Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 4/15/2022 has been entered.

Information Disclosure Statement
The information disclosure statement (IDS) submitted is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Arguments
In an Examiner’s Amendment submitted on 6/17/2022, claims 1, 4-9, 14-17, and 19-21 are presented for examination. Claims 1, 8, and 15 are independent.
Amended claim(s): 1, 4-5, 8-9, 15, and 17.
Canceled claim(s): 2-3, 10-13, and 18.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given by Mr. Dan Stanger on 6/17/2022.  
The application has been amended as follows:

Listing of Claims:

1. (Currently Amended) A computer-implemented method, comprising:
under control of one or more processors:
detecting a partial data entry of sensitive data in an input field of a client workstation, the sensitive data being associated with a transaction initiated at the client workstation, the partial data entry of sensitive data having a first number of characters that is less than a threshold number of characters of a completed string of the sensitive data;
determining whether the partial data entry occurs within a first input field that is configured to receive sensitive data or a second input field that is configured to receive non-sensitive data;
in response to determining that the partial data entry occurs within the second input field, preventing completion of the partial data entry within the second input field;
in response to determining that the data entry occurs within the first input field, permitting completion of the partial data entry within the first input field; 
transmitting devalued data that was generated at the client workstation, the devalued data representing the sensitive data that was entered in the first input field;
extracting the sensitive data from the devalued data;
transmitting, to a tokenization server, a request for a token that represents the sensitive data extracted from the devalued data, the request including the sensitive data;
receiving the token from the tokenization server; and
transmitting the token to a gateway server.

2. (Canceled)

3. (Canceled)

4. (Currently Amended) The computer-implemented method of claim 1, wherein the token is further transmitted from the gateway server to an application server to initiate the transaction.

5. (Currently Amended) The computer-implemented method of claim 1, wherein the devalued data was received at the client workstation via a secure input device, and
wherein receiving the set of data occurs via an application server to the gateway server.

6. (Original) The computer-implemented method of claim 1, wherein the transaction corresponds to a sales transaction, and the sensitive data corresponds to a Personal Account Number (PAN) associated with a user that initiated the transaction.
	
7. (Original) The computer-implemented method of claim 1, wherein the transaction corresponds to a handling of medical data in accordance with a Health Insurance Portability and Accounting Act (HIPAA), and the sensitive data corresponds to the medical data. 

8. (Currently Amended) A secure communications server inside a secure data processing (SDP) network, the secure communications server comprising: 
one or more processors;
memory coupled to the one or more processors, the memory including one or more modules that are executable by the one or more processors to: 
receive devalued data associated with a transaction conducted at least in part at a client workstation that is outside of the SDP network, the devalued data representing sensitive data permitted for entry in a first input field on the client workstation that is configured to receive sensitive data and prevented from entry in a second input field on the client workstation that is configured to receive non-sensitive data; 
send the devalued data to a point-to-point encryption (P2PE) server; 
receive, from the P2PE server, the sensitive data that was represented in the devalued data;  
transmit, to a tokenization server, a request for a non-sensitive token that represents the sensitive data, the request including the sensitive data received from the P2PE server; 
receive, from the tokenization server, the non-sensitive token that represents the sensitive data; and 
transmit the non-sensitive token to a gateway server that is inside the SDP network, the gateway server being configured to deliver the non-sensitive token to an application server that is outside of the SDP network and associated with the client workstation.

9. (Currently Amended) The secure communications server of claim 8, wherein to transmit the non-sensitive token to the gateway server occurs via a firewall that is inside of the SDP network and configured to prevent transmission of sensitive data to the gateway server.

10.-13 (Canceled)

14. (Original) The secure communications server of claim 8 wherein the transaction corresponds to a sales transaction, and 
wherein the sensitive data corresponds to a PAN associated with a user that initiated the transaction.

15. (Currently Amended) A client workstation, comprising:
one or more processors;
memory coupled to the one or more processors, the memory including one or more modules that are executable by the one or more processors to:
detect, in any input field, a partial data entry of sensitive data that is associated with a transaction initiated at the client workstation, the partial data entry of sensitive data having a first number of characters that is less than a threshold number of characters of a completed string of the sensitive data;
determine whether the partial data entry occurs within a first input field that is configured to receive the sensitive data or a second input field that is configured to receive non-sensitive data;
in response to determining that the partial data entry occurs within the second input field, prevent completion of the partial data entry within the second input field;
in response to determining that the data entry occurs within the first input field, permit completion of the partial data entry to create a set of data; 
determine whether the set of data corresponds to devalued data of the sensitive data or the sensitive data;
in response to the set of data corresponding to the devalued data, transmit the set of data to a gateway server of a Secure Data Processing (SDP) network; and
receive, via an application server, an acknowledgement that the application server received a token that represents the sensitive data.

16. (Original) The client workstation of claim 15, wherein the client workstation is communicatively connected to a secure input device, and 
wherein the set of data is received from the secure input device, the secure input device being configured to transform the sensitive data into the devalued data prior to delivery to the client workstation.

17. (Currently Amended) The client workstation of claim 15, wherein to transmit the set of data to the gateway server occurs via the application server.
	
18. (Canceled) 

19. (Previously Presented) The client workstation of claim 15, wherein the threshold number of characters associated with the sensitive data corresponds to a number of characters of the completed string of the sensitive data.
	
20. (Original) The client workstation of claim 15, wherein the transaction corresponds to a sales transaction, and the sensitive data corresponds to a Personal Account Number (PAN) associated with a user that initiated the transaction.

21. (Previously Presented) The client workstation of claim 15, wherein the one or more modules are further executable by the one or more processors to:
determine a sensitive data character string length associated with the sensitive data, and
wherein to prevent continued entry of the initiated data entry in the second input field is based at least in part on preventing the initiated data entry from exceeding an input character length that is equal to the sensitive data character string length minus a predetermined number of characters.

Allowable Subject Matter
Claims 1, 4-9, 14-17, and 19-21 are allowed.
The following is an examiner’s statement of reasons for allowance: Independent claim limitation: “detecting a partial data entry of sensitive data in an input field of a client workstation, the sensitive data being associated with a transaction initiated at the client workstation, the partial data entry of sensitive data having a first number of characters that is less than a threshold number of characters of a completed string of the sensitive data; determining whether the partial data entry occurs within a first input field that is configured to receive sensitive data or a second input field that is configured to receive non-sensitive data" in combination with other limitations not taught by prior art taken alone or in combination.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SYED A ZAIDI/Primary Examiner, Art Unit 2432