DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Acknowledgments and Response to Remarks
This action is issued in response to the amendment filed on June 7, 2021. Claims 1-7, 9-10, and 21-31 are currently pending. Claims 8, and 11-20 have been cancelled by Applicant and claims 21-31 are newly added. Claims 1-7, 9-10, and 21-31 have been fully examined.
With respect to the 101 rejection, Applicant is of the opinion that claims integrate the abstract idea into s practical application “which reflects an improvement in the functioning of a computer” The examiner respectfully disagrees and notes that the use of additional elements such as an onboard terminal, a server, a user device, encrypted payment certification information, and a private key certificate does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)).
With respect to the 112 rejections, Applicant’s amendment raise new issues. For example, amended claim 1 and new claims 21 and 28 recite “improving security of the payment authentication request by causing the user device to encrypt payment certification information…” The claim recitation implies that the onboard terminal: 1) 
With respect to the 103 rejection, Applicant is of the opinion that the combination of Briscoe and Florek fails to teach: “improving security of the payment authentication request by causing the user device to encrypt payment certification information using a private key certificate, the encrypted payment certification information including the user identifier and a user device identifier of the user device;” The examiner respectfully disagrees and notes that Briscoe at least in (Col. 4 l. 65-Col. 5 l. 12, Col. 6 ll. 37-54, Col. 7 ll. 18-48, Col. 9 ll. 9-13, Col. 10 ll. 39-61) teaches improving security by encrypting data including user and device identifiers. In addition, Skowronek at least in ([0029]-[0030], [0035]-[0036], [0055], [0058]-[0059]) teaches using asymmetric encryption which uses private key. Therefore, the combination of Briscoe, Florek and Skowronek teach the claimed features.
 	
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.



Claims 1-7, 9-10 and 21-31 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. 
Claims 1-7, and 8-10 are directed to a method (process), claims 21-27 are directed to a terminal (product) and claims 28-31 are directed to a computer storage media (product). Therefore, these claims fall within the four statutory categories of invention.
Claims 1-7, 9-10 and 21-31 are directed to the abstract idea of processing a payment, as explained in detail below. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. 
Analysis
The claims are directed to processing a payment. Specifically, the claims are directed to receiving a payment authentication request, forwarding the payment authentication request, encrypting payment certification information, receiving encrypted payment certification information, sending the payment certification information, receiving certification result, and performing payment processing, which is a commercial or legal interaction grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019)) because the claims involve a series of steps for processing a payment. Accordingly, the claims recite an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent 
The claims do not include additional elements that are sufficient to amount to significantly more than the abstract idea. The claims 1-7, 9-10 and 21-31 only involve the use of computers as tools to automate and/or implement the abstract idea.
 Taking the claim elements separately, the independent claims 1, 21 and 28 involve receiving a payment authentication request, forwarding the payment authentication request, encrypting payment certification information, receiving encrypted payment certification information, sending the payment certification information, receiving certification result, and performing payment processing. This only uses a computer system (e.g., a terminal) to automate or implement the abstract idea of processing a payment. Dependent claim 2 describes establishing a communication. Claim 3 and 22 describe the certification result. Claims 4, 23 and 29 describe acquiring an identifier, encrypting the identifier, and sending the encrypted identifier. Claims 5, 24 and 30 describe requesting establishment of a binding. Claims 6, 25 and 31 describe sending a request and receiving a response. Claims 7 and 26 describe the received response. Claims 9 and 27 describe generating the certification information. Claim 10 describes receiving the encrypted certificate, obtaining a key and decrypting the certificate, and sending the certificate. 
These claims further describe the use of the computer to automate or implement the abstract idea. Therefore, the use of the computer and the mathematical calculations of encrypting and decrypting the information, in each step does no more than employ the computer as a tool to carry out functions corresponding to the acts performed in the 
Viewed as a whole, the combination of elements recited in the claims simply recite the concept of processing a payment, including receiving a payment authentication request, forwarding the payment authentication request, encrypting payment certification information, receiving encrypted payment certification information, sending the payment certification information, receiving certification result, and performing payment processing. The claims do not, for example, purport to improve the functioning of the computer itself. Nor do they effect an improvement in any other technology or technical field.
The use of an onboard terminal, a server, a user device, encrypted payment certification information, and a private key certificate, as a tool to implement the abstract idea does not render the claim patent eligible because it does not provide meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment and requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea.
Conclusion
The claims as a whole do not amount to significantly more than the abstract idea itself. This is because the claims do not effect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a 
Accordingly, there are no meaningful limitations in the claims that transform the judicial exception into a patent eligible application such that the claims amount to significantly more than the judicial exception itself.
Further support for the rationale discussed above can be found at: http://www.uspto.gov/patent/laws-and-regulations/examination-policy/subject-matter-eligibility

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.


Claims 1-7, 9-10 and 21-31 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.
With respect to claims 1, 21 and 28 the claims recite, “improving security of the payment authentication request by causing the user device to encrypt payment certification information…” The claims are directed to actions by an “onboard terminal”. Therefore, the claim recitation implies that the onboard terminal: 1) performs an “improve” action, and 2) causes the user device to encrypt data. However, the Specification is silent to the terminal performing an “improve” action and to encryption of data by a user device being caused by the  terminal.
According to the Specification (PGPub [0119], [0125], [0134]):
…all files are transmitted in an encrypted manner in the process of acquiring the private key certificate, which improves the security of payment authentication.

…the second communication module 212 is configured to forward the payment authentication request to a user device having an established communication connection; and receive encrypted payment certification information responded by the user device, the encrypted payment certification information including the user identifier and a user device identifier…

…the encrypted payment certification information is obtained by the user device by encrypting payment certification information using a private key certificate, wherein the payment certification information is generated by the user device in response to the payment authentication request
 
Therefore, the new language constitutes new matter.
With respect to claim 3, the claim recites: “indicates whether there is a binding relationship…” without clearly defining how the “indicates whether there is a binding relationship…” is performed. An algorithm or steps/procedure taken to perform the function “indicates whether there is a binding relationship” must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor 
Dependent claims 2-7, 9-10, 22-27, and 29-31 are also rejected for being directed to the limitations of the rejected claims 1, 21 and 28.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This application currently names joint inventors. In considering patentability of the claims, the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-7, 9-10 and 21-31 are rejected under 35 U.S.C. 103 as being unpatentable over Briscoe et al. (US Patent No. 7,464,402)  in view of Florek et al. (US Patent Publication No. 2010/0274677), further in view of Skowronek (US Patent Publication No. 2009/0106160).
With respect to claims 1, 21 and 28, Briscoe et al. teach:
receiving, by …a terminal, … authentication request sent by a server, the … authentication request including a user identifier; (Col. 6 l. 66-Col. 7 l. 17, Col. 7 ll. 13-59, Col. 8 ll. 37-65)
forwarding the … authentication request to a user device,; (FIG. 5, Col. 7 ll. 13-59, Col. 8 ll. 37-65)
improving security of the payment authentication request by causing the user device to encrypt payment certification information… (Col. 4 l. 65-Col. 5 l. 12, Col. 6 ll. 37-54, Col. 7 ll. 18-48, Col. 9 ll. 9-13, Col. 10 ll. 39-61)

receiving… encrypted payment certification information responded by the user device; (Col. 6 ll. 49-54, Col. 8 l. 66-Col. 9 l. 20)
sending… the encrypted payment certification information to the server, (FIG. 2, FIG. 4, Col. 8 ll. 8-32, Col. 9 l. 21-35)
In addition, with respect to claims 21 and 28, Briscoe et al. teach:
one or more processors; (Col. 3 ll. 23-53, Claims 1, 20, 21)
one or more computer storage media coupled to the one or more processors, the one or more computer media storing thereon a computer-executable modules that, when executed by the one or more processors, perform associated acts, (Col. 3 ll. 23-53, Claims 1, 20, 21)
the computer- executable modules comprising: a first communication module …
a second communication module …a processing module…(Col. 3 ll. 23-53, Claims 1, 20, 21)
Briscoe et al. do not explicitly teach:
an onboard terminal
…encrypt payment certification information using a private key certificate… 
receiving, by the first communication module, a certification result sent by the server, and
performing, by a processing module of the onboard terminal, payment processing according to the certification result. 
However, Florek et al. teach:

receiving… a certification result sent by the server; ([0021]-[0027]) 
performing… payment processing according to the certification result. ([0021]-[0027]
In addition, Florek et al. teach:
encrypted information. ([0020], Claims 19-20)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the authentication system of Briscoe with the payment authorization server and portable POS, as taught by Florek et al., in order to perform a transaction using a portable terminal based on transaction authorization. (Florek et al., Abstract, [0006]-[0010])
Briscoe et al. and Florek et al. do not explicitly teach:
…encrypt payment certification information using a private key certificate, 
However, Skowronek teaches:
encrypting payment certification information using a private key certificate. (asymmetric encryption, ([0029]-[0030], [0035]-[0036], [0055], [0058]-[0059])
In addition, Skowronek teaches”
one or more processors; ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])
one or more computer storage media coupled to the one or more processors, the one or more computer media storing thereon a computer-executable modules that, when executed by the one or more processors, perform associated acts, ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])
the computer- executable modules comprising: a first communication module …

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the payment system of Briscoe et al. and Florek et al., with the transaction details including the user information and device information, and device components, as taught by Skowronek, in order to authorize transaction by several software modules using user information and device information. (Skowronek: Abstract, [0016])
With respect to claim 2, Briscoe et al., Florek et al. and Skowronek teach the limitations of claim 1.
Moreover, Briscoe et al. teach:
wherein the user device is in an established communication with the … terminal. (Col. 9 l. 53-Col. 10 l. 38)
With respect to claims 3 and 22, Briscoe et al. Florek et al., and Skowronek teach the limitations of claims 1 and 21.
Moreover, Skowronek teaches:
wherein the certification result indicates whether there is a binding relationship between the user identifier and the user device identifier established by the server. (FIGS 3A-3E, [0038], [0043], [0045]-[0046], [0055], [0073]-[0077], [0081]-[0083])
With respect to claims 4, 23 and 29, Briscoe et al. Florek et al. and Skowronek teach the limitations of claims 1, 21 and 28.
Moreover, Skowronek teaches:

acquiring…the user device identifier, (FIG. 6, [0076]-[0079])
encrypting…the user device identifier and the user identifier; ([0047]-[0048], [0055], [0058-[0059], [0063], [0068])   
sending…the encrypted user device identifier and the encrypted user identifier to the server. ([0076]-[0080])
an acquiring module…an encryption module… ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])
With respect to claim 5, 24 and 30, Briscoe et al., Florek et al. and Skowronek teach the limitations of claims 4, 23 and 29.
Moreover, Skowronek teaches:
sending…a request to the server to establish a binding relationship between the user device identifier and the user identifier. (FIGS. 5A-5B, items 516, 522, 524, [0062], [0066]-[0068])
a first communication module … ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])
With respect to claims 6, 25 and 31, Briscoe et al., Florek et al. and Skowronek teach the limitations of claims 4, 23 and 29.
Moreover, Skowronek teach:
acquiring the user device identifier comprises: 
sending… a binding request to the user device; (NFC communication: FIG. 2B, [0022], [0029], [0076]-[0079])

an acquiring module … an encryption module ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])
With respect to claims 7 and 26, Briscoe et al., Florek et al., and Skowronek teach the limitations of claims 6 and 25.
Moreover, Skowronek teach:
wherein the binding response includes the user device identifier. FIG. 2B, FIG. 6, [0022], [0029], [0076]-[0079])
With respect to claims 9 and 27, Briscoe et al., Florek et al., and Skowronek teach the limitations of claims 1 and 21.
Moreover, Briscoe et al. teach:
the payment certification information is generated by the user device in response to the payment authentication request. (Col. 8 l. 66-Col. 9 l. 20)
With respect to claim 10, Briscoe et al., Florek et al., and Skowronek teach the limitations of claim 4.
Moreover, Skowronek teaches:
after the sending the encrypted user device identifier and the encrypted user identifier to the server, 
receiving the private key certificate encrypted and sent by the server, the private key certificate being generated by the server according to the user device identifier and the user identifier; ([0040], [0076], [0085])

sending the private key certificate to the user device. [0029]-[0030], [0035]-[0036], [0055], [0058]-[0059])
first communication module … decryption module… second communication module … ([0016]-[0020], [0029]-[0043], [0050], [0076]-[0083])

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMA ASGARI whose telephone number is (571)272-2037.  The examiner can normally be reached on M-F 9am-6pm.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on (571)272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SIMA ASGARI/Examiner, Art Unit 3685                                                                                                                                                                                                        
                                                                                                                                                                        /Mohammad A. Nilforoush/Primary Examiner, Art Unit 3685