DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
This office action is in response to the claim amendments filed July 08, 2021 and further in response to an electronic/telephonic communication with Applicant’s representative William C. Passodelis on January 07, 2021 (“Electronic Communication”).
Claims 9-54 have been canceled.
Claims 1-8 are pending.

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s amendment was given in the Electronic Communication.
Please replace all prior version of the claims with the attached amended claims, wherein,
Claims 9-54 have been canceled.
Claims 1-8 are pending.

The amended claims:
1.  (Currently Amended)	A computer-implemented method comprising:
generating, [[with]] by a point-of-sale (POS) terminal, a first ciphertext associated with a transaction, the first ciphertext comprising:
(i) a first ciphertext value associated with a randomly selected key (r), the first ciphertext value encrypted based on the randomly selected key (r) and a generator value (g); and
(ii) a second ciphertext value associated with a first public key (pk1) of a first pair of keys comprising a first public key (pk1) and a first secret key (sk1), the first public key (pk1) generated based on the first secret key (sk1) and the generator value (g), the second ciphertext value encrypted based on transaction data associated with the transaction and a symmetric key (K) generated based on the first public key (pk1) and the randomly selected key (r);
communicating, [[with]] by the POS terminal, the first ciphertext to at least one payment gateway; 
re-encrypting, [[with]] by the at least one payment gateway, the first ciphertext value with a first re-encryption key to transform the first ciphertext value encrypted under the first public key (pk1) to a re-encrypted first ciphertext value encrypted under a second public key (pk2) associated with the at least one payment gateway;
communicating, [[with]] by the at least one payment gateway, the re-encrypted first ciphertext value and the second ciphertext value to at least one merchant bank;
re-encrypting, [[with]] by the at least one merchant bank, the re-encrypted first ciphertext value encrypted with a second re-encryption key to transform the re-encrypted first ciphertext value encrypted under the second public key (pk2) of the at least one payment gateway to a second re-encrypted first ciphertext value under a third public key (pk3) of the at least one merchant bank;
communicating, [[with]] by the at least one merchant bank, the second re-encrypted first ciphertext value and the second ciphertext value to a payment network;
re-encrypting, [[with]] by the payment network, the second re-encrypted first ciphertext value encrypted with a third re-encryption key to transform the second re-encrypted first ciphertext value encrypted under the third public key (pk3) of the at least one merchant bank to a third re-encrypted first ciphertext value under a fourth public key (pk4) of the payment network;
communicating, [[with]] by the payment network, the third re-encrypted first ciphertext value and the second ciphertext value to at least one consumer bank;
determining, [[with]] by the at least one consumer bank, the symmetric key (K) based on the third re-encrypted first ciphertext value and a secret key of the consumer bank; and
decrypting, [[with]] by the at least one consumer bank, the second ciphertext value based on the symmetric key (K) to obtain the transaction data.

2.  (Original)	The computer-implemented method of claim 1, wherein an intermediary server translates between multiple different parties by decrypting the second ciphertext value and using a portion of the transaction data to determine routing and a corresponding re-encryption key for a subsequent communication.

3.  (Original)	The computer-implemented method of claim 1, wherein the transaction data includes at least one of a mobile personal identification number (PIN), a card verification number, or a card number associated therewith.

4.  (Original)	The computer-implemented method of claim 1, wherein the second ciphertext value is used to encrypt a personal identification number (PIN) under the randomly selected key (r) protected by the first ciphertext value, and wherein a re-encryption generates a new ciphertext value while the second ciphertext value is unchanged.

5.  (Currently Amended)	A system comprising:
a point-of-sale (POS) terminal;
at least one payment gateway;
at least one merchant bank;
a payment network;
at least one consumer bank;
the POS terminal comprising at least one POS processor and at least one POS non-transitory computer-readable medium comprising program instructions that, when executed by the at least one POS processor, cause the at least one POS processor to:
generate a first ciphertext associated with a transaction, the first ciphertext comprising:
(i) a first ciphertext value associated with a randomly selected key (r), the first ciphertext value encrypted based on the randomly selected key (r) and a generator value (g); and
(ii) a second ciphertext value associated with a first public key (pk1) of a first pair of keys comprising a first public key (pk1) and a first secret key (sk1), the first public key (pk1) generated based on the first secret key (sk1) and the generator value (g), the second ciphertext value encrypted based on transaction data associated with the transaction and a symmetric key (K) generated based on the first public key (pk1) and the randomly selected key (r); and
communicate the first ciphertext to the at least one payment gateway; 
the at least one payment gateway comprising at least one payment gateway processor and at least one payment gateway non-transitory computer-readable medium comprising program instructions that, when executed by the at least one payment gateway processor, cause the at least one payment gateway processor to:
re-encrypt the first ciphertext value with a first re-encryption key to transform the first ciphertext value encrypted under the first public key (pk1) to a re-encrypted first ciphertext value encrypted under a second public key (pk2) associated with the at least one payment gateway; and
communicate the re-encrypted first ciphertext value and the second ciphertext value to the at least one merchant bank;
the at least one merchant bank comprising at least one merchant bank processor and at least one merchant bank non-transitory computer-readable medium comprising program instructions that, when executed by the at least one merchant bank processor, cause the at least one merchant bank processor to:
re-encrypt the re-encrypted first ciphertext value encrypted with a second re-encryption key to transform the re-encrypted first ciphertext value encrypted under the second public key (pk2) of the at least one payment gateway to a second re-encrypted first ciphertext value under a third public key (pk3) of the at least one merchant bank; and
communicate the second re-encrypted first ciphertext value and the second ciphertext value to [[a]] the payment network;
the payment network comprising at least one payment network processor and at least one payment network non-transitory computer-readable medium comprising program instructions that, when executed by the at least one payment network processor, cause the at least one payment network processor to:
re-encrypt the second re-encrypted first ciphertext value encrypted with a third re-encryption key to transform the second re-encrypted first ciphertext value encrypted under the third public key (pk3) of the at least one merchant bank to a third re-encrypted first ciphertext value under a fourth public key (pk4) of the payment network; and
communicate the third re-encrypted first ciphertext value and the second ciphertext value to the at least one consumer bank; and
the at least one consumer bank comprising at least one consumer bank processor and at least one consumer bank non-transitory computer-readable medium comprising program instructions that, when executed by the at least one consumer bank processor, cause the at least one consumer bank processor to:
determine the symmetric key (K) based on the third re-encrypted first ciphertext value and a secret key of the consumer bank; and
decrypt the second ciphertext value based on the symmetric key (K) to obtain the transaction data.

6.  (Currently Amended)	The system of claim 5, further comprising:
an intermediary server comprising at least one intermediary server processor and at least one intermediary server non-transitory computer-readable medium comprising program instructions that, when executed by the at least one intermediary server processor, cause the at least one intermediary server processor to: translate between multiple different parties by decrypting the second ciphertext value and using a portion of the transaction data to determine routing and a corresponding re-encryption key for a subsequent communication.

7.  (Original)	The system of claim 5, wherein the transaction data includes at least one of a mobile personal identification number (PIN), a card verification number, or a card number associated therewith.

8.  (Original)	The system of claim 5, wherein the second ciphertext value is used to encrypt a personal identification number (PIN) under the randomly selected key (r) protected by the first ciphertext value, and wherein a re-encryption generates a new ciphertext value while the second ciphertext value is unchanged.

9. – 54.  (Cancelled).

Allowable Subject Matter
Claims 1-8 are allowed.

Reasons for Allowance
The following is an Examiner’s statement of reasons for allowance:
The closest prior art of record:
Upadhye, Nilesh (GB 2551775 A)
Baig, Attaullah (US 10134038 B2)
Bar-El et al. (US 20180270048 A1)
Desai, Mehul (WO 2013/056104 Al)
Egorov et al. (US 20180254901 A1)

Upadhye generally discloses an Apparatus and methods for an electronic payment process using a communications device 104 at a point of sale unit 106. The mobile device 104 receives a secure limited use key (SLUK) from a financial institution 200. The SLUK is generated by wrapping a first limited use key (LUK) which is generated using: a first key associated with the issuing bank 200; a user identifier; a variable code; and a subset of characters of a user passcode. Each character is identified by its position in the passcode, the positions being determined by a predetermined algorithm on the basis of: a second, secret key; the user identifier and the variable code. A user interface allows a partial pin code 713 to be entered when initiating the electronic payment. A controller is able to unwrap the SLUK to generate a second LUK which is transmitted to the bank 200 as authentication.
Upadhye further discloses, the transmitter 206 of the communications device 104 transmits a registration request to the payment device 200 at the financial institution associated with the user of the communications 20 device. The registration request is received by the receiver 220 of the payment device 200. The controller 224 of the payment device then registers the user for use with the mobile payment service at step 402 and, at step 404, generates a token primary account number (PAN) associated with the user. The generated token PAN is a number which acts as an identifier of the user and which is used in the generation of subsequent cryptographic keys, as will be explained. The token PAN associated with the user is then 25 stored in the storage unit 226 of the payment device at step 406. At step 408, a secret key which is associated with the user is generated. The secret key may be an Advanced Standards Encryption (AES) 128 bit key, for example. The secret key is also stored in the storage unit 226 (and is protected using, for example, a cryptographic hardware security module). At step 410, the transmitter 222 transmits the generated token PAN and secret key back to the receiver 204 of the communications device 104. The 30 token PAN and secret key are then stored in the storage unit 208 of the communications device 104 (the secret key being protected using, for example, a whitebox cryptographic technique). This completes the registration process of the communications device, and allows the user to now initiate mobile payments using the communications device. (see paragraph [XXXX]) or (see Col [X], LN [X]).

Baig discloses, a key is securely injected into a POS PIN pad processor in its usual operating environment. In response to entry of a personal identification number (PIN) into a PIN pad, the processor puts the PIN into a PIN block; puts additional random data into the PIN block; and encrypts the entire PIN block using asymmetric cryptography with a public key derived from the injected key residing in the PIN pad processor. The corresponding private key may be held securely and secretly by an acquirer processor for decrypting the PIN block to retrieve the PIN. The encrypted random data defends the PIN against dictionary attacks. Time stamp data and constant data encrypted with the PIN block enables a defense of the PIN against replay attacks and tampering. The method may also include accepting the PIN from a mobile phone in communication with the processor.
Baig further discloses, encrypted payload 400 may be transmitted from PIN pad 200 to POS terminal 204 and on to acquirer or acquirer processor 208. Encrypted payload 400 may include version data, a key serial number, and a 128-byte encryption of PIN block 300. Version data may, for example, include 2 bytes of information that may be used for indicating algorithm type, such as RSA, which may help the acquirer processor 208 determine, for example, that it is not receiving a DUKPT encrypted communication, thus helping to ensure compatibility between different types of systems. The key serial number (KSN) data may help the acquirer processor 208 determine, for example, the correct private key that will correspond to the public key used to encrypt payload 400 and that can be used to decrypt the encrypted version of PIN block 300, included in payload 400, and which may occupy the same number of bytes, e.g., 128 bytes in this example, in payload 400 as the original PIN block 300.

Bar-El discloses, methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A computing device includes: a secure storage unit to securely store a confidential data item; a non-secure execution environment to execute program code, the program code to transport to a remote server a message; a secure execution environment (SEE) to securely execute code, the SEE including: a rewriter module to securely obtain the confidential data item from the secure storage, and to securely write the confidential data item into one or more fields in said message prior to its encrypted transport to the remote server.

Desai reference discloses, a platform for performing secure personalized transactions in a multi-domain ecosystem includes a personalization tier that enables service provider personalization for one or more ecosystem elements stored on a mobile device. Further, the platform includes an enabling tier for facilitating interoperation between the personalization tier and a client device. The platform further includes a service tier that may be operating independently of the enabling tier and may enable service delivery for a plurality of services.

Egorov discloses, Provided is a process including: encrypting each of a plurality of data encryption keys with a first public cryptographic key to form encrypted data encryption keys; obtaining a second public cryptographic key; generating a transformation key based on the first public-private cryptographic key pair and the second public cryptographic key; and transforming the encrypted data encryption keys with proxy re-encryption based on the transformation key; and obtaining the second private cryptographic key and the transformed encrypted data encryption keys. 
Egorov further discloses, transforming the ciphertext with the first computing node, as indicated by block 56. In some cases, the ciphertext is workload data stored in one of the above-described data nodes, for instance, ciphertext formed with data encrypted with a data owner's encryption key or with one of the above-described key rotation keys. In some embodiments, transforming the ciphertext with the first computing node may include transforming the ciphertext with the transformation key, for example, based upon a public key of a second computing node discussed below. In some embodiments, the transformation may be performed without access to a private key by which the ciphertext is encrypted and without access to a private key corresponding to a public key of the second computing node. In some embodiments, the transformation may be performed without the first computing node having access to the unencrypted plaintext form of the ciphertext.

The references Upadhye, Baig, Bar-El, Desai and Egorov disclose as previously discussed.

The references however do not teach claim as a whole in combination of at least:
generating, by a point-of-sale (POS) terminal, a first ciphertext associated with a transaction, the first ciphertext comprising:
(i) a first ciphertext value associated with a randomly selected key (r), the first ciphertext value encrypted based on the randomly selected key (r) and a generator value (g); and
(ii) a second ciphertext value associated with a first public key (pk1) of a first pair of keys comprising a first public key (pk1) and a first secret key (sk1), the first public key (pk1) generated based on the first secret key (sk1) and the generator value (g), the second ciphertext value encrypted based on transaction data associated with the transaction and a symmetric key (K) generated based on the first public key (pk1) and the randomly selected key (r);
communicating, by the POS terminal, the first ciphertext to at least one payment gateway;
re-encrypting, by the at least one payment gateway, the first ciphertext value with a first re-encryption key to transform the first ciphertext value encrypted under the first public key (pk1) to a re-encrypted first ciphertext value encrypted under a second public key (pk2) associated with the at least one payment gateway;
communicating, by the at least one payment gateway, the re-encrypted first ciphertext value and the second ciphertext value to at least one merchant bank;
re-encrypting, by the at least one merchant bank, the re-encrypted first ciphertext value encrypted with a second re-encryption key to transform the re-encrypted first ciphertext value encrypted under the second public key (pk2) of the at least one payment gateway to a second re-encrypted first ciphertext value under a third public key (pk3) of the at least one merchant bank;
communicating, by the at least one merchant bank, the second re-encrypted first ciphertext value and the second ciphertext value to a payment network;
re-encrypting, by the payment network, the second re-encrypted first ciphertext value encrypted with a third re-encryption key to transform the second re-encrypted first ciphertext value encrypted under the third public key (pk3) of the at least one merchant bank to a third re-encrypted first ciphertext value under a fourth public key (pk4) of the payment network;
communicating, by the payment network, the third re-encrypted first ciphertext value and the second ciphertext value to at least one consumer bank;
determining, by the at least one consumer bank, the symmetric key (K) based on the third re-encrypted first ciphertext value and a secret key of the consumer bank; and
decrypting, by the at least one consumer bank, the second ciphertext value based on the symmetric key (K) to obtain the transaction data.

Therefore, the claims of the instant application are not obvious over Upadhye, Baig, Bar-El, Desai and Egorov for the reasons given above.

Yet even if the missing claimed elements were found in a reasonable number of references, a person of ordinary skill in the art would not have been motivated to include these elements in Upadhye, Baig, Bar-El, Desai and Egorov because Upadhye is not concerned about the process disclosed above, generating, by a POS device a first ciphertext associated with a transaction data. The first ciphertext comprising a first ciphertext value and a second ciphertext value. And re-encrypting, by a payment gateway the first ciphertext value with a first re-encryption key and re-encrypting, by a merchant bank, the re-encrypted first ciphertext value encrypted with a second re-encryption key and re-encrypting, by a payment network, the second re-encrypted first ciphertext value encrypted with a third re-encryption key. And decrypting, by the consumer bank, the second ciphertext value to obtain the transaction data.
Additionally, the combination of Upadhye, Baig, Bar-El, Desai and Egorov clearly destroys the intent and purpose of Upadhye taken alone and/or in view of Baig, Bar-El, Desai and Egorov use of, for example, receiving by user device a secure limited use key (SLUK) and perform an unwrapping process on the SLUK to generate a second LUK and transmit the generated second LUK to the financial institution for authentication of the electronic payment. Accordingly, the present invention is distinguishable over Upadhye taken alone and/or in view of Baig, Bar-El, Desai and Egorov for this reason as well.

Therefore, the limitations lacking in the prior art, in combination with the other limitations clearly claimed for patent, are novel and unobvious.

Foreign prior art and NPL search was conducted however no relevant prior art was found.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAHED ALI whose telephone number is (571)270-1085.  The examiner can normally be reached on 8:00 - 5:00 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/JAHED ALI/ Examiner, Art Unit 3685/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3685