DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 5/11/2021, 8/12/2021 and 1/4/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1, 3-6, 8, 10-13, 15 and 17-19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-4, 9, 11-13, 15-17 and 19 of U.S. Patent No. 10,885,410.   Although the claims at issue are not identical, they are not patentably distinct from each other because the respective claims are not patently distinguishable, and encompass, with varying scope, the same subject matter.

INSTANT CLAIMS
PATENTED CLAIMS
1. An apparatus, comprising: 

a processor circuit; and 

a memory storing instructions which when executed by the processor circuit, cause the processor circuit to: 

receive, by an application executing on the processor circuit, a request to generate a barcode; 

receive, by the application, encrypted data from a communications interface of a contactless card associated with an account; 

receive, by the application and from a server, verification of the encrypted data and an encrypted authorization token associated with the account; and 

generate, by the application, the barcode utilizing the encrypted authorization token.

1. An apparatus, comprising: 

a processor circuit; and 

a memory storing instructions which when executed by the processor circuit, cause the processor circuit to: 

initiate, by an application executing on the processor circuit, a request for generation of a barcode; 

receive, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card; 

receive, by the application and from a server, verification of the encrypted data; 

receive, by the application and from the server, an encrypted authorization token associated with the account; and 

generate the barcode on the contactless card utilizing the encrypted authorization token.

3. The apparatus of claim 1, wherein the barcode is pre-configured by the authorization token to authorize a single transaction.

3. The apparatus of claim 2, wherein the memory storing instructions which when executed by the processor circuit, cause the processor circuit to: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

 (barcode and authorization token has to authorize a single transaction since they are invalidated for a subsequent transaction)

4. The apparatus of claim 3, wherein the barcode and the authorization token are configured to expire after the authorization of the single transaction.

3. The apparatus of claim 2, wherein the memory storing instructions which when executed by the processor circuit, cause the processor circuit to: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

(barcode has to be expired after the authorization of a single transaction if it is invalidated for a subsequent transaction)

5. The apparatus of claim 4, wherein the transaction is a payment transaction and the authorization token is a payment token, and wherein the payment token is associated with a monetary limit.


4. The apparatus of claim 3, wherein the transaction is a payment transaction and the authorization token is a payment token, and wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.
6. The apparatus of claim 1, the memory storing instructions which when executed by the processor circuit, cause the processor circuit to: decrypt, by the application, the encrypted authorization token to authorize a transaction.

2. The apparatus of claim 1, the memory storing instructions which when executed by the processor circuit, cause the processor circuit to: scan the barcode; and decrypt the authorization token to authorize a transaction.
8. A non-transitory computer-readable storage medium storing instructions that when executed by a processor circuit cause the processor circuit to: 

receive, by an application executing on the processor circuit, a request to generate a barcode; 

receive, by the application, encrypted data from a communications interface of a contactless card associated with an account; 

receive, by the application and from a server, verification of the encrypted data and an encrypted authorization token associated with the account; and 

generate, by the application, the barcode utilizing the encrypted authorization token.

15. A non-transitory computer-readable storage medium storing instructions that when executed by a processor circuit cause the processor circuit to: 

initiate, by an application executing on the processor circuit, a request for generation of a barcode; 

receive, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card; 

receive, by the application and from a server, verification of the encrypted data; 

receive, by the application and from the server, an encrypted authorization token associated with the account; and 

generate the barcode on the contactless card utilizing the encrypted authorization token.

10. The medium of claim 8, wherein the barcode is pre-configured by the authorization token to authorize a single transaction.

17. The non-transitory computer-readable storage medium of claim 16, storing instructions that when executed by the processor circuit cause the processor circuit to: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

 (barcode and authorization token have to authorize a single transaction since they are invalidated for a subsequent transaction)

11. The medium of claim 10, wherein the barcode and the authorization token are configured to expire after the authorization of the single transaction.


17. The non-transitory computer-readable storage medium of claim 16, storing instructions that when executed by the processor circuit cause the processor circuit to: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

(barcode has to be expired after the authorization of a single transaction if it is invalidated for a subsequent transaction)

12. The medium of claim 11, wherein the transaction is a payment transaction and the authorization token is a payment token, and wherein the payment token is associated with a monetary limit.

19. The non-transitory computer-readable storage medium of claim 18, wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.
13. The medium of claim 8, storing instructions that when executed by the processor circuit cause the processor circuit to: decrypt, by the application, the encrypted authorization token to authorize a transaction.

16. The non-transitory computer-readable storage medium of claim 15, storing instructions that when executed by the processor circuit cause the processor circuit to: scan the barcode; and decrypt the authorization token to authorize a transaction.

15. A method, comprising: 

receiving, by an application executing on a processor, a request to generate a barcode; 

receiving, by the application, encrypted data from a communications interface of a contactless card associated with an account; 

receiving, by the application and from a server, verification of the encrypted data and an encrypted authorization token associated with the account; and 

generating, by the application, the barcode utilizing the encrypted authorization token.

9. A method, comprising: 

initiating, by an application executing on a processor circuit of a mobile device, a request for generation of a barcode; 

receiving, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card; 

receiving, by the application and from a server, verification of the encrypted data; 

receiving, by the application and from the server, an encrypted authorization token associated with the account; and 

generating the barcode on the contactless card utilizing the encrypted authorization token.

17. The method of claim 15, wherein the barcode is pre-configured by the authorization token to authorize a single transaction.

11. The method of claim 10, further comprising: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

(barcode and authorization token have to authorize a single transaction since they are invalidated for a subsequent transaction)

18. The method of claim 17, wherein the barcode and the authorization token are configured to expire after the authorization of the single transaction.

11. The method of claim 10, further comprising: invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.

(barcode and authorization token have to authorize a single transaction since they are invalidated for a subsequent transaction)

19. The method of claim 18, wherein the transaction is a payment transaction and the authorization token is a payment token, and wherein the payment token is associated with a monetary limit.

13. The method of claim 12, wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.



Allowable Subject Matter
With respect to claim(s) 1-20, the examiner makes no prior art rejection. However, these claims are not allowable pursuant to the pending Double Patenting rejection.  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jang (US 2015/0066778)  teaches a card management server 106 generates a token corresponding to the received card information and provides the generated token to the purchaser terminal 102 (mobile phone). Then, the code generation module 204 converts the token to a code such as a barcode or QR code ([0055], [0073]).  Jang additionally teaches the card management server encrypts the token and transmits the encrypted token to a purchaser terminal 102 (mobile phone) ([0055], [0063]). Jang teaches an embodiment that may generate token data that may be substituted for the card number, convert the generated token to an encrypted code, and use the encrypted code upon payment, thus minimizing card-related risks which are caused by loss and hacking ([0101]).

Telephone/Fax Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUEZU ELLIS whose telephone number is (571)272-2868. The examiner can normally be reached Monday - Friday, 11:00 am - 7:00 pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Lee can be reached on (571)272-2398. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SUEZU ELLIS/Primary Examiner, Art Unit 2876