DETAILED ACTION
The following is a Final Office action in response to applicants’ amendment and remarks filed on 01/03/2022.  Claims 1, 2, 5, 8, 9, 12, 15, 16, and 19 have been amended.  Therefore, Claims 1-21 are currently pending and have been considered as follows.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
In view of applicants’ amendment to Claims 2, 8, 9, 15, and 16, the prior 35 U.S.C. 112(b) rejection of Claims 2, 8, 9, 15, and 16 is withdrawn.
In view of applicants’ amendment to Claim 15, the claim interpretation under 35 U.S.C. 112(f) is hereby withdrawn.  Therefore, amended Claim 15 does not invoke 35 U.S.C. 112(f).
Applicants’ amendment of independent Claims 1, 8, and 15 has changed the scope of the claimed invention.  Therefore, applicants’ remarks filed 01/03/2022 have been fully considered but are moot because the amendment has necessitated new ground(s) of rejection where applicants’ arguments do not apply to the updated reference(s) for any teaching or matter specifically challenged in the argument.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/26/2021 has been placed in the application file, and the information referred therein has been considered as to the merits.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 15-21 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to non-statutory subject matter.
the processor” could include entirely software embodiments (e.g. virtual processor (vCPU), software engine) in light of applicants’ specification which does not expressly limit the scope of the definition to include only hardware embodiments (i.e. CPU, physical processor, hardware processor, or microprocessor).  The system of Claim 15 fails to limit applicants’ invention to only that which is tied to a particular machine or hardware and results in a claim which could constitute entirely software per se.  Therefore, Claim 15 is rejected under 35 U.S.C. § 101 for reciting non-patentable subject matter.
As to Claims 16-21 which depend upon the system of Claim 15, they do not recite nor impart any further limitations that would bring them in compliance under 35 U.S.C. §101 as statutory subject matter.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 15 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
Claim 15 recites the limitation "the processor" in line 3.  There is insufficient antecedent basis for this limitation in the claim.  It is further unclear whether “the processor” is actually a part of the system of Claim 15.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-21 are rejected under 35 U.S.C. 103 as being unpatentable over Sheets (US 20140372308 A1) in view of Winner et al. (US 20160065541 A1, IDS submitted 05/14/2021, hereinafter Winner).
As to Amended Claim 1:
Sheets discloses a method, implemented on a machine having at least one processor, storage, and a communication platform for secure data management by a service provider (e.g. Sheets “A transaction processing system 100 may include a consumer 102, a mobile communication device 104, an access device 106, a merchant computer 108, an acquirer computer 110, a payment processing network computer 112, an issuer computer 114 and a telecommunications network 116” [0040]; “An exemplary flow for completing a payment transaction, according to embodiments of the present invention is discussed with reference to FIG. 1. Before the transaction begins, the consumer 102 may select goods or services to purchase at a merchant location” [0051]-[0068]), comprising:
receiving, from a user via the communication platform, a request for carrying out a transaction with the user (e.g. Sheets consumer may operate the mobile communication device to initiate a transaction at the access device [0041]; consumer may select goods or services to purchase at a merchant location [0051]; consumer reads the merchant token at their mobile communication device [0056]);
determining, based on the transaction, one or more data items, associated with the user, that need to be validated prior to the transaction (e.g. Sheets “At step 3, the mobile communication device 104 may decode the machine readable code received from the access device 106 and display the transaction details to the consumer 102. The mobile communication device 104 may prompt the consumer 102 for authorization to submit the transaction for processing. For example, the mobile communication device 104 may prompt the consumer 102 to provide an authentication token. The consumer 102 may then provide authorization by providing an authentication token. The authentication token may be in the form of a biometric identifier such as voice, fingerprint, iris, facial expression, hand geometry, etc., a passcode, a password, a personal identification number (PIN), etc” [0057]);
sending, to the user via the communication platform, a request seeking to validate the one or more data items (e.g. Sheets prompting the consumer for authorization to submit the transaction for processing by prompting consumer to provide an authentication token [0057]; prompting the consumer to read a word, alphanumeric string, statement for a sample of the user’s voice [0058]);
receiving, from the user via the communication platform, a cloaked identifier with information related to a trusted party (e.g. Sheets consumer provides authorization by providing authentication token [0057] or consumer can authorize the transaction by stating a requested statement, providing voice sample [0058]; consumer interacts with the mobile communication device to indicate transaction details are correct [0061]; consumer further scans with their mobile communication device to obtain merchant token/pay-me token [0044]-[0046]);
sending, to the trusted party via the communication platform, the cloaked identifier with a request for a validation response (e.g. Sheets sending transaction request message comprising merchant token, device identifier or consumer primary account number, and authentication token to the payment processing network computer from the mobile communication device which generates the message [0059]; [0060]);
receiving, from the trusted party via the communication platform, the validation response indicative of whether the one or more data items are validated (e.g. Sheets payment processing network computer may verify that the authentication token is associated with the device identifier, for example retrieve one or more authentication samples stored in authentication database for comparison and provide a pass or fail response [0062]; receiving authorization response message at the mobile communication device from the payment processing network computer to inform the parties as to whether the transaction is approved or declined [0067]); and 
proceeding with the transaction if the validation response indicates that the one or more data items are validated (e.g. Sheets “At the end of the day, the transaction can be cleared and settled between the acquirer computer 110 and the issuer computer 114 by the payment processing network 112. Funds may be transferred from the issuer computer to the merchant computer 108 during the settlement process. In a clearing process, clearing messages are sent between the acquirer computer 110, the payment processing network 12, and the issuer computer 114 to facilitate settlement. In some cases, AFT (account funding transaction) or OCT (original credit transaction) messages may be used to debit and credit the appropriate accounts” [0068]);
But Sheets does not specifically disclose:
wherein the cloaked identifier cloaks private information of the user.
However, the analogous art Winner does disclose wherein the cloaked identifier cloaks private information of the user (e.g. Winner anonymous identifier is a one-way hash of some of the user’s PII combined with permissions information Winner [0065]).  Sheets and Winner are analogous art because they are from the same field of endeavor in non-disclosure of user information in transactions.
(e.g. see Winner, “create the anonymous identifier by, e.g., a random character generator, a one-way hash of some of the user's PII, a one-way hash of some of the user's PII combined with information identifying the third-party application 115 and/or the third-party system 105, one-way hash of some or all of the permissions information, some other technique to create a stable identifier, or some combination thereof” [0065]; “Permissions information is the information received from the permissions UI that controls what, if any, of the user's PII may be shared with the third-party application 115 and/or the third-party application 105. Permissions information may include, e.g., a user's login information (e.g., user ID, password, etc.) for the online system 140; identify what, if any, personally identifiable information (PIT) of the user may be shared with the third-party application 115 and/or the third-party system 105; identify a login persona, identify an alternate login methodology (e.g., validated login option), or some combination thereof” [0022]; [0072]).
Sheets and Winner before him or her, to modify the invention of Sheets with the teachings of Winner to include wherein the cloaked identifier cloaks private information of the user as claimed because Sheets provides a system and method for transaction processing using tokens (Sheets [Abstract]-[0068]) which may be anonymous identifiers that are one-way hashes of a combination of user PII and permissions information (Winner [0022]; [0065]; [0072]).  The suggestion/motivation for doing so would have been to allow for a graduated approach to what, if any, of the user's PII is provided to the third-party application and/or third-party system (Winner [0004]).  Therefore, it would have been obvious to combine Sheets and Winner to obtain the invention as specified in the instant claim(s).
As to Amended Claim 2:
Sheets in view of Winner discloses the method of claim 1, wherein the trusted party includes one of a trusted entity that is in possession of the one or more data items (e.g. Sheets “the consumer 102 may register one or more authentication tokens in an authentication payment program associated with a payment processing network. For example, the consumer 102 may provide one or more biometric samples such as voice, fingerprints, iris, face, signature, hand geometry, etc. to the payment processing network computer 112 by operating the mobile communication device 104” [0042]; “the payment processing network computer 112 may store authentication tokens for a plurality of consumers in an authentication token database (not shown), e.g. via a registration process. For example, one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]) and a transaction engine that is to interface with the trusted entity on behalf of a record owner to seek validation of the one or more data items.
As to Claim 3:
Sheets in view of Winner discloses the method of claim 1, wherein the cloaked identifier is sent to the trusted party with information surrounding the request for the validation response to provide contextual information (e.g. Sheets “At step 4, a transaction request message may be generated by the mobile communication device 104 and may be sent to the payment processing network computer 112 through the telecommunications network 116. The mobile communication device 104 may generate a transaction request message comprising the merchant token, a device identifier or consumer primary account number, and an authentication token” [0059]; “the payment processing network computer 112 may determine an issuer and a consumer account associated with the device identifier if the device identifier is present in the transaction request message and the consumer account identifier is not in the transaction request message” [0064]).
As to Claim 4:
Sheets in view of Winner discloses the method of claim 3, wherein the information surrounding the request for the validation response includes at least one
date/time at which the request for the validation response is sent (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]);
geographical location where the request for the validation response is initiated (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]); 
an inquiry directed to each of the one or more data items which is the basis of the validation response; and
a response type associated with the inquiry for each of the one or more data items
As to Amended Claim 5:
Sheets in view of Winner discloses the method of claim 3, wherein the cloaked identifier includes at least some access limitation which is to be satisfied before an access to at least one of the one or more data items is permitted (e.g. Winner anonymous identifier is a one-way hash of some or all of the permissions information [0065] that controls what, if any, of the user’s PII may be shared with the third-party system [0022]; Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “Alternatively, or additionally, the consumer 102 may provide a password, a passcode or a PIN using a keypad or a touch screen interface of the mobile communication device 104” [0058]; “before sending the transaction request message, the consumer 102 may further be prompted for confirmation that they would like to initiate a transaction. For example, the consumer 102 can press a submit button or otherwise interact with the mobile communication device 104 to indicate that the transaction details are correct and the transaction can be initiated” [0061]).  The Examiner supplies the same rationale for the combination of references Sheets and Winner as in Claim 1 above.
As to Claim 6:
Sheets in view of Winner discloses the method of claim 5, wherein the information surrounding the request for the validation response is to be used to assess whether the at least some access limitation is satisfied (e.g. Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “a transaction request message may include a merchant token, a mobile communication device identifier or consumer account number (which may be a real account number or a pseudo PAN, which is a PAN that is linked to the real account number but is not the real account number), and an authentication token. For example, a merchant token may include a merchant account identifier, a mobile communication device identifier may include a phone number and an authentication token may include a voice input of a consumer initiating the transaction request” [0035]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “The payment processing network computer 112 may receive the transaction request message from the mobile communication device 104 and may begin processing the transaction. In some embodiments, the payment processing network computer 112 may verify that the authentication token is associated with the device identifier. For example, based on the device identifier, the payment processing network computer 112 may retrieve one or more authentication samples stored in an authentication database for comparison” [0062]).
As to Claim 7:
Sheets in view of Winner discloses the method of claim 1, wherein the cloaked identifier comprises at least one of:
a record owner identifier comprising a string of pseudo-random characters that is ephemeral; and
a contextual identity comprising one or more parameters related to the transaction (e.g. Sheets “An "authentication token" may include any suitable information that can authenticate a consumer. In some embodiments, the authentication token may be provided by the consumer to authenticate for a transaction using a mobile communication device, e.g., to validate if the consumer is the authorized user of the mobile communication device. In some embodiments, an authentication token may include a biometric identifier associated with the consumer such as voice, fingerprints, iris, face, signature, hand geometry, etc. In some embodiments, the consumer may register one or more authentication tokens with a server computer that may store these authentication tokens to authenticate the consumer for future transactions” [0034]).
As to Amended Claim 8:
Sheets discloses Machine readable non-transitory medium having information recorded thereon (e.g. Sheets “computer readable medium (CRM) 402 may comprise code executable by the processor 400 for implementing methods using embodiments of the invention” [0087]) for secure data management by a service provider (e.g. Sheets [0040]), wherein the information, when read by a machine (e.g. Sheets “processing elements that may be configured to execute instructions or code in order to implement methods, processes or operations. The processor 400 may be communicatively coupled to a computer readable medium 402” [0086]), causes the machine to perform the following:
receiving, from a user, a request for carrying out a transaction with the user (e.g. Sheets consumer may operate the mobile communication device to initiate a transaction at the access device [0041]; consumer may select goods or services to purchase at a merchant location [0051]; consumer reads the merchant token at their mobile communication device [0056])
determining, based on the transaction, one or more data items, associated with the user, that need to be validated prior to the transaction (e.g. Sheets “At step 3, the mobile communication device 104 may decode the machine readable code received from the access device 106 and display the transaction details to the consumer 102. The mobile communication device 104 may prompt the consumer 102 for authorization to submit the transaction for processing. For example, the mobile communication device 104 may prompt the consumer 102 to provide an authentication token. The consumer 102 may then provide authorization by providing an authentication token. The authentication token may be in the form of a biometric identifier such as voice, fingerprint, iris, facial expression, hand geometry, etc., a passcode, a password, a personal identification number (PIN), etc” [0057]);
sending, to the user, a request seeking to validate the one or more data items (e.g. Sheets prompting the consumer for authorization to submit the transaction for processing by prompting consumer to provide an authentication token [0057]; prompting the consumer to read a word, alphanumeric string, statement for a sample of the user’s voice [0058]); 
receiving, from the user, a cloaked identifier with information related to a trusted party (e.g. Sheets consumer provides authorization by providing authentication token [0057] or consumer can authorize the transaction by stating a requested statement, providing voice sample [0058]; consumer interacts with the mobile communication device to indicate transaction details are correct [0061]; consumer further scans with their mobile communication device to obtain merchant token/pay-me token [0044]-[0046]);
sending, to the trusted party, the cloaked identifier with a request for a validation response (e.g. Sheets sending transaction request message comprising merchant token, device identifier or consumer primary account number, and authentication token to the payment processing network computer from the mobile communication device which generates the message [0059]; [0060]);
receiving, from the trusted party, the validation response indicative of whether the one or more data items are validated (e.g. Sheets payment processing network computer may verify that the authentication token is associated with the device identifier, for example retrieve one or more authentication samples stored in authentication database for comparison and provide a pass or fail response [0062]; receiving authorization response message at the mobile communication device from the payment processing network computer to inform the parties as to whether the transaction is approved or declined [0067]); and
proceeding with the transaction if the validation response indicates that the one or more data items are validated (e.g. Sheets “At the end of the day, the transaction can be cleared and settled between the acquirer computer 110 and the issuer computer 114 by the payment processing network 112. Funds may be transferred from the issuer computer to the merchant computer 108 during the settlement process. In a clearing process, clearing messages are sent between the acquirer computer 110, the payment processing network 12, and the issuer computer 114 to facilitate settlement. In some cases, AFT (account funding transaction) or OCT (original credit transaction) messages may be used to debit and credit the appropriate accounts” [0068]);
But Sheets does not specifically disclose:
wherein the cloaked identifier cloaks private information of the user.
However, the analogous art Winner does disclose wherein the cloaked identifier cloaks private information of the user (e.g. Winner anonymous identifier is a one-way hash of some of the user’s PII combined with permissions information Winner [0065]).  Sheets and Winner are analogous art because they are from the same field of endeavor in non-disclosure of user information in transactions.
(e.g. see Winner, “create the anonymous identifier by, e.g., a random character generator, a one-way hash of some of the user's PII, a one-way hash of some of the user's PII combined with information identifying the third-party application 115 and/or the third-party system 105, one-way hash of some or all of the permissions information, some other technique to create a stable identifier, or some combination thereof” [0065]; “Permissions information is the information received from the permissions UI that controls what, if any, of the user's PII may be shared with the third-party application 115 and/or the third-party application 105. Permissions information may include, e.g., a user's login information (e.g., user ID, password, etc.) for the online system 140; identify what, if any, [0022]; [0072]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Sheets and Winner before him or her, to modify the invention of Sheets with the teachings of Winner to include wherein the cloaked identifier cloaks private information of the user as claimed because Sheets provides a system and method for transaction processing using tokens (Sheets [Abstract]-[0068]) which may be anonymous identifiers that are one-way hashes of a combination of user PII and permissions information (Winner [0022]; [0065]; [0072]).  The suggestion/motivation for doing so would have been to allow for a graduated approach to what, if any, of the user's PII is provided to the third-party application and/or third-party system (Winner [0004]).  Therefore, it would have been obvious to combine Sheets and Winner to obtain the invention as specified in the instant claim(s).


As to Amended Claim 9:
Sheets in view of Winner discloses the medium of claim 8, wherein the trusted party includes one of a trusted entity that is in possession of the one or more data items (e.g. Sheets “the consumer 102 may register one or more authentication tokens in an authentication payment program associated with a payment processing network. For example, the consumer 102 may provide one or more biometric samples such as voice, fingerprints, iris, face, signature, hand geometry, etc. to the payment processing network computer 112 by operating the mobile communication device 104” [0042]; “the payment processing network computer 112 may store authentication tokens for a plurality of consumers in an authentication token database (not shown), e.g. via a registration process. For example, one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]) and a transaction engine that is to interface with the trusted entity on behalf of a record owner to seek validation of the one or more data items.
As to Claim 10:
Sheets in view of Winner discloses the medium of claim 8, wherein the cloaked identifier is sent to the trusted party with information surrounding the request for the validation response to provide contextual information (e.g. Sheets “At step 4, a transaction request message may be generated by the mobile communication device 104 and may be sent to the payment processing network computer 112 through the telecommunications network 116. The mobile communication device 104 may generate a transaction request message comprising the merchant token, a device identifier or consumer primary account number, and an authentication token” [0059]; “the payment processing network computer 112 may determine an issuer and a consumer account associated with the device identifier if the device identifier is present in the transaction request message and the consumer account identifier is not in the transaction request message” [0064]).
As to Claim 11:
Sheets in view of Winner discloses the medium of claim 10, wherein the information surrounding the request for the validation response includes at least one of:
date/time at which the request for the validation response is sent (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]);
geographical location where the request for the validation response is initiated (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]); 
an inquiry directed to each of the one or more data items which is the basis of the validation response; and
a response type associated with the inquiry for each of the one or more data items.

As to Amended Claim 12:
Sheets in view of Winner discloses the medium of claim 11, wherein the cloaked identifier includes at least some access limitation which is to be satisfied before an access to at least one of the one or more data items is permitted (e.g. Winner anonymous identifier is a one-way hash of some or all of the permissions information [0065] that controls what, if any, of the user’s PII may be shared with the third-party system [0022]; Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “Alternatively, or additionally, the consumer 102 may provide a password, a passcode or a PIN using a keypad or a touch screen interface of the mobile communication device 104” [0058]; “before sending the transaction request message, the consumer 102 may further be prompted for confirmation that they would like to initiate a transaction. For example, the consumer 102 can press a submit button or otherwise interact with the mobile communication device 104 to indicate that the transaction details are correct and the transaction can be initiated” [0061]).  The Examiner supplies the same rationale for the combination of references Sheets and Winner as in Claim 8 above.

As to Claim 13:
Sheets in view of Winner discloses the method of claim 12, wherein the information surrounding the request for the validation response is to be used to assess whether the at least some access limitation is satisfied (e.g. Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “a transaction request message may include a merchant token, a mobile communication device identifier or consumer account number (which may be a real account number or a pseudo PAN, which is a PAN that is linked to the real account number but is not the real account number), and an authentication token. For example, a merchant token may include a merchant account identifier, a mobile communication device identifier may include a phone number and an authentication token may include a voice input of a consumer initiating the transaction request” [0035]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “The payment processing network computer 112 may receive the transaction request message from the mobile communication device 104 and may begin processing the transaction. In some embodiments, the payment processing network computer 112 may verify that the authentication token is associated with the device identifier. For example, based on the device identifier, the payment processing network computer 112 may retrieve one or more authentication samples stored in an authentication database for comparison” [0062]).
As to Claim 14:
Sheets in view of Winner discloses the medium of claim 8, wherein the cloaked identifier comprises at least one of:
a record owner identifier comprising a string of pseudo-random characters that is ephemeral; and
a contextual identity comprising one or more parameters related to the transaction (e.g. Sheets “An "authentication token" may include any suitable information that can authenticate a consumer. In some embodiments, the authentication token may be provided by the consumer to authenticate for a transaction using a mobile communication device, e.g., to validate if the consumer is the authorized user of the mobile communication device. In some embodiments, an authentication token may include a biometric identifier associated with the consumer such as voice, fingerprints, iris, face, signature, hand geometry, etc. In some embodiments, the consumer may register one or more authentication tokens with a server computer that may store these authentication tokens to authenticate the consumer for future transactions” [0034]).
As to Amended Claim 15:
Sheets discloses a system for secure data management by a service provider (e.g. Sheets “A transaction processing system 100 may include a consumer 102, a mobile communication device 104, an access device 106, a merchant computer 108, an acquirer computer 110, a payment processing network computer 112, an issuer computer 114 and a telecommunications network 116” [0040]; “An exemplary flow for completing a payment transaction, according to embodiments of the present invention is discussed with reference to FIG. 1. Before the transaction begins, the consumer 102 may select goods or services to purchase at a merchant location” [0051]-[0068]), comprising:
a transaction interface unit implemented by the processor and (e.g. Sheets element/subsystem/component [0120]; implemented to be executed by a processor [0124]) configured for receiving, from a user via a communication (e.g. Sheets consumer may operate the mobile communication device to initiate a transaction at the access device [0041]; consumer may select goods or services to purchase at a merchant location [0051]; consumer reads the merchant token at their mobile communication device [0056]);
a validation information determiner implemented by the processor and (e.g. Sheets element/subsystem/component [0120]; implemented to be executed by a processor [0124]) configured for determining, based on the transaction, one or more data items, associated with the user, that need to be validated prior to the transaction (e.g. Sheets “At step 3, the mobile communication device 104 may decode the machine readable code received from the access device 106 and display the transaction details to the consumer 102. The mobile communication device 104 may prompt the consumer 102 for authorization to submit the transaction for processing. For example, the mobile communication device 104 may prompt the consumer 102 to provide an authentication token. The consumer 102 may then provide authorization by providing an authentication token. The authentication token may be in the form of a biometric identifier such as voice, fingerprint, iris, facial expression, hand geometry, etc., a passcode, a password, a personal identification number (PIN), etc” [0057]);
a validation information solicitor implemented by the processor and (e.g. Sheets element/subsystem/component [0120]; implemented to be executed by a processor [0124]) configured for sending, to the user, a request seeking to (e.g. Sheets prompting the consumer for authorization to submit the transaction for processing by prompting consumer to provide an authentication token [0057]; prompting the consumer to read a word, alphanumeric string, statement for a sample of the user’s voice [0058]), and receiving, from the user, a cloaked identifier with information related to a trusted party (e.g. Sheets consumer provides authorization by providing authentication token [0057] or consumer can authorize the transaction by stating a requested statement, providing voice sample [0058]; consumer interacts with the mobile communication device to indicate transaction details are correct [0061]; consumer further scans with their mobile communication device to obtain merchant token/pay-me token [0044]-[0046]);
a validation response solicitor (e.g. Sheets element/subsystem/component [0120]; [0124]) configured for sending, to the trusted party, the cloaked identifier with a request for a validation response (e.g. Sheets sending transaction request message comprising merchant token, device identifier or consumer primary account number, and authentication token to the payment processing network computer from the mobile communication device which generates the message [0059]; [0060]), and receiving, from the trusted party, the validation response indicative of whether the one or more data items are validated (e.g. Sheets payment processing network computer may verify that the authentication token is associated with the device identifier, for example retrieve one or more authentication samples stored in authentication database for comparison and provide a pass or fail response [0062]; receiving authorization response message at the mobile communication device from the payment processing network computer to inform the parties as to whether the transaction is approved or declined [0067]); and
a transaction service module implemented by the processor and (e.g. Sheets element/subsystem/component [0120]; implemented to be executed by a processor [0124]) configured for proceeding with the transaction if the validation response indicates that the one or more data items are validated (e.g. Sheets “At the end of the day, the transaction can be cleared and settled between the acquirer computer 110 and the issuer computer 114 by the payment processing network 112. Funds may be transferred from the issuer computer to the merchant computer 108 during the settlement process. In a clearing process, clearing messages are sent between the acquirer computer 110, the payment processing network 12, and the issuer computer 114 to facilitate settlement. In some cases, AFT (account funding transaction) or OCT (original credit transaction) messages may be used to debit and credit the appropriate accounts” [0068]);
But Sheets does not specifically disclose:
wherein the cloaked identifier cloaks private information of the user.
However, the analogous art Winner does disclose wherein the cloaked identifier cloaks private information of the user (e.g. Winner anonymous identifier is a one-way hash of some of the user’s PII combined with permissions information Winner [0065]).  Sheets and Winner are analogous art because they are from the same field of endeavor in non-disclosure of user information in transactions.
(e.g. see Winner, “create the anonymous identifier by, e.g., a random character generator, a one-way hash of some of the user's PII, a one-way hash of some of the user's PII combined with information identifying the third-party application 115 and/or the third-party system 105, one-way hash of some or all of the permissions information, some other technique to create a stable identifier, or some combination thereof” [0065]; “Permissions information is the information received from the permissions UI that controls what, if any, of the user's PII may be shared with the third-party application 115 and/or the third-party application 105. Permissions information may include, e.g., a user's login information (e.g., user ID, password, etc.) for the online system 140; identify what, if any, personally identifiable information (PIT) of the user may be shared with the third-party application 115 and/or the third-party system 105; identify a login persona, identify an alternate login methodology (e.g., validated login option), or some combination thereof” [0022]; [0072]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Sheets and Winner before him or her, to modify the invention of Sheets with the teachings of Winner to include wherein the cloaked identifier cloaks private information of the user as claimed because Sheets provides a system and method for transaction processing using tokens (Sheets [Abstract]-[0068]) which may be anonymous identifiers that are one-way hashes of a combination of user PII and permissions information (Winner [0022]; [0065]; [0072]).  The suggestion/motivation for doing so would have been to allow for a graduated approach to what, if any, of the user's PII is provided to the third-party application and/or third-party system (Winner [0004]).  Therefore, it would have been obvious to combine Sheets and Winner to obtain the invention as specified in the instant claim(s).
As to Amended Claim 16:
Sheets in view of Winner discloses the system of claim 15, wherein the trusted party includes one of a trusted entity that is in possession of the one or more data items (e.g. Sheets “the consumer 102 may register one or more authentication tokens in an authentication payment program associated with a payment processing network. For example, the consumer 102 may provide one or more biometric samples such as voice, fingerprints, iris, face, signature, hand geometry, etc. to the payment processing network computer 112 by operating the mobile communication device 104” [0042]; “the payment processing network computer 112 may store authentication tokens for a plurality of consumers in an authentication token database (not shown), e.g. via a registration process. For example, one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]) and a transaction engine that is to interface with the trusted entity on behalf of a record owner to seek validation of the one or more data items.
As to Claim 17:
Sheets in view of Winner discloses the system of claim 15, wherein the cloaked identifier is sent to the trusted party with information surrounding the request for the validation response to provide contextual information (e.g. Sheets “At step 4, a transaction request message may be generated by the mobile communication device 104 and may be sent to the payment processing network computer 112 through the telecommunications network 116. The mobile communication device 104 may generate a transaction request message comprising the merchant token, a device identifier or consumer primary account number, and an authentication token” [0059]; “the payment processing network computer 112 may determine an issuer and a consumer account associated with the device identifier if the device identifier is present in the transaction request message and the consumer account identifier is not in the transaction request message” [0064]).


As to Claim 18:
Sheets in view of Winner discloses the system of claim 17, wherein the information surrounding the request for the validation response includes at least one of:
date/time at which the request for the validation response is sent (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]);
geographical location where the request for the validation response is initiated (e.g. Sheets “a merchant token may also include transaction data, for example, a transaction amount, a timestamp, a location of the transaction, product codes, etc” [0028]); 
an inquiry directed to each of the one or more data items which is the basis of the validation response; and
a response type associated with the inquiry for each of the one or more data items.
As to Amended Claim 19:
Sheets in view of Winner discloses the system of claim 17, wherein the cloaked identifier includes at least some access limitation which is to be satisfied before an access to at least one of the one or more data items is permitted (e.g. Winner anonymous identifier is a one-way hash of some or all of the permissions information [0065] that controls what, if any, of the user’s PII may be shared with the third-party system [0022]; Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “Alternatively, or additionally, the consumer 102 may provide a password, a passcode or a PIN using a keypad or a touch screen interface of the mobile communication device 104” [0058]; “before sending the transaction request message, the consumer 102 may further be prompted for confirmation that they would like to initiate a transaction. For example, the consumer 102 can press a submit button or otherwise interact with the mobile communication device 104 to indicate that the transaction details are correct and the transaction can be initiated” [0061]).  The Examiner supplies the same rationale for the combination of references Sheets and Winner as in Claim 15 above.
As to Claim 20:
Sheets in view of Winner discloses the system of claim 19, wherein the information surrounding the request for the validation response is to be used to assess whether the at least some access limitation is satisfied (e.g. Sheets device identifier from transaction request message [0035] is needed to verify the associated authentication token in the authentication token database in order to access it for comparison [0062]; “a transaction request message may include a merchant token, a mobile communication device identifier or consumer account number (which may be a real account number or a pseudo PAN, which is a PAN that is linked to the real account number but is not the real account number), and an authentication token. For example, a merchant token may include a merchant account identifier, a mobile communication device identifier may include a phone number and an authentication token may include a voice input of a consumer initiating the transaction request” [0035]; “one or more authentication tokens for each consumer may be stored in the authentication token database based on a device identifier and/or an account identifier (e.g., a primary account number (PAN)) associated with the consumer during an enrollment or registration process” [0049]; “The payment processing network computer 112 may receive the transaction request message from the mobile communication device 104 and may begin processing the transaction. In some embodiments, the payment processing network computer 112 may verify that the authentication token is associated with the device identifier. For example, based on the device identifier, the payment processing network computer 112 may retrieve one or more authentication samples stored in an authentication database for comparison” [0062]).
As to Claim 21:
Sheets in view of Winner discloses the system of claim 15, wherein the cloaked identifier comprises at least one of:
a record owner identifier comprising a string of pseudo-random characters that is ephemeral; and
a contextual identity comprising one or more parameters related to the transaction (e.g. Sheets “An "authentication token" may include any suitable information that can authenticate a consumer. In some embodiments, the authentication token may be provided by the consumer to authenticate for a transaction using a mobile communication device, e.g., to validate if the consumer is the authorized user of the mobile communication device. In some embodiments, an authentication token may include a biometric identifier associated with the consumer such as voice, fingerprints, iris, face, signature, hand geometry, etc. In some embodiments, the consumer may register one or more authentication tokens with a server computer that may store these authentication tokens to authenticate the consumer for future transactions” [0034]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Newbould et al. (US 20070055666 A1) is cited for user-defined access controls in respect of a user's stored profile data.
Pasdar (US 20140115715 A1) is cited for anonymization of information capable of identifying an originator accessing the services.
Narayanan et al. (US 20180091538 A1) is cited for user-anonymous suspension tokens which may be associated with a particular user of a device.
Applicants’ amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530. The examiner can normally be reached Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

02.01.2022