Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Acknowledgements
This office action is in response to the claim amendments filed August 24, 2020 and further in response to an electronic/telephonic communication with Applicant’s representative Rose Moller-Jacobs on April 20, 2021 (“Electronic Communication”).
Claims 4, 12, 17, 20 and 26 have been canceled.
Claims 1-3, 5-11, 13-16, 18, 19, and 21-25 are pending.

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in the Electronic Communication.
Please replace all prior version of the claims with the attached amended claims, wherein,
Claims 4, 12, 17, 20 and 26 have been canceled.
Claims 1-3, 5-11, 13-16, 18, 19, and 21-25 are pending.

Allowable Subject Matter
Claims 1-3, 5-11, 13-16, 18, 19, and 21-25 are allowed.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
The prior art of record:
Lee Randall (US 20150032628 A1, “Randall”)
Dexter Edward Bryant, II (US 20150317615 A1, “Bryant”)
Ramesh Kesanupalli (US 20100083000 A1 , “Kesanupalli”)
Laxminarayanan et al. (US 20150046338 A1, “Laxminarayanan”)
Hattori et al. (US 20160294553 A1 “Hattori”)

Randall generally discloses A payment system determines a required level of authentication for a payment transaction by a candidate consumer, based on a correlation with transactions by other consumers related to the candidate consumer, identified for example from one or more social networks. The correlation may be based on geographical location, time and/or type of transaction. A high correlation may indicate a group activity which requires a lower level of authentication (see abstract).
Randall further discloses, the consumer device 3 generates a payment request token and transmits the token and transaction data to the payment system 7 at step S2-9. The transaction data, for example, includes the total amount to be paid, information on specific items within the basket such as name and individual cost, and/or any specific conditions associated with the purchase. Preferably, although not necessarily, the transaction data can be protected from tampering by suitable cryptographic means, for example by encryption, a digital signature or a hash-based authentication code (HMAC). Alternatively, the merchant system 5 can make the payment request token and/or the transaction data available to the payment system (or server) 7” (see paragraphs [0031] [0036]-[0037] and [0058] and Fig. 2 and related text).

Bryant discloses, a computer-implemented method for performing an electronic transaction using a payment computer coupled to a database is provided. The transaction includes an item purchased in association with a vehicle and initiated by a cardholder with a merchant. The method includes receiving, at the payment computer, an authorization request message from the merchant, the authorization request message including first transaction data, wherein the first transaction data includes a vehicle identifier for identifying the vehicle, an account data associated with the cardholder, and purchase data associated with a first purchased item; transmitting an authorization response message from the payment computer to the merchant, the authorization response message including an approval of the electronic transaction by an issuer bank; storing, within the database, the first transaction data including the vehicle identifier; storing, within the database, other transaction data associated with other 
Bryant further discloses, System 100 also includes at least one vehicle computer device 118, which is configured to communicate with at least one of POS terminal 115, client systems 114, and server system 112. In one embodiment, vehicle computer device 118 is associated with or controlled by a cardholder making a purchase using a payment card account and payment card account system 100. Vehicle computer device 118 is a component of a vehicle and may therefore be referred to as a vehicle computer device. Vehicle computer device 118 is interconnected to the Internet through many interfaces including a network, such as a LAN or a WAN, dial-in-connections, cable modems, wireless modems, and special high-speed ISDN lines. Vehicle computer device 118 could be any device capable of interconnecting to the Internet including a web-based phone, PDA, or other web-based connectable equipment. Vehicle computer device 118 is configured to communicate with POS terminal 115 using various outputs including, for example, Bluetooth communication, radio frequency communication, near field communication, network-based communication, and the like (see paragraphs [0042] and [0075]-[0076] and Fig. 3 and Fig. 7 and related text).

Kesanupalli discloses, a method and system of verification is provided for sensing a fingerprint. The present invention offers a secure authentication method and system based on a user's fingerprint data to grant the access to information at a remote location. A biometric input corresponding to the fingerprint is provided by a user and the biometric input is than 
Kesanupalli further discloses, In another example of a device configured according to the invention, a device may include a sensing surface, a processing unit that is coupled to the sensing surface for receiving a biometric input from a user via the sensing surface. The processing unit may include a microprocessor or the like, and the microprocessor may be configured to receive the biometric input, to validate the biometric input, to transmit to a first remote location user information based on the biometric input, to receive a request based on authentication of the user information, and to generate a token based on the biometric input The verification protocol module may be configured to transmit the token to a second remote location in response to the request. As above, the first remote location and second remote location may be in similar, same, or different locations. One of the first remote location and second remote location may be related to one of the group consisting of a carrier network, an e-commerce site, an enterprise network, and a financial institution. The request may be received from a remote location. The token may include a one-time password. The token may be a unique user ID for identifying the user. The unique user ID may be encrypted, and may or may not be an encrypted PUF output. The verification protocol module may be further configured to receive a response indicating authentication of the token. Also, the verification protocol module may transmit the user information and the token in order to seek access to remote data. The processing unit may be coupled with a local device or possibly a remote 

Laxminarayanan discloses, Systems, apparatuses, and methods are provided for enabling a transaction using a token associated with a first payment network to be conducted using a second payment network. When a transaction using a token is submitted to a payment network, the payment network can determine the payment network associated with the token. If the token is associated with a second payment network, a token verification request including the token can be sent to the second payment network. The second payment network can then return a token verification response including a primary account identifier such as a primary account number (PAN) corresponding to the token and a validation result. The transaction may then be processed using the primary account identifier (see abstract).
Laxminarayanan further discloses, In addition, in some embodiments, if the authorization request message received by payment processing network A 160 includes a PIN block, the PIN block may translated to be based on the PAN rather than the token. This may be necessary or desirable for the issuer 180 to validate the PIN block. For instance, in some embodiments, the PIN block received at step 906 may be decrypted using the token and an issuer PIN validation key (PVK) associated with issuer 180 to determine the clear text PIN, and the PIN may be subsequently re-encrypted using a PIN encryption key (PEK) associated with issuer 180 and the PAN. Specifically, in one embodiment, the PVK and token may be used as inputs in a key derivation function to generate a decryption key for the PIN, and the PEK and PAN may be used as inputs into a key derivation function to generate an encryption key for the 

Hattori discloses, a user terminal includes a common key storage part which stores a common key to a terminal-side storage unit. A PKG takes as input the common key, encrypts information using the common key inputted, and transmits the information encrypted, as encrypted information to a server. The server includes an encrypted information storage part which stores the encrypted information received from the PKG, to a server-side storage unit. The server includes an information transmitting part which transmits, upon reception of an information delivery request from the user terminal, the encrypted information stored in the server-side storage unit, to the user terminal. The user terminal includes a decrypting part which decrypts the encrypted information received, using the common key stored in the terminal-side storage unit, thereby acquiring information (see abstract).
Hattori further discloses, The concealed matching function part 312 is a function part that takes as input the encrypted data 208, master public key 202, and encrypted query 302, and outputs a matching result 303. The matching result 303 is 1-bit information indicating whether or not the confidential data 206 included in the encrypted data 208 is identical with 

The references Randall, Bryant, Kesanupalli, Laxminarayanan and Hattori disclose as previously discussed.

The references however do not teach at least:
receive a registration secure token from a vehicle computing device, the registration secure token being unique to a combination of a cardholder and the vehicle associated with the cardholder and created during a registration process for initiating future electronic transactions, the vehicle computing device coupled to the vehicle, the registration secure token including:
a tokenized account identifier, the cardholder having an account associated with the account identifier for use in processing electronic transactions; 
a vehicle identifier unique to the vehicle associated with the cardholder; and
a biometric identifier associated with the cardholder, the biometric identifier generated by the vehicle computing device in response to receiving a first biometric input from a biometric input device connected to the vehicle computing device, 
store the registration secure token in the one or more memory devices;
receive an authorization request message associated with a payment transaction initiated by the cardholder using the vehicle computing device in communication with a first merchant POS device, the authorization request message sent by the vehicle computing device to said payment processor computing device via the first merchant POS device physically proximate to the vehicle computing device, the authorization request message including transaction data associated with the payment transaction and a transaction secure token, wherein the transaction secure token includes the tokenized account identifier, the vehicle identifier of the vehicle, and the biometric identifier, and wherein the transaction secure token is generated by the vehicle computing device in response to the vehicle computing device receiving a second biometric input from the biometric input device, the second biometric input substantially matching the first biometric input stored in the memory of the vehicle computing device;
authenticate the authorization request message by matching the transaction secure token to the registration secure token, the matching including (i) matching a first portion of the transaction secure token representing the tokenized account identifier and a second portion of the transaction secure token representing the vehicle identifier to a first portion of the registration secure token representing the tokenized account identifier and a second portion of the registration secure token representing the vehicle identifier to verify the payment account being used to initiate the payment transaction via the 
embed a matching indicator within the authorization request message, the matching indicator representing successful verification of the payment transaction based upon successful matching of the transaction secure token with the registration secure token; and
transmit the authorization request message with the embedded matching indicator to an issuer of the account for further processing, wherein, upon detection of the embedded matching indicator by the issuer, the embedded matching indicator is configured to indicate initial verification of the payment transaction has been performed by the payment processing computer device and cause expedited issuer authentication and authorization of the payment transaction.

Therefore, the claims of the instant application are not obvious over Randall, Bryant, Kesanupalli, Laxminarayanan and Hattori for the seasons given above. See also Applicant’s argument filed on August 24, 2020, March 12, 2020 and September 11, 2019 for additional reasons for allowance.

Yet even if the missing claimed elements were found in a reasonable number of references, a person of ordinary skill in the art would not have been motivated to include these elements in Randall, Bryant, Kesanupalli, Laxminarayanan and Hattori because Randall is not concerned about embed a matching indicator within the authorization request message and the matching indicator representing successful verification of the payment transaction based upon successful matching of the transaction secure token with the registration secure token. Furthermore, upon detection of the embedded matching indicator by the issuer, the embedded matching indicator is configured to indicate initial verification of the payment transaction has been performed by the payment processing computer device and cause expedited issuer authentication and authorization of the payment transaction. Additionally, Randall is not concerned about token-to-token matching for authentication.

Additionally, the combination of Randall, Bryant, Kesanupalli, Laxminarayanan and Hattori clearly destroys the intent and purpose of Randall taken alone and/or in view of Bryant, Kesanupalli, Laxminarayanan and Hattori use of, for example, matching de-tokenized data to (non-tokened) stored data to authenticate a consumer device. Accordingly, the present invention is distinguishable over Randall taken alone and/or in view of Bryant, Kesanupalli, Laxminarayanan and Hattori for this reason as well.

Therefore, the limitations lacking in the prior art, in combination with the other limitations clearly claimed for patent, are novel and unobvious.

Foreign prior art and NPL search was conducted however no relevant prior art was found.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAHED ALI whose telephone number is (571)270-1085.  The examiner can normally be reached on 8:00 - 5:00 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished 


/JAHED ALI/ Examiner, Art Unit 3685


/MAMON OBEID/Primary Examiner, Art Unit 3699