DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/10/2020 has been entered.
 
Acknowledgements
This Office Action is in response to the response filed on November 10, 2020 (“November 2020 Response”).  The November 2020 Response contained, inter alia, claim amendments (“November 2020 Claim Amendments”) and “REMARKS” (“November 2020 Remarks”).
Claims 1-4 are currently pending and have been examined. 

Claim Rejections - 35 USC § 112(a)
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:


Claims 1-4 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 1 recites “said terminal default public key certificate, said default private key file, and said CA public key certificate of the terminal backend system are adopted to establish the terminal transaction certificate secure downloading channel;” however, the original disclosure does not explain how said terminal default public key certificate, said default private key file, and said CA public key certificate of the terminal backend system are used to establish the terminal transaction certificate secure downloading channel.  Also, Claim 1 recites “wherein the terminal transaction certificate, the transaction private key of said terminal transaction public/private key pair, and the CA public key certificate of the terminal backend system are adopted to establish the secure channel for transaction for executing transactions between the POS terminal and the terminal backend system” however, the original disclosure does not describe how the terminal transaction certificate, the transaction private key of said terminal transaction public/private key pair, and the CA public key certificate of the terminal backend system are used to establish the secure channel for transaction for executing transactions between the POS terminal and the terminal backend system.  The specification appears to mimic the same or similar language used in the claim.  As noted in the .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Persson et al. (WO 02/065696 A1)(“Persson”) in view of Oka et al. (US 2002/0108042 A1)(“Oka”) and further in view of Doyle et al. (US 6,128,738)(“Doyle”).

As to Claim 1, Persson discloses a method for initializing secure network access for terminals, which is used to connect a POS terminal to a terminal backend system, the method comprising: 
loading a terminal default public key certificate (“certificate,” p.12, l.6), a default private key file (p.12, l.5-6, l.9), and a CA public key certificate (“a CA-certificate could also be provided to the device 1.” p.12, L.8-9) of the terminal backend system (CA-system 5) into the POS terminal (device 1, “any device which is connected to an insecure network and is being used for electronic commerce, bank services, control, supervision etc.” p1, L.19-21) when leaving factory (p.12, l.5-9, p.12, l.9-11);
establishing a terminal transaction certificate secure downloading channel, wherein the terminal transaction certificate secure downloading channel is a mutual authenticated secure channel based on a secure socket layer (SSL)/ transport layer security (TLS) protocol (“handshake phase of SSL-(Secure Socket Layer)-communication,” p.2, l.16-17), and said terminal default public key certificate (p.15, l.1-2), said default private key file (“request…signed…private key,” p.14, l.16-17), and said CA public key certificate of the terminal backend system (p.14,l.26-28) are adopted to establish the terminal transaction certificate secure downloading channel (steps B51-B63, p.14, l.15-31, p.15, l.1-15), which is used for downloading a terminal transaction 
generating a terminal transaction public/private key pair, wherein the POS terminal generates the terminal transaction public/private key pair and stores the transaction private key within the POS terminal (“the device itself generates the private and the public key,” p.17, l.9-10);
uploading by the POS terminal, a terminal transaction identifier to the terminal backend system via the terminal transaction certificate secure downloading channel (“authorization module 19 first retrieves the identity of the device from the temporary certificate and then uses this identity” p.15, l.1-2);
issuing the terminal transaction certificate (“the second CA-system 11 generates a key, a certificate,” p.15, l.16), wherein the terminal backend system generates the terminal transaction certificate (“the certificate could be generated in another unit,” p.17, l.8-9) based on information uploaded from the POS terminal via the terminal transaction certificate secure downloading channel, and returns the terminal transaction certificate to the POS terminal via the terminal transaction certificate secure downloading channel for downloading the terminal transaction certificate by the POS terminal (steps b41-b73, fig.3, p.15, l.11-25).
Persson does not directly disclose 
wherein said terminal default public key certificate comprises a terminal transaction unique identifier (and this identifier then uploaded by the POS terminal);
in the uploading by the POS terminal, at least said terminal transaction public key to the terminal backend system; and
establishing a secure channel for transaction for executing transactions between the POS terminal and the terminal backend system, wherein the terminal transaction certificate, the transaction private key of said terminal transaction public/private key pair, and the CA public key certificate of the terminal backend system are adopted to establish the secure channel for transaction for executing transactions between the POS terminal and the terminal backend system.

Oka teaches
wherein said terminal default public key certificate comprises a terminal transaction unique identifier (see Fig.4, “subject,” which is a “User Device ID”);
uploading by the terminal, at least said terminal (“servers,” [0099]) transaction public key (“public key,” [0009]) to the terminal backend system (“certificate authority,” [0009])([0009]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Persson by the features of Oka and in particular to include in Persson’s terminal default public key certificate, the terminal transaction unique identifier of Oka, as taught by Oka (thereby modifying Persson’s terminal transaction identifier in the uploading by the POS terminal, to include the terminal transaction unique identifier), and to include in the uploading by the POS terminal of Persson, the terminal transaction public key to the terminal backend system of Oka, as taught by Oka.
A person having ordinary skill in the art would have been motivated to combine these features because including the terminal transaction unique identifier in the terminal default public key certificate would help a party using the certificate know to what the certificate 

Doyle teaches
establishing a secure channel for transaction for executing transactions between the terminal and the terminal backend system (C.4, L.22-55, C.6, L.12-14), wherein the terminal transaction certificate (“certificate,” C.3, L.52), the transaction private key of said terminal transaction public/private key pair (C.3, L.19-21), and the CA public key certificate of the terminal backend system (“certificates 715 of the signers and the authenticating certificate authorities,” C.6, L.30-31) are adopted to establish the secure channel for transaction for executing transactions between the terminal and the terminal backend system (C.6, L.7-14, C.6, L.19-31).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the Persson/Oka combination by the features of Doyle and in particular to include in the Persson/Oka combination, the features of establishing a secure channel for transaction for executing transactions between the terminal (the POS terminal in Persson) and the terminal backend system, wherein the terminal transaction certificate, the transaction private key of said terminal transaction public/private key pair, and the CA public key certificate of the terminal backend system are adopted to establish the secure channel for transaction for executing transactions between the terminal (the POS terminal in Persson) and the terminal backend system, as taught by Doyle.
A person having ordinary skill in the art would have been motivated to combine these features because it “allows a single, well recognized certificate to access secure applications without the requirement of having a connected trusted third party for verification of authority.” (Doyle, C.6, L.42-46).

As to Claim 2, the Persson/Oka/Doyle combination discloses as discussed above.  Persson further discloses wherein posterior to establishing the secure channel for transactions, the method further comprises: determining, by the terminal backend system, whether a transaction is able to be executed based on the terminal transaction unique identifier of the POS terminal accessed through said secure channel for transaction (p.15, l.1-6). 

As to Claim 4, the Persson/Oka/Doyle combination discloses as discussed above.  Persson further discloses, in issuing the terminal transaction certificate, the terminal backend system executes certificate signing for the transaction public key and the terminal transaction unique identifier uploaded from the POS terminal to generate the terminal transaction certificate (p.15, l.15-17). 

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Persson in view of Oka and further in view of Doyle and Linehan (US 6,327,578 B1)(“Linehan”).

As to Claim 3, the Persson/Oka/Doyle combination discloses as discussed above.  Oka teaches wherein the terminal transaction unique identifier is composed of a terminal ID (subject of certificate which can be “Device ID,” Fig.4). 
Persson does not directly disclose wherein the terminal transaction unique identifier is composed of a merchant ID.
Linehan teaches wherein the terminal transaction unique identifier is composed of a merchant ID (C.15, L.24-25).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the Persson/Oka/Doyle combination by the feature of Linehan and in particular to include in the terminal transaction unique identifier of the Persson/Oka/Doyle combination, the merchant ID, as taught by Linehan.
A person having ordinary skill in the art would have been motivated to combine these features because to provide “evidence of the identity and privileges of the” merchant (Linehan, C.1, L.58-59).

Response to Arguments
Applicant's arguments filed in the November 2020 Remarks have been fully considered but they are now moot since none of the prior references are currently applied. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MONICA A MANDEL whose telephone number is (571)270-7046.  The examiner can normally be reached on Monday-Friday 10:00 AM-6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Abhishek Vyas can be reached on (571) 270-1836.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/M.A.M/Examiner, Art Unit 3621                        
May 8, 2021                                                                                                                                                                                
/ABHISHEK VYAS/Supervisory Patent Examiner, Art Unit 3621