Concerning the abstract idea of ‘certain methods of organizing human activity’. The claims clearly recite an abstract idea that falls within the grouping of ‘Certain methods of organizing human activity.’ The claim recites a process, e.g. claim 9, of a payment transaction and verification. One of ordinary skill in the art, would understand that the claim recites commercial interaction and/or fundamental economic principles or practices which falls within the ‘certain methods of organizing human activity’ grouping.


	Applicant argues on page 8 of the response that the claimed features do not fall within the ‘certain method of organizing human activity’ grouping. Applicant states: “This is because the features are operations rooted in technology and can only be performed by using a processor, a memory and a touch screen. Therefore, the claim is eligible because it does not recite an abstract idea, and withdrawal of the § 101 rejections is respectfully requested.”
	Examiner acknowledges that applicant’s arguments but respectfully disagrees. Applicant’s comment includes the phrase “processor, a memory and a touch screen”, the examiner would like to point out first that there is no recitation of touch screen in claim 1 or claim 9. Further, the processor and memory are considered as additional elements and these additional elements do not integrate the judicial exception into a practical application for the reasons outlined in the office action.
	Applicant argues on page 9 concerning the 35 U.S.C. 101 rejection. Applicant claims that the Examiner has incorrectly applied the 2019 PEG in reference to Revised Step 2A-prong two.
	Examiner acknowledges the applicant’s arguments but respectfully disagrees. Applicant has not improved upon the judicial exception which is the ‘electronic device’, token server, magnetic strip communication and communication networks nor claims to. 
	Applicant argues on pages 9-16concerning the 35 U.S.C. 101 rejection. Applicant claims that the Examiner has incorrectly applied the 2019 PEG in reference to Revised Step 2B. Applicant claims: “More specifically, the claim, as a whole, relates to performing MST payment by using verification information, and recites a specific manner of managing verification information in an electronic device according to providing a feedback for a verification manner which provides a specific improvement over prior systems, resulting in an improved payment method for electronic devices. Thus, the claim is eligible because it is not directed to the abstract idea.”
	Examiner acknowledges the applicant’s arguments but respectfully disagrees. The 
	Applicant recites ‘Core Wireless Licensing S.A.R.L. v. LG Electronics, Inc., 2016-2684, and 2017-1922 (Fed. Cir. Jan. 23, 2018)’, on pg. 12, where a panel of the U.S. Court of Appeals for the Federal Circuit (Moore, O’Malley, Wallach) upheld patent claims directed to a graphical user interface under 35 U.S.C. §101, concluding that the claims were not directed to a patent-ineligible abstract idea. Unfortunately, this application is not directed toward a GUI.
	Applicant also recites ‘Enfish LLC v. Microsoft Corp.’ Again, Enfish was regarding an improvement upon saving data to a HDD and has no bearing on this application.
	Applicant also recites ‘Thales Visionix.’ Examiner has clearly pointed out that the applicant’s invention is clearly pointing to certain methods of organizing human behavior using generic computer components to automate such.
	Applicant recites ‘DDR Holdings’. Examiner notes that DDR Holdings had to do with developing websites and has no bearing on this application.
	In regards to the assertion that the claimed invention is an improvement upon existing technologies, Examiner asserts that nothing in the claims or specification indicates that the claimed invention is giving unexpected results (nor is it Novel - Amdocs Limited v. Openet Telecom, Inc) above what has been shown to be prima-facie obviousness (see USC 35, 103 rejection above).
	Applicant argues on pages 12 and 13, recites the Berkheimer test for well-known, routine, and/or conventional. 
	Examiner acknowledges the applicant’s arguments but respectfully disagrees. Examiner did not invoke Berkheimer as in no way was the invention called well-known, routine, and/or conventional.


	Applicant argues on pages 13-18 that the Examiner did not establish a prima facie case of obviousness due to using ‘hindsight’. 
	In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971).
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, the motivations to combine are found in modifying Neumann, with the communication and control of Graylin and adding the Trusted Execution Environment of Raziel. Processors, and networks authorize transactions for the purpose of ecommerce and other transactions. Merchants, users, and banks all need verification through secure networks that transaction information is accurate in order to protect assets. Using various types of secure communication methods for two-factor authentication only serves to improve security. To .
	In response to applicant's argument that Examiners prior references are nonanalogous art, it has been held that a prior art reference must either be in the field of applicant’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the applicant was concerned, in order to be relied upon as a basis for rejection of the claimed invention.  See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992). 

	Examiner acknowledges the applicant’s arguments but respectfully disagrees. Examiner has considered the applicant’s arguments and arguendo fixed any mapping issues that were causing the applicant confusion.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Each of the prior art listed in the PTO-892 and not directly recited in this office action, disclose anticipation and/or obviousness to combine concerning the applicant’s claims and are therefore included [Huang (WO2015126753) - Terminal for Magnetic Secure Transmission; King (US7249093) - Authorizing Purchases over a Network; Lovett (US7347361) - Account Transaction Validation ; Weiner (US8346672) - Secure Transaction Process; Hammad (US8326759) - Verification of Portable Consumer Devices; Ramachandran (US7481360) - Automated Banking Machines, Hin, Yeap, (CA2747554) VALIDATION METHOD AND SYSTEM FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS, 12-2008].
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to TERRY N MURRAY whose telephone number is (313)446-6556.  The examiner can normally be reached on Monday-Thursday 6 AM-4 PM EST.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached on (571) 272-7575.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/T.N.M./Examiner, Art Unit 3685                                                                                                                                                                                                        

/PATRICK MCATEE/Supervisory Patent Examiner, Art Unit 3685