Notice of Pre-AIA  or AIA  Status
1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 10/19/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 10/19/2020.

Drawings
5.    Applicant’s drawings filed on 10/19/2020 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 10/19/2020 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.	Examiner request Applicant review relevant prior art under the conclusion of this office action.


Terminal Disclaimer
9.	The terminal disclaimer filed on  disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of 6/10/2022 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

EXAMINER'S AMENDMENT
10.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

11.	Authorization for this examiner’s amendment was given in an interview with Stephen Soffen on 06/10/2022.

The application has been amended as follows: 
1.	(Currently Amended) A method of facilitating the exchange of data between a user attempting to perform a transaction, the user having a computing device running an application, and a remote entity, wherein a first connection has been established between the user and the remote entity, and wherein the user has registered payment information on said application, the payment information defining a payment method for the transaction, the method comprising:
receiving a user authentication input associated with the payment method via the first connection;
identifying, by a server, the user associated with the user authentication input;
establishing, at the server, a second connection between the remote entity and the computing device;
sending a command to the application to request authentication of the user from a third party authentication server;
receiving a request from the application for authentication of the user; 
directing the request for authentication of the user to the third party authentication server;
obtaining, from the computing device, a device authentication attribute, wherein the device authentication attribute is unique to the computing device;
authenticating, at the server, the computing device using the device authentication attribute; and 
receiving an indication from the third party authentication server that the transaction may proceed to authorisation.

2.	(Previously Presented) The method according to claim 1, wherein the request for authentication of the user is received from the third party authentication server.

3.	(Previously Presented) The method according to claim 1, wherein the request from the application for authentication of the user is an encrypted request.

4.	(Previously Presented) The method according to claim 1 further comprising, after receiving an indication that the user has been authenticated and the computing device has been authenticated, sending the payment information to a payment processing entity; and
	receiving a notification that the transaction has been authorized or declined.

5. 	(Previously Presented) The method according to claim 1, wherein establishing the second connection between the remote entity and the computing device comprises establishing a connection between the remote entity and the application.

6. 	(Previously Presented) The method according to claim 1, wherein the user authentication input is received via an audio connection.

7. 	(Previously Presented) The method according to claim 1, further comprising: 
sending a command to the application to request authentication of the computing device from a third party authentication server;
receiving a request from the application for authentication of the computing device; and
directing the request for authentication of the computing device to the third party 	authentication server.

8. 	(Previously Presented) The method according to claim 6, wherein the user has registered a user authentication attribute associated with the payment method, the user authentication attribute comprising a voice biometric; and 
	wherein receiving the user authentication input comprises recording audio data from the user. 

9. 	(Previously Presented) The method according to claim 8, wherein the user has associated a plurality of payment methods with the application, the method further comprising:
receiving a user selection of a payment method from the plurality of payment methods;
wherein receiving the user selection of the payment method comprises identifying the payment method from the recorded audio data.

10. 	(Previously Presented) The method according to claim 8, further comprising:
determining a unique property relating to the user or the computing device; and
retrieving the user authentication attribute from a database using the determined unique property.

11.	(Previously Presented) The method according to claim 1, further comprising: 
		receiving a second user authentication input; and
		authenticating the user using the second user authentication input, optionally wherein the user authentication input and the second user authentication input correspond to different user authentication attributes.

12. 	(Currently Amended) A server for facilitating the exchange of data between a user attempting to perform a transaction and a remote entity, the user having a computing device running an application, and wherein a first connection has been established between the user and the remote entity, and wherein the user has registered payment information with the application, the payment information defining a payment method for the transaction, the server comprising an authentication processor operable to: 
receive a user authentication input associated with the payment method via the first connection;
identify the user associated with the user authentication input;
establish a second connection between the remote entity and the computing device;
send a command to the application to request authentication of the user from a third party authentication server;
receive a request from the application for authentication of the user;
	direct the request for authentication of the user and authentication of the computing device to the third party authentication server; 
	obtain, from the computing device, a device authentication attribute, wherein the device authentication attribute is unique to the computing device;
authenticate the computing device using the device authentication attribute; and
receive an indication from the third party authentication server that the user and the computing device have been authenticated.

13. 	(Currently Amended) A method of facilitating the exchange of data between a user attempting to perform a transaction and a remote entity, the user having a computing device running an application, wherein a first connection has been established between the user and the remote entity, the method performed by the computing device and comprising:
establishing, by the application, a second connection to a server;
sending payment information to the server, the payment information defining a payment method for the transaction;
sending a user authentication input associated with the payment method via the first connection;
receiving a command from the server to request authentication of the user from a third party authentication server;
generating a request for authentication of the user;
sending the request for authentication of the user to the third party authentication server
sending a device authentication attribute to the server, wherein the device authentication attribute is unique to the computing device;
sending a unique property relating to the user or the computing device to the server for retrieval of a user authentication attribute associated with the payment method from a database. 

14.	(Previously Presented) The method according to claim 13, further comprising encrypting the request for authentication of the user.

15. 	(Previously Presented) The method according to claim 13, wherein: 
sending payment information to the server comprises receiving payment information from the user; and 
	sending the user authentication input via the first connection comprises receiving the user authentication input from the user.

16. 	(Previously Presented) The method according to claim 13, further comprising:
sending at least one additional payment method to the server; and
sending at least one user authentication attribute associated with the at least one additional payment method via the first connection.

17. 	(Previously Presented) The method according to claim 16, further comprising:
selecting a payment method from a plurality of payment methods; and 
sending the selected payment method to the server.

18. 	(Previously Presented) The method according to claim 13, further comprising sending the user authentication input via an audio connection; and
	optionally wherein:
	receiving the user authentication input from the user comprises receiving audio data input by the user; and
	sending the user authentication input via the first connection further comprises:
	recording audio data input by the user;
	generating a voice biometric based on the input audio data; and
	sending the voice biometric to the server.

19. 	(Cancelled)

Reasons for Allowance
11.	Claims 1-18 including all of the limitations of the base claim and any intervening claims are allowed.


Closest Prior Art:
U.S. Publication No. 2004/0049455 discloses on paragraph 0048 “In situations in which the identity of the party initiating the call is authenticated by means other than its telephone number, a party may initiate a transaction with another (the target) that is itself identified by a telephone number (Caller ID). In this mode, upon the receipt of the information, the Facilitator generates a call to the target and proceeds with the transaction. Alternatively, a party may initiate the transaction by calling the Facilitator using its telephone (so that its identity is established by its caller ID and password as described above) and initiate a transaction with another (the target) in a mode in which the target is communicated with other than through the telephone. Rather than having the customer initiate the call, the system may also work in reverse, i.e., the customer may be the target of a call made by the Facilitator at the request of a merchant, a landlord, a utility, etc. For example, a cable television broadcaster may use the system to present its monthly bills to customers for payment over the telephone. The broadcaster may provide the Facilitator with a list of its customers and the payments due from each. The Facilitator then dials each customer. The details of the bill such as the name of the requesting entity (here, the broadcaster), the amount of the bill, and other data as desired are then presented to the customer and the customer is asked for its assent to payment. Verification is ensured by means of the customer's telephone number which the Facilitator itself has dialed and, optionally, the password or other unique information provided by the customer when the call is answered. On receiving the assent of the customer, the requester (broadcaster) is notified for its records, and the Facilitator may directly proceed to complete the transaction by debiting and crediting the appropriate accounts if the requester so desires. The customer can request that the call be made, for example, 5 days later, or 3 days before the bill is due, or at the due date, etc. The system records this request and initiates the call in accordance with the request. The requests can also be setup on the internet at the Facilitator's web site. The customer can also directly call the Facilitator and request that the bills be paid. In this mode, the Facilitator verifies the customer's Caller ID and password, if necessary and proceeds with crediting the biller's account and debiting the customer's account.”

U.S. Publication No. 2009/0055282 discloses on paragraph 0019 “Referring now to FIGS. 2-5, diagrams illustrate example operation flows in typical usage scenarios of various embodiments. Referring to FIG. 2, a consumer system 350 may initiate a P2P voice call to a merchant site 340 in a first operational step (1). In a second operational step (2), the merchant site 340 can create a consumer transaction record associated with the consumer system 350 P2P voice call and can store the consumer transaction record in a database or data repository 341. In operational step (3), in response to the P2P voice call from the consumer system 350, the merchant site 340 can access the consumer transaction record in the database or data repository 341 and initiate a payment request to the consumer via the consumer P2P Call Application 352. In operational step (4), the merchant site 340 can access the consumer transaction record and initiate a payment request to a merchant interface 333 of the payment site 330 via the P2P Call Application 342. In operational step (5), in response to the merchant site 340 request for payment, the consumer P2P call application 352 accesses the payment site 330. In operational step (6), the payment site 330 opens a consumer interface 332 and prompts the consumer using consumer system 350 to log in to the payment site 330 (if the consumer has an active account with the payment site 330) or prompts the consumer to open a payment site account, if the consumer has no active account with the payment site 330. In operational step (7), the consumer using consumer system 350 logs in to the payment site 330 and authorizes payment to the requesting merchant of merchant site 340. In operational step (8), the payment site 330 provides confirmation of payment from the consumer account to a merchant account. Optionally, the payment site 330 can also provide additional consumer information to the merchant site 340 (e.g. preferred shipping information). In an alternative embodiment, the consumer transaction record can be passed to the merchant site 340 via the merchant P2P call application 342 (e.g. a Skype connection). In another embodiment, a saved consumer transaction identifier can be passed to the merchant site 340 via the merchant P2P call application 342.”

U.S. Patent No. 8,447,691 discloses Col. 3 Lines 32-50 “Embodiments of the present invention allow customers to make NACHA compliant ACH transfers over the phone using an automated system. A customer call is handled by an interactive voice response unit (IVR), which uses a series of scripted unique prompts and questions to collect the necessary information about the ACH transfer. The system then confirms the transaction while recording it, so that it complies with NACHA regulations. The use of speech recognition technology simplifies the entire process and makes interaction with the customer more natural. Confirmation can be directly confirmed by analyzing the customer's verbal response. Embodiments of the invention also record the confirmation as a sound file, allowing the confirmation to be stored. The sound file is tagged so it can be easily retrieved if verification of the transaction was ever desired. Embodiments of the system are also designed to be advantageously scalable and easily extendable to handle a larger number of simultaneous transactions, reducing the cost and improving responsiveness of the system.”

U.S. Publication No. 2014/0379563 discloses on paragraph 0007 and 0008 “If the user chooses to pay by phone, the user will be presented with a web form textbox where the user can enter his phone number. Once the user has entered and submitted his phone number, a call will be initiated from the merchant to the user. When the user picks up the call, the user may be presented with some details about the transaction such as the merchant name, product purchased, invoice amount etc. The customer will be asked to enter a secret code to complete the transaction. The code could be a simple series of digits the customer can enter over the keypad of the phone. Once the user has entered the code, it will be transmitted to the calling system. This system then authenticates the code against previously stored secret code for the customer. If the correct code is provided, the transaction is completed, and a message may be relayed to customer over the phone, by voice or text indicating the successful completion of the transaction. The merchant website will also at this point update to reflect that the transaction has completed. The completion of the transaction, upon entry of correct code, involves debiting of the required amount from the payer's account and transferring to the seller's account. In another embodiment, instead of a series of digits being entered on the phone keypad, the system may use a voice key which the user will speak into the phone, and the voice will be analyzed by the transaction processor's computers to authenticate the user. Also, if the code entered is incorrect, the customer may be given another opportunity to enter the code. A fixed number of opportunities may be given to the customer to enter the correct code, after which the transaction will be cancelled if the correct code is not provided.”

U.S. Publication No. 2015/0254747 discloses on paragraph 0026-0030 “At block 101, a mobile browser detects whether a link contained in a payment request initiated by a user is a payment link. At block 102, if the link contained in the payment request is the payment link, the mobile browser sends the payment link to a third party certification plug-in. At block 103, the third party certification plug-in performs a certification process according to the payment link, generates and displays a certification webpage, generates a payment result webpage after the user inputs payment information on the certification webpage, and sends a link corresponding to the payment result webpage to the mobile browser. At block 104, the mobile browser displays the payment result webpage. By the method for certifying a webpage, a whole certification process may be implemented securely and rapidly on the mobile browser of a mobile terminal device.”

U.S. Publication No. 20090171752 discloses 0073 and 0074 "FIG. 4is a process flow chart illustrating one embodiment of the present invention. In FIG. 4a transaction is received at step 401 and the initiator of the transaction is identified at step 402. The identification may be a telephone number, or an IP address, or some other ID, depending largely on the nature of the transaction. At step 403 information about the initiator is retrieved from a CIS database on the LAN at the contact center, based on the ID derived in step 402. In one embodiment of the invention the information stored about the customer is not just historical information regarding the customer's interactions with the contact center, but also demographic information, income information, gender, age, and much more. In one embodiment information is also stored and retrievable concerning the customer's interactions with the enterprise in other than contact center interactions, such as customer's visits to an enterprise website, a history of payments, etc. At step 404, from the pool of available agents to whom the transaction might be routed, agent information is retrieved for all good candidates (under some conditions some agents may be disqualified at the outset). At step 405, considering possibly agent information and customer information, a set of potential products is selected. At step 406 a plurality of agent/customer/product combinations are formed, and a potential profit contribution is predicted for each. Finally at 407 one of the combinations is selected and the determination of the available agent is sent to the router.”

U.S. Patent No. 8,725,576 discloses on Col. 5 Lines 21-49 “FIG. 3 illustrates a method 300 for conducting a payment transaction using a point of sale device (e.g., point of sale device 104). User input is received selecting one or more items for purchase (e.g., at the point of sale device) (step 302). In general, the transaction being made at the point of sale device can be any type of transaction that involves the exchange or transfer of funds--e.g., the transaction can be a payment transaction, a fund transfer, or other type of transaction. In response to a request from the user to purchase the one or more items, a total purchase amount for the one or more items is calculated (e.g., by the point of sale device) (step 304). If the user has coupons in their mobile wallet the user can either manually apply the coupon or have the coupon automatically applied during the transaction and the transaction amount is updated. The user request to purchase an item can be received, e.g., by a user clicking on a "buy now" icon that is displayed on a graphical user interface of the point of sale device. Payment authorization for the total purchase amount is sent to a payment entity through a mobile communication device of the user (step 306). A result of the payment authorization is received at the point of sale device from the payment entity via the mobile communication device (step 308). The payment transaction is completed based on the result of the payment authorization (step 310). If the payment transaction was authorized by the payment entity, then the sale of the items through the point of sale device is completed.”

U.S. Publication No. 2010/0327054 discloses on paragraph 0066 “FIG. 2 illustrates an exemplary embodiment 140 of a method that can be used by verification token 40. Exemplary method 140 comprises a plurality of actions 141 -146. Action 141 comprises establishing a communications link between the verification token and the computer, with the computer having a networking facility, as described above. Action 142 comprises establishing a communications session between the verification token and a validation entity using the computer's networking facility and a network services module therefor. Action 143 comprises reading identification information from a portable consumer device 5 into the verification token using a reader, such as reader 44. In some implementations, action 143 may precede either or both of actions 141 and 142. Action 144 is optional and comprises obtaining a merchant identifier and/or merchant transaction identifier related to the transaction, either from the user directly or from a webpage on the user's computer, as described above. Action 144 comprises transmitting the read identification information, and optionally the obtained merchant identifier and transaction identifier, from the verification token to the validation entity through the communications session, the identification information and identifiers preferably being transmitted to the validation entity in encrypted forms. Action 144 may comprise directing the communications session to encrypt the identification information and identifiers, and/or encrypting the identification information and identifiers using an encryption key stored in the token. A triple DES based algorithm may be used for both encryptions. Action 146 is optional and occurs after transmitting the identification information. Action 146 comprises receiving, at the verification token, a device verification value from the validation entity by way of the communications session.” Para 0067 “FIG. 3 illustrates an exemplary embodiment 150 of a method for a user to use verification token 40 and the like. Exemplary method 150 comprises a plurality of actions 151 -154. Action 151 comprises coupling a verification token, such as token 40, to a computer, such as computer 10, using a peripheral interface of the computer. Action 152 comprises displaying a merchant web page on the computer's display using an Internet browser, the merchant web page preferably being a checkout page for a transaction between the user and the merchant. Action 153 comprises presenting a portable consumer device 5 to the reader of the verification token to send identification information contained in device 5 to a merchant via validation entity 80. If device 5 has a magnetic stripe, action 153 may comprise swiping the magnetic stripe through a magnetic stripe reader of the verification token. If device 5 comprises a wireless communications interface, action 153 may comprise waving device 5 near the reader of verification token. Action 154 comprises optionally receiving a device verification value from validation entity 80 and optionally providing the value to the merchant via the merchant's checkout page. Action on 154 also comprises confirming the transaction (such as by clicking the "Submit" button or "Continue" button on the merchant's checkout page, or equivalent button). The method may include further optional actions by the user, such as providing a merchant identifier, transaction identifier, and/or password by way of one or more dialog boxes, as described above and below in greater detail.”
U.S. Publication No. 20120255996 discloses on paragraph 0048 “In another embodiment, during a transaction, in order to verify that the payment card holder is authorizing a transaction with the merchant, the holder may be incentivized or required to verify the authentication code of the merchant by providing the merchant authentication code through a call center, interactive voice response, text message, website, mobile application or by incorporating the authentication code in the payment process. For example, after a payment card holder's payment card is presented to a merchant and swiped through a card reader, the holder may receive a text message or phone call from the payment card issuer requesting that the holder provide the issuer with the merchant authentication code. If the holder is unable to provide the code or if the code provided by the holder is incorrect, the transaction will not be processed. The issuer may establish random, periodic (e.g. every third transaction or first transaction of each day) or rule-based (e.g. any amount over $1,000) verification of the merchant authentication code.”

U.S. Publication No. 2008/0155655 discloses on paragraph 0009 “These and other objects are accomplished by a system and method for conducting a secure transaction which preferably includes the steps of providing a database with at least a first voice sample associated with a holder of the payment account, providing payment account information associated with the account, the account information to be used for conducting the transaction, transmitting an authentication request including the payment account information to an access control server, triggering automatically a telephone call to the holder of the payment account, generating a second voice sample by sampling one or more voice characteristics of the holder of the payment account, and using voice authentication technology to compare the first voice sample to the second voice sample to determine whether the transaction is authorized by the payment account holder.

U.S. Publication No. 2009/0037982 discloses paragraph 0051 and 0052 “A data authentication process associated with a data authentication program can now be described with respect to FIG. 1. The data authentication program can be used in a variety of situations where an acceptor such as the merchant 22 wants to authenticate a presenter 21. For instance, in a non-payment example, the presenter 21 can visit a government Web site (which is an example of an acceptor Web site) in order to fill out an application for a small business license. Various government agencies offer online services through their Web sites. Typically, a government agency wants to confirm information (e.g., a name, address, etc.) entered by the presenter 21. Embodiments of the invention can also operate in a similar manner for a payment example. For instance, the following example describes operation of the data authentication program where a customer calls a merchant 22 and places an order, and then plans to pay for the order with his credit card. The presenter 21 initiates the transaction by calling the merchant 22 to place an order for a good or service. In other embodiments, the presenter 21 can interact with the merchant 22 using an SMS message, through Internet using a Web browser or e-mail, etc. Additionally, the customer and the merchant could interact face- to-face.”)


The following is an Examiner’s Statement of Reasons for Allowance:
Claims 1-18 are allowable over prior art references taken individually or in combination fails to particularly disclose, fairly suggests or render obvious are argued by the applicant which examiner considers persuasive as set forth above.
Although the prior art discloses facilitating the exchange of data, initiating a phone call with a merchant, determining a registered payment method within application and authenticating a user and device for a transaction, no one or two references anticipates or obviously suggest exchanging of data between a user attempting to perform a transaction and a remote entity, the user having a computing device running an application, wherein a first connection has been established between the user and the remote entity.
Establishing, by the application, a second connection to a server and sending payment information to the server, the payment information defining a payment method for the transaction. Thereafter, sending a user authentication input associated with the payment method via the first connection and receiving a command from the server to request authentication of the user from a third party authentication server. Thereby generating a request for authentication of the user, sending the request for authentication of the user to the third party authentication server and sending a device authentication attribute to the server, wherein the device authentication attribute is unique to the computing device.
Lastly, sending a unique property relating to the user or the computing device to the server for retrieval of a user authentication attribute associated with the payment method from a database. 

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2499