DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the America Invents Act (“AIA ”).
Information Disclosure Statement
The information disclosure statement (IDS) submitted on December 8, 2021 is in compliance with 37 CFR 1.97 and thus has been considered by the Examiner.
                                                              Status of Claims
A “REPLY AND AMENDMENT UNDER 37 C.F.R. 1.111 AND PETITION FOR EXTENSION OF TIME” was filed on January 31, 2022 (“Amendment”) in response to the Non-Final Office Action dated September 30, 2021, where claims 1, 4, 9 & 12 were amended, claims 2 & 10 were cancelled, and claims 5, 7-8, 13 & 15-16 were previously presented. The current claims, as they stand, from the Amendment have been accepted and entered, and then the below Examiner’s amendment were made to claims 1, 5-6, 9 & 13-14. Thus, claims 1, 3-9 & 11-16 are pending, have been examined and have been accordingly determined to be allowable due to the reasons set forth below.
Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicants, an amendment must be filed as provided by 37 C.F.R. § 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicants’ Representative, Jennifer A. Wilson (Reg. No. 62,604) on Tuesday, February 15, 2022. The below claims 1, 5-6, 9 & 13-14 of the application have been amended as follows:
IN THE CLAIMS:
1. (Currently Amended) A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device, comprising: 
Installing, by the COTS device, a secure application program thereon, said secure application program being configured to communicate with a back-end system;
storing, in a memory of the COTS device, the secure application program and one or more cryptographic keys, where the one or more cryptographic keys are accessible using the secure application program and inaccessible by any other application program or component in the COTS device; 
monitoring, by the secure application program in the COTS device, for an interruption event in the COTS device;
establishing, by the secure application program in the COTS device, a secure communication channel with the back-end system  where an attestation is performed upon establishing the secure communication channel, wherein (i) said secure communication channel is not accessible by the any other application program or component in the COTS device, and (ii) any attempted use of the secure communication channel by the any other application program or component in the COTS device detected by said monitoring is interpreted as the interruption event, resulting in immediate termination of the instance of the secure application program and the secure communication channel;

transmitting, by the near field communication interface of the COTS device, the payment credentials to the secure application program, wherein the near field communication interface is prohibited from conveying the payment credentials to the any other application program or component in the COTS device;
responsive to receiving, by the secure application program in the COTS device, the payment credentials from the near field communication interface, transmitting, by the secure application program in the COTS device, establishing data toward the back-end system via the secure communication channel with the back-end system;
responsive to establishing the secure channel with the back-end system:
	exchanging, by the secure application program in the COTS device, attestation data with the back-end system using the secure communication channel;
	enciphering, by the secure application program [[of]] in the COTS device, the payment credentials received by the near field communication interface of the COTS device using the one or more cryptographic keys stored in the memory of the COTS device; and
transmitting, by the secure application [[of]] in the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

5. (Currently Amended) The method of claim 4, wherein the interruption event is at least one of: loss of focus of the secure application program, pausing of the secure application program, screen capture of the COTS device, interaction with the near field communication interface of [[;]], and activation of a sensor in the COTS device. 

6. (Currently Amended) The method of claim 1, further comprising:
storing, in the memory of the COTS device, an audit log for the secure application program; and
updating, by the secure application program [[of]] in the COTS device, the audit log for the establishing, exchanging, transmitting, and enciphering steps.  

9. (Currently Amended) A system for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device, comprising: 
a back-end system; and 
the COTS device, where the COTS device includes a memory and a near field communication interface and installs a secure application program thereon, said secure application program being configured to communicate with the back-end system, wherein
	the memory of COTS device stores the secure application program and one or more cryptographic keys, where the one or more cryptographic keys are accessible using the secure application program and inaccessible by any other application program or component in the COTS device[[,];
	the secure application program in the COTS device
		monitors for an interruption event in the COTS device, and
		establishes a secure communication channel with the back-end system where an attestation is performed upon establishing the secure communication channel, device detected by said monitoring is interpreted as the interruption event, resulting in immediate termination of the instance of the secure application program and the secure communication channel;
	the near field communication interface of the COTS device
		receives payment credentials from a payment card positioned within a predetermined distance of the COTS device, and
		transmits the payment credentials to the secure application program, wherein the near field communication interface is prohibited from conveying the payment credentials to the any other application program or component in the COTS device[[,]]; and
	the secure application program in the COTS device
		responsive to receiving the payment credentials from the near field communication interface, transmits establishing data toward the back-end system via the secure communication channel with the back-end system, and
		responsive to establishing the secure channel with the back-end system:
			exchanges attestation data with the back-end system using the secure communication channel,
			enciphers the payment credentials received by the near field communication interface of the COTS device using the one or more cryptographic keys stored in the memory of the COTS device, and


13. (Currently Amended) The system of claim 12, wherein the interruption event is at least one of: loss of focus of the secure application program, pausing of the secure application program, screen capture of the COTS device, interaction with the near field communication interface of the COTS device by the any other application program or component in the COTS device[[;]], and activation of a sensor in the COTS device.

14. (Currently Amended) The system of claim 9, wherein 
the memory of the COTS device stores an audit log for the secure application program, and
the secure application program [[of]] in the COTS device updates the audit log for the establishing, exchanging, transmitting, and enciphering steps.

Reasons for Allowance
Claims 1, 3-9 & 11-16 are allowable over 35 U.S.C. 101. 
The following is the Examiner’s statement of reasons for patent eligibility of claims 1, 3-9 & 11-16 under 35 U.S.C. 101:
The arguments made on pages 9-18, in particular on pages 13-17, of the Amendment are persuasive. The claims also present themselves as a practical application of the abstract idea of methods of organizing human activity because they describe an improvement to several technological fields involving communications of sensitive data using particular hardware and software as well as security precautions such as cryptography.
These technological fields include the utilization of secure communication channels and near field communication interfaces, as well as the use of cryptographic keys for enciphering credentials communicated via such near field communication interfaces, as reflected in the most recent claim amendments in the Amendment. For instance, monitoring, by a secure application program in a commercially-off-the-shelf (“COTS”) device, for an interruption event in the COTS device is a technical operation that cannot be reasonably performed by a human being, as is terminating the secure application program or a secure communication channel by detecting any attempted use of the secure communication channel by other application programs or components. Moreover, the ability to receive payment credentials from a near field communication interface of the COTS device, and encipher those received payment credentials using cryptographic keys is beyond organized methods of human activity, and integrates those methods into a practical application that improves aspects of the above technological fields.
Thus, claims 1, 3-9 & 11-16 are deemed allowable over 35 U.S.C. 101.
The following is Examiner’s statement of reasons for indicating allowance of 1, 3-9 & 11-16 over prior art, as stated in the September 30, 2021 Non-Final Office Action:
In independent claims 1 & 9, none of the prior art of record (Nahari, U.S. Pat. 2010/0306107 A1 (“Nahari”) in view of Black et al., U.S. Pat. Pub, 2012/0124365 A1 (“Black”), further in view of Tapling et al., U.S. Pat. Pub. 2013/0333008 A1 (“Tapling”) and even further in view of Rykowski et al., U.S. Pat. Pub, 2016/0366120 A1 (“Rykowski”) as well as Hashii et al., U.S. Pat. Pub. 2016/0117519 A1 and O’Loughlin et al., U.S. Pat. Pub. 2012/0102334 A1 (as cited in the “Prior Art Made of Record” below) (“prior art”) suggest the unique claimed features, in addition to the cumulative other recited claim limitations of “wherein the near field communication interface is prohibited from conveying the payment credentials to the any other 
For these reasons, independent claims 1 & 9 are deemed allowable over the prior art. Dependent claims 3-8 & 11-16 are also deemed allowable over the prior art by virtue of dependency on an allowable claim. Thus, claims 1, 3-9 & 11-16 are allowable over 35 U.S.C. 103. 
Any comments considered necessary by Applicants must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submission should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Prior Art Made of Record
The following prior art made of record and not relied upon is considered pertinent:
Hashii et al., U.S. Pat. Pub. 2016/0117519 A1 – for disclosing similar subject matter to the present claims, e.g., “MULTI-LEVEL SECURITY SYSTEM FOR 
O’Loughlin et al., U.S. Pat. Pub. 2012/0102334 A1 – for disclosing similar subject matter to the present claims, e.g., “System and Method for Hardware Based Security” (Title).
Conclusion
Any inquiry concerning this communication or earlier communications from the Examiner should be directed to TIMOTHY T HSIEH whose telephone number is 571-270-3381.  The examiner can normally be reached on M-F 8am-6pm EST. 
If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, RYAN DONLON can be reached on 571-270-3602.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only. 

/T.T.H./Examiner, Art Unit 3699
February 19, 2022
                                                                                                                                                                                                     /CHRISTOPHER BRIDGES/Primary Examiner, Art Unit 3695                                                                                                                                                                                                        2/25/2022