Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of the Application
This action is in response to claims filed 10/25/2021. Claims 14-17, 21, 23, 24 and 28-30 are further amended a result of the Examiner’s Amendment and an interview conducted November 22, 2021. Claim 22 is cancelled. The agreed upon claim amendments are included herein.

EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Applicant FRANCISCO CORELLA on 11/22/2021.

The application has been amended as follows: 
1-13. (Canceled)
14. (Currently amended) A system for authenticating a cardholder to a merchant, comprising:

an online shopping facility operated by the merchant;
	a computing device operated by the cardholder, comprising:
	a browser;
	a service worker application registered with the browser by a script downloaded by a web site of an issuing bank that participates in the scheme, the service worker application having a scope that specifies Uniform resource locators (URLs) to be intercepted; and
	a bank app provided by the issuing bank, the bank app containing a credit card credential, the credit card credential comprising a private key usable to compute signatures on descriptions of credit card transactions and a credit card certificate,
wherein:
the service worker application intercepts a cardholder authentication request sent by the online shopping facility operated by the merchant containing a description of a credit card transaction and forwards the intercepted request to the bank app;
the bank app displays the description of the credit card transaction and asks the cardholder to confirm the credit card transaction;
the bank app uses the private key to compute a signature on the description of the credit card transaction upon confirmation of the credit card transaction by the cardholder; and
the bank app sends a cardholder authentication response containing the signature and the credit card certificate to the online shopping facility;
	the online shopping facility verifies the signature on the description of the transaction using a public key contained in the credit card certificate; and
	the online shopping facility verifies the credit card certificate using a public key contained in the entry of the scheme database pertaining to the issuing bank.

15. (Currently amended) The system of claim 14 wherein an entry of the scheme database pertaining to the issuing bank further contains a cardholder authentication URL within the scope of the service worker application and the online shopping facility sends the cardholder authentication request to the cardholder authentication URL.

16. (Currently amended) The system of claim 15 the online shopping facility is a merchant app downloaded by a merchant web site operated by the merchant and installed in the computing device.
	




17. (Currently amended) The system of claim 15 the online shopping facility is a merchant web site operated by the merchant.
	




18. (Original) The system of claim 14 wherein the bank app performs biometric authentication of the cardholder using a biometric modality implemented by the computing device.

19. (Original) The system of claim 18 wherein the biometric modality is fingerprint recognition.

20. (Original) The system of claim 18 wherein the biometric modality is facial recognition.

21. (Currently amended) A method of authenticating to a merchant a cardholder who has been issued a credit card by an issuing bank and operates a computing device equipped with a web browser, the issuing bank participating in a scheme for authenticating cardholders that has a scheme database containing an entry for the issuing bank, the entry for the issuing bank containing a public key usable to verify a credit card certificate, the method comprising:
a step, performed by a service worker application registered with the web browser by a script downloaded by a web site of the issuing bank, of intercepting a cardholder authentication request sent by an online shopping facility operated by the merchant containing a description of a credit card transaction and forwarding the intercepted request to a bank app provided by the issuing bank, the bank app containing a credit card credential, the credit card credential comprising a private key usable to compute signatures on descriptions of credit card transactions and a credit card certificate;
a step, performed by the bank app, of displaying the description of the credit card transaction and asking the cardholder to confirm the credit card transaction;
a step, performed by the bank app, of using the private key to compute a signature on the description of the credit card transaction upon confirmation of the credit card transaction by the cardholder; and
a step, performed by the bank app, of sending a cardholder authentication response containing the signature and the credit card certificate to the online shopping facility; and
a step, performed by the online shopping facility, of using the public key contained in the credit card certificate to verify the signature and the public key contained in the entry of the scheme database for the issuing bank to verify the credit card certificate.

22. (Canceled)

23. (Currently amended) The method of claim  21, wherein the online shopping facility is a merchant app downloaded by a merchant web site operated by the merchant and installed in the computing device

24. (Currently amended) The method of claim 21, wherein the  online shopping facility is a merchant web


25. (Previously presented) The method of claim 21 further comprising a step, performed by the bank app, of performing biometric authentication of the cardholder using a biometric modality implemented by the computing device.

26. (Previously presented) The method of claim 25 wherein the biometric modality is fingerprint recognition.

27. (Previously presented) The method of claim 25 wherein the biometric modality is facial recognition.

28. (Currently amended) A computing device operated by a cardholder who has been issued a credit card by an issuing bank, the issuing bank participating in a scheme for authenticating cardholders, a scheme database containing an entry for the issuing bank, the entry for the issuing bank containing a public key usable to verify a credit card certificate, the computing device comprising:
	a browser;
	a service worker application registered with the browser by a script downloaded by a web site of the issuing bank; and
	a bank app provided by the issuing bank, the bank app containing a credit card credential, the credit card credential comprising a private key usable to compute signatures on descriptions of credit card transactions and a credit card certificate,
wherein:
the service worker application intercepts a cardholder authentication request sent by an online shopping facility operated by a merchant containing a description of a credit card transaction and forwards the intercepted request to the bank app;
the bank app displays the description of the credit card transaction and asks the cardholder to confirm the credit card transaction;
the bank app uses the private key to compute a signature on the description of the credit card transaction upon confirmation of the credit card transaction by the cardholder; and
the bank app sends a cardholder authentication response containing the signature and the credit card certificate to theonline shopping facility; and
	wherein the online shopping facility verifies the signature on the description of the credit card transaction using a public key contained in the credit card certificate and verifies the credit card certificate using the public key contained in the entry of the scheme database for the issuing bank.

29. (Currently amended) The computing device of claim 28 the online shopping facility is a merchant app downloaded by a merchant web site operated by the merchant and installed in the computing device.




30. (Currently amended) The computing device of claim 28, whereinthe online shopping facility is a merchant web site operated by the merchant.




31. (Previously presented) The computing device of claim 28, wherein the bank app performs biometric authentication of the cardholder using a biometric modality implemented by the computing device.

32. (Previously presented) The computing device of claim 31 wherein the biometric modality is fingerprint recognition.

33. (Previously presented) The computing device of claim 31 wherein the biometric modality is facial recognition.


Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
Claims 14-21 and 23-33 are allowed.
The closest prior art of record is in view of US10270587 (“Wu”), in view of US2019/0007373 (“Slobodskyy”) and further in view of US2016/0004527 (“Udd”)
Wu teaches a banking /mobile application for use in transactions, with card issuer account confirmation and with digital certification secure communications between the mobile application and the issuer using public keys. 
Slobodskyy teaches web browser application and service worker code. The browser registers and executes the service worker.
Udd teaches a plugin that detects and intercepts URLs to retrieve specific content.

The closest prior art of record taken either individual or in combination with other prior art of record fail to teach or suggest the combination of 
A system for authenticating a cardholder to a merchant, comprising:
	a scheme database comprising a plurality of entries pertaining to credit card issuing banks that participate in a scheme for authenticating cardholders, each entry containing a public key usable to verify a credit card certificate;
	an online shopping facility operated by the merchant;
	a computing device operated by the cardholder, comprising:
	a browser;
	a service worker application registered with the browser by a script downloaded by a web site of an issuing bank that participates in the scheme, the service worker application having a scope that specifies  Uniform resource locators (URLs) to be intercepted; and
	a bank app provided by the issuing bank, the bank app containing a credit card credential, the credit card credential comprising a private key usable to compute signatures on descriptions of credit card transactions and a credit card certificate,
wherein:
the service worker application intercepts a cardholder authentication request sent by the online shopping facility operated by the merchant containing a description of a credit card transaction and forwards the intercepted request to the bank app;
the bank app displays the description of the credit card transaction and asks the cardholder to confirm the credit card transaction;
the bank app uses the private key to compute a signature on the description of the credit card transaction upon confirmation of the credit card transaction by the cardholder; and
the bank app sends a cardholder authentication response containing the signature and the credit card certificate to the online shopping facility;
	the online shopping facility verifies the signature on the description of the transaction using a public key contained in the credit card certificate; and
	the online shopping facility verifies the credit card certificate using a public key contained in the entry of the scheme database pertaining to the issuing bank.

The combination or elements/functions/limitation would not have been obvious to one of ordinary skill in the art, in light of the available prior art at the time of the invention.
Dependent claims 15-20, 23-27 and 29-33 are allowable for the above reasons.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ILSE I IMMANUEL whose telephone number is (469)295-9094. The examiner can normally be reached Monday-Friday 9:00 am to 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NEHA PATEL can be reached on 571-270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ILSE I IMMANUEL/Examiner, Art Unit 3685