DETAILED ACTION
Status of the Claims
This action is in response to applicant’s responses dated 10/22/2021.
Claims 9-20 have been previously canceled.
Claims 1-3, 21-23, and 27-29 have been newly amended.
Claim 1-8, 21-32 are currently pending and have been examined.
	




Claim Interpretation
It is noted that limitations “to be used for subsequent electronic transaction” and “for performing electronic transactions” are indicative of intended use/result and does not move to distinguish over prior art.


Response to Amendment
	Applicant’s amendments dated 10/22/2021 have been fully considered.


Response to Arguments
	Applicant asserts that the prior art merely discloses whether existing payment credentials that are compatible with the system are available, and not that the “computing device lacks possession of at least one personalized payment credential”. It is noted that DHARMARAJAN disclose the determination of a lack of a credential, e.g. token. (Col/Line: 2/60-3/10, “the client authentication token is missing”). Applicant asserts that this is specific to an instance where the token is “missing from where it previously was stored”. However, no such specific language is found in DHARMARAJAN. If a token is missing, via never existing or via misplacement, as far as a device would be concerned, the device is not in possession of the token.  Therefore the determination being performed in DHARMARAJAN reads on the claimed limitaitons of “determining that… the computing device lacks possession of at least one personalized payment credential.”
	While applicant asserts that the processes of systems of DHARMARAJAN are split and therefore would not read on a 1 to 1 basis on the claims, it is noted that DHARMARAJAN was relied upon for just the determination that a credential was absent and not for the overall composition and arrangement of the system.  KHAN already discloses the system being utilized and the processes of determining an absence of a credentials as disclosed by DHARMARAJAN was being combined into the system and processes of Khan. Therefore it would have been obvious to one of ordinary skill in the art at the time of applicant’s filing that the combination of references would result in the determination that a credential was not available within the normal flow of processes and system of KHAN. 
Furthermore, even if DHARMARAJAN was to be required to teach the specifics orientation of devices of the claims and their processing, it is noted that making integral various aspects of a device/system (In re Larson, 340 F.2d 965, 968, 144 USPQ 347, 349 (CCPA 1965)) as well as making separable (In re Dulberg, 289 F.2d 522, 523, 129 USPQ 348, 349 (CCPA 1961)) have been deemed as obvious variations. 
Therefore applicant’s arguments are not persuasive. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2, 3, 22, 23, 28, and 29 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 2, 22, and 28 recite the limitation "the user interface”.  There is insufficient antecedent basis for this limitation in the claim.


	
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under pre-AIA  35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.	
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 8, 21, 26, 27, 32 are rejected under 35 U.S.C. 103 as being unpatentable over KHAN (US 2015/0095238 A1) in view of DHARMARAJAN (US 7,318,234 B1), KADI (US 2017/0221047 A1), and CHITALIA (US 2017/0278096 A1).
Regarding Claim 1, 21, and 27:
KHAN teaches A method for performing an electronic transaction, the method comprising, aby a credential provisioning application implemented on a computing device: accessing a vendor transaction platform;  determining that: the vendor transaction platform is compatible with the credential provisioning application,…personalized payment credentials for performing electronic transactions with the vendor transaction platform… ([0073], “For example, if device transaction data 754 includes a request to confirm whether electronic device 100 is configured to use a credential associated with a financial institution supported by merchant subsystem 200 (e.g., a specific payment network 360, such as MasterCard or Visa), device application 103 may be configured to poll secure element 145 or another portion of device 100 (e.g., a "wallet" or "Passbook" application of device 100 that may include information indicative of the credentials enabled on secure element 145, such as may be illustrated by the specific icon 182 labeled with a "Passbook" textual indicator 181 (i.e., specific icon 185) of FIG. 4) in order to determine if there is at least one match between the financial entities indicated by device transaction data 754 and the credentials available to device 100.”)
…receiving a payment credential; …([0057], “Screen 190c of FIG. 14C may prompt a user to interact with device 100 in one or more ways to choose a specific credential available to device 100 for making the purchase.”)
completing the electronic transaction through the vendor transaction platform using the …credential, and ([0064], “However, if sufficient funds are present, issuing bank subsystem 370 may approve the requested transaction by transmitting a positive authorization response to acquiring bank subsystem 300 and the financial transaction may be completed.”)
storing the… credential to be used for subsequent electronic transactions. ([0006], “an electronic device may include a communication component, an application processor configured to access an online resource of a merchant server, and a secure element configured to store credential data, a credential key, and an access key”)
KHAN does not explicitly disclose, but DHARMARAJAN, an analogous art of KHAN and the current applicaiton teaches …and the computing device lacks possession of at least one [token] (Col/Line: 2/60-3/10, “When application server 106 receives process request 112 from client computer system 102 and is unable to verify that the client-server session has been authenticated (e.g., the client's authentication token is missing, has expired, or is otherwise not valid), application server 106 saves process request 112 as pending request 114 in a pending request store 116. Application server 106 then generates and sends an 
	It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of determining if tokens are present and requesting further processes if they are not found as disclosed by DHARMARAJAN to the teachings of using payment credentials and selecting desired ones as disclosed by KHAN by having credentials be checked for and a user able to interact to add/select credentials as desired in order to allow for a user to select various payment options as desired and thus improving convenience and accessibility.
	KHAN does not explicitly disclose, but KADI and analogous art of KHAN and the current application teaches generate a personalized payment credential based at least on the payment credential, (Paragraph 0022, 0026, 0032, 0047, 0074, 0075, “For example, when user device 210 requests the authorization token to permit a contactless transaction for a particular account (e.g., a transit account), application server 230 may generate the dynamic card identifier” dynamic card identifier, i.e. token, is generated and provided to a user device for transactions.)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention to combine the teachings of having a personalized payment credential, i.e. token, be generated and provided to a user device upon request, as disclosed by KADI to the teachings of having credentials be requested when missing and making transactions with selected payment credentials as disclosed by the combination of KHAN and DHARMARAJAN by having credentials be requested and generated when they are not found in order to increase security and not use the true payment credentials for transactions while still maintaining the accessibility and convenience of utilizing various payment options. 
While the combination of KHAN, DHARMARAJAN, and KADI disclose the generation of a token, i.e. a personalized payment credential. The combination does not explicitly disclose that such a generation would occur at an application of an initial computing device. Although it is the Office’s understanding that making the processes of DHARMARAJAN and KADI be integral by having such a generation be performed at the initial computing device of KHAN, further prior art has been provided below for the sake of compact prosecution.

	It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of having a user computing device perform the generation of a payment credential when requested as disclosed by CHITALIA to the teachings of having payment credentials be checked for and requested in order to perform transactions as disclosed by the combination of KHAN, DHARMARAJAN, and KADI by having the initial device of KHAN perform the generation of tokens when requested in order to allow for improved security as well as ease of use for customers.	
	Claims 21 include the structural limitation: “A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a computing device, cause the computing device to implement a credential provisioning application configured to carry out steps that include:…” Such limitations are disclosed by KHAN ([0129], “Moreover, one, some, or all of the processes described with respect to FIGS. 1-14E may each be implemented by software, but may also be implemented in hardware, firmware, or any combination of software, hardware, and firmware. Instructions for performing these processes may also be embodied as machine- or computer-readable code recorded on a machine- or computer-readable medium. In some embodiments, the computer-readable medium may be a non-transitory computer-readable medium.”)
Claims 27 include the structural limitation: “A computing device configured to perform an electronic transaction, the computing device comprising: at least one processor and at least one memory storing instruction that, when executed by the at least one processor cause the computing device to implement a credential provisioning application that performs the steps of: “Such limitations are disclosed by KHAN ([0110-0129], “Processor 102 of electronic device 100 may include any processing circuitry that may be operative to control the operations and performance of one or more components of electronic device 100… Application 103/113/143 may be accessed by processor 102 from any suitable source, such as from memory 104 (e.g., via bus 118) or from another device or server (e.g., via communications component 106). Processor 102 may include a single processor or multiple processors. For example, processor 102 

Regarding Claims 8, 26, 32:
KADI in view of CHITALIA, KHAN, DHARMARAJAN and  further teaches receiving a second payment credential; provisioning the secondpayment credential to produce a second personalized payment credential; and storing the second payment credential to be used for subsequent electronic transactions; ([0075], “For example, when user device 210 requests the authorization token to permit a contactless transaction for a particular account (e.g., a transit account), application server 230 may generate the dynamic card identifier” dynamic card identifier, i.e. token, is generated and provided to a user device for transactions.)
It is noted that this limitation reads on a duplication of parts/processes as it merely repeats the normal processes as disclosed in the independent claims but for a second instance of credentials. Such a duplication of parts/processes in an obvious variation of the independent claim and therefore does not move to distinguish over prior art. In re Harza, 274 F.2d 669, 124 USPQ 378 (CCPA 1960)

Claims 2, 4, 5, 22, 28 are rejected under 35 U.S.C. 103 as being unpatentable over KHAN (US 2015/0095238 A1) in view of DHARMARAJAN (US 7,318,234 B1), KADI (US 2017/0221047 A1), and CHITALIA (US 2017/0278096 A1) as applied above in further view of NEUWIRTH (US 2014/0164241 A1).
Regarding Claims 2, 22, 28:
wherein: the user interface is overlaid on top of a user interface associated with the vendor transaction platform; and the credential is received in response to displaying a prompt that receives a credit card number as an input; ([0058, 0072], “Overlaid content 210 can be in the form of a web page that is displayed overtop of the typical content 200 of the application. As such, when the user inputs data into overlaid field 211, the data is not actually input to the application, but is input to the web page. …For example, if a user accesses a user interface that employs overlaid fields to request a credit card number, and the device already stores a token representing the user's credit card number, the token can be used (after authentication in some cases) to automatically populate an overlaid input field with the credit card number (or a mask of the credit card number). In other words, the overlaid input fields can be displayed in the same manner as described above, but because the device already stores a token for the requested information, the token can be submitted to the server system and used by the server system to populate the overlaid fields with the necessary information.”)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of having overlapping interfaces in which the user is asked to input credentials to be used as disclosed by NEUWIRTH to the teachings of using tokens created from credentials for transactions as disclosed by the combination of KHAN, DHARMARAJAN, KADI, and CHITALIA by having user interfaces be displayed for interaction in order to ensure that the correct information is utilized as desired while allowing for ease of use.


Regarding Claim 4:
NEUWIRTH further teaches wherein the personalized payment credential is stored even when the vendor transaction platform does not support the personalized payment credential. (Paragraph 0058, 0072, “Overlaid content 210 can be in the form of a web page that is displayed overtop of the typical content 200 of the application. As such, when the user inputs data into overlaid field 211, the data is not actually input to the application, but is input to the web page. …For example, if a user accesses a user interface that employs overlaid fields to request a credit card number, and the device already stores a token representing 


Regarding Claim 5:
NEUWIRTH further teaches wherein the personalized payment credential is stored on the computing device locally or on a server computing deice remotely. (Paragraph 0058, 0072, “Overlaid content 210 can be in the form of a web page that is displayed overtop of the typical content 200 of the application. As such, when the user inputs data into overlaid field 211, the data is not actually input to the application, but is input to the web page. …For example, if a user accesses a user interface that employs overlaid fields to request a credit card number, and the device already stores a token representing the user's credit card number, the token can be used (after authentication in some cases) to automatically populate an overlaid input field with the credit card number (or a mask of the credit card number). In other words, the overlaid input fields can be displayed in the same manner as described above, but because the device already stores a token for the requested information, the token can be submitted to the server system and used by the server system to populate the overlaid fields with the necessary information.”)

Claims 3, 23, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over KHAN (US 2015/0095238 A1) in view of DHARMARAJAN (US 7,318,234 B1), KADI (US 2017/0221047 A1), CHITALIA (US 2017/0278096 A1), and NEUWIRTH (US 2014/0164241 A1) as applied above in further view of ELHAMIAS (US 2009/0164681 A1).
Regarding Claims 3, 23, 29:
ELHAMIAS, an analogous art of KHAN and the current application, teaches wherein overlaying the user interface prevents the vendor transaction platform from performing a time-out operation. ([0064-0068], “a) when a complex processing operation is required during a write cycle, writing dummy blocks to avoid 
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of preventing timeouts as disclosed by ELHAMIAS to the teachings of overlaying interfaces for inputting information that may time long amounts of time as disclosed by the combination of KHAN, DHARMARAJAN, KADI, CHITALIA, NEUWIRTH by having the timeouts be prevented as long as the user is active in performing a task such as interacting with the overlaid interface in order to allow for the user to not lose any transaction information while still having ample time to accurately input information. 


Claims 6, 7, 24, 25, 30, 31 are rejected under 35 U.S.C. 103 as being unpatentable over KHAN (US 2015/0095238 A1) in view of DHARMARAJAN (US 7,318,234 B1), KADI (US 2017/0221047 A1), and CHITALIA (US 2017/0278096 A1) as applied above in view of CLAES (US 2016/0191494 A1).

Regarding Claim 6, 24, 30:
CLAES, an analogous art of KHAN and the current applications, teaches transmitting a personalization request for the credential to a financial institution that issued the credential; and receiving from the financial institution, a personalization script generated that is based on the personalization request. (Paragraph 0036, “In some embodiments the authentication server may be adapted to obtain the value of a dynamic credential that may have been generated by a hardware token of the user and that the software token may have used to personalize the secret cryptographic key of the software token, and the authentication server may use the obtained dynamic credential value to determine or derive the personalized value of the secret cryptographic key of the software token.” Dynamic information may be used to personalize credentials.)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of using a personalization of a token as disclosed by CLAES to the teachings of 

Regarding Claim 7, 25, 31:
CLAES further teaches encrypting the personalization script using a secure element of the computing device to produce and encrypted personalization script; and storing the encrypted personalization script on the computing device as the personalized credential. ([0036, 0085, 0143-0145], “In some embodiments the authentication server may be adapted to obtain the value of a dynamic credential that may have been generated by a hardware token of the user and that the software token may have used to personalize the secret cryptographic key of the software token, and the authentication server may use the obtained dynamic credential value to determine or derive the personalized value of the secret cryptographic key of the software token… encrypting the first personalization seed using a first encryption key that is associated with and unique for the authentication token, and including the encrypted first personalization seed in the first personalization initiation message; ” various information may be used to personalize tokens and may be further encrypted for security.)


Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Erikson (US 2009/0063345 A1) further teaches entering information for a token.
Laxminarayanan (US 2016/0119296 A1) further teaches the sending of a token to a user device.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHANN Y CHOO whose telephone number is (571)270-0453. The examiner can normally be reached 7-4.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick MacAtee can be reached on (571) 272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit 





/JOHANN Y CHOO/Primary Examiner, Art Unit 3685                                                                                                                                                                                                        01/11/2022