DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Acknowledgment
Applicant’s amendment filed on June 1, 2021 is acknowledged. Accordingly claim 1-7 and 9-21 remain pending and have been examined.

Response to Arguments
Applicant’s arguments with respect to claim(s) 1-7 and 9-21 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the 

Claims 1-7 and 9-21 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Gaddis U.S. Patent Application Publication No. 2012/0310753 A1 in view of Synder et al (hereinafter “Synder”) U.S. Patent Application Publication No. 2012/0130898 A1 and further in view of Wong et al (hereinafter “Wong”) U.S. Patent Application Publication No. 2007/0277201 A1

As per claims 1, 9 and 16, Gaddis discloses a method for improving security of a distributed payment system using simple mail transfer protocol (SMTP), the method comprising:
generating, by a processor of a vendor server, a token for use with an email checkout, wherein the token comprises an identifier of a customer, and an email address of the customer, and an identifier of a transaction (0008, which discloses that “Embedded within the communication is a Promotionally Enabled Link or PEL (e.g., email link, SMS link, or link posted on a User's social media site such as Facebook.RTM.  or Twitter.RTM.) permitting the User to purchase the services and/or product without entering any alpha numeric data, such as account login and password, personal contact or financial account information.”;0042, which discloses that “The present invention also comprises a system for purchasing a product or service over the Internet in response to an electronic message sent from an Offer Provider to an established User wherein said User does not input alpha numeric data, comprising: an electronic message generation module providing functionality to transmit electronic messages to Users comprising encrypted Promotionally Enabled Links (PELs) specific to each User”);
sending, by the processor of the vendor server, an SMTP email message that includes a hyperlink and the token to the email address of the customer(see fig. 4, which discloses that merchant or SP sends email describing deal to user (e.g., customer) step 420; User clicks of link in email & is redirected to SP hosted webpage step 430), 
wherein the hyperlink when activated sends an SMTP email response that includes the token from the customer  to an e-commerce system(see fig. 4, which discloses that “User clicks of link in email & is redirected to SP hosted webpage” step 430; 0028, which discloses that “As used herein, the term "link" is used to refer to any item on a webpage or an electronic communication (e.g. email link, SMS link, or link posted on a User's social media site such as Facebook.RTM.  or Twitter.RTM.) that when clicked (i.e., activated), opens a connection (i.e., "jumps" or redirects) to another website, webpage, or delivers more information on the existing webpage.”));
receiving, by the processor of the vendor server, a notification from the e-commerce system indicating that the transaction was successfully processed by the e-commerce system, 
wherein the e-commerce system processes the transaction by
authenticating the SMTP email response message as being from the customer based on an email address of the sender of the SMTP email response message;
decoding the token included in the SMTP email response message to form a decoded token; and
performing the transaction based on the decoded token when the authentication is successful;
completing, by the processor of the vendor server, the email checkout in response to receiving the notification from e-commerce system (0059, which discloses that “The service provider subsequently notifies the merchant 460 in (as close to) real-time that the User confirmed the purchase of the product or service so that they may process the User's order and payment, wherein the service provider passes to the merchant as data parameters values defined by merchant and servicer provider.”); and
What Gaddis does not explicitly teach is:
receiving, by the processor of the vendor server, a notification from the e-commerce system indicating that the transaction was successfully processed by the e-commerce system, 
wherein the e-commerce system processes the transaction by
authenticating the SMTP email response message as being from the customer based on an email address of the sender of the SMTP email response message;
decoding the token included in the SMTP email response message to form a decoded token; and
performing the transaction based on the decoded token when the authentication is successful
Sydner discloses the method comprising:
receiving, by the processor of the vendor server, a notification from the e-commerce system indicating that the transaction was successfully processed by the e-commerce system (0082, which discloses that “If the acceptance decision is positive, the payment network 118, a payment processing system associated with the payment network 118 or the retail merchant allows the transaction to proceed and the consumer is notified that the financial transaction was successful, such as by displaying a confirmation number on a display device in signal communication with the computer used by the consumer.”), 
Wong discloses the method wherein the e-commerce system processes the transaction by:
 authenticating the SMTP email response message as being from the customer based on an email address of the sender of the SMTP email response message (0099, which discloses that “When the token is sent associated with an email message, for example, the token authorization/translation module 350 may determine whether the message is from an authorized sender based on the sender's email address and/or an authorization password provided with the email, such as part of the token or another email attachment.”; 0121, which discloses that “The authorization or authentication, for example, may be determined based on the email address of the sender, a password provided with the email (e.g., as part of the token or another attachment), or another authentication technique.”);
decoding the token included in the SMTP email response message to form a decoded token (0201, which discloses that “At step 804, each token is extracted from the message for further processing.  Each extracted token is then authenticated (step 806), such as by evaluating authentication data contained in the token.”); and
performing the transaction based on the decoded token when the authentication is successful (0201, which discloses that “If the token(s) is determined to be authentic, the process proceeds to step 810.”)
Accordingly it would have been obvious to one of ordinary skill in the art at time of applicant’s invention to modify the method of Gaddis and incorporate a method comprising: receiving, by the processor of the vendor server, a notification from the e-commerce system indicating that the transaction was successfully processed by the e-commerce system, wherein the e-commerce system processes the transaction by authenticating sender of the SMTP email response message and decoding the token included in the SMTP email response message in view of the teachings of Synder and Wong in order to ensure security of the transaction. 

As per claims 2 and 10, Gaddis further discloses the method, wherein the SMTP email message comprises multiple tokens (0008; 0059; 0038).

As per claims 3 and 11, Gaddis further discloses the method, wherein each of the multiple tokens is associated with a different offered product (0035; 0048; 0053).

As per claims 4 and 12, Gaddis further discloses the method, wherein each of the multiple tokens are associated with a different price (see fig. 2A and associated text).

As per claims 5 and 13, Gaddis further discloses the method, further comprising generating, by the processor, a second token for use with an URL checkout, wherein the second token is associated with the same offered product (see claim 2).

As per claims 6 and 14, Gaddis further discloses the method, further comprising posting the second token on a social media website (0004; 0008; 0028).

As per claims 7 and 15, Gaddis further discloses the method, further comprising transmitting a message to the payment server, indicating that the token is in use (0059).

As per claim 17, Gaddis failed to explicitly disclose the method, wherein the authenticating is performed using the decoded token.
Synder and/or Wong discloses the method, wherein the authenticating is performed using the decoded token (Synder: 0035 Wong: 0201).
Accordingly it would have been obvious to one of ordinary skill in the art at time of applicant’s invention to modify the method of Gaddis and incorporate a method wherein the authenticating is performed using the decoded token in view of the teachings of Synder and/or Wong in order to ensure security of the transaction. 

As per claims 18 and 20, Gaddis further discloses the method, wherein the identifier of the customer is the email address of the customer (0059).

As per claims 19 and 21, Gaddis failed to explicitly disclose the system, wherein the authenticating is performed using the decoded token.
Synder and/or Wong discloses the system, wherein the authenticating is performed using the decoded token (Synder: 0035 Wong: 0201).
Accordingly it would have been obvious to one of ordinary skill in the art at time of applicant’s invention to modify the method of Gaddis and incorporate a method wherein the authenticating is performed using the decoded token in view of the teachings of Synder and/or Wong in order to ensure security of the transaction. 

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Charles C. Agwumezie whose number is (571) 272-6838. The examiner can normally be reached on Monday – Friday 8:00 am – 5:00 pm.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Hayes can be reached on (571) 272 – 6708.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/CHINEDU C AGWUMEZIE/Primary Examiner, Art Unit 3685                                                                                                                                                                                                        June 4, 2021