DETAILED ACTION
Status of Claims
1. 	This office action is in response to filing dated 5/13/2020.
2. 	Claims 49-68 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 49-68
Claims 49-68 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Step 2A: 
Prong One of Step 2A evaluates whether the claim recites a judicial exception (an abstract idea enumerated in the 2019 PEG, a law of nature, or a natural phenomenon).
Groupings of Abstract Ideas:

mathematical relationships
mathematical formulas or equations 
mathematical calculations
Mental Processes
concepts performed in the human mind (including an observation, evaluation, judgment, opinion)
Certain Methods Of Organizing Human Activity
fundamental economic principles or practices (including hedging, insurance, mitigating risk)
commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations)
managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions)
The independent claims are directed to – receiving and sending to financial institution authentication request comprising snip identification data; receiving account validation reflecting match between snip and financial account data; associating financial account and user account based on validation response; generating authentication key; generating payment instruction key using authentication key; encrypting payment instruction key using key exchange key; sending payment instruction key to transaction origination point – which describe Commercial or Legal 
Hence, the independent claims are directed to abstract ideas.
See MPEP 2106.04 (a) (2) Abstract Idea Groupings [R-10.2019]
MATHEMATICAL CONCEPTS
Mathematical Relationships
Mathematical Formulas or Equations
Mathematical Calculations
CERTAIN METHODS OF ORGANIZING HUMAN ACTIVITY
Fundamental Economic Practices or Principles
Commercial or Legal Interactions
Managing Personal Behavior or Relationships or Interactions Between People
MENTAL PROCESSES.
A Claim That Requires a Computer May Still Recite a Mental Process.

Hence under Prong One of Step 2A, the independent claims recite a judicial exception.
Prong Two of Step 2B evaluates whether the claim recites additional elements that integrate the judicial exception into a practical application of the exception.
Limitations that are indicative of integration into a practical application include:
Improvements to the functioning of a computer or to any other technology or technical field - see MPEP 2106.05(a)
Applying the judicial exception with, or by use of, a particular machine -see MPEP 2106.05(b)
Effecting a transformation or reduction of a particular article to a different state or thing - see MPEP 2106.05(c)
Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception - see MPEP 2106.05(e)
Limitations that are not
Adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea - see MPEP 2106.05(f) 
Adding insignificant extra-solution activity to the judicial exception - see MPEP 2106.05(g) 
Generally linking the use of the judicial exception to a particular technological environment or field of use – see MPEP 2106.05(h)
The only additional elements recited by the claims, beyond the abstract idea, are: a processor, a first computer system and a second computer system.  
As per Para [0125] – [0131] of the Specification, Fig. 5 discloses the computer system 500 for implementing the disclosed embodiments which appears to be generic computer.  Also, based on Para [0132] of the Specification, the processor appears to be a generic processor.  Examiner thus notes that the additional elements have been recited at a high level of generality such that the claims amount to no more than mere instructions to apply the judicial exception using generic components.
The claims do not purport to improve the functioning of a computer or effect an improvement in any other technology or technical field.  Thus, they do not contain limitations that are indicative of integration into a practical application.
Instead, they do not amount to significantly more than instructions for – receiving and sending to financial institution authentication request comprising snip identification data; receiving account validation reflecting match between snip and financial account data; associating financial account and user account based on validation response; not indicative of integration into a practical application.
The focus of the claims is not on improvement in computers, but on certain independently abstract ideas such as processing transaction requests that merely use computers as tools.  Steps that do nothing more than spell out what is means to “apply it on a computer” cannot confer patent eligibility.
Hence, under Prong Two of PEG 2019, the independent claims do not integrate into a practical application.
Hence, the claims are ineligible under Step 2A.
Step 2B: 
In Step 2B, the evaluation consists of whether the claim recites additional elements that amount to an inventive concept (aka “significantly more”) than the recited judicial exception.
As discussed above, the additional element of using a processor to perform the steps of – receiving and sending to financial institution authentication request comprising snip identification data; receiving account validation reflecting match between snip and financial account data; associating financial account and user account based on validation response; generating authentication key; generating payment instruction key using authentication key; encrypting payment instruction key using key exchange key; sending payment instruction key to transaction origination point – amounts to no more than mere instructions to apply the exception using generic 
When considered individually or as an ordered combination, the additional elements fail to transform the abstract idea of – receiving and sending to financial institution authentication request comprising snip identification data; receiving account validation reflecting match between snip and financial account data; associating financial account and user account based on validation response; generating authentication key; generating payment instruction key using authentication key; encrypting payment instruction key using key exchange key; sending payment instruction key to transaction origination point – into significantly more.
Hence, the claims are ineligible under Step 2B.
Therefore, the claim(s) are rejected under 35 U.S.C. 101 as being directed to an abstract idea without significantly more.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole 

Claims 49-68
Claims 49-68 are rejected under 35 U.S.C. 103(a) as being unpatentable over Dewang (WO 2009/0136404 A2) in view of Domenica et al. (US 2008/0314977 A1).

Claim 49:
A method for processing payment transactions via a network comprising:
receiving an authentication request associated with a user account from a transaction origination point system, the authentication request comprising a snip comprising identification data;
sending an account identification request comprising the snip to a financial institution system based on the authentication request;
(See Domenica: Para [0058] (“a partial social security number,”)
receiving an account validation response from the financial institution system reflecting a match between the snip and data associated with a financial account;
(See Domenica: Para [0062] (“The comparison result may, for example, be an identifier such as match, partial match, or no match.”)
associating the financial account and the user account based on the validation response;
(See Domenica: Para [0068])
generating a participant authentication key based on the association between the financial account and the user account;
Master Message Authentication key (ZMAK) shall be generated by ATOM using the Key generation tool of the HSM and stored in the HSM”)
generating a payment instruction key based on the financial account, using the participant authentication key as a key of the payment instruction key;
encrypting the payment instruction key using a key exchange key; and
(See Dewang: Page 15 (“generate the required Master Key(s) into the HSM residing with ATOM. ATOM uses this key to encrypt the card data of the customer before loading it into the customer mobile”)
sending the encrypted payment instruction key to the transaction origination point.
(See Dewang: Page 30 (“ATOM platform decrypts the customer response and validates the Cryptogram, decrypts the payload and send it to Virtual POS to process the payment by sending the Payment authorization request to acquirer host”)

It would have been obvious to a person having ordinary skills in the art at the time of the invention to modify Dewang as it relates to securing merchant transaction through mobile device to include Domenica as it relates to customer level data verification.  The motivation for combining the references would have been to reduce the probability of errors 

Claim 50:
wherein the authentication request comprises plaintext data.
(See Domenica: Para [0048], [0056], [0058], [0060])

Claim 51:
wherein the authentication request comprises obfuscated data.


Claim 52:
wherein the snip is a first snip of a plurality of snips and receiving the authentication request validation comprises receiving the plurality of snips.
(See Domenica: Para [0048], [0056], [0058], [0060])

Claim 53:
wherein the account validation response comprises match data based on the plurality of snips and data associated with the financial account.
(See Domenica: Para [0048], [0056], [0058], [0060])

Claim 54:
wherein the account validation response reflects a match between the snip and obfuscated data associated with the financial account.
(See Domenica: Para [0062], [0071], [0077])

Claim 55:
wherein the account validation response comprises a bit map indicating whether the snip matched the data associated with the financial account.
(See Domenica: Para [0062])

Claim 56:

(See Domenica: Para [0062], [0071], [0077])

Claim 57:
wherein the identification data of the snip comprises at least one of:
a proposed current balance of the financial account;
a user identifier associated with the financial account;
a card verification value;
digits of a telephone number; or
a shared secret.
(See Domenica: Para [0058])

Claim 58:
wherein the authentication request comprises a tag corresponding to the snip.
(See Domenica: Figs. 4B, 5B, 6B)

Claim 59:
wherein the authentication request comprises a data element comprising a tag corresponding to the snip and additional tags corresponding to additional snips.
(See Domenica: Figs. 4B, 5B, 6B)

Claim 60:

(See Dewang: Page 15 (“HSM”)

Claim 61:
wherein generating a participant authentication key comprises encrypting information relating to the financial account using a service provider master key stored in a hardware security module.
(See Dewang: Page 15 (“generate the required Master Key(s) into the HSM residing with ATOM”)

Claim 62:
wherein the encrypted information includes at least one of a routing transit number or a bank identification number.

Claim 62:
wherein the encrypting comprises using a triple-Data Encryption Algorithm.
(See Dewang: Page 5 (“DES”)

Claim 63:
wherein generating a payment instruction key comprises generating a keyed cryptographic hash.
(See Dewang: Page 20 (“Message Authentication Code is calculated using the derived MAC session key”)

Claim 64:
wherein generating a payment instruction key comprises hashing an identifier associated with the financial account.
(See Dewang: Page 23 (“generate MAC for the data flowing from the terminal to acquirer”)

Claim 65:
wherein the key exchange key is predetermined key exchange agreed to between the transaction origination point and a payment network.
(See Dewang: Page 20 (“key exchange”)

Claim 66:
receiving a transaction request comprising an application request cryptogram from the transaction origination point;
deriving the participant authentication key and the payment instruction key based on the application request cryptogram;
(See Dewang: Page 20 (“Every merchant card and the customer card are loaded with the derived keys unique to the customer or the merchant”)
validating the application request cryptogram using the payment instruction key;
reformatting the transaction request based on the validation of the application request cryptogram;
(See Dewang: Page 39 (“the platform decrypting the customer response, validating the Cryptogram decrypting the payload and sending it to Virtual POS to process the payment”)

receiving a transaction request response from the financial institution, the response approving or denying the transaction request; and
forwarding the transaction request response to the transaction origination point.
(See Dewang: Page 30 (“ATOM platform decrypts the customer response and validates the Cryptogram, decrypts the payload and send it to Virtual POS to process the payment by sending the Payment authorization request to acquirer host”)

Claim 67:
A system for processing a payment transaction, comprising:
at least one processor; and
at least one memory containing instructions that, when executed by the at least one processor, cause the at least one processor to perform a method comprising:
receiving an authentication request associated with a user account from a transaction origination point system, the authentication request comprising a snip comprising identification data;
sending an account identification request comprising the snip to a financial institution system based on the authentication request;
receiving an account validation response from the financial institution system reflecting a match between the snip and data associated with a financial account;
(See Domenica: Para [0058] (“a partial social security number,”)
associating the financial account and the user account based on the validation response and a threshold match level;
The comparison result may, for example, be an identifier such as match, partial match, or no match.”)
generating a participant authentication key using a service provider master key stored in a hardware security module, based on the association between the financial account and the user account;
(See Dewang: Page 15 (“HSM”)
generating a payment instruction key comprising a keyed cryptographic hash based on the financial account, using the participant authentication key as a key of the payment instruction key;
See Dewang: Page 20 (“ATOM platform uses PKI based Asymmetric cryptography (used only in key exchange) and symmetric key based cryptography (for data encryption and MAC) to secure the mobile transactions.”)
encrypting the payment instruction key using a predetermined key exchange key agreed to between the transaction origination point and a payment network; and
sending the encrypted payment instruction key to the transaction origination point.
(See Dewang: Page 30 (“ATOM platform decrypts the customer response and validates the Cryptogram, decrypts the payload and send it to Virtual POS to process the payment by sending the Payment authorization request to acquirer host”)

Claim 68:
A method for processing payment transactions via a network comprising:
receiving an authentication request associated with a user account from a transaction origination point system, the authentication request comprising a plurality of snips comprising identification data;

receiving an account validation response from the financial institution system reflecting a match between the snips and data associated with a financial account;
associating the financial account and the user account based on the validation response;
generating a participant authentication key based on the association between the financial account and the user account;
generating a payment instruction key based on the financial account, using the participant authentication key as a key of the payment instruction key;
encrypting the payment instruction key using a key exchange key;
(See Dewang: Page 40 (“ATOM Elliptic Curve Key Encryption Key :is used by the ATOM Platform during key exchange of Customer/Merchant Card Master and the message authentication key to the customer mobile”)
sending the encrypted payment instruction key to the transaction origination point;
receiving a transaction request comprising an application request cryptogram from the transaction origination point;
validating the application request cryptogram;
(See Dewang: Page 39 (“the platform decrypting the customer response, validating the Cryptogram decrypting the payload and sending it to Virtual POS to process the payment”)
sending a reformatted transaction request to the financial institution based on the validation of the application request cryptogram;
receiving a transaction request response from the financial institution, the response approving or denying the transaction request; and

(See Dewang: Page 30 (“ATOM platform decrypts the customer response and validates the Cryptogram, decrypts the payload and send it to Virtual POS to process the payment by sending the Payment authorization request to acquirer host”)

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 49-68 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-29 of U.S. Patent No. 10,535,064 and claims 1-32 of U.S. Patent No. 10,552,807.  Although the claims at issue are not identical, they are not patentably distinct from each other because the subject matter claimed in the instant application is fully disclosed in the patent and is covered by the patent since the patent and the application are claiming common subject matter.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARUNAVA CHAKRAVARTI whose telephone number is (571)270-1646.  The examiner can normally be reached on IFP.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shahid Merchant can be reached on (571)270-1360.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ARUNAVA CHAKRAVARTI/Primary Examiner, Art Unit 3693