DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, 15/473,026, was filed on 03/29/2017, and is a Continuation-In-Part (CIP) of PCT/US16/21045, filed 03/04/2016 (now abandoned).  The PCT claims priority from three Provisional Applications, the oldest being 62/128,476, filed 03/04/2015.  In addition, the present application directly claims priority from two Provisional Applications, the oldest being 62/314,900, filed 03/29/2016.  The earliest possible effective filing date of the present application is after the AIA  date of March 16, 2013, and so the application is being examined under the “first inventor to file” provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Status of the Application
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on April 6, 2021 has been entered.
This Non-Final Office Action is responsive to the IDS filed on July 16, 2021.  
Claims 1-3, 5-10, 12-14, 16-19, and 21-24 are pending, of which claims 1 and 14 are independent.
In the most recent response, independent claims 1 and 14 have been amended. 
Claims 4, 11, 15, and 20 were previously cancelled. 
All pending claims have been examined on the merits.  

Information Disclosure Statement
The Information Disclosure Statements (IDS) submitted on June 8, 2021 and July 16, 2021 have been considered. 


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1 and 14 are provisionally rejected on the ground of provisional obviousness-type nonstatutory double patenting as being unpatentable over claims 1, 14, and 18 of copending U.S. Application No. 15/692,674, published as US PG-PUB 2018/0130052 to Eisen. 
 (Earliest possible effective filing date of present application: 03/04/2015. Earliest possible effective filing date of U.S. Application No. 15/692,674 is 10/09/2015).
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not been patented. 
Independent claims 1 and 14 and dependent claim 11 of the present application are obvious variations of independent claims 1 and 18 and dependent claim 14 of the co-pending patent application, respectively. Although the independent claims at issue are not identical, the present claims are obvious variations of the co-pending application(s), due to shared claim language. 
The table below shows the claims 1 and 11 in the pending application (claim 18 recites similar features as claim 1) and their respective claims in the other patent application.  Important limitations are highlighted in bold font.

U.S. Application No. 15/473,026 
(Present Application)
U.S. Application No. 15/692,674
1.    A method for authenticating an online transaction, said method comprising:

receiving image data of a visual graphical barcode from a user device, wherein the visual graphical barcode is configured to be displayed on an unauthenticated device for conducting the online transaction;

analyzing, with aid of one or more processors, the image data to obtain a transaction validation identifier (ID);

comparing, with aid of the one or more processors, the transaction validation ID to a pre-stored validation ID;

comparing, with aid of the one or more processors, a first set of collection data from the user device to a second set of collection data that is pre-stored; and

determining, with aid of the one or more processors, whether to approve or reject the online transaction based on 
(1) a match between the transaction validation ID and the pre-stored validation ID, and 
(2) a match between the first set of collection data and the second set of collection data that is pre-stored.
1. A method of authenticating an online transaction or a log-in process, said method comprising: 

receiving a request to perform a secure authentication step during the online transaction or the log-in process, wherein the secure authentication step is performed when a card having a magnetic stripe is swiped through a card reader; 

receiving data collected about the card from the card reader, wherein said data is collected via a magnetic head on the card reader and comprises (i) a magnetic fingerprint of the magnetic stripe on the card, and 
(ii) at least one swipe characteristic associated with the swiping motion of the card; 

receiving a card reader identifier from the card reader; 

comparing, with aid of one or more processors, (1) the magnetic fingerprint of the magnetic stripe to a prestored magnetic fingerprint, 
(2) the at least one swipe characteristic to a prestored swipe characteristic, and 
(3) the card reader identifier to a prestored card reader identifier; and 

determining, with the aid of the one or more processors, whether to approve or reject the online transaction or the log-in process based on a match: 
(1) between the magnetic fingerprint of the magnetic stripe and the prestored magnetic fingerprint, 
(2) between the at least one swipe characteristic and the prestored swipe characteristic, and 


14. The method of claim 1, wherein the at least one swipe characteristic comprises a speed, direction, angle, timing, or pressure of the swipe as the card is swiped through the card reader.

“A generic claim cannot be allowed to an applicant if the prior art discloses a species falling within the claimed genus.” The species in that case will anticipate the genus. In re Slayter, 276 F.2d 408, 411, 125 USPQ 345, 347 (CCPA 1960). See also MPEP § 2131.02. 
Independent claims 1 and 14 in the present are more generic than the corresponding independent claims in co-pending US App. 15/692,674, because:
The present application’s claim 1 recites: “(1) a match between the transaction validation ID and the pre-stored validation ID”, which is more generic than the co-pending application’s claim 1, which recites: “a match: (1) between the magnetic fingerprint of the magnetic stripe and the prestored magnetic fingerprint”; and
The present application’s claim 1 recites: “(2) a match between the first set of collection data and the second set of collection data that is pre-stored”, which is more generic than the co-pending application’s claim 1, which recites: “a match: … (2) between the at least one swipe characteristic and the prestored swipe characteristic, and (3) between the card reader identifier and the prestored card reader identifier”.
These arguments also apply to independent claim 14 in the present application, and its corresponding independent claim 18 in co-pending US App. 15/692,674. 

Allowable Subject Matter
The previously presented 35 USC § 103 rejections are withdrawn, in response to applicant’s statement in pages 8 and 9 of the response, that: 
[N]one of the references teaches or discloses “in response to a request from the service provider server, generating, by the authentication server, a visual graphical barcode encoding information based at least in part on the request”, as recited in claim 1. Claim 14 recites similar language. In fact, the QR code in Jiang is generated by the unauthenticated device. See Jiang at paragraph [0035] (“The virtual desktop client on the unauthenticated computing device 401 then encodes the client ID, unique device ID and IP information into the image (e.g., QR code) and displays the image on the screen.”)

Furthermore, nowhere in Jiang discloses “instructing the service provider server to display at least a portion of the information about the identity of the user on the unauthenticated device to be verified by the user thereby verifying the unauthenticated device”, as recited in claim 1. Claim 14 recites similar language. Jiang describes “the broker 402 will send the message to the computing device 401 to inform he virtual desktop client on the computing 

None of the other references cited in the rejection (US 8,556,164 B1 to Freedman et al. or US 8,777,104 to Brock et al.) remedy these deficiencies in Jiang by disclosing these features in combination with the other claimed features of independent claims 1 and 14.

RESPONSE TO ARGUMENTS
Re: Claim Rejections – Double Patenting 
The previously presented double patenting rejections are all maintained, in response to applicant’s statement in page 6 of the response, that: “Applicants will submit a terminal disclaimer addressing this rejection should the claims of either case be deemed allowable.” 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2011/0270751 A1 to Csinger.  See Figs. 1 and 10, and para. [0107]:
[0107] Referring now to FIG. 10, once the user has entered the application, it may utilize one of several different buttons 430, 440, 450, 460. For example, if a code is provided, the user simply selects the barcode scan 410 and a camera is enabled that permits the capture and conversion of the information encoded into the bar code. Additionally, in this embodiment, the identity selector application includes an optional button 440 to permit the generation of a one-time payment code. In this event, the user would generate a single use code that is much like a visa or debit card number and could be effectively used in place of a “fixed” credit card number to permit a single financial transaction. The interface could also optionally provide a button 450 that, when selected, would generate of one or more one-time codes that could be used in place of a corporate network log-in or otherwise used to help “validate” the identity of the party to a requested transaction. In each instance, these one time codes would provide a single instance of user-authentication or approval. Finally, the interface would include standard components such as credentials button 460 that would permit the user to enter, modify or delete any credentials that may be stored on the identity selector application 105.

US 2013/0133086 A1 to Lieberman.  See para. [0087] and [0157]:
[0087] In a particular embodiment, the authorization code codi is advantageously encoded as an image, for example as a matrix barcode or tag. The authorization code is then not directly readable by a person, which prevents the authorization code being visually intercepted by a malicious user who is able to see the screen of the mobile terminal, while allowing it to be read when it is displayed by the mobile terminal, by optical reading means able to read this type of barcode.



Applicants are invited to contact the Office to schedule an in-person interview to discuss and resolve the issues set forth in this Office Action.  Although an interview is not required, the Office believes that an interview can be of use to resolve any issues related to a patent application in an efficient and prompt manner.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Any inquiry concerning this communication or earlier communications should be directed to Examiner Ayal Sharon, whose telephone number is (571) 272-5614, and fax number is (571) 273-1794.  The Examiner can normally be reached from Monday to Friday between 9 AM and 6 PM.  If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ryan Donlon can be reached on (571) 270-3602.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.  
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Sincerely,

/Ayal I. Sharon/
Examiner, Art Unit 3695

December 4, 2021