DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on November 10, 2021 has been entered.
 
Acknowledgements
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to the RCE filed on November 10, 2021.
Claims 1-21 are pending.
Claims 1-21 are examined.
This Office Action is given Paper No. 20211119 for references purposes only.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Collinge (WO 2018/031856), in view of Glatt (US 2014/0012762), and further in view of Deliwala (US 2016/0379208). 

Claims 1, 9, 17
Collinge discloses: 
receive transaction data (transaction seed data, see p 9) for settling a payment transaction (transaction, see p 9) between a merchant (merchant, see p 9) and a cardholder (cardholder, customer, see p 6, 9) of the computing device (computing device, e.g. smartphone, see p 8); and
wherein the processor is further configured to control the network interface to transmit the dynamically generated cryptogram (cryptogram, see p 9, figure 4) to a computing system associated with the merchant (merchant, see p 9, figure 4).
Collinge does not disclose:
A secure element;
A network… element;
A processor… element.
Glatt teaches:
a secure element (security element, SE, see [0057]);
a network interface configured to receive an encrypted merchant public key (encrypted public key, EPK, see [0059]) from a remote hardware security module (at time of manufacture, see [0059]) associated with the secure element;
a processor configured to decrypt the encrypted merchant public key (decrypt the encrypted public key, see [0060]) based on a session key (private key, see [0060]) that is shared with the secure element by the remote hardware security module (device manufacturer or acquirer, see [0060]) associated with the secure element.
Collinge discloses receiving transaction data and transmitting a cryptogram. Collinge does not disclose a secure element, receiving an encrypted public key, and decrypting the public key with a session key, but Glatt does. It would have been obvious to one of ordinary skill in the art at the time the invention was filed to combine the cryptographic authentication and tokenized transactions of Collinge with the secure element, receiving an encrypted public key and decrypting the public key with a session key of Glatt because 1) a need exits for a tokenization approach that provides additional benefits in transaction control for merchants and customers (see Collinge p 3); and 2) a need exists for reducing development time for adding payment processing to a device 
Collinge in view of Glatt discloses the limitations above. Collinge in view of Glatt does not disclose:
Dynamically… key.
Deliwala teaches:
dynamically generate, via the secure element, a cryptogram (generate in-app payment cryptogram, see [0030], figure 3) that remotely authenticates the transaction data (e.g. transaction data and amount, see [0025]) and sign the cryptogram with a signature based on the merchant public key (merchant public key, see [0033]), wherein the signature is verifiable by a merchant private key (merchant private key, see [0033]) that corresponds to the merchant public key.
Collinge in view of Glatt discloses a secure element, receiving transaction data, decrypting the public key with a session key, and transmitting a cryptogram. Collinge in view of Glatt does not disclose generating a cryptogram and signing it, but Deliwala does. It would have been obvious to one of ordinary skill in the art at the time the invention was effectively filed to combine the cryptographic authentication and tokenized transactions of Collinge, in view of Glatt, with the generated and signed cryptogram of Deliwala because a need exists for preventing theft and fraud with stored transaction account information (see Deliwala [0004]). Generating and signing the cryptogram will help to improve security.

Claims 2, 10
Furthermore, Deliwala teaches:
display a user interface which includes a plurality of payment options corresponding to a plurality of payment cards of the cardholder stored in a digital wallet (wallet, see [0025]) installed on the computing device, and receive a selection of a payment card (user may select a card, see [0025]) from among the plurality of payment cards via the user interface.

Claims 3, 11
Furthermore, Collinge discloses:
retrieve the merchant public key (key pair, see figure 7, p 17) from a remote key management service via a wallet service provider (wallet provider, see p 9) of a digital wallet (wallet, see p 9) installed on the computing device.

Claims 4, 12
Furthermore, Glatt teaches:
the session key (private key, see [0060]) is hidden (stored in security element, see [0060]) from the wallet service provider.

Claims 5, 13
Furthermore, Collinge discloses:
transmit an identifier (unique identifier, see p 13) to the remote key management system; and
receive a response from the remote key management system which includes the merchant public key (merchant key pair, see p 13) corresponding to the identifier.

Claims 6, 14
Furthermore, Glatt teaches:
encrypt the transaction data (encrypt transaction data, see [0061]), via the secure element, to generate a transaction payload, and sign the transaction payload with the merchant public key (see [0062]).

Claims 7, 15
Furthermore, Collinge discloses:
receive the transaction data, via the secure element, from a web browser (inherent since user accesses website, see p 22) on the computing device.

Claims 8, 16
Furthermore, Collinge discloses:
the merchant public key comprises an encryption key (merchant key pair, see p 13, figure 7) held by a relaying agent (transaction scheme key management services, see p 13) of the merchant which is positioned on a network route between the computing device and a merchant computing system.

Claim 18
Furthermore, Collinge discloses:
the processor chip is configured to generate a digital remote secure payment (DSRP) payload (DSRP cryptogram, see p 10, 15-16) based on the received transaction data, and sign (signature, see p 16, 19) the DSRP payload with the merchant public key.

Claim 19
Furthermore, Collinge discloses:
a consumer device cardholder verification method (CDCVM) module (CDCVM performed, see p 18) which authenticates a user of the computing device, and transmits authentication information (validate transaction performed using authenticated merchant, see p 18) of the user authentication to the processor chip of the secure element.

Claim 20
Furthermore, Collinge discloses:
the processor chip of the secure element is further configured to generate the transaction cryptogram based on the authentication information (validate transaction performed using authenticated merchant, see p 18) received from the CDCVM.

Claim 21
Furthermore, Glatt teaches:
the network interface receives the encrypted merchant public key (encrypted public key, see [0059]) from a remote hardware security module of a manufacturer (at time of manufacture, see [0059]) of one or more of the secure element and the computing device.

Response to Arguments
Applicant argues that the prior art does not disclose dynamically generating a cryptogram, and signing the cryptogram with a signature based on the merchant public key.
Please see new mapping.

Claim Interpretation
After careful review of the original specification and unless expressly noted otherwise by Examiner, Examiner concludes that Applicant is not his own lexicographer.  See MPEP § 2111.01 IV.
Examiner hereby adopts the following definitions under the broadest reasonable interpretation standard. In accordance with In re Morris, 127 F.3d 1048, 1056, 44 USPQ2d 1023, 1029 (Fed. Cir. 1997), Examiner points to these other sources to support her interpretation of the claims.1 Additionally, these definitions are only a guide to claim terminology since claim terms must be interpreted in context of the surrounding claim language. Finally, the following list is not intended to be exhaustive in any way:
configuration “(1) (A) (software) The arrangement of a computer system or component as defined by the number, nature, and interconnections of its constituent parts.” “(C) The physical and logical elements of an information processing system, the manner in which they are organized and connected, or both.  Note: May refer to hardware configuration or software configuration.”  IEEE 100 The Authoritative Dictionary of IEEE Standards Terms, 7th Edition, IEEE, Inc., New York, NY, Dec. 2000.

Conclusion
Any inquiry of a general nature or relating to the status of this application or concerning this communication or earlier communications from Examiner should be directed to Chrystina Zelaskiewicz whose telephone number is 571.270.3940. Examiner can normally be reached on Monday-Friday, 9:30am-5:00pm. If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, Abhishek Vyas can be reached at 571-270-1836.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal/pair <http://pair-direct.uspto.gov>. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free).




    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 While most definition(s) are cited because these terms are found in the claims, Examiner may have provided additional definition(s) to help interpret words, phrases, or concepts found in the definitions themselves or in the prior art.