Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of the Application
	Claims 20-31 have been examined in this application.
The filling date of this application number recited above is September 26, 2018. Priority has been claimed in the Application Data Sheet under Domestic Benefit/National Stage Information with Prior Provisional Application Numbers 62/565656 and 62/635171, therefore the examination will be undertaken in September 29, 2017, as the priority date. 
No additional information disclosure statement (IDS) has been filed to date.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 20-31 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. The Claims are directed to an abstract idea, Methods of Organizing Human Activity. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional computer elements, which are recited at a high level of 
As per claim 20, the claim recites “a method, comprising:
registering, by a credential manager, with a remote service provider;
receiving, from the remote service provider, authorization data indicative of a service transaction identifier of a service transaction facilitated by the remote service provider and a service transaction value amount of the service transaction;
communicating, by the credential manager, authorization response data to the remote service;
receiving, by the credential manager and from a client, user authentication data for logging the client into the credential manager;
establishing, by the credential manager, an active session with the client upon authenticating the user authentication data;
transmitting, by the credential manager, first transaction information corresponding to the service transaction to the client;
receiving, by the credential manager and from a client, transaction selection data corresponding to the service transaction;
and during the active session:
communicating, by the credential manager and to the remote service provider, a customer receipt request comprising the service transaction identifier indicated by the authorization data and authentication data indicative of the active session between the credential manager and the authenticated client;

and transmitting, by the credential manager, the web location identifier associated with the web container of the remote service provider to the client during the active session for display of the second transaction information. 
The limitation of the claims recited above, under its broadest reasonable interpretation, is directed to an organized human activity by performing fundamental economic principles or practices and/or commercial or legal interactions. The method recited above is an interaction between a merchant, a customer, and an intermediary (e.g. credential manager), who organizes the receipts of transactions between the merchant and the customer, to receive and provide receipts, wherein a detailed receipt is provided upon request of the customer. The intent of the invention also includes risk mitigation, as disclosed by Specifications [0088] “Moreover, it is the intent of the present disclosure that personal information data should be managed and handled in a way to minimize risks of unintentional or unauthorized access or use”, wherein risk mitigation is also fundamental economic principles or practices. Therefore, the claims are directed to an abstract idea.
This judicial exception is not integrated into practical application. In particular, the claims recite an additional element of “credential manager subsystem device”, “remote service provider subsystem device”, “client device” to perform the method recited above by instructing the abstract idea to be performed “by” this generic computer component to perform generic functions, such as: register data, receive data, communicate data, establish active session (e.g. communicate through the internet), and transmit data. These general computer components are recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer system; see MPEP 2106.05(f). As disclosed by the Specifications, [0021] discloses generic credential manager subsystem, [0022] discloses generic service provider subsystem, [0023] discloses generic communication methods, and [0024] discloses generic user devices. Additionally, the claim recites data manipulation, such as “the second transaction information configured to be inaccessible to the credential manager”, wherein selecting a particular data source or type of data to be manipulated is adding insignificant extra-solution activity to the judicial exception; see MPEP 2106.05(g). Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a computer based system is recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer system. Mere instructions to apply an exception using a generic computer system and adding insignificant extra-solution activity to the judicial exception cannot provide an inventive concept. The claim is not patent eligible.
Regarding dependent claims, they are still directed to an abstract idea without significantly more.
Claim 21 recites “wherein the at least one service transaction descriptor comprises one of the following: a description of a service provider product associated with the service transaction; or a time associated with the service transaction.”
Claim 22 recites “wherein the second transaction information is also indicative of the service transaction value amount of the obtained service transaction details of the service transaction.”
Claim 23 recites “further comprising providing, by the credential manager subsystem device, the second transaction information to the client device.”
Claim 24 recites “further comprising deleting the second transaction information from the credential manager subsystem device after the providing.”
Claim 25 recites “wherein the second transaction information is a sum of at least two service transactions.”
Claim 26 recites “wherein the customer receipt request comprises an aggregated transaction identifier and authentication data.”
Claim 27 recites “further comprising authenticating the authentication data.”
Claim 28 recites “wherein the authentication data is indicative of a shared secret between the remote service provider subsystem device and the credential manager subsystem device.”
Claim 29 recites “wherein: the authentication data is indicative of a type of the client device that initiated the customer receipt request at the credential manager subsystem device; and the second transaction information comprises an image in a format based at least in part on the type of the client device indicated by the authentication data.”
Claim 30 recites “wherein the authentication data is indicative of a technique used by the credential manager subsystem device to authenticate a customer of the credential manager subsystem device that initiated the customer receipt request at the credential manager subsystem device.”
Claim 31 recites “wherein the authentication data is indicative of a time at which the credential manager subsystem device authenticated a customer of the credential manager subsystem device that initiated the customer receipt request.”
	These additional steps of each claims fail to remedy the deficiencies of their parent claim above because they are merely further limiting the rules used to conduct the previously recited abstract idea, and are therefore rejected for at least the same rationale as applied to their parent claim above.
	Claims 21-31, when analyzed as a whole, considering the additional elements individually and/or as an ordered combination, are held to be patent ineligible under 35 U.S.C. 101 because the additional recited limitations fail to establish that the claims are sufficient to integrate into a practical application and do not amount to significantly more than the judicial exception. Similarly to the independent claims, each claim recites using a generic computer component to perform the abstract idea as mentioned above. Therefore, prong 2 and step 2B analysis are similar to above and these claims are not eligible.
Therefore, Claims 20-31 are not drawn to eligible subject matter as they are directed to an abstract idea without significantly more.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 20-23, 25-28, and 30-31 are rejected under 35 U.S.C. 103 as being unpatentable over Calman et al. (U.S. 2015/0032526) in view of Caldwell (U.S. 2017/0255793) and in view of Ganesan (U.S. 2012/0192255).

As per claim 20, Calman teaches a computer-implemented method, comprising:
receiving, by the credential manager subsystem device and from a client device, user authentication data for logging the client device into the credential manager subsystem device (See Figure 7 – step 708, as disclosed [0079] “The customer may access his/her online banking application by providing a username and a password or something similar thereto in order to access the application”);
establishing, by the credential manager subsystem device, an active session with the client device upon authenticating the user authentication data (It is obvious that once the customer accesses the online banking application by logging-in with a correct username and a password as disclosed in [0079], an active session is established);
transmitting, by the credential manager subsystem device, first transaction information corresponding to the service transaction to the client device (See Figure 7 – step 710, as disclosed [0080] “Once the customer accesses his/her online banking application the system may present purchase transaction data to the customer in association with the transaction on the online banking application, as illustrated in block 710”);
receiving, by the credential manager subsystem device and from a client device, transaction selection data corresponding to the service transaction (See Figure 8 which displays an example screen of the banking application, showing “information on selected transaction” meaning the user has selected a transaction data);
and during the active session:
communicating, by the credential manager subsystem device and to the remote service provider subsystem device, a customer receipt request comprising the service transaction identifier indicated by the authorization data and authentication data indicative of the active session between the credential manager subsystem device and the authenticated client device ([0081] “Furthermore, there is a link for the online banking application to access the e-receipt (illustrated in FIG. 3)” by which the customer receipt request is communicated during the active session, after the user has logged into the online banking application, to view the detailed receipt from the merchant’s link when the user selects a transaction); and
receiving, at the credential manager subsystem device and from the remote service provider subsystem device, a web location identifier associated with a web container of the remote service provider subsystem device, the web container configured to store second transaction information indicative of a service transaction descriptor of the service transaction that is different from the first transaction information, … ([0082] “The link illustrated in FIG. 8 provides a link to the image of the purchase transaction data (such as the e-receipt illustrated in FIG. 3)” which the link (e.g. web location identifier) is provided by the online banking application during an active session to allow the customer to view the detailed receipt as shown in Figure 3 upon accessing the link, as disclosed [0061] “FIG. 3 illustrates an interface of an electronic communication between a merchant and a customer providing purchase transaction data to the customer 300, in accordance with one embodiment of the present invention”); and
transmitting, by the credential manager subsystem device, the web location identifier associated with the web container of the remote service provider subsystem device to the client device during the active session for display of the second transaction information in the user interface of the client device ([0138] “Furthermore, the process application 258 may provide a link to a copy of the e-receipt directly accessible from the online banking application. This way the customer may be able to visualize the exact communication he/she had with the merchant all while in his/her online banking application”). 

Calman may not explicitly disclose, but Caldwell discloses:
registering, by a credential manager subsystem device, with a remote service provider subsystem device ([0004] “A method, in a further embodiment, includes identifying a transaction made with a predefined third party within a set of transactions” and [0013] “In a further embodiment, a trusted hardware device is configured to identify transactions with a plurality of predefined third parties within a set of transactions” and [0014] “In a further embodiment, a backend hardware server identifies a transaction made with a predefined third party within a set of transactions” wherein a “predefined third party” by definition would mean a third party that has been established in advance, which is obvious to be interpreted as being registered with the system to be included as a “predefined” third party);
receiving, from the remote service provider subsystem device, authorization data indicative of a service transaction identifier of a service transaction facilitated by the remote service provider subsystem device and a service transaction value amount of the service transaction (See Figure 7 – steps 702 and 704, as disclosed [0147] “The method 700 begins and an aggregation module 104 aggregates 702 a set of transactions for a user from a first data source (e.g., an aggregation server, a third party service provider 108, a financial institution, or the like). An aggregation module 104 identifies 704 a transaction made with a predefined third party (e.g., a retailer, a vendor, a business, a third party service provider 108, another entity, or the like) within the aggregated 702 set of transactions”. See Figure 6 – 602 to 606 which shows the aggregated set of transactions displaying transaction identifier and transaction value amount);
communicating, by the credential manager subsystem device, authorization response data to the remote service provider device (See Figure 7 – step 706, as disclosed [0148] “An aggregation module 104 uses 706 electronic credentials for the user to login to an account of the user on a hardware server of the third party”);
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize registering and communicating with a service provider (third party) as in Caldwell in the system executing the method of Calman which receives transaction data from the service providers, with the motivation of offering [0003] to help users to manage and/or track the user’s own personal data and to help keep the access to the data as taught by Caldwell over that of Calman.

Calman may not explicitly disclose, but Ganesan discloses:
the second transaction information configured to be inaccessible to the credential manager subsystem device ([0038] “Furthermore, the website also communicates a request for the user's signature on the identified transaction to the security server. The security server calculates a one-time -password as a function of (i) the secret it shares with the web site and (ii) the applicable transaction details displayed in the pop-up window, and displays the one-time -password to the user in the pop-up window. The user enters (perhaps by cutting and pasting) this one-time -password onto the web page, which serves as the user's signature on the transaction, which is thereby transmitted to the web site” wherein the one time password being provided to the user by a pop-up window in order to authenticate the transaction at the website causes the transaction to be inaccessible by the credential manager subsystem device).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize one time password provided to the user for authorization as in Ganesan in the system executing the method of Calman which can access the website for transaction data through the link, with the motivation of offering to [0008-0010] “develop a new transaction authentication technique that can be more ubiquitously applied to a larger number of transactions without compromising usability and cost, develop new pop up substitutes to communicate information such as transaction signatures, and develop a technique for better risk management based on user activity information” as taught by Ganesan over that of Calman.

As per claim 21, Calman teaches the computer-implemented method of claim 20, wherein the at least one service transaction descriptor comprises one of the following: a description of a service provider product associated with the service transaction; or a time associated with the service transaction (See Figure 3 which shows under order details the description of the product and the time shown at top right corner). 

As per claim 22, Calman teaches the computer-implemented method of claim 20, wherein the second transaction information is also indicative of the service transaction value amount of the obtained service transaction details of the service transaction (See Figure 3 which shows the price for each product). 

As per claim 23, Calman teaches the computer-implemented method of claim 20, further comprising providing, by the credential manager subsystem device, the second transaction information to the client device ([0081] “Furthermore, there is a link for the online banking application to access the e-receipt (illustrated in FIG. 3)”). 

As per claim 25, Calman teaches the computer-implemented method of claim 20, wherein the second transaction information is a sum of at least two service transactions (See Figure 3 showing item subtotal). 

As per claim 26, Calman may not explicitly disclose, but Caldwell teaches the computer-implemented method of claim 20, wherein the customer receipt request comprises an aggregated transaction identifier and authentication data ([0147] “The method 700 begins and an aggregation module 104 aggregates 702 a set of transactions for a user from a first data source (e.g., an aggregation server, a third party service provider 108, a financial institution, or the like). An aggregation module 104 identifies 704 a transaction made with a predefined third party (e.g., a retailer, a vendor, a business, a third party service provider 108, another entity, or the like) within the aggregated 702 set of transactions” and [0148] “An aggregation module 104 uses 706 electronic credentials for the user to login to an account of the user on a hardware server of the third party”). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize aggregated transaction identifier and authentication data as in Caldwell in the system executing the method of Calman, with the motivation of offering [0003] to help users to manage and/or track the user’s own personal data and to help keep the access to the data as taught by Caldwell over that of Calman.

As per claim 27, Calman may not explicitly disclose, but Caldwell teaches the computer-implemented method of claim 26, further comprising authenticating the authentication data (See Figure 7 – steps 706 and 708 wherein the process would proceed after authenticating the provided credentials). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize authentication as in Caldwell in the system executing the method of Calman, with the motivation of offering [0003] to help users to manage and/or track the user’s own personal data and to help keep the access to the data as taught by Caldwell over that of Calman.

As per claim 28, Calman may not explicitly disclose, but Caldwell teaches the computer-implemented method of claim 26, wherein the authentication data is indicative of a shared secret between the remote service provider subsystem device and the credential manager subsystem device ([0004] “In certain embodiments, a method includes using electronic credentials for a user to login to an account of the user on a hardware server of a third party” wherein [0013] “An apparatus, in one embodiment, includes a trusted hardware device authorized by a user to use a plurality of electronic credentials for the user … A trusted hardware device, in certain embodiments, is configured to use electronic credentials for a user to login to accounts of the user with a plurality of predefined third parties” by which the system is using the user’s credentials to log-in to the account of the third parties would mean a shared secret that the both systems knows the user’s credentials). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize user’s credentials as a shared secret as in Caldwell in the system executing the method of Calman, with the motivation of offering [0003] to help users to manage and/or track the user’s own personal data and to help keep the access to the data as taught by Caldwell over that of Calman.

As per claim 30, Calman teaches the computer-implemented method of claim 26, wherein the authentication data is indicative of a technique used by the credential manager subsystem device to authenticate a customer of the credential manager subsystem device that initiated the customer receipt request at the credential manager subsystem device (See Figure 7 – step 708, as disclosed [0079] “The customer may access his/her online banking application by providing a username and a password or something similar thereto in order to access the application” wherein a correct log-in would authenticate the customer who can afterwards initiate the receipt request). 

As per claim 31, Calman may not explicitly disclose, but Ganesan teaches the computer-implemented method of claim 26, wherein the authentication data is indicative of a time at which the credential manager subsystem device authenticated a customer of the credential manager subsystem device that initiated the customer receipt request (See Figure 3 which displays a log data showing times for each of the user’s activities, including one time password authentication).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize log data with time indication as in Ganesan in the system executing the method of Calman, with the motivation of offering to [0008-0010] “develop a new transaction authentication technique that can be more ubiquitously applied to a larger number of transactions without compromising usability and cost, develop new pop up substitutes to communicate information such as transaction signatures, and develop a technique for better risk management based on user activity information” as taught by Ganesan over that of Calman.

Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Calman in view of Caldwell and in view of Ganesan, in further view of McDermott (U.S. 2017/0201799).

As per claim 24, Calman may not explicitly disclose, but McDermott teaches the computer-implemented method of claim 23, further comprising deleting the second transaction information from the credential manager subsystem device after the providing ([0044] “A file may be modified at any time and in any manner. Modification of a file may include the addition, as well as the deletion, of any desired content, such as audio, video, text, and still images … The file may be modified manually by a user, as well as automatically by the server 112”). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize automatically deleting the file (e.g. detailed receipt) as in McDermott in the system executing the method of Calman, with the motivation of offering to [0006] enhance customer service and provide customers efficient and easy access to information regarding the proposed services as taught by McDermott over that of Calman.

Claim 29 is rejected under 35 U.S.C. 103 as being unpatentable over Calman in view of Caldwell and in view of Ganesan, in further view of Taskett (U.S. 6,115,458).

As per claim 29, Caldwell teaches the computer-implemented method of claim 26, wherein: the second transaction information comprises an image ([0082] “The link illustrated in FIG. 8 provides a link to the image of the purchase transaction data (such as the e-receipt illustrated in FIG. 3)” wherein Figure 3 displays an image of each order).

Calman may not explicitly disclose, but Taskett teaches
the authentication data is indicative of a type of the client device that initiated the customer receipt request at the credential manager subsystem device; and the second transaction information comprises a [data] in a format based at least in part on the type of the client device indicated by the authentication data ((Col 9 Line 38) "if the request for summary data is from a TTY device, a modem, a PC (e.g., in the form of an e-mail request), or some other modality, then host system will retrieve a subroutine which will permit host system to communicate with the requesting entity in a manner compatible with the format and communication protocol of the request"). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize formatting the image based on the type of the device as in Taskett in the system executing the method of Calman, with the motivation of offering to (Col 2 Line 30) overcome the cumbersome and expensive foregoing methods for supplying summary transaction information as taught by Taskett over that of Calman.

Response to Arguments
Applicant's arguments, see page 7, filed 16 November 2020, with respect to the 35 U.S.C. 101 rejection have been fully considered but they are not persuasive. The significant amendments to Claim 20 and newly added Claims 21-31 have been analyzed under the Alice/Mayo test and have been rejected as discussed above under the 35 U.S.C. 101 rejection.
Applicant’s arguments, see pages 7 to 9, with respect to the 35 U.S.C. 103 rejection have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Bailey et al. (U.S. 9,230,066 B1) discloses an improved technique authenticates a user based on an ability to corroborate previous transaction data sent by a user device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY H JUNG whose telephone number is (571)270-5018.  The examiner can normally be reached on Mon - Fri 8:30 - 4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christine M Behncke can be reached on 571-272-8103.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/H.H.J./           Examiner, Art Unit 3697                                                                                                                                                                                            
	
	/CHRISTINE M BEHNCKE/           Supervisory Patent Examiner, Art Unit 3697