DETAILED ACTION
This Notice of Allowance is in response to applicants’ request for continued examination (RCE) filed on 05/06/2022.  Claims 1, 2, 8, 9, 15, and 16 have been amended.  Claims 1-21 are pending and have been considered as follows.
The text of those sections of Title 35 U.S. Code not included in this section can be found in the prior office action.
The prior office actions are incorporated herein by reference.  In particular, the observations with respect to claim language, and response to previously presented arguments.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicants’ submission filed on 05/06/2022 has been entered.
Allowable Subject Matter
Claims 1-21 are allowed.
Examiner’s Statement for Reasons of Allowance
The following is an examiner’s statement of reasons for allowance:
In interpreting the currently amended claims in light of the specification, the Examiner finds the claimed invention to be patentably distinct from the prior art of record.
Amended independent Claims 1, 8, and 15 are allowed for the reasons argued by applicants on pages 10-11 of the remarks filed on 04/07/2022 which are persuasive.  In view of the amendment to the claims, the Examiner hereby withdraws the 35 U.S.C. 101 rejection of Claims 15-21 and the 35 U.S.C. 112(b) rejection of Claim 15.  Claims 2-7, 9-14, and 16-21 depend upon respective independent claims above and are allowed by virtue of their dependencies.
Although the prior art Sheets (US 20140372308 A1) teaches “A transaction processing system 100 may include a consumer 102, a mobile communication device 104, an access device 106, a merchant computer 108, an acquirer computer 110, a payment processing network computer 112, an issuer computer 114 and a telecommunications network 116” [0040]; “An exemplary flow for completing a payment transaction, according to embodiments of the present invention is discussed with reference to FIG. 1. Before the transaction begins, the consumer 102 may select goods or services to purchase at a merchant location” [0051]-[0068],
None of the prior art of record teaches individually or in combination the limitations listed below as recited in applicants’ amended independent claims [emphasis added]:
[Claim 1] “receiving, by the service provider from the user via the communication platform, a cloaked identifier with information related to a trusted party that is designated by the user to store the one or more data items for the user, wherein the cloaked identifier cloaks private information of the user; sending, by the service provider to the trusted party via the communication platform, the cloaked identifier with a request for a validation response; receiving, from the trusted party via the communication platform, the validation response indicative of whether the one or more data items are validated”;
[Claim 8] “receiving, by the service provider from the user, a cloaked identifier with information related to a trusted party that is designated by the user to store the one or more data items for the user, wherein the cloaked identifier cloaks private information of the user; sending, by the service provider to the trusted party, the cloaked identifier with a request for a validation response; receiving, from the trusted party, the validation response indicative of whether the one or more data items are validated”;
[Claim 15] “receiving, from the user, a cloaked identifier with information related to a trusted party that is designated by the user to store the one or more data items for the user, wherein the cloaked identifier cloaks private information of the user; a validation response solicitor of the service provider configured for sending, to the trusted party, the cloaked identifier with a request for a validation response, and receiving, from the trusted party, the validation response indicative of whether the one or more data items are validated”.
The closest prior art made of record and cited consisted of the following references.
Newbould et al. (US 20070055666 A1) disclosed enabling a user to access online services of a type requiring certain types of personal data to be supplied to respective service providers. An apparatus is provided having a store for storing profile data for use both by users and by service providers to store personal information in respect of those users. The apparatus also has user and service provider interfaces to enable read and write access to the store, identity management means and a profile access controller arranged to implement user-defined access controls in respect of a user's stored profile data. The identity management means are triggerable to allocate or to cease a pseudo-identifier in respect of a user and a selected service provider, the pseudo-identifier being the only identifier by which the service provider may access profile data stored in the store in respect of the user
Hammad et al. (US 20120018511 A1) disclosed a verification token that is communicatively coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a device verification value to the verification token, and optionally to a payment processing network.
Senthurpandi (US 20140101453 A1) disclosed a real identity biometric authentication device that includes a USB thumb drive form factor, with a biometric sensor and designated device processor and stored instructions in firmware which perform authentication in a secure manner, independent of processing and storage resources on a host platform. The device and authentication process require biometric data and are secured against effects of malware or other security risks presented by applications running on the host platform. During an enrollment process, a unique encrypted enrollment biometric token is created using biometric data and uploaded securely to an authentication server. During an authentication process, the encrypted enrollment biometric token is downloaded to the real identity authentication device firmware and is decrypted on the device.
Pasdar (US 20140115715 A1) disclosed preventing data leakage from a transmission unit to a service provider (SP), utilizing a network system including a computer to identify identification information of a user included in data communication between the transmission unit and the SP; identify a SP application via an application signature; determine whether the identified SP application meets at least one data leakage prevention policy for a user; and perform at least one of a plurality of data leakage prevention processes on the transmission unit.
Powell et al. (US 20150127547 A1) disclosed a token assurance level and data used to generate the token assurance level. At the time a token is issued, one or more Identification and Verification (ID&V) methods may be performed to ensure that the token is replacing a PAN that was legitimately used by a token requestor. A token assurance level may be assigned to a given token in light of the type of ID&V that is performed and the entity performing the ID&V. Different ID&Vs may result in different token assurance levels. An issuer may wish to know the level of assurance and the data used in generating the level of assurance associated with a token prior to authorizing a payment transaction that uses the token.
Wong et al. (US 20150180836 A1) disclosed enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
Narayanan et al. (US 20180091538 A1) disclosed protecting an electronic device using a device protection server, wherein the electronic device may include a device identifier, wherein the electronic device may also include a first suspension token and an associated first credential for a first user associated with a first user identifier, and wherein the electronic device may also include a second suspension token and an associated second credential for a second user associated with a second user identifier. The method may include receiving, with the device protection server from the electronic device, device suspension data including the first suspension token, the second suspension token, the device identifier, and the second user identifier. The method may also include storing the received device suspension data at the device protection server, and after the storing, receiving with the device protection server, a device protection enablement request including the device identifier and the second user identifier. The method may also include identifying, with the device protection server, each one of the first suspension token and the second suspension token as being stored at the device protection server in the stored device suspension data with both the device identifier and the second user identifier of the received device protection enablement request. The method may also include communicating, from the device protection server to a remote subsystem, credential suspension data that is operative to instruct the remote subsystem to suspend every credential associated with the identified first suspension token and to suspend every credential associated with the identified second suspension token.
However, the prior art of record, taken by itself or in any combination, do not anticipate or make obvious the invention of the present application and in particular the claim features listed above.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Panduranga et al., (“Simplifying Mobile Commerce Through A Trusted Transaction Broker”, January 2005, IEEE International Conference on Personal Wireless Communications, pp. 267-271)
Mardikar et al. (US 8150772 B2)
Kohli (US 20180351929 A1)
Cheng et al. (US 20200074114 A1)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530. The examiner can normally be reached Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

05.25.2022