DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Acknowledgments
The Amendment filed on 04/13/22 is acknowledged. 

Status of Claims
Claims 1-30 are pending. 
In the Amendment filed on 04/13/22, claims 1-7, 9-15, 17-23 and 25-29 were amended, and no claims were cancelled or added.
Claims 1-30 are rejected.

Response to Arguments
Regarding the Objections to the Drawings
The objections have been withdrawn in view of the replacement drawings filed. For clarification of the record: Applicant's annotation to Fig. 7A is incorrect/incomplete. Specifically, reference number 704 is amended to refer to a different element in the figure, as shown. 
Regarding the Objections to the Specification 
The amendments to the specification (0047) change the content of the specification to effectively state that the client application user interface does not receive sensitive data, whereas the original specification stated the opposite, viz., that the client application user interface does receive sensitive data. See the objection hereinbelow for further detail.
In view of the apparent contradiction between the amendments to the specification and the original specification, and absent any explanation provided by Applicant to resolve this apparent contradiction, the amendments to the specification are deemed new matter. Consequently, the amendments to the specification have not been entered. 
Regarding the claim interpretation (U.S.C. 112(f) means-plus-function)
Applicant's remarks contain an incorrect presupposition. Specifically, Applicant states: 
"Applicants do not wish to dispute the interpretation of the corresponding structure to such claims." (Response, p. 18)
For clarification of the record: the Office Action did not indicate any corresponding structure; on the contrary, the Office Action (in the corresponding rejection under 35 U.S.C. 112(b)) indicated that the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed functions and/or to clearly link the structure, material, or acts to the functions.
Regarding the rejection under 35 U.S.C. 112(a)
The previous rejections have been overcome in part, in view of Applicant's claim amendments. 
Regarding claims 6, 14, 22 and 28, the specification does not describe the actual configuring of the client application, how the client application is configured resulting in its ability to implement a digital payment servicer function. Nor do Applicant's remarks assert to the contrary.
Regarding claims 9-24, as described by the specification, the instructions, when executed by the processor, cause the processor to perform the functions in question. The claims should recite the underlined language rather than saying that 'the processor is configured to execute the instructions to perform …', 'the instructions are configured to cause the processor to perform …', or the like, as per claims 9-24.

Regarding the rejections under 35 U.S.C. 112(b)
The previous rejections have been overcome in part, in view of Applicant's claim amendments. 
As for the "means-plus-function" rejection, Applicant states: 
… the specification discloses algorithms in terms of several exemplary embodiments described in both the prose of the specification and the flow charts and diagrams of the figures such that the algorithms may be sufficiently understood by one having reasonable skill in the art. Indeed, the structure and algorithms corresponding to the means elements recited in claim 30 may be found throughout the specification. For example, sufficient structures or acts for performing the operations recited in claims 25-30 are set forth in the specification at least by the software program process in the process flow diagrams of FIGS. 3-5, and their corresponding descriptions in paragraphs [0046]- [0067], combined with the specific processor implementations recited in paragraph [0098] (e.g., a DSP, ASIC, FPGA, etc.). These portions of the specification describe a special purpose machine programmable by software that is a definite structure for performing the claimed functions. (Response, p. 25; emphasis added)

However, the Office Action had already stated: 
… the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed functions and/or to clearly link the structure, material, or acts to the functions. In this regard, the most pertinent portion of Applicant's specification appears to be the description of Figs. 3-6, i.e., 0046-0078. However, this portion of the specification appears to be devoid of any structure (viz., requisite algorithm) that performs the functions in the claims. At best, this portion of the specification appears to merely restate some of the functions. (Office Action, p. 23; emphasis added)

In other words, the portions of the disclosure cited by Applicant in the remarks had already been reviewed and found inadequate in the Office Action, as explained in the Office Action. Applicant has not provided any explanation in response to the Office Action's findings. By merely restating the same portions of the disclosure already cited and explained by the Office Action as inadequate, Applicant's response is in effect a conclusory statement. The sole additional portion of the disclosure cited by Applicant that was not cited in the Office Action is 0098. However, 0098 merely describes a generic processor or the like and "circuitry … specific to a given function." This does not describe any algorithm, and hence is insufficient as the corresponding structure for the means-plus-function limitations. In order to address the rejection, Applicant must indicate more specifically the locations and the language in the specification that describe the corresponding structure, or amend the claims.
As for the Unclear Scope rejection, as explained in the Office Action, the claims appear to use different terms ("secure user interface display," "secure user interface") to refer to the same thing, which renders the claims confusing and unclear. If the different terms are intended to refer to different things, Applicant should clarify by so stating on the record, with reference to support in the specification (citing specific paragraphs and language) for the claimed subject matter in question. 
Regarding the rejections under 35 U.S.C. 102
Applicant's arguments have been fully considered but are moot in view of the new combination of prior art being cited in the current rejection. 

Specification
The disclosure is objected to because of the following informalities: 
- Fig. 3, block 302, is described by 0047 of the specification as filed. Here, the specification effectively says that a user may provide sensitive data to the user interface via a data input element to the client application, or that the user interface may provide sensitive data received from the user via a data input element to the client application.
Subsequently, Fig. 3, blocks 304-308, are described by 0048-0050 of the specification as filed. Here, the specification says that the processing device can recognize a data input element of the client application as vulnerable and, if so, assign it to the secure execution environment, so that data inputted via that data input element goes only to the secure execution environment, not to the client application in the normal execution environment.
The above two portions of the specification appear to
contradict each other: 0047 indicates that sensitive data is received by the client application in the normal execution environment, while 0048-0050 indicates that sensitive data is not received by the client application in the normal execution environment, but is received only by the secure execution environment.
	The apparent contradiction renders the disclosure as filed unclear. As the above-indicated subject matter of the specification bears on claims 7, 15, 23 and 29, the apparent contraction also casts a shadow of lack of clarity on those claims. 
Appropriate correction is required.

Examiner's Comments
Not Positively Recited
Claim 4 recites:
"wherein assigning ownership of the data input element to the secure execution environment, assigning ownership of the data input device to the secure execution environment, and assigning ownership of the display device to the secure execution environment occur in response to determining that the data input element is a vulnerable data input element"
The recitation of the not positively recited use of the claimed invention does not serve to differentiate the claims from the prior art. See In re Wilder, 166 USPQ 545 (CCPA 1970).
Intended Use/Functional Language
Claims 6, 14, 22 and 28 recite:
"generating …, wherein the client application running in the normal execution environment is configured to implement a digital payment servicer function" 
Claims 9 recites:
"wherein the processor is configured to execute processor- executable instructions to perform operations comprising:"
Claims 10-16 recite:
"wherein the processor is further configured with processor-executable instructions to perform operations further comprising:" or "wherein the processor is further configured with processor-executable instructions such that"
Claim 17 recites:
"A non-transitory processor-readable storage medium having stored thereon processor-executable instructions configured to cause a processor of a computing device to perform operations comprising:"
Claims 18-24 recite:
"wherein the stored processor-executable instructions are configured to cause a processor of a computing device to perform operations …"
As per MPEP 2114.II: 
[A]pparatus claims cover what a device is, not what a device does." Hewlett-Packard Co. v. Bausch & Lomb Inc., 909 F.2d 1464, 1469, 15 USPQ2d 1525, 1528 (Fed. Cir. 1990) (emphasis in original). A claim containing a "recitation with respect to the manner in which a claimed apparatus is intended to be employed does not differentiate the claimed apparatus from a prior art apparatus" if the prior art apparatus teaches all the structural limitations of the claim. Ex parte Masham, 2 USPQ2d 1647 (Bd. Pat. App. & Inter. 1987). 

See also MPEP 2103.I.C.:
Language that suggests or makes a feature or step optional but does not require that feature or step does not limit the scope of a claim under the broadest reasonable claim interpretation. [For example:] 
(A) statements of intended use or field of use, including statements of purpose or intended use in the preamble,  
(B) "adapted to" or "adapted for" clauses,
(C) "wherein" or "whereby" clauses,
(D) contingent limitations,
(E) printed matter, or
(F) terms with associated functional language.

Therefore, the above claim language, which is intended use/ functional language, does not limit the scope of the claim under the broadest reasonable interpretation.

Optional Language/Contingent Limitations
Claim 4 recites "wherein assigning ownership of the data input element to the secure execution environment, assigning ownership of the data input device to the secure execution environment, and assigning ownership of the display device to the secure execution environment occur in response to determining that the data input element is a vulnerable data input element." The referenced determining step (base claim 1) may result in either of two outcomes (determining that the data input element is a vulnerable data input element; determining that the data input element is not a vulnerable data input element). The operations of the wherein clause occur only if the former outcome occurs (determining that the data input element is a vulnerable data input element).
Claim 5 recites "responding to the data input signal in response to determining that the data input signal represents the user interaction with the data input element owned by the secure execution environment; and providing the data input signal to the client application running in the normal execution environment in response to determining that the data input signal does not represent the user interaction with the data input element owned by the secure execution environment." This claim language recites two mutually exclusive conditions ("in response to determining that … represents …"; "in response to determining that … does not represent …"). Accordingly, the claim does not require that both operations ("responding …"; "providing …") be performed -- indeed does not permit both operations to be performed together with a single instance of the preceding steps ("receiving, …"; "determining …"). Thus, the claim reads on prior art teaching only one of the operations ("responding …"; "providing …").
Claim 7 recites "preventing presentation of the vulnerable data input element by the client application in response to determining that the data input element is a vulnerable data input element." The referenced determining step (base claim 1) may result in either of two outcomes (determining that the data input element is a vulnerable data input element; determining that the data input element is not a vulnerable data input element). The preventing step occurs only if the former outcome occurs (determining that the data input element is a vulnerable data input element).
As per MPEP 2103.I.C.:
Language that suggests or makes a feature or step optional but does not require that feature or step does not limit the scope of a claim under the broadest reasonable claim interpretation. [For example:] 
(A) statements of intended use or field of use, including statements of purpose or intended use in the preamble,  
(B) "adapted to" or "adapted for" clauses,
(C) "wherein" or "whereby" clauses,
(D) contingent limitations,
(E) printed matter, or
(F) terms with associated functional language.

As per MPEP 2111.04.II.
The broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met. For example, assume a method claim requires step A if a first condition happens and step B if a second condition happens. If the claimed invention may be practiced without either the first or second condition happening, then neither step A or B is required by the broadest reasonable interpretation of the claim. If the claimed invention requires the first condition to occur, then the broadest reasonable interpretation of the claim requires step A. If the claimed invention requires both the first and second conditions to occur, then the broadest reasonable interpretation of the claim requires both steps A and B.


Therefore, the above claim language, which is optional/ contingent limitations, does not limit the scope of the claim under the broadest reasonable interpretation to require both method steps.

Note: In the interest of compact prosecution, prior art is cited for the aforementioned claimed subject matter that does not differentiate the claims from the prior art/does not limit the scope of the claims. See rejection under 35 U.S.C. 103 below.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”), namely, claims 25-30, are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 U.S.C. § 112 
35 USC § 112(a)
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.


Claims 1-30 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA  the inventor(s), at the time the application was filed, had possession of the claimed invention.

Lack of Written Description/Not in Specification
Claims 1, 9, 17 and 25 recite "generating a secure user interface display in a secure execution environment of the computing device in response to determining that the data input element is a vulnerable data input element." Applicant cites 0048-0049 as support for the underlined amended language. A review of 0048-0049 fails to find support for the underlined amended language. While Applicant is understood to intend that the amended claim language falls under the embodiment of Fig. 3, content of the amended claim language is not found in the specification's description of Fig. 3. Somewhat relatedly, 0050 describes assigning ownership of the data input element to a secure execution environment in response to the recited determining: 
In response to the processing device determining that the data input element is a vulnerable data input element (i.e., determination block 306 = "Yes"), the processing device may assign ownership of the data input element to a secure execution environment in block 308.

But neither 0050 nor the remainder of the specification is seen to describe generating a secure user interface display in a secure execution environment of the computing device in response to the recited determining. It is also noted that if two events are described as occurring one after the other, this in itself does not amount to a description of the two events occurring one in response to the other. 
Claims 2-8, 10-16, 18-24 and 26-30 are rejected by virtue of their dependency from a rejected claim.

Lack of Algorithm
Claims 6, 14, 22 and 28 recite "generating … a client application that is … configured to implement a digital payment servicer function," but the specification does not provide details on what this action (configuring) comprises or how it is performed.
Claims 9-24 recite that a "processor" or "processor-executable instructions" are "configured …," but the specification does not provide details on what this action (configuring) comprises or how it is performed.
Thus, with regard to the claimed subject matter indicated above, as per MPEP 2161.01.I: 
"the specification does not sufficiently describe how the function is performed or the result is achieved. … the algorithm or steps/procedure for performing the computer function are not explained at all or are not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient). In other words, the algorithm or steps/procedure taken to perform the function must be [but is not] described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed. See MPEP §§ 2163.02 and 2181, subsection IV."

See also MPEP 2163.03.V.
Claims 10-16 and 18-24 are (also) rejected by virtue of their dependency from a rejected claim.


35 USC § 112(b)
The following is a quotation of 35 U.S.C. 112(b):


(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-30 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. 

Antecedent Basis 
Claims 8, 16, 24 and 30 recite "wherein … presenting the combined display via a display device …." The relationship between the recited display device and the display device recited in the respective base claim is not clear. As best understood, the display device recited in the dependent claims refers back to the one recited in the independent claims, in which case the word "a" in this recitation of the dependent claims should be changed to "the." 
Means-Plus-Function
Claim 25 recites:
"means for generating a secure user interface display in a secure execution environment of the computing device;"
"means for generating a non-secure display in a normal execution environment of the computing device;"
"means for combining the secure user interface and the non-secure display into a combined display;"
Claim 26 recites:
"means for assigning ownership of a first data input element to the secure execution environment;"
"means for assigning ownership of the data input device to the secure execution environment;"
"means for assigning ownership of the display device to the secure execution environment,"
"wherein means for generating a secure user interface display in a secure execution environment comprises means for generating a secure user interface having the first data input element owned by the secure execution environment."
Claim 27 recites:
"means for receiving, in the secure execution environment, a data input signal representing a user interaction with a second data input element via the data input device owned by the secure execution environment;"
"means for determining whether the data input signal represents the user interaction with the first data input element owned by the secure execution environment;"
"means for responding to the data input signal in response to determining that the data input signal represents the user interaction with the first data input element owned by the secure execution environment;"
"means for providing the data input signal to a client application running in the normal execution environment in response to determining that the data input signal does not represent the user interaction with the first data input element owned by the secure execution environment."
Claim 28 recites:
"wherein: means for generating a secure user interface display in a secure execution environment comprises means for generating the secure user interface display having the first data input element owned by the secure execution environment, wherein the first data input element is for a client application that is running in the normal execution environment and configured to implement a digital payment servicer function;"
"means for generating a non-secure display in a normal execution environment comprises means for generating the non-secure display for the client application or an operating system."
Claim 29 recites:
"means for determining whether a first data input element of a client application running in a normal execution environment is a vulnerable data input element;"
Claim 30 recites:
"wherein means for presenting the combined display via a display device comprises one of: means for presenting the secure user interface display and the non-secure display adjacent to each other; means for presenting the secure user interface display overlaid over the non-secure display; or means for presenting an integrated secure user interface and non-secure display."
The above-indicated claim limitations invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed functions and/or to clearly link the structure, material, or acts to the functions. In this regard, the most pertinent portion of Applicant's specification appears to be the description of Figs. 3-6, i.e., 0046-0078. However, this portion of the specification appears to be devoid of any structure (viz., requisite algorithm) that performs the functions in the claims. At best, this portion of the specification appears to merely restate some of the functions. Therefore, the claims are indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Claims 26-30 are also rejected by virtue of their dependency from a rejected base claim.

Unclear Scope
Claims 1, 3 and 8 are inconsistent in reciting sometimes a "secure user interface display" and sometimes a "secure user interface." Both terms are understood to refer to the same thing; if so, the terminology should be consistent. The use of different terms with different meanings to refer to the same thing renders the claims unclear. Corresponding claims 9, 11, and 16; 17, 19 and 24; and 25, 26 and 30 are unclear for the same reasons. 
Claims 1, 9, 17 and 25 recite "determining whether a data input element of a user interface display of a client application running in a normal execution environment is a vulnerable data input element prior to presenting the user interface display via a display device." Since the "determining …" occurs "prior to presenting the … display via a display device," it is not clear what the data input element is that is putatively being determined as to whether it is vulnerable. That is, if at the point in time of the determining, there is no display, then there is no data input element. At this point in time, the data input element is an abstraction that may be later realized/instantiated on a display device via execution of code by a processor, or the like. Accordingly, at this point in time, no determination can be made about the data input element, because it does not exist. 
Claims 1, 9, 17 and 25 recite "determining whether a data input element of a user interface display of a client application running in a normal execution environment is a vulnerable data input element prior to presenting the user interface display via a display device." The language "prior to presenting the user interface display via a display device" is a dangling modifier. It is ambiguous as to whether it modifies the action of determining … or rather the data input element being a vulnerable data input element. As best understood, Applicant intends the former. If so, the recitation should be amended, e.g., (1) by adding a comma before "prior" or (2) by placing the language "prior to presenting the user interface display via a display device," before "determining …" (with any other changes dictated by this rearrangement). 
An essential purpose of patent examination is to fashion claims that are precise, clear, correct, and unambiguous. Only in this way can uncertainties of claim scope be removed (See In re Zletz, 893 F.2d 319,321 (Fed. Cir. 1989)).
Claims 2-8, 10-16, 18-24 and 26-30 are (also) rejected by virtue of their dependency from a rejected claim.

Claim Rejections - 35 U.S.C. § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-30 under 35 U.S.C. 103 as being unpatentable over Ninomiya et al. (U.S. Patent Application Publication No. 2016/0042201 A1), hereafter Ninomiya, in view of Zhang et al. (U.S. Patent Application Publication No. 2020/0234275 A1), hereafter Zhang.

Regarding Claims 1, 9, 17 and 25
Ninomiya teaches:
generating a secure user interface display (Fig. 1A, 29B) in a secure execution environment (Figs. 3 and 4, 41) of the computing device …; (0073; secure user interface display is generated by 115, which is part of 41)
generating a non-secure display (Fig. 1A, 29A) in a normal execution environment (Figs. 3 and 4, 21) of the computing device; (0064; non-secure user interface display is generated by 109, which is part of 21)
combining the secure user interface display and the non-secure display into a combined display; and (0075, 0078, Figs. 1A, 2A, 5A)
presenting the combined display via the display device. (0078, Figs. 1A, 2A, 5A)
(claim 9) a display device (Figs. 1A-5A); and a processor coupled to the display device and configured to execute instructions within a secure execution environment and a normal execution environment, wherein the processor is configured to execute processor-executable instructions to perform operations comprising: (Figs. 3 and 4)
(claim 17) A non-transitory processor-readable storage medium having stored thereon processor-executable instructions configured to cause a processor of a computing device to perform operations comprising: (Figs. 3 and 4)
(claim 25) a display device; (Figs. 1A-5A)
Ninomiya, e.g., 0009, 0010, 0071, 0082-0083, 0091-0092, 0106, teaches setting coordinates of specific areas -- effectively, entry fields (data input elements) -- of a touchscreen surface for secure (vulnerable) elements and non-secure elements, respectively. Accordingly, Ninomiya implicitly teaches determining the locations of vulnerable and non-vulnerable data input elements, and hence determining whether a given data input element is a vulnerable data input element. However, Ninomiya does not explicitly disclose the following limitations. Nonetheless Zhang teaches:
determining whether a data input element of a user interface display of a client application running in a normal execution environment is a vulnerable data input element prior to (e.g., 0052, 0054, 0059, 0063) presenting the user interface display via a display device; (0006-0008, 0011-0012, 0017-0018, 0044-0047, 0048-0054, 0056, 0058-0059, 0061, 0063 the operations of rendering, measurement, layout, drawing, determining location and size, identifying pixels, etc. of secure (vulnerable) and non-secure (non-vulnerable) controls (data input elements) teach determining whether a data input element is a vulnerable data input element)
… in response to determining that the data input element is a vulnerable data input element; (0006-0008, 0011-0012, 0017-0018, 0044-0047, 0048-0054, 0056, 0058-0059, 0061, 0063)
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified Ninomiya's systems and methods for user interfaces comprising both secure and non-secure input and display areas, by incorporating therein these teachings of Zhang, because Ninomiya implicitly teaches them and (at least in part) requires them to operate successfully, as explained above. In addition, the combination in question is a matter of combining prior art elements according to known methods to yield predictable results. MPEP 2143.I.A.

Regarding Claims 2, 10 and 18
Ninomiya in view of Zhang teaches base claims 1, 9 and 17. Ninomiya further teaches:
assigning ownership of the data input element to the secure execution environment; (0071 e.g., range of coordinates of 27B are assigned to 113 (of 41), 0091, 0050, 0052, 0067, 0009, 0010, 0073, 0083)
assigning ownership of a data input device to the secure execution environment; and (0073, 0083 e.g., 27, 27B are assigned to 113 (of 41) by 117 and 114, Figs. 3, 4, 5B, 113, 117, 114, 0071, 0091, 0050, 0052, 0067, 0009, 0010, 0043)
assigning ownership of the display device to the secure execution environment. (0072 e.g., 29, 29B are assigned to 115 (of 41) by 118 and 116, 0092 e.g., coordinates of 29B are set as secure display area, 0048, 0052, 0067, 0009, 0010, 0041, Figs. 3, 4, 5A, 115, 118, 116, 29)

Regarding Claims 3, 11 and 19
Ninomiya in view of Zhang teaches base claims 1, 9 and 17 and intervening claims 2, 10 and 18. Ninomiya further teaches:
wherein generating the secure user interface display in the secure execution environment comprises generating a secure user interface having the data input element owned by the secure execution environment. (0095)

Regarding Claims 4, 12 and 20
Ninomiya in view of Zhang teaches base claims 1, 9 and 17 and intervening claims 2, 10 and 18. Ninomiya further teaches:
wherein assigning ownership of the data input element to the secure execution environment, assigning ownership of the data input device to the secure execution environment, and assigning ownership of the display device to the secure execution environment occur in response to determining that the data input element is a vulnerable data input element. (0009, 0010, 0071, 0082-0083, 0091-0092, 0106, see also citations for claims 2, 3 above)

Regarding Claims 5, 13, 21 and 27
Ninomiya in view of Zhang teaches base claims 1, 9, 17 and 25 and intervening claims 2, 10, 18 and 26. Ninomiya further teaches:
(A) receiving, in the secure execution environment, a data input signal via the data input device owned by the secure execution environment; (B) determining whether the data input signal represents a user interaction with the data input element owned by the secure execution environment; (C) responding to the data input signal in response to determining that the data input signal represents the user interaction with the data input element owned by the secure execution environment; and (D) providing the data input signal to the client application running in the normal execution environment in response to determining that the data input signal does not represent the user interaction with the data input element owned by the secure execution environment. (As per Fig. 4, all touch input is sent to secure part of second processing unit 41 (A), where it is determined whether the input represents (i) user interaction with data input element owned by secure execution environment or (ii) user interaction with data input element owned by non-secure execution environment (B), and, in response to the determination, the input is directed to the appropriate input touch processing section, 113 (secure) (C) or 107 (non-secure) (D), as explained at, e.g., 0082-0084; 0064, 0073; see also citations for claims 4, above, and 6, below)

Regarding Claims 6, 14, 22 and 28
Ninomiya in view of Zhang teaches base claims 1, 9, 17 and 25 and intervening claims 2, 10, 18 and 26. Ninomiya further teaches:
wherein: generating the secure user interface display in the secure execution environment comprises generating the secure user interface display having the data input element owned by the secure execution environment, wherein the client application running in the normal execution environment is configured to implement a digital payment servicer function; and (0088-0090, 0093-0094, 0096 secure display contents, e.g., PIN pad 80 and message urging input of PIN, are in service of payment transaction performed at least in part by application involved in performing payment transaction)
generating the non-secure display in the normal execution environment comprises generating the non-secure display for the client application or an operating system. (0088-0090, 0093-0094, 0096 non-secure display contents, e.g., message urging reading operation of payment card, are in service of payment transaction performed at least in part by application involved in performing payment transaction)
Regarding Claims 7, 15, 23 and 29
Ninomiya in view of Zhang teaches base claims 1, 9, 17 and 25. Ninomiya further teaches:
preventing presentation of the vulnerable first data input element by the client application in response to determining that the first data input element is a vulnerable data input element. (0011, 0080 e.g., unauthorized PIN pad is prevented from being displayed in secure display area) 

Regarding Claims 8, 16, 24 and 30
Ninomiya in view of Zhang teaches base claims 1, 9, 17 and 25. Ninomiya further teaches:
wherein presenting the combined display via a display device comprises one of: presenting the secure user interface display and the non-secure display adjacent to each other; presenting the secure user interface display overlaid over the non-secure display; or presenting an integrated secure user interface and non-secure display. (Figs. 1A, 2A, 7A, 8A, 9A, 10A, 12A)

Regarding Claim 26
Ninomiya in view of Zhang teaches base claim 25. Ninomiya further teaches:
a data input device; (Figs. 1A-4, 5B)
means for assigning ownership of the data input element to the secure execution environment; (As per claim 2)
means for assigning ownership of the data input device to the secure execution environment; and (As per claim 2)
means for assigning ownership of the display device to the secure execution environment, (As per claim 2)
wherein means for generating the secure user interface display in the secure execution environment comprises means for generating a secure user interface having the data input element owned by the secure execution environment. (As per claim 3)


Conclusion
The prior art made of record and not relied upon, as set forth in the accompanying Notice of References Cited (PTO-892), is considered pertinent to applicant's disclosure. Among the cited references:
WO 2021/077882 A1, like applied reference Zhang, teaches, inter alia, the instant amendments to claim 1 (see p. 11; p. 12, paragraph 1 (301.); pp. 14-17, 304., 307., 308. (p. 15, last paragraph), 309., 310. (page numbers refer to pages of the PDF; "301.," etc. refer to steps of Fig. 3 and their description, see p. 11, last paragraph). Note that WO 2021/077882 A1 claims priority to Chinese patent applications filed on 10/24/2019 and 11/7/2019, both of which dates precede the filing date of the instant application (11/28/19), thus qualifying WO 2021/077882 A1 as prior art to the instant application.  
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DOUGLAS W PINSKY whose telephone number is (571)272-4131.  The examiner can normally be reached on 8:30 am - 5:30 pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Calvin Hewitt II, can be reached on 571-272-6709.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or 
access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DWP/
Examiner, Art Unit 3692 
/ERIC T WONG/Primary Examiner, Art Unit 3692