DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 1-9 are withdrawn without traverse.
Claim 10 has been amended.
Claims 11-19 are previously presented
Claims 10-19 are pending and are presented to be examined upon their merits.

Response to Arguments
Applicant's arguments filed November 04, 2021 have been fully considered but they are not persuasive. 
In making an obviousness rejection, it is respectfully submitted that references are not read in isolation, but for what they suggest to one of ordinary skill in the art. Thus "the use of patents as references is not limited to what the patentees describe as their own inventions or to the problems with which they are concerned. They are part of the literature of the art, relevant for all they contain." In re Heck, 699 F.2d 1331, 1332-33, 216 USPQ 1038, 1039 (Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 1968)).
It should also be noted that a reference may be relied upon for all that it would have reasonably suggested to one having ordinary skill the art, including non-preferred embodiments. Merck & Co. v. Biocraft Laboratories, 874 F.2d 804, 10 USPQ2d 1843 (Fed. Cir.), cert. denied, 493 U.S. 975 (1989). See also Upsher-Smith Labs. v. Pamlab, LLC, 412 F.3d 1319, 1323, 75 USPQ2d 1213, 1215 (Fed. Cir. 2005) (reference disclosing optional inclusion of a particular component teaches compositions that both do and do not contain that component); Celeritas Technologies Ltd. v. Rockwell International Corp., 150 F.3d 1354, 1361, 47 USPQ2d 1516, 1522-23 (Fed. Cir. 1998) (The court held that the prior art anticipated the claims even though it taught away from the claimed invention. "The fact that a modem with a single carrier data signal is shown to be less than optimal does not vitiate the fact that it is disclosed.").[see MPEP 2123]
a first handle” for processing payment by exchanging data with the mobile device and the electronic application.” and  wherein the Applicant maintains that,  “the payment server has improved the computer security by using the handle,” it is asserted, “because the handle does not involve a physical card or payment information.” It is respectfully submitted that during examination, a claim must be given its broadest reasonable interpretation consistent with the specification as it would be interpreted by one of ordinary skill in the art [see MPEP 2111].
	Thus, in computer programming, a handle is an abstract reference to a resource that is used when application software references blocks of memory or objects that are managed by another system like a database or an operating system [see Google definition]. It is also known in the art for quite some time that handle protocols allow handle servers to authenticate their clients and provide data integrity service upon client request. Public key and/or secret key cryptography can be used for this [see Lannom, L., “Handle System Overview” Secured Name Service, page 5 (May 12, 2000)]. Thus under the broadest reasonable interpretation, a handle can be considered as a public/private key used to authenticate a user via a user device to perform a transaction. Moreover, the exchange and/or transmission of secured data (e.g., protocol key data, as well as credentials) between the server and client devices are considered conventional [e.g., two-way authentication, FOBs, encrypted files, passcodes etc.,] 
	In this case, Bishop generally teaches that purchase transactions are conducted by receiving a transaction request from a user at a server [see 0013]. Transaction security is performed by issuing a challenge to the user; receiving a response from the user based upon the challenge, processing the response to verify a transaction instrument; assembling credentials which include one key for electronic transaction, providing a portion of the credentials to the user; receiving a second request from the user which includes the portion of the credentials; and validating the portion of the credentials with the key to provide access to a transaction service.[see Bishop, also 0037,0093]
 It is respectfully submitted that Bishop further describes that the elements that are used to conduct the transaction are a mobile device (smart card)(202) and an a wallet application [see Bishop, FIG. 1A 0037  and FIG. 2 paras 0038-0039]
With respect, the claim does not require that there not be a physical  card or the exchange of data be necessarily devoid of a physical  card. Thus it seems that the Applicant is arguing for limitations that are not in the claim or bringing limitations from the specification into the claim. This is improper [see MPEP 2111.01 (II)]
 may be created…” and that the customer uses the digital credentials to authenticate the wallet server which, similar to the Applicant’s use of the handle, may complete the electronic transaction as a proxy for the customer. In paragraph 0093 Bishop suggests that in certain embodiments the credentials may involve enhanced security (e.g., VPN, SSL, shared secrets or other cryptographic methods).
It is thus maintained that under the broadest reasonable interpretation, “a handle” (or handles) can be interpreted as a key and/or digital certificate within the assemblage of credentials as suggested in Bishop to provide secure transactions between a server and a client device. It should  also noted below the patentable weight that the Examiner is interpreting the claims based upon the comments and/or issues with the current claim language set forth below.

Examiner’s Comments

Intended Use
MPEP 2103 I C

Claims 10 and 15 recites, “…instructions for causing a processor  of the payment server to:… execute a registration request….to generate and store…., a wallet application identifier for the user account…, and a first handle for processing payment by exchanging data with the mobile device and the electronic wallet application;  receive a payment request…to process payment for an electronic commerce transaction…; process the payment request…using the first data repository to identify the user account profile;   transmit a confirmation request…using the data repository to access the electronic wallet application identifier…the confirmation request for  confirming the payment request to process payment for the electronic commerce transaction for the merchant website;… generate using an encryption key…payment security token for decryption by a server…; …an approval message to update the merchant website…” 	
for causing the processor to receive the registration  with instructions to store the data…”
Claims 12 and 17 recite, “the first handle is active to process a single payment request…wherein …configured to de-activate the first handle…”
Claim 13 and 18 recite, “…for causing the processor to process the registration request with instructions to store the data in the user account profile at the data repository to link the user account…”
Claim 14 and 19 recite, “…instructions for causing the processor to receive a first payment, the first handle for processing payment …”



“Language that suggests or makes a feature or step optional but does not require that feature steps does not limit the scope of a claim under the broadest reasonable claim interpretation. The following types of claim language may raise a question as to its limiting effect: (A) statements of intended use or field of use, including statements of purpose or intended use in the preamble, (B) “adapted to” or “adapted for” clauses, (C) “wherein” or “whereby” clauses, (D) contingent limitations, (E) printed matter, or (F) terms with associated functional language.”[MPEP 2103 I C]

Functional Language
MPEP 2114


Claim 12 recites, “wherein the payment server is configured to….”



“The recitation of the functional limitation of the claimed invention does not serve to differentiate the claims from the prior art. If a prior structure is the same as the claimed structure as described in the Applicant’ specification, then the functional language will not differentiate the claims over the prior art.”[MPEP 2114]




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 10-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bishop (2004/0243520) in view of  Google Definition of a handle and  Lannom, L., “Handle System Overview” Secured Name Service, page 5 (May 12, 2000). Please also consider the recitations of the prior art  in the response to arguments above providing the broadest reasonable interpretation a handle (or  handles)
CLAIM 10
A payment server (404)(140)(Fig. 4) for processing payment for a transaction, the payment server connected to an electronic wallet application (406)(Fig. 4) on or accessible by a mobile device(110), the payment server having non-transitory computer-readable storage medium (408)(Fig. 4) with computer-executable instructions for causing a processor of the payment server to:
  [1] 	execute a registration request from the electronic wallet application to generate
and store, in a user account profile at a data repository, a user account, a wallet
application identifier for the user account of the electronic wallet application, and a first
handle for processing payment by exchanging data with the mobile device and the
electronic wallet application;[ see Bishop [0046];[0085], [0086], also particularly [0037],[0093]] 

In this case Bishop generally teaches that purchase transactions are conducted by receiving a transaction request from a user at a server [see 0013]. Transaction security is performed by issuing a challenge to the user; receiving a response from the user based upon the challenge, processing the response to verify a transaction instrument; assembling credentials which include one key for electronic transaction, providing a portion of the credentials to the user; receiving a second request from the user which includes the portion of the credentials; and validating the portion of the credentials with the key to provide access to a transaction service.[see Bishop, also 0037,0093]
 handle, second handle, handle  (or handles).
However, under the broadest reasonable interpretation of the limitation, in computing system, a handle is an abstract reference to a resource that is used when application software references blocks of memory or objects that are managed by another system like a database or an operating system [Google definition]. 
Lannom teaches that handle protocols allow handle servers to authenticate their clients and provide data integrity service upon client request. Public key and/or secret key cryptography can be used for this [see Lannom, L., “Handle System Overview” Secured Name Service, page 5 (May 12, 2000)]. Thus under the broadest reasonable interpretation, a handle can be considered as a public/private key used to authenticate a user via a user device to perform a transaction (emphasis added).  Since Bishop discloses using a key as part of the exchange and/or transmission of secured data (e.g., protocol key data, as well as credentials) between the server and client devices [see Bishop, FIG. 1A 0037 and FIG. 2 paras 0038-0039]. It would have been obvious before the effective filing date for  Bishop to have been familiar with and have used or have understood the use of handles being  equivalent to cryptographic public/private keys (or at least employed by Bishop). The motivation would have been to anonymously and securely transmit, exchange, access and/or process financial and other transaction data  privately between entities.
[2] 	receive a payment request from an electronic commerce application to process
payment for an electronic commerce transaction at a merchant website, the payment
request indicating the first handle, a merchant identifier and transaction data; [0013];
(Fig. 11)(216)(1104)[0094}]

[3]	 process the payment request by verifying the first handle and the merchant
identifier using the data repository to identify the user account profile storing the
electronic wallet application identifier and the first handle; [0008]; [0035];[0072]

[4] 	transmit a confirmation request to the electronic wallet application using the
data repository to access the electronic wallet application identifier, the confirmation
request including at least a portion of the transaction data, the confirmation request for
confirming the payment request to process payment for the electronic commerce
transaction for the merchant website; [0009];[00057]



response to the confirmation request; [0009];[00057]

[6]	 generate and encrypt a payment security token using an encryption key
associated with the merchant server, the encrypted payment security for decryption by a
merchant server using  a corresponding key;[0088]; [0091-0092]

[7]	 transmit, over a secured channel, the encrypted payment security token to the
merchant server associated with the merchant website; and transmit an approval
message to update the merchant website with payment confirmation notification. [0092];
[0093]; [0095]

CLAIM 11
having non-transitory computer-readable storage medium with computer-executable instructions for causing the processor to receive the registration request with instructions to store the data in the user account profile at the data repository to link the user account and the first handle. [0046], [0085-0086]

CLAIM 12
wherein the first handle is active to process a single payment request, wherein the payment server is
configured to de-activate the first handle after transmitting the payment security token. [0012]

CLAIM 13
The payment server having non-transitory computer-readable storage medium with computer-
executable instructions for causing the processor to process the registration request with instructions to
store the data in the user account profile at the data repository to link the user account and the first
handle for processing payment using the electronic wallet application. (Fig. 1B) (140)[0086]; (Fig.
4)(408)[0052]

CLAIM 14
The payment server of claim 10 having non-transitory computer-readable storage medium with
computer-executable instructions for causing the processor to receive a first payment account, the first
handle for processing payment using the first payment account, and store data in the user account

(140)[0086];(Fig. 4)(408)[0052]

CLAIM 15
having non-transitory computer-readable storage medium with computer-executable
instructions for causing the processor to: process a second registration request to store data in the user
account profile at the data repository to link the user account with a second handle for processing
payment using a second payment account; receive a second payment request to process payment for
another electronic commerce transaction, the payment request indicating the second handle, the
merchant identifier or another merchant identifier, and additional transaction data; process the payment request to determine the user account associated with the second handle using the data stored in the user account profile at the data repository; transmit another confirmation request including at least a portion of the additional transaction data; authorize the user account of the electronic wallet application;
receive another payment confirmation from the electronic wallet application to process payment using the second payment account; transmit another payment security token to the merchant server associated with the merchant identifier or another merchant server associated with the other merchant identifier, the other payment security token for the second payment account; and transmit an approval message for another payment confirmation notification. (Fig. 1B) (140)[0086];(Fig. 4)(408)[0052]

CLAIM 16
The payment server of claim 10 having non-transitory computer-readable storage medium with
computer-executable instructions for causing the processor to process the registration request with
instructions to store the data in the user account profile at the data repository to link the user account
with the first handle by verifying uniqueness of the first handle by determining that the first handle is
different than all handles of the data repository of handles stored on or accessible by the payment
server. (Fig. 1B) (140)[0086];(Fig. 4)(408)[0052]
CLAIM 17
The payment server of claim 10 having non-transitory computer-readable storage medium with
computer-executable instructions for causing the processor to generate or identify a unique handle for


CLAIM 18
The payment server of claim 10 having non-transitory computer-readable storage medium with
computer-executable instructions for causing the processor to generate or identify a time sensitive handle for the first handle, the time sensitive handle being active for the electronic commerce transaction only for a defined period of time. (Fig. 1B) (140)[0086];(Fig. 4)(408)[0052]

CLAIM 19
The payment server of non-transitory computer-readable storage medium with computer-
executable instructions for causing the processor to process the registration request with instructions to
store the data in the user account profile at the data repository to link the first handle with the mobile
device and the electronic mobile wallet, and process the payment request to determine the user account associated with the first handle by: determining the mobile device associated with the first handle using the data in the user account profile at the data repository, the mobile device being associated with the electronic wallet application. (Fig. 1B) (140)[0086];(Fig. 4)(408)[0052]
















Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL S FELTEN whose telephone number is (571)272-6742. The examiner can normally be reached Flex.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Calvin L Hewitt can be reached on 5712726709. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/DANIEL S FELTEN/Primary Examiner, Art Unit 3692