Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of the Application
	Claims 1, 4, 8-9, 11-12, 15, 18, 21-24, and 26 have been examined in this application.
	The filling date of this application number recited above is September 21, 2018. Foreign priority has been claimed for foreign application number CN201610166688.X in the Application Data Sheet, therefore the examination will be undertaken in consideration of March 22, 2016, as the priority date, for applicable claims.
No additional information disclosure statement (IDS) has been filed to date.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 8-9, 12, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Wurster et al. (U.S. 2014/0254466) in view of Norton (U.S. 2017/ 0272245) in view of Palanisamy (U.S. 2015/0312038) and in view of Cronin et al. (W.O. 2016/102408 A1).

As per Claims 1 and 15, Wurster teaches a computer-implemented method, comprising:
… using a cryptography library of the wearable device to generate, by the wearable device, a user key based on information associated with a wireless module of the wearable device, wherein the user key is randomly generated ([0143] “For example, the wireless identity transmitter may perform a pseudo-random function to generate encoded data based on input values of the wireless identity transmitter's device ID, a nonce or counter value, and a secret key, seed, or other value known only to the wireless identity transmitter and the central server. In some embodiments, the pseudo-random function may be a polynomial time computable function that may utilize a randomly selected seed value only known to the wireless identity transmitter and the central server, such that the pseudo-random function may be computationally indistinguishable from a random function defined on the same domain with output to the same range as the pseudo-random function. In some embodiments, the keyed--hash Message Authentication Code (HMAC) or the cipher--based Message authentication Code (CMAC) may be used as the pseudo-random function” and also disclosed [0096] “For example, this data field 338 may include a nonce (e.g., a timer, nonce, or counter) and an obscured "blob" generated using the nonce, a key known only to the wireless identity transmitter and the central server” by which the pseudo-random number generator may be a cryptography library, as disclosed [0168] “For example, the wireless identity transmitter and the central server may each have a cryptographically secure pseudo-random number generator algorithm that is used to generate identifiers on a common time scale”, and the term ‘nonce’, as one of ordinary skilled in the art would understand, is an arbitrary number used in cryptographic communication. The wireless transmitter is part of a wearable device, as disclosed [0041] “Some of these systems involve the development of a wearable device that communicates data to a server” and [0062] “For example, wireless identity transmitters may be easily hidden or incorporated into many different personal objects, such as buttons, watches, shoes, briefcases, backpacks, ID badges, clothing, product packaging, etc.”); and
transmitting, by the wearable device, to the mobile device, the user key (See Figure 10 – steps 1013 and 1014 which the wireless identity transmitter transmits the message to the user’s mobile device, as disclosed [0143] “In block 1013, the wireless identity transmitter may broadcast a message (i.e., a broadcast message) that includes an encoded (or rolling) identifier” and [0146] “In block 1014, the user's mobile device may receive the broadcast message”).

Wurster may not explicitly disclose, but Norton teaches:
receiving, at a wearable device, from a mobile device in communication with the wearable device, an authorization request (See Figure 2 – steps 164 and 168, as disclosed [0025] “The mobile user 104 enters 156 the device identifier D into the mobile device 148, and the mobile device 148 enters 160 into a pairing mode. In this mode, the mobile device 148 requests 164 that the mobile user 104 enter an input into the wearable device 144 to initiate a pairing request with the mobile device 148. As noted above, the wearable device 144 may have a button, and the mobile user 104 satisfies the request 164 by pressing and holding 168 the button on the wearable device 144”. See also [0008] “The combination of the mobile device and the wearable device that receives authorization input from a mobile user can be used to perform various operations in the present invention. For instance, the mobile user may press and hold a button on the wearable device to authorize the pairing of the wearable device and the mobile device”);
in response to receiving the authorization request, using a cryptography library of the wearable device to generate, by the wearable device, a user key based on information associated with a wireless module of the wearable device … (See Figure 2 – steps 172 and 184, as disclosed [0026] “While the mobile user 104 holds the button, the wearable device 144 sends 172 a pairing request to the mobile device 148, and the mobile device 148 returns 176 the device identifier D to the wearable device 144. Then, the wearable device 144 verifies 180 that the device identifier D received from the mobile device 148 matches the device identifier D of the wearable device 144. Next, the wearable device 144 exchanges 184 an encryption key with the mobile device 148 to secure future communication between the two devices 144, 148”. See also [0031] “Next, the mobile device 148 initializes 220 the wearable device 144 by sending the wearable device 144 the account identifier A, the email address E, and the secret key S. The wearable device 144 turns on 224 a light, and the mobile user 104 authorizes 228 the initialization by pressing a button on the wearable device 144 which turns off the light on the wearable device 144. Then, the wearable device 144 generates 232 a new private key k and corresponding public key K that can be used to verify data or messages that have been notarized” and with respect to using a cryptography library of the wearable device, see [0037] “Once logged into the mobile device 148, the mobile user 104 can perform a variety of cryptographic functions using the wearable device 144 to regenerate the private key”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize the process of paring the wearable device with the mobile device (e.g. authorization request) and the wearable device generating a user key in response to the pairing request as in Norton in the system executing the method of Wurster, by which the system in Wurster teaches of generating a user key using cryptography library and also utilizes pseudo-random number generator and transmitting the message to the mobile device, and Norton teaches of generating such user key in response to an authorization request (e.g. pairing request) between the wearable device and the mobile device, with the motivation of offering to [0002] and [0007] “improve the security of public key cryptography” as taught by Norton over that of Wurster.

Wurster may not explicitly disclose, but Palanisamy teaches:
receiving, by the wearable device, from the mobile device, a payment token, wherein the payment token is generated by a payment server based on the user key (See Figure 5 – steps 552 to 558, as disclosed [0070] “The application may request the user to enter user authentication data that was previously registered with token request computer 504. Communication device 520 may then send a token request 552 to token request computer 504. Token request 552 may include the user authentication data received by the application as well as information about the nature of the token or sensitive information being requested” and also [0071] “In addition to the information received in token request 552, token request 554 may also include the requestor ID of the token requestor” which the data sent along with the token request (e.g. user key) is used for generating the token by the token server in steps 554 and 556, as disclosed in [0072] “Token server 502 may then generate or otherwise retrieve the requested token and encrypt the token using the generated session key”, which the generated token may be transmitted from the token request computer 504 to communication device 520 at step 558, as disclosed [0073] “Token request computer 504 may then send the encrypted token or sensitive information with the encrypted session key to communication device 520 in response 558”. See [0019] discloses that the communication device may be “wearable computing device” and [0033] discloses that a token requestor may be a “device that is configured to perform actions associated with tokens”, which can be a mobile device to perform the process), and 
wherein the payment token comprises:
a user token identifying a payment account ([0030] “"Token attributes" may include any feature or information about a token … For example, token attributes may determine how a token may be used in place of a real account identifier (e.g., PAN) for a transaction … For example, token attributes may include a wallet identifier associated with the token, an additional account alias or other user identifier (e.g., an email address, username, etc.)”), and 
a device token corresponding to the information associated with the wireless module of the wearable device ([0030] “For example, token attributes may include … a device identifier”. See Examiner’s Note below for further discussion);
encrypting the payment token, to obtain an encrypted payment token ([0042] “In some embodiments, the sensitive information or token issued by token server 102 can be encrypted by token server 102 to prevent the sensitive information or token form being stored in the clear. For example, the token issued by token server 102 in response to a token request can be encrypted with a session key generated by token server 102”);
storing the encrypted payment token in a secure memory area of the wearable device ([0017] “To protect the token or sensitive information outside the confines of a secure element, embodiments of the present invention stores the token or sensitive information in an encrypted form on the communication device” and see also [0042] “the encrypted token and the session key can be provided to application provider 104, which in turns encrypt the session key before providing the session key to communication device 120. In this manner, both the token and the session key that is used to encrypt the token can be stored securely in an encrypted form on communication device 120 without having to rely on protection by a secure element” wherein the communication device includes a sensitive information data store 216 of Memory 202 as shown in Figure 2); 
receiving, by the wearable device, a predetermined instruction of the user ([0017] “The token or sensitive information can be decrypted at runtime when used by an application installed on the communication device” and [0048] “For example, when application 212 accesses sensitive information data store 216 to retrieve and use the sensitive information or token stored therein (e.g., to conduct a transaction)”, which discloses of receiving predetermined instructions (e.g. runtime of the application, conducting a transaction, etc.), by which the predetermined instructions to initiate the transaction may be tapping or waving as disclosed in [0098]);
in response to the predetermined instructions, reading, by a payment process of the wearable device, the encrypted payment token from the secure memory area ([0017] “The token or sensitive information can be decrypted at runtime when used by an application installed on the communication device” and [0048] “For example, when application 212 accesses sensitive information data store 216 to retrieve and use the sensitive information or token stored therein (e.g., to conduct a transaction), application 216 may invoke cryptography module 214 to decrypt the session key that is used to encrypt the stored sensitive information or token, and then decrypt the sensitive information or token using the decrypted session key” and [0078] “at block 708, the decrypted session key can be used to decrypt the token or sensitive information retrieved from memory” which teaches that in order to decrypt the encrypted token, the process would first require to read the stored encrypted token retrieved from memory);
decrypting, by the payment process, the encrypted payment token to obtain the payment token ([0048] “For example, when application 212 accesses sensitive information data store 216 to retrieve and use the sensitive information or token stored therein (e.g., to conduct a transaction), application 216 may invoke cryptography module 214 to decrypt the session key that is used to encrypt the stored sensitive information or token, and then decrypt the sensitive information or token using the decrypted session key. The decrypted sensitive information or token can then be used by application 212” and see also [0078] “Once the decrypted session key is obtained, at block 708, the decrypted session key can be used to decrypt the token or sensitive information retrieved from memory”); and
transmitting, by the wearable device, to a merchant device terminal, the payment token through a local wireless connection of the wireless module (See Figure 8 – step 885, as disclosed [0098] “In step 885, communication device 820 may interact with merchant 840 to initiate a transaction and to provide merchant 840 with the token to conduct the transaction. For example, the user may wave communication device 820 in the vicinity of a contactless reader of an access device associated with merchant 840 to transfer the token to merchant 840. Alternatively, a consumer may tap or otherwise make contact with an access device to pass the token and other transaction information to initiate a transaction.” wherein [0019] discloses that the communication device may be “wearable computing device” and [0082] discloses that the access device may be a “point of sale terminal”), 
wherein the payment token is sent from the merchant device terminal to the payment server for verification (See Figure 8 – steps 886 to 888, as disclosed [0099] “In step 886, merchant 840 may generate an authorization request message including the token, and send the authorization request message to acquirer 850 to request authorization for the transaction initiated by the user” which the authorization request message including the token is sent by the merchant and/or the acquirer to the transaction processing network 860 for verification, as disclosed [0089] “For example, merchant 840 and/or acquirer 850 may receive a token in the traditional PAN field of authorization request message and may forward the authorization request message to transaction processing network 860 for processing).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize interactions between mobile device, wearable device, and merchant device to send and receive payment token as in Palanisamy in the system executing the method of Wurster with the motivation of offering to [0002-0004] enhance the security of storing sensitive information or token on a communication device as taught by Palanisamy over that of Wurster.
Examiner’s Note: The claim language states that the device token “corresponds to information associated with the wireless module of the wearable device”, and under broadest reasonable interpretation, it would be obvious to one of ordinary skilled in the art that a device identifier corresponds to information associated with a wireless module (e.g. a device ID would “correspond” to a Bluetooth address, Wi-Fi information, hotspot information, or any type of wireless communication of the device, by which the device identifier is information “associated” with the wireless module), therefore Palanisamy [0030] disclosing that the token attribute including the device identifier teaches the limitation.

Wurster may not explicitly disclose, but Cronin teaches:
wherein service content is received at the merchant device terminal from the payment server after a successful verification (See Figure 7 – step 735, as disclosed (Page 19 Line 8) “Next the merchant displays a token offer on a point of sale terminal 735” and also (Page 12 Lines 17-19) “For example, tokens may be delivered by printing a physical token (e.g., via a printer of the POS device), displaying the token to the user (e.g., via a display device of the POS device, with or without a touchscreen)”, by which the merchant device receives the token after verification steps 705-730, such as verifying that the token-rule criteria is met from the sensor data, as disclosed (Page 19 Lines 4-8) “The method 700 extracts sensor data 720 (e.g., 1735 steps), compares the sensor data (e.g., number of steps walked) to the token-rule criteria (e.g., 1600 steps) in step 725, and determines that a token may be offered as the sensor data indicates that the token-rule criteria is met (e.g., the individual walked more than 1600 steps) in step 730”. The token server 140 may perform the verification process and transmit the token to the merchant device, as disclosed (Page 11 Lines 12-16) “For example, the token server 140 may receive sensor data in association with a merchant, user or device from a requesting device such as the wearable device 110, merchant device 120, or user device 130; evaluate token-rules to identify one or more tokens for delivery; and transmit the identified tokens to a receiving device such as the wearable device 110, merchant device 120, or user device 130”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize interactions between mobile device, wearable device, and merchant device to send and receive service content as in Cronin in the system executing the method of Wurster with the motivation of offering to (Page 1 Lines 29-32) provide improved architecture for enabling merchant devices to obtain and make use of physiological data obtain by a customer’s wearable device for providing a token offer to a user as taught by Cronin over that of Wurster.

As per Claim 8, Wurster teaches a non-transitory, computer-readable medium storing one or more instructions that, when executed by a computer system of a wearable device, cause the computer system to perform operations comprising:
using a cryptography library of the wearable device to generate, by the wearable device, a user key based on a local network connection address of the wearable device and based on a device model of the wearable device, wherein the user key is randomly generated ([0143] “For example, the wireless identity transmitter may perform a pseudo-random function to generate encoded data based on input values of the wireless identity transmitter's device ID, a nonce or counter value, and a secret key, seed, or other value known only to the wireless identity transmitter and the central server. In some embodiments, the pseudo-random function may be a polynomial time computable function that may utilize a randomly selected seed value only known to the wireless identity transmitter and the central server, such that the pseudo-random function may be computationally indistinguishable from a random function defined on the same domain with output to the same range as the pseudo-random function. In some embodiments, the keyed--hash Message Authentication Code (HMAC) or the cipher--based Message authentication Code (CMAC) may be used as the pseudo-random function” and also disclosed [0096] “For example, this data field 338 may include a nonce (e.g., a timer, nonce, or counter) and an obscured "blob" generated using the nonce, a key known only to the wireless identity transmitter and the central server” by which the pseudo-random number generator may be a cryptography library, as disclosed [0168] “For example, the wireless identity transmitter and the central server may each have a cryptographically secure pseudo-random number generator algorithm that is used to generate identifiers on a common time scale”, and the term ‘nonce’, as one of ordinary skilled in the art would understand, is an arbitrary number used in cryptographic communication. The wireless transmitter is part of a wearable device, as disclosed [0041] “Some of these systems involve the development of a wearable device that communicates data to a server” and [0062] “For example, wireless identity transmitters may be easily hidden or incorporated into many different personal objects, such as buttons, watches, shoes, briefcases, backpacks, ID badges, clothing, product packaging, etc.”); and
transmitting, by the wearable device, to a mobile device, the user key (See Figure 10 – steps 1013 and 1014 which the wireless identity transmitter transmits the message to the user’s mobile device, as disclosed [0143] “In block 1013, the wireless identity transmitter may broadcast a message (i.e., a broadcast message) that includes an encoded (or rolling) identifier” and [0146] “In block 1014, the user's mobile device may receive the broadcast message”).

Wurster may not explicitly disclose, but Norton teaches:
using a cryptography library of the wearable device to generate, by the wearable device, a user key based on a local network connection address of the wearable device and based on a device model of the wearable device … (See Figure 2, as disclosed [0026] “Then, the wearable device 144 verifies 180 that the device identifier D received from the mobile device 148 matches the device identifier D of the wearable device 144. Next, the wearable device 144 exchanges 184 an encryption key with the mobile device 148 to secure future communication between the two devices 144, 148, and the mobile device 148 returns 188 a confirmation of the encryption key exchange with the wearable device 144. The encryption key can be used to establish a secure communication protocol between the devices 144, 148, including, but not limited to, Bluetooth 4, and near field communications (NFC) with transport layer security (TLS) 1.2 or greater” which teaches of generating the encryption key based on verifying the device identifier D of the wearable device, wherein the encryption key being used to establish a communication (e.g. Bluetooth, NFC, etc.) between the wearable device and the mobile device is obvious that the key would require a local network connection address of the wearable device. See also Figure 3, as disclosed [0031] “Then, the wearable device 144 generates 232 a new private key k and corresponding public key K that can be used to verify data or messages that have been notarized” and with respect to using a cryptography library of the wearable device, see [0037] “Once logged into the mobile device 148, the mobile user 104 can perform a variety of cryptographic functions using the wearable device 144 to regenerate the private key”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize the process of paring the wearable device with the mobile device and the wearable device generating a user key based on the device model of the wearable device to establish communications (e.g. Bluetooth, NFC, etc.) as in Norton in the system executing the method of Wurster, by which the system in Wurster teaches of generating a user key using cryptography library and also utilizes pseudo-random number generator and transmitting the message to the mobile device, and Norton teaches of generating such user key in response to the pairing request between the wearable device and the mobile device, with the motivation of offering to [0002] and [0007] “improve the security of public key cryptography” as taught by Norton over that of Wurster.

Wurster may not explicitly disclose, but Palanisamy teaches:
receiving, by the wearable device, from the mobile device, a payment token, wherein the payment token is generated by a payment server based on the user key (See Figure 5 – steps 552 to 558, as disclosed [0070] “The application may request the user to enter user authentication data that was previously registered with token request computer 504. Communication device 520 may then send a token request 552 to token request computer 504. Token request 552 may include the user authentication data received by the application as well as information about the nature of the token or sensitive information being requested” and also [0071] “In addition to the information received in token request 552, token request 554 may also include the requestor ID of the token requestor” which the data sent along with the token request (e.g. user key) is used for generating the token by the token server in steps 554 and 556, as disclosed in [0072] “Token server 502 may then generate or otherwise retrieve the requested token and encrypt the token using the generated session key”, which the generated token may be transmitted from the token request computer 504 to communication device 520 at step 558, as disclosed [0073] “Token request computer 504 may then send the encrypted token or sensitive information with the encrypted session key to communication device 520 in response 558”. See [0019] discloses that the communication device may be “wearable computing device” and [0033] discloses that a token requestor may be a “device that is configured to perform actions associated with tokens”, which can be a mobile device to perform the process), and 
wherein the payment token comprises:
a user token corresponding to a user account ([0030] “"Token attributes" may include any feature or information about a token … For example, token attributes may determine how a token may be used in place of a real account identifier (e.g., PAN) for a transaction … For example, token attributes may include a wallet identifier associated with the token, an additional account alias or other user identifier (e.g., an email address, username, etc.)”), and 
a device token corresponding to information associated with a wireless module of the wearable device ([0030] “For example, token attributes may include … a device identifier”. See Examiner’s Note below for further discussion);
storing the payment token on the wearable device (See Figure 5 – step 558, as disclosed [0073] “Token request computer 504 may then send the encrypted token or sensitive information with the encrypted session key to communication device 520 in response 558” by which the received token is stored, as disclosed [0074] “The application on communication device 520 requesting the token or sensitive information may then store the encrypted token or sensitive information and the encrypted session key on communication device 520 for subsequent use”); and
transmitting, by the wearable device, to a merchant device terminal, the payment token through a local wireless connection of the wireless module (See Figure 8 – step 885, as disclosed [0098] “In step 885, communication device 820 may interact with merchant 840 to initiate a transaction and to provide merchant 840 with the token to conduct the transaction. For example, the user may wave communication device 820 in the vicinity of a contactless reader of an access device associated with merchant 840 to transfer the token to merchant 840. Alternatively, a consumer may tap or otherwise make contact with an access device to pass the token and other transaction information to initiate a transaction.” wherein [0019] discloses that the communication device may be “wearable computing device” and [0082] discloses that the access device may be a “point of sale terminal”), 
wherein the payment token is sent from the merchant device terminal to the payment server for verification (See Figure 8 – steps 886 to 888, as disclosed [0099] “In step 886, merchant 840 may generate an authorization request message including the token, and send the authorization request message to acquirer 850 to request authorization for the transaction initiated by the user” which the authorization request message including the token is sent by the merchant and/or the acquirer to the transaction processing network 860 for verification, as disclosed [0089] “For example, merchant 840 and/or acquirer 850 may receive a token in the traditional PAN field of authorization request message and may forward the authorization request message to transaction processing network 860 for processing).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize interactions between mobile device, wearable device, and merchant device to send and receive payment token as in Palanisamy in the system executing the method of Wurster with the motivation of offering to [0002-0004] enhance the security of storing sensitive information or token on a communication device as taught by Palanisamy over that of Wurster.
Examiner’s Note: The claim language states that the device token “corresponds to information associated with the wireless module of the wearable device”, and under broadest reasonable interpretation, it would be obvious to one of ordinary skilled in the art that a device identifier corresponds to information associated with a wireless module (e.g. a device ID would “correspond” to a Bluetooth address, Wi-Fi information, hotspot information, or any type of wireless communication of the device, by which the device identifier is information “associated” with the wireless module), therefore Palanisamy [0030] disclosing that the token attribute including the device identifier teaches the limitation.

Wurster may not explicitly disclose, but Cronin teaches:
wherein service content is received at the merchant device terminal from the payment server after a successful verification (See Figure 7 – step 735, as disclosed (Page 19 Line 8) “Next the merchant displays a token offer on a point of sale terminal 735” and also (Page 12 Lines 17-19) “For example, tokens may be delivered by printing a physical token (e.g., via a printer of the POS device), displaying the token to the user (e.g., via a display device of the POS device, with or without a touchscreen)”, by which the merchant device receives the token after verification steps 705-730, such as verifying that the token-rule criteria is met from the sensor data, as disclosed (Page 19 Lines 4-8) “The method 700 extracts sensor data 720 (e.g., 1735 steps), compares the sensor data (e.g., number of steps walked) to the token-rule criteria (e.g., 1600 steps) in step 725, and determines that a token may be offered as the sensor data indicates that the token-rule criteria is met (e.g., the individual walked more than 1600 steps) in step 730”. The token server 140 may perform the verification process and transmit the token to the merchant device, as disclosed (Page 11 Lines 12-16) “For example, the token server 140 may receive sensor data in association with a merchant, user or device from a requesting device such as the wearable device 110, merchant device 120, or user device 130; evaluate token-rules to identify one or more tokens for delivery; and transmit the identified tokens to a receiving device such as the wearable device 110, merchant device 120, or user device 130”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize interactions between mobile device, wearable device, and merchant device to send and receive service content as in Cronin in the system executing the method of Wurster with the motivation of offering to (Page 1 Lines 29-32) provide improved architecture for enabling merchant devices to obtain and make use of physiological data obtain by a customer’s wearable device for providing a token offer to a user as taught by Cronin over that of Wurster.

As per Claim 9, Wurster may not explicitly disclose, but Palanisamy discloses the non-transitory, computer-readable medium of claim 8, wherein the payment token is sent from the wearable device to the merchant device terminal based on a predetermined instruction of a user ([0081] " Communication device 820 can be operated by a consumer to initiate a transaction with a merchant by interacting with an access device (not shown) such as a point-of-sale (POS) terminal associate with the merchant  … communication device 820 may be capable of communicating with an access device using a short range communication technology such as NFC. For example, the user may interact with the access device by tapping or waving communication device 820 in proximity of the access device" by which ‘tapping’ or ‘waving’ is a predetermined instruction).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize sending payment token by tapping or waving as in Palanisamy in the system executing the method of Wurster with the motivation of offering to [0002-0004] enhance the security of storing sensitive information or token on a communication device as taught by Palanisamy over that of Wurster.

As per Claim 12, Wurster may not explicitly disclose, but Palanisamy discloses the non-transitory, computer-readable medium of claim 8, wherein the operations comprise encrypting the payment token for storage on the wearable device ([0072] “Token server 502 may then generate or otherwise retrieve the requested token and encrypt the token using the generated session key. For example, token server 502 may encrypt the token using an AES-256 algorithm or other suitable encryption algorithm”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize encrypting the token as in Palanisamy in the system executing the method of Wurster with the motivation of offering to [0002-0004] enhance the security of storing sensitive information or token on a communication device as taught by Palanisamy over that of Wurster.

Claims 4, 11, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Wurster in view of Norton, in view of Palanisamy, in view of Cronin, in further view of Ding et al. (U.S. 2016/0092668).

As per Claims 4, 11, and 18, Wurster may not explicitly disclose, but Ding discloses the computer-implemented method of claim 1, the non-transitory, computer-readable medium of claim 8, and the computer-implemented system of claim 15, comprising binding the mobile device to the wearable device, wherein binding the mobile device to the wearable device comprises:
scanning, by a payment application on the mobile device, the wearable device to establish a, connection between the mobile device and the wearable device ([0077] "The mobile terminal may scan the two-dimensional identification code of the wearable device, and display the identification of the wearable device in the area on the interface of the mobile terminal" wherein [0031] "The wearable device 120 may communicate with the mobile terminal 140 through a wireless communication connection");
generating, at the payment application, prompt information to prompt the user to perform a determination operation on the wearable device ([0077] "The user may be prompted that the wearable device is binding in a prompt box on the interface of the mobile terminal");
receiving, at the payment application, verification information associated with the user ([0077] "The mobile terminal may send the identification of the wearable device and a device identification of the mobile terminal to the server, which may establish the binding relationship between the wearable device and the mobile terminal based on the identification of the wearable device and the device identification of the mobile terminal"); and
enabling, at the payment application, a payment procedure to bind the wearable device to the mobile device ([0077] "… which may establish the binding relationship between the wearable device and the mobile terminal based on the identification of the wearable device and the device identification of the mobile terminal ").
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize binding procedure between the mobile device and the wearable device as in Ding in the system executing the method of Wurster with the motivation of offering to solve [0043] “the technical problem of receiving a dynamic authorization code in a form of a short message and further complex steps of operation, which could result in a possible leakage of information” as taught by Ding over that of Wurster.

Claims 21-23 are rejected under 35 U.S.C. 103 as being unpatentable over Wurster in view of Norton in view of Palanisamy in view of Cronin, in further view of Michael deAgonia (“How does Apple Pay work on the Apple Watch?”, 13-March-2015), hereinafter deAgonia.

As per Claims 21-23, Wurster may not explicitly disclose, but deAgonia discloses the computer-implemented method of claim 1, the non-transitory, computer-readable medium of claim 8, and the computer-implemented system of claim 15, wherein the payment token corresponds to a one-time authorization that is permanently valid ((Pages 5-6) “… you have to add your cards again, even if you already have them on your iPhone. The reason is security; ... The app allows you to add cards to Passbook and Apple Pay. As on the iPhone, cards on the Watch are verified by the bank and then issued an encrypted ID number, which is then stored in the Watch's Security Element chip” corresponds to a one-time authorization and (Page 6) “After it's pre-configured, the Watch can be used anywhere Apple Pay is supported. To make a payment, simply press the side button beneath the Digital Crown twice, and hold your wrist up to a payment terminal” corresponds to a permanently valid payment token).
It would have been obvious to one of ordinary skill in the art at the time of the invention to have the payment token correspond to a one-time authorization that is permanently valid as in deAgonia in the system executing the method of Wurster with the motivation of offering to provide secure, private, and speedy mobile transactions as taught by deAgonia over that of Wurster.

Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Wurster in view of Norton in view of Palanisamy in view of Cronin, in further view of Hanson et al. (U.S. 2015/0294303).

As per Claim 24, Wurster discloses the computer-implemented method of claim 1, wherein the user key is generated by the wearable device by a process of a payment platform ([0143] “For example, the wireless identity transmitter may perform a pseudo-random function to generate encoded data based on input values of the wireless identity transmitter's device ID, a nonce or counter value, and a secret key, seed, or other value known only to the wireless identity transmitter and the central server. In some embodiments, the pseudo-random function may be a polynomial time computable function that may utilize a randomly selected seed value only known to the wireless identity transmitter and the central server, such that the pseudo-random function may be computationally indistinguishable from a random function defined on the same domain with output to the same range as the pseudo-random function. In some embodiments, the keyed--hash Message Authentication Code (HMAC) or the cipher--based Message authentication Code (CMAC) may be used as the pseudo-random function” and also disclosed [0096] “For example, this data field 338 may include a nonce (e.g., a timer, nonce, or counter) and an obscured "blob" generated using the nonce, a key known only to the wireless identity transmitter and the central server”), and
wherein the payment server is a server of the payment platform (See Figure 9 displaying the central server)

Wurster may not explicitly disclose, but Hanson discloses:
wherein the user key is received at the mobile device by an application of the payment platform ([0038] “The processing device is configured for receiving a communication from a second apparatus (e.g., … a smart phone payment application or operating system …) requesting payment information for completion of the transaction. The processing device reads account information from the memory device and communicates payment information to the second apparatus” and [0042] “The readable indicia 9 may be directly associated with a financial account associated with the customer so that upon scanning or reading of the readable indicia 9, information associated with the associated financial account is retrieved by, received by, transmitted to … other payment collection device (e.g., an online payment application on a smart phone)” see also [0013], [0028], and Figure 2B disclosing application on the mobile terminal in communication with the wearable article).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize mobile device receiving readable indicia, which is associated with a financial account, as in Hanson in the system executing the method of Wurster, with the motivation of offering to [0001] “support multiple users that can be utilized as a payment vehicle” as taught by Hanson over that of Wurster.

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Wurster in view of Norton in view of Palanisamy in view of Cronin, in further view of Douglas (U.S. 2018/0204211).
As per Claim 26, Wurster may not explicitly disclose, but Douglas discloses the computer-implemented method of claim 1, comprising: using a payment application on the mobile device to associate the wearable device with a payment account of a user (See Figures 7 and 8 which associates the token of the wearable device to a financial account of the user by interacting with the mobile device, as disclosed [0066] “Wearable device issuer server 130 may also receive user personal information from the user device 120 via the provided interface (step 708). For example, wearable device issuer server 130 may receive personal information including, but not limited to, user 115′s name, address, social security number, phone numbers, financial account numbers, access credentials to one or more financial accounts, and the like. For example, user 115 may operate user device 120 to provide wearable device issuer server 130 with an indication as to which financial accounts user 115 would like to associate with the one or more tokens identified in step 706” and also [0068] “At step 802, token vault operator server 150 may associate financial account information with a token. For example, in response to receiving financial account information associated with an token identified in step 712, token vault operator server 150 may associated the received financial account information with the identified token by, for example, by inserting the received financial account information in the field 401B corresponding to the identified token stored in field 401A”. With respect to the mobile application, see [0041] “User device 120 may be a mobile device that executes mobile device applications and/or mobile device communication software that allows user device 120 to communicate with components over network 170, and generates and displays content in interfaces via a display device included in user device 120. The disclosed embodiments are not limited to any particular configuration of user device 120. For instance, user device 120 may be a mobile device that stores and executes mobile applications that provide token vault functions offered by token vault operator server 150 and/or financial service-related functions offered by FSP server 140”).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize a payment application on a mobile device of Douglas in the system executing the method of Wurster with the motivation of offering convenience of using wearable devices in payments which are popular forms of payments and connect with a specific account to increase the efficiency of the payment system [0002-0005] as taught by Douglas over that of Wurster.
Response to Arguments
Applicant’s arguments, see pages 8 to 9, filed 29 March 2022, with respect to 35 U.S.C. 103 rejections have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY H JUNG whose telephone number is (571)270-5018.  The examiner can normally be reached on Mon - Fri 8:30 - 4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christine M Behncke can be reached on 571-272-8103.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/H.H.J./           Examiner, Art Unit 3697                                                                                                                                                                                            
	
	/CHRISTINE M BEHNCKE/           Supervisory Patent Examiner, Art Unit 3697