DETAILED ACTION

The following FINAL Office action is in response to Amendment filed on April 11, 2022 for application 16680320
	
Acknowledgements

Claims 1-18 are pending.
Claims 1-18 have been examined.


Notice of Pre-AIA  or AIA  Status

The present application, filed on or after December 13, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Arguments

In response to Applicant’s arguments under 35 USC 101, Applicant argues that the claims are not directed to an abstract idea and are thus directed to patent eligible subject matter at step one of Alice and are patent eligible because they integrate any alleged judicial exception into a practical application. More specifically, the claims provide "an improvement in an authentication process" to authenticate a transaction. Applicant also argues that Claims 1-18 Are Patent Eligible Under USPTO Step 2B because they recite a combination of elements that is significantly more than an abstract idea.
Examiner respectfully disagrees as the pending claims 1-18 still recite authenticating a transaction. Examiner analyzed the individual limitations and placed them within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test, mainly classified under “fundamental economic principles or practices”, specifically “mitigating risk” as part of a transaction. The pending claims involve steps for performing analysis on a set of secret data to verify a customer as part of a transaction in order to add a layer of security and prevent fraud. Accordingly, the claim recites an abstract idea. Also, the judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test, the additional elements of the claims such as the use of a non-transitory, computer-readable medium storing instructions that, when executed by a processor of a mobile device and an issuer system merely use a processor of a mobile device and issuer system as a tool to perform an abstract idea and/or generally link the use of a judicial exception to a particular technological environment. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a processor of a mobile device and issuer system to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Hence, the pending claims are not patent eligible. 
In response to Applicant’s arguments under 35 USC 103, Applicant argues that the cited references Nam and Goldthwaite alone or in combination-fail to teach or suggest all claimed features of independent Claims 1 and 12. Specifically, Applicant argues that Nam fails to disclose at least communicating with the smart card to compare the authentication factor with a stored authentication factor stored on the smart card; based on a comparison of the received authentication factor and the stored authentication factor, creating instructions indicating whether the requested transaction is verified by the customer; and outputting for transmission the instructions to the issuer system as recited by independent Claim 1. Examiner respectfully disagrees as the pending claim language is being disclosed in Nam via a process of providing the
mobile account inquiry service by interaction between the IC card and the mobile communication system and the banking server. In an account inquiry service, the banking application activates an input screen of the PIN information in the display window of the mobile communication system in response to an input signal of the key. Once the PIN information is inputted by a user, a PIN authentication is completed by comparing of the inputted PIN information with the read-out PIN information. Once the PIN information is matched with the stored PIN information, then a login is completed to the IC card. As a result, the account application outputs financial accounts of
the user stored in the IC card to the display window of the mobile communication system. It is analogous to the claim as account application has to send some kind of signal or instruction to output financial account of the user to the display window. Applicant further argues that neither Nam nor Goldthwaite teach or suggest at least "transmitting a verification request to a mobile device associated with the customer, the verification request comprising: a prompt for a card application installed on the mobile device to communicate with the smart card to receive an authentication factor associated with the smart card”. Examiner respectfully disagrees as the “transmitting a verification request …” step in Claim 12 is mirroring the first “receiving…” step of Claim 1 which is taught by Goldthwaite in paragraphs [¶0042], [¶0043] and [¶0046]. Goldthwaite discloses in paragraphs [¶0042] and [¶0043] that the financial institution server communicates directly with the mobile phone via an sms carrier in order to receive authorization of the payment by the customer and authentication of the cardholder's identity and verification of the presence of the payment card. The authentication client application in the mobile device receives an SMS message with purchase order information and payment request from the authentication
server of the financial institution, requests authorization from the customer and receives
the customer's entry with the authorization result disclosed in paragraph [0046]. The SMS message is being considered as the prompt to receive an authentication factor associated with the smart card in which case the customer enters the personal identification number. Also, the authentication client application of the mobile device provides a user interface to the mobile phone user, i.e., customer, and manages the interactions between the mobile phone and the payment cards. Hence, Goldthwaite is sufficient to disclose the "transmitting a verification request to a mobile device associated with the customer, the verification request comprising: a prompt for a card application installed on the mobile device to communicate with the smart card to receive an authentication factor associated with the smart card” of Claim 12.

Claim Rejections - 35 USC § 101

      35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


  Claims 1-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
In the instant case, claims 1-11 are directed to a non-transitory computer-readable medium and claims 12-18 are directed to a method. Therefore, these claims fall within the four statutory categories of invention. 
The claims recites authenticating a transaction which is an abstract idea. Specifically, the claim recites “receiving a verification request from an issuer corresponding to a requested transaction associated with a financial account of a customer, receiving an authentication factor inputted by the customer, communicating with the smart card to compare the authentication factor with a stored authentication factor stored on the smart card, based on a comparison of the received authentication factor and the stored authentication factor, creating instructions indicating whether the requested transaction is verified by the customer and outputting for transmission the instructions to the issuer” which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test, classified under “fundamental economic principles or practices”, specifically “mitigating risk” as part of a transaction  (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019)) because – for example, in this case, the claims involve a series of steps for performing analysis on a set of secret data to verify a customer as part of a transaction in order to add a layer of security and prevent fraud. Accordingly, the claim recites an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional elements of the claims such as the use of a non-transitory, computer-readable medium storing instructions that, when executed by a processor of a mobile device and an issuer system merely use a processor of a mobile device and issuer system as a tool to perform an abstract idea and/or generally link the use of a judicial exception to a particular technological environment (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)). [The use of a processor of a mobile device and issuer system to implement the abstract idea and/or generally linking the use of the abstract idea to a particular technological environment] does not render the claim patent eligible because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. Specifically, the processor of a mobile device and issuer system performs the steps or functions of “receiving a verification request from an issuer corresponding to a requested transaction associated with a financial account of a customer, receiving an authentication factor inputted by the customer, communicating with the smart card to compare the authentication factor with a stored authentication factor stored on the smart card, based on a comparison of the received authentication factor and the stored authentication factor, creating instructions indicating whether the requested transaction is verified by the customer and outputting for transmission the instructions to the issuer”. The additional claim elements are not indicative of integration into a practical application, because the claims do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 56 (January 7, 2019)), the additional elements of processor of a mobile device and issuer system, to perform the steps amounts to no more than using a processor of a mobile device and issuer system to automate and/or implement the abstract idea of authenticating a transaction. As discussed above, taking the claim elements separately, processor of a mobile device and issuer system perform the steps of “receiving a verification request from an issuer corresponding to a requested transaction associated with a financial account of a customer, receiving an authentication factor inputted by the customer, communicating with the smart card to compare the authentication factor with a stored authentication factor stored on the smart card, based on a comparison of the received authentication factor and the stored authentication factor, creating instructions indicating whether the requested transaction is verified by the customer and outputting for transmission the instructions to the issuer”. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of authenticating a transaction. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a processor of a mobile device and issuer system to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible. 
Dependent claims further describe the abstract idea of authenticating a transaction. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all 
obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-3, 5-7, 11-14 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Nam et al. (US 2004/0267665 A1) in further view of Goldthwaite et al. (US 2004/0019564 A1).
Regarding Claims 1 and 12, Nam discloses a non-transitory, computer-readable medium storing instructions that, when executed by a processor of a mobile device, cause the processor to perform a method of transaction authentication comprising:
- receiving an authentication factor inputted by the customer to the mobile device (¶0055)
 - communicating with the smart card to compare the authentication factor with a stored authentication factor stored on the smart card (¶0055)
- based on a comparison of the received authentication factor and the stored authentication factor, creating instructions indicating whether the requested transaction is verified by the customer; and (¶0055, ¶0056)
- outputting for transmission the instructions to the issuer system (¶0056, ¶0057, ¶0058)
	Nam does not disclose receiving a verification request from an issuer system, the verification request corresponding to a requested transaction associated with a financial account of a customer, the financial account associated with a smart card.
	Goldthwaite however discloses receiving a verification request from an issuer system, the verification request corresponding to a requested transaction associated with a financial account of a customer, the financial account associated with a smart card (¶0042, ¶0043, ¶0046).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of invention to modify the medium/method of Nam to include receiving a verification request from an issuer system, the verification request corresponding to a requested transaction associated with a financial account of a customer, the financial account associated with a smart card, as disclosed in Goldthwaite, in order to provide a method a strong authentication of a payment transaction that utilizes personal communication devices and smart cards (see Goldthwaite ¶0001).
Regarding Claims 2 and 13, Nam discloses wherein the received authentication factor comprises secret information (¶0055).
Regarding Claims 3 and 14, Nam discloses wherein the secret information is a personal identification number (PIN) (¶0055).
Regarding Claims 5, Nam discloses receiving the stored authentication factor from the smart card; and comparing the received authentication factor to the stored authentication factor (¶0055).
Regarding Claim 6, Nam discloses wherein receiving the stored authentication factor comprises reading the stored authentication factor from the smart card (¶0055).
Regarding Claims 11 and 17, Nam discloses wherein the requested transaction is an online transaction (¶0055)
Regarding Claim 18, Nam discloses wherein the authentication factor is stored on the smart card (¶0055).

Claims 4, 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Nam in view of Goldthwaite in further view of Sundaram et al. (US 2015/0127553 A1).
Regarding Claims 4 and 15, the combination of Nam and Goldthwaite does not disclose wherein the received authentication factor and the stored authentication factor each comprise biometric information associated with the customer.
Sundaram however discloses wherein the received authentication factor and the stored authentication factor each comprise biometric information associated with the customer (¶0050).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of invention to modify the medium/method of Nam in view of Goldthwaite to include wherein the received authentication factor and the stored authentication factor each comprise biometric information associated with the customer, as disclosed in Sundaram, in order to provide a method to perform an authentication of the user locally within the payment card (see Sundaram ¶0014).
Regarding Claim 9, Sundaram discloses wherein initiating communication between the mobile device and the smart card comprises moving the smart card toward the mobile device (¶0060).

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Nam in view of Goldthwaite in further view of Brown et al. (US 2012/0139713 A1)
Regarding Claim 7, the combination of Nam in view of Goldthwaite does not disclose displaying, via a screen of the mobile device, a prompt requesting that the customer initiate communication between the mobile device and the smart card.
Brown however discloses displaying, via a screen of the mobile device, a prompt requesting that the customer initiate communication between the mobile device and the smart card (Fig. 3; ¶0022, claim 8).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of invention to modify the medium/method of Nam in view of Goldthwaite to include wherein the received authentication factor and the stored authentication factor each comprise biometric information associated with the customer, as disclosed in Brown, in order to provide a method to ensure that access to the smart card reader (with
the smart card coupled thereto) is controlled (see Brown ¶0003).

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Nam in view of Goldthwaite in further view of Fiducia et al. (US 9,083,703 B2).
Regarding Claim 8, the combination of Nam in view of Goldthwaite does not disclose wherein initiating communication between the mobile device and the smart card comprises touching the smart card to the mobile device.
Fiducia however discloses wherein initiating communication between the mobile device and the smart card comprises touching the smart card to the mobile device (Col. 7 lines 31-42).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of invention to modify the medium/method of Nam in view of Goldthwaite to include wherein initiating communication between the mobile device and the smart card comprises touching the smart card to the mobile device, as disclosed in Fiducia, in order to provide a method to perform multi-factor authentication into an enterprise network from a mobile device using a smart card (see Fiducia Col. 1 lines 15-17).
Claims 10 and 16 is rejected under 35 U.S.C. 103 as being unpatentable over Nam in view of Goldthwaite in further view of Bona et al. (US 8,814,052 B2).
Regarding Claims 10 and 16, the combination of Nam in view of Goldthwaite does not disclose wherein initiating communication between the mobile device and the smart card comprises touching the smart card to the mobile device.
Bona however discloses wherein the requested transaction is a card-not-present transaction request (claim 15).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of invention to modify the medium/method of Nam in view of Goldthwaite to include wherein the requested transaction is a card-not-present transaction request, as disclosed in Bona, in order to provide an improved and more cost-effective solution for preventing plastic card fraud (see Bona Col. 2 lines 49-50).
Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZEHRA RAZA whose telephone number is (571)272-8128. The examiner can normally be reached 10AM-6:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ZEHRA RAZA/Examiner, Art Unit 3685                                                                                                                                                                                                        

/ZESHAN QAYYUM/Primary Examiner, Art Unit 3685