PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov




BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/074,989
Filing Date: 2 Aug 2018
Appellant(s): Quentin et al.



__________________
David D. Brush
For Appellant




EXAMINER’S ANSWER

This is in response to the appeal brief filed 03/31/2021.




Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 10/14/2020 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”














Response to Argument
	In consideration of the appellant’s arguments in the appeal brief filed on 03/31/2021 regarding the current rejection of the instant application under 35 U.S.C. § 102, as being anticipated by Maniar et. al (US Patent Application Publication 2018/0144337 A1), should be sustained.  The appellant’s arguments are based on a narrow interpretation of the claims of the instant application by reading the specification of the instant application (spec) into said claims, but do not consider the broadest reasonable interpretation of said claims, as currently limited, relative to common terms of art and the cited reference Maniar, as a whole.  
	For instance, regarding independent claims 1 and 6-8, the Appellant asserts:
1. The NFC POS Payment Terminal 102 cannot be interpreted as the “Cash
Register” recited in Claim 1 instead of a “Payment Terminal”.  
However, the cash register as claimed in the instant application shows no function other than facilitating communication between electronic devices to process payment for a transaction.  There is not any limitation in the claims that relate to product registration (at the point of sale or otherwise) that would make a correlation between a cash register and a point of sale (POS) terminal, which are considered as like terms of art, an unreasonable interpretation of either term since there is no special definition of cash register noted in the spec of the instant application.  The POS terminal of Maniar performs the functions of the cash register as limited by the claims of the instant application.
2. If the NFC POS Payment Terminal 102 is interpreted as the “Cash Register”, it cannot also be interpreted as the “Payment Terminal” of Claim 1.  
The NFC POS terminal of Maniar is being interpreted as having the same functions of the cash register as limited by the claims of the instant application.  The payment terminal of the instant application serving to establish a second secure communication channel is at least described by the Wi-Fi network/ terminal and transaction processor of Maniar.
Maniar does not disclose all the acts of Claim 1 being implemented by a secured processor of a trusted component (defining a secured execution environment) “executing a trust application”.  
As cited, the NFC terminal of the POS terminal of Maniar performs the functions of the trusted component as limited by the claims of the instant application.  These elements, among others noted by Maniar work together to create a secure environment between devices built on a trust model to facilitate two factor authentication.
	4. Maniar does not disclose the first and second secured communication
channels between the specific devices in claim 1.  
As a whole, Maniar, describes an NFC terminal of a POS terminal establishing a first set of credentials for a user device/ user by identifying said user device through an NFC “tap” event, wherein, if said POS terminal recognizes said user device, said NFC terminal then transmits said credentials to a second device (Wi-Fi or Bluetooth) to allow said user device to receive a second set of credentials (either through the POS terminal or directly to the user device) to complete a transaction.  These functions satisfy the types of devices and their respective functions as limited by the claims of the instant application.
	5. Maniar does not disclose a trusted component acting as a secure relay between a payment terminal and a cash register.  
Maniar, as cited and as a whole, describes an NFC terminal as a payment terminal at a cashier station that relays authentication information between a user device and a POS terminal and then to a Wi-Fi or Bluetooth device to process a transaction on a backend system, wherein said transaction completion confirmation is then sent to either the NFC POS terminal or user device.  Therefore, the NFC terminal of Maniar functions as the trusted component facilitating the secure communication between the other devices.
	

2 and 9, the Appellant asserts:
 Maniar does not disclose a cash register and therefore, cannot disclose a trusted component… extracting the identifier of said cash register from the received first request; searching, within an authorization data structure, for a piece of data corresponding to said identifier of said cash register.  
As noted above, the POS terminal of Maniar functions as the cash register of the instant application and the NFC terminal of Maniar functions as the trusted component, therefore Maniar, as cited, discloses extracting the identification of the cash register from the first communication during the NFC “tap” event exchange of information by using peer-to-peer protocols to exchange information between devices (NFC terminal, POS computer/ terminal and a user device), wherein said information comprises mutual device identification and authentication by said devices.  Device authentication in peer-to-peer exchange protocols is known to include device approval for access based on a search for said device on a data record that lists said device as a member of a peer group that comprises said data record.
The NFC POS terminal of Maniar does not provide its own ID to the user’s mobile device.  
As noted immediately above, this is disclosed during the device ID exchange using peer-to-peer protocols.
Maniar does not disclose: “in response to said search delivering a positive result.”  
However, as cited, Maniar does in fact teach a POS terminal pairing with a user’s mobile device once both devices have been validated by an NFC terminal using peer-to-peer exchange protocols as noted above.



3 and 10, the Appellant asserts:
E.	Maniar does not disclose: searching, within an authorization data structure, for a piece of data corresponding to said identifier of said payment terminal.  
However, as a whole, Maniar discloses an NFC terminal sending user mobile device authentication data to a private network device (Wi-Fi terminal), wherein said user device and private network device authenticate each other (in a secondary manner after the NFC “tap” exchange of data) through the exchange of identification (device and network IDs), data widgets comprising credentials and tokens or cryptographic keys, all of which positively ID all devices involved in a transaction to allow for secure transaction processing (Maniar ¶ [0058-0062]).
F.    Maniar does not disclose: “in response to said search delivering a positive result”.  
As cited and as a whole, Maniar does in fact disclose this by incorporating a lookup feature that identifies a widget of a user mobile device in order to authenticate said mobile device and once said device is authenticated it is allowed to interact/ pair with a Wi-Fi terminal to securely process a transaction.

Regarding dependent claims 4 and 11, the Appellant asserts:
	A.    Maniar does not disclose the specific process disclosed in claim 4: a trusted component acting as a relay between a payment terminal and a cash register, with encryption performed on each leg, and;
  	B.   Specifically, Maniar does not disclose: receiving the first message comprises [a trusted component] receiving a message of confirmation of pairing coming from said payment terminal, which comprises at least one first piece of encrypted pairing confirmation data;
the extracting comprises decrypting said at least one first piece of encrypted pairing confirmation data, delivering the at least one piece of pairing confirmation data.  
However, as cited and as a whole Maniar does in fact disclose an ecosystem of devices on a network comprising at least an NFC terminal (the trusted component as noted above) Maniar, as a whole, also notes that a token may be a cryptographic function and is therefore considered to be the same as encryption.  Once said transaction has been processed, the Wi-Fi or Bluetooth terminals then transmit a confirmation message in the form of a receipt back to the NFC terminal at the POS terminal, wherein said transmission is again secured through exchange of encryption keys (encryption at the source (Wi-Fi or Bluetooth terminal) and decryption at the destination (NFC terminal at the POS terminal)).
	





5 and 12, the Appellant asserts:
C.     Maniar does not disclose that the “at least one first piece of encrypted pairing confirmation data [is transmitted] to the trusted component;” or
D.    Nowhere in Maniar can one find that a payment terminal uses a cash register to transmit encrypted pairing confirmation data to a trusted component.
However, as cited and as a whole, Maniar discloses a wireless network comprising terminals for payment processing (Wi-Fi or Bluetooth) sending pairing confirmation data/ messages to devices in a retail environment comprising an NFC terminal (the trusted component as discussed above) of a POS computer (which is shown as equivalent to a cash register above), and a user mobile device.  Wherein said sending of confirmation data is secured through at least tokenizing of sensitive information (device and network IDs, device locations, etc.) and that said tokenizing includes tokens generated as mathematically reversible cryptographic functions, thereby disclosing encryption (and decryption).  

For the above reasons, it is believed that the rejections should be sustained.

Respectfully submitted,
/MATTHEW S WERONSKI/Examiner, Art Unit 3687                                                                                                                                                                                                        
Conferees:
/NATHAN C UBER/Supervisory Patent Examiner, Art Unit 3687                                
                                                                                                                                                                        /MEHMET YESILDAG/Primary Examiner, Art Unit 3624                                                                                                                                                                                                        



Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.