Acknowledgements
This communication is in response to applicant’s response filed on 07/22/2022.
Claims 1-2, 4-6, 8-12, 14-16, and 18-25 have been amended. Claims 26-30 have been cancelled.
Claims 1-25 are pending and have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Regarding applicant’s arguments:	
Regarding applicant’s arguments under Claim Rejections - 35 USC § 103 that the combination of Cacioppo (US 20150310425) in view of McGuire (US 20100257612) does not teach or suggest “transmitting, by the server computer system to the merchant system, a plurality of public encryption keys; wherein the merchant system selects a public encryption key from among the plurality of public encryption keys to perform the encryption based on the card identifier; and decrypting, by the server computer system, the encrypted payment card data using a private encryption key selected from among a plurality of private encryption keys based on the card identifier, the plurality of private encryption keys associated with the server computer system and corresponding to the plurality of public encryption keys,” in amended claim 1, examiner respectfully argues applicant’s arguments are moot in light of the new grounds of rejections necessitated by the amendment to claim 1. Applicant makes similar arguments for claims 11 and 21, and examiner respectfully argues applicant’s arguments are moot for the same reasons listed above for claim 1.
Applicant argues dependent claims 2-10, 12-20, and 22-25 are allowable based on their dependence upon allowable base claims, and examiner respectfully argues applicant’s arguments are moot in light of the amendments made to claims 1, 11, and 21.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 4-8, 10-11, 14-18, 20-21, and 23-24 are rejected under 35 U.S.C. 103 as being unpatentable over Cacioppo (US 20150310425) in view of McGuire (US 20100257612) in further view of Lee (US 20150312217) in further view of Wall (US 20180109508).

Regarding Claims 1, 11, and 21, Cacioppo teaches receiving, at a server computer system, a transaction request from the merchant system, wherein the transaction request is generated by the merchant system and comprises a card identifier and encrypted payment card data (Paragraphs 0024-0026 and 0029-0031 teach a temporary pseudo-PAN generated in lieu of an actual PAN associated; when a payment form is presented to a merchant, a variety of information is provided to the merchant, who in turn provides an authorization request to the payment network; the method includes generating a one-time token for payment information included in the authorization request such as authentication data, such as a CVV (card verification value) code, etc., with or separate from the actual PAN; the computing device receives the payment request and retrieves the actual PAN from memory then generates a temporary pseudo-PAN at least based on an encryption salt; when the pseudo-PAN is generated (as depicted in the example of FIG. 4), the first six digits of the PAN, or the routing segment are preserved in the pseudo-PAN (“5555 6612 3456 7895), while the remainder of the pseudo-PAN is encrypted; after the pseudo-PAN is generated, the consumer's computing device presents the pseudo-PAN to the merchant; the merchant captures the pseudo-PAN and stores the pseudo-PAN then transmits an authorization request), wherein the card identifier is determined from card data for a payment card used in the transaction and the encrypted payment card data comprises at least an encryption of a payment account number generated by a computing device upon ingestion of the card data system (Paragraphs 0011 and 0037 teach when a consumer attempts to complete a payment transaction, payment information specific to the consumer (e.g., a primary account number (PAN)), may be masked by generating a one-time token, which is then used during certain segments of the transaction from a consumer to a merchant; the consumer is registered to the payment service, whereby the appropriate consumer-specific data is received and stored by the payment service; through registration, the payment service, and the consumer, each have consumer-specific data, which may be used in combination with the encryption salt (described above), for example, to generate one-time tokens); decrypting, by the server computer system, the encrypted payment card data using an encryption key selected based on the card identifier, the encryption key associated with the server computer system (Paragraphs 0032 and 0037 teach upon receipt of the authorization request, the payment service decrypts the pseudo-PAN, by use of the same encryption algorithm used by the consumer's computing device and the most recently generated salt; when the payment service receives a one-time token based on consumer-specific data, the payment service receives an indication of not only a one-time token, but also an identification of the consumer, so that the payment service may decrypt the one-time token based on their consumer-specific data and the salt, as described above); authorizing, by the server computer system in communication with one or more authorization systems, the transaction using the decrypted payment card data (Paragraphs 0032-0033 teach the payment service then searches in memory for the decrypted PAN, and then passes the authorization request to the issuer; the payment service will further modify the authorization request to include the decrypted payment information, prior to passing the authorization request to the issuer); and in response to the one or more authorization systems authorizing the transaction, the server computer system returning a transaction authorization for the transaction request to the merchant system (Paragraph 0035 teaches in response to the authorization request, the issuer responds to the request, and in turn, the payment service receives the reply to the authorization request; the payment service transmits the issuer's reply to the acquirer, who in turn passes the authorization reply to the merchant).
However, Cacioppo does not explicitly teach wherein the card identifier is determined from card data for a payment card used in the transaction and the encrypted payment card data comprises at least an encryption of a payment account number generated by the merchant system upon ingestion of the card data by the merchant system.
McGuire from same or similar field of endeavor teaches wherein the card identifier is determined from card data for a payment card used in the transaction and the encrypted payment card data comprises at least an encryption of a payment account number generated by the merchant system upon ingestion of the card data by the merchant system (Paragraphs 0033 and 0030 teach a token application (i.e., works with the web store (i.e., online merchant) to make a purchase) encrypts payment-card numbers as they are received and generates tokens corresponding to those payment-card numbers; a part of the token might contain part of the payment-card number, e.g., Such that the payment card type and the last four digits of the card are actually part of the token itself, to assist customers and customer-service representatives in confirming or identifying, generally, the card corresponding to the token).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Cacioppo, which teaches receiving encrypted card data from a merchant and decrypting and authorizing the card data to authorize a transaction, to incorporate the teachings of McGuire for the card identifier to be determined from card data for a payment card used in the transaction and the encrypted payment card data comprises at least an encryption of a payment account number generated by the merchant system upon ingestion of the card data by the merchant system.
There is motivation to combine McGuire into Cacioppo because under the PCI Data-Security Standard (DSS) and the related PCI Security-Audit Procedures, merchants are required to document their compliance with the DSS (McGuire Paragraph 0006). The payment-processing system employs three “in-scope” network segments, or zones, for PCI purposes: (i) a web-server zone including web store, (ii) a customer-service zone including input module, and (iii) a PCI server zone including tokenizer and payment-card middleware. Achieving and maintaining PCI compliance using these three well-defined and limited network segments and their corresponding functionality can be considerably simpler and more manageable to implement than remediating or modifying large sections of a corporate network (McGuire Paragraph 0031).
However, the combination of Cacioppo and McGuire does not explicitly teach transmitting, by the server computer system to the merchant system, a plurality of public encryption keys; wherein the merchant system selects a public encryption key from among the plurality of public encryption keys to perform the encryption; and decrypting, by the server computer system, the encrypted payment card data using a private encryption key selected from among a plurality of private encryption keys, the plurality of private encryption keys associated with the server computer system and corresponding to the plurality of public encryption keys.
Lee from same or similar field of endeavor teaches transmitting, by the server computer system to the merchant system, a plurality of public encryption keys (Paragraph 0026 teaches a key management application is executed to manage the various public/private key pairs employed in the networked environment for client-side encryption of form data; the key management application generates sets of public/private key pairs and deploy the public keys to the network page server (i.e., merchant system)); wherein the merchant system selects a public encryption key from among the plurality of public encryption keys to perform the encryption (Paragraphs 0017-0018 and 0021-0022 teach a network page server (i.e., merchant system) is configured to send code to the client along with the network page to facilitate client-side encryption of form data; the network page may correspond, for example, to an online retailer, electronic marketplace; encryption code corresponds to code that is sent to clients in conjunction with a network page to facilitate the client-side encrypting of form fields in the network page; the encryption code may implement public-key encryption according to a specified public key obtained from the network page server; active public keys correspond to public keys that may be used by the encryption application and/or the encryption code to encrypt form data; the actual public key that is used in a given case may be selected according to established criteria, by the network page server); and decrypting, by the server computer system, the encrypted payment card data using a private encryption key selected from among a plurality of private encryption keys, the plurality of private encryption keys associated with the server computer system and corresponding to the plurality of public encryption keys (Paragraphs 0027-0028 teach a decryption application is executed by the payment processing server to decrypt the encrypted form data with a corresponding private key; payment data 151 corresponds to the decrypted form data stored by the payment processing server in the data store; the payment data 151 may be stored in an encrypted state to comply, for example, with the Payment Card Industry Data Security Standard (PCI DSS) and/or other security standards; it is understood that the payment data 151 has been decrypted from the previously encrypted state in which it was received by the payment processing server).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo and McGuire, which teaches receiving encrypted card data and card identifier from a merchant and decrypting and authorizing the card data to authorize a transaction, to incorporate the teachings of Lee to transmit a plurality of public encryption keys; wherein the merchant system selects a public encryption key from among the plurality of public encryption keys to perform the encryption; and decrypt the encrypted payment card data using a private encryption key selected from among a plurality of private encryption keys, the plurality of private encryption keys associated with the server computer system and corresponding to the plurality of public encryption keys.
There is motivation to combine Lee into the combination of Cacioppo and McGuire because the base invention is improved by employing an end-to-end encryption scheme where sensitive form data is encrypted by public-key encryption code executed in the client. The form data remains in an encrypted state when processed by external-facing servers and transmitted via the internal network. Only when the form data is received on a secured portion of an internal network is the form data decrypted by a private key (Lee Paragraph 0012).
However, the combination of Cacioppo, McGuire, and Lee does not explicitly teach wherein the merchant system selects a key from among the plurality of keys to perform the encryption based on the card identifier; decrypting, by the server computer system, the encrypted payment card data using a key selected from among a plurality of keys based on the card identifier.
Wall from same or similar field of endeavor teaches wherein the merchant system selects a key from among the plurality of keys to perform the encryption based on the card identifier (Paragraphs 0021-0022 and 0108 teach selecting the encryption key may comprise dividing the hashed sensitive information by a number of encryption keys in a numbered list of encryption keys, identifying a number of an encryption key in the numbered list of encryption keys, based on the remainder, and selecting the encryption key corresponding to the identified number; prior to encrypting the sensitive information, a number of encryption keys may be generated and sent to a cryptographic processing system for encryption with a key encryption key; the encrypted keys may be stored in a database; the sensitive information comprises a personal account number and other data such as a cardholder name, expiration date, a CVV, a PIN verification Key, a PIN Verification value, a card verification value, a card verification code, and/or EMV information; FIG. 12 is a flowchart of an example of a method for encrypting plain text card data; the PAN is hashed by the processing device; the hashed PAN is divided by the second predetermined number of keys to find the remainder; the number of the key in the key list corresponding to the remainder in the AES key list is selected; for example, if the remainder is 20, the key numbered 20 in the list is selected; the retrieved AES key is used to encrypt the plain text card data by the processing device); and decrypting, by the server computer system, the encrypted payment card data using a key selected from among a plurality of keys based on the card identifier (Paragraphs 0068 and 0111 teach a merchant private key is used to decrypt data encrypted by the PIN pad terminal based on the associated merchant public key; the salts and keys are used in the encryption of the card number (or personal account number) and the card data, respectively; the key used to encrypt the retrieved encrypted card data is identified by the processing device; the key is identified from the key list based on the hashed PAN modulo, as discussed above with respect to FIG. 12; the encrypted card data may be decrypted by the processing device based on the key used to encrypt the card data, in a manner known in the art).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo, McGuire, and Lee, which teaches receiving encrypted card data and card identifier from a merchant after the merchant encrypts the card data using a selected public key, and decrypting and authorizing the card data to authorize a transaction, to incorporate the teachings of Wall for the merchant system to select a key from among the plurality of keys to perform the encryption based on the card identifier; decrypting, by the server computer system, the encrypted payment card data using a key selected from among a plurality of keys based on the card identifier.
There is motivation to combine Wall into the combination of Cacioppo, McGuire, and Lee because encrypting sensitive information is disclosed, comprising hashing sensitive information by a hash function, and selecting a salt based, at least in part, on the hashed sensitive information. The selected salt is combined with the hashed sensitive information to yield combined sensitive information, which is encrypted and stored. The combined sensitive information may be stored in a secure database, for example. The combined sensitive information may be encrypted by a destructive, non-reversible encryption function, which may comprise an authentication code algorithm and an iterative encryption function (Wall Paragraph 0016).
Regarding Claim 1, Cacioppo teaches a method for processing a transaction between a merchant system and a customer system, the customer system associated with a customer of the merchant (Paragraph 0024 teaches FIG. 3 illustrates an exemplary method of processing a payment transaction by a one-time token).
Regarding Claim 11, Cacioppo teaches a non-transitory computer readable storage medium including instructions that, when executed by a processor, cause the processor to perform operations for processing a transaction between a merchant system and a customer system, the customer system associated with a customer of the merchant (Paragraph 0018 teaches a memory is one or more devices that enable information such as executable instructions and/or other data to be stored and retrieved; the memory may include one or more computer-readable media and store, without limitation, payment information, tokens, pseudo-PANs, actual PANs, encryption salts, authorization request, and/or any other type of data suitable for use as described herein; furthermore the computer-executable instructions may be stored in memory for execution by the processor to cause the processor to perform one or more of the functions described herein).
Regarding Claim 21, Cacioppo teaches a server computer system, comprising: a memory; and a processor coupled with the memory configured to perform operations (Paragraphs 0016-0018 teach each the payment service may be implemented in a computing device, which may include a single computing device or multiple computing devices located together such as  servers; the exemplary computing device includes a memory and a processor that is coupled to memory; the processor may include one or more processing units; the memory may store computer-executable instructions for execution by the processor to cause the processor to perform one or more of the functions described herein).

Regarding Claims 4 and 14, the combination of Cacioppo as modified teaches all the limitations of claims 1 and 11 above; however, the combination does not explicitly teach wherein the selected private encryption key is known to the server computer system, and wherein the merchant system encrypts payment card data using an asymmetric public encryption key corresponding to the private encryption key.
Lee further teaches wherein the selected private encryption key is known to the server computer system, and wherein the merchant system encrypts payment card data using an asymmetric public encryption key corresponding to the private encryption key (Paragraphs 0025, 0027, and 0039 teach the components executed on the computing device (i.e., server computer system) include a payment processing server, a key management application, and a decryption application; the decryption application is executed by the payment processing server to decrypt the encrypted form data with a corresponding private key; the payment processing server then decrypts the form data items with the decryption application using the corresponding private key).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Cacioppo as modified to further incorporate the teachings of Lee for the selected private encryption key to be known to the server computer system, and wherein the merchant system encrypts payment card data using an asymmetric public encryption key corresponding to the private encryption key.
There is motivation to further combine Lee into the combination of Cacioppo as modified because of the same reasons listed above for claims 1 and 11.

Regarding Claims 5, 15, and 23, the combination of Cacioppo as modified teaches all the limitations of claims 1, 11, and 21 above; however, the combination does not explicitly teach wherein prior to receiving the transaction request, the method further comprises: generating, by the server computer system, first private key public key pairs; storing, in a key vault of the server computer system, private encryption keys form the first private key public key pairs generated by the server computer system; and providing, by the server computer system to the merchant system, at least one public encryption key form the first private key public key pairs for merchant system use during card not present transactions with customers.
Lee further teaches wherein prior to receiving the transaction request, the method further comprises: generating, by the server computer system, first private key public key pairs (Paragraph 0055 teaches the key management application generates a set of key pairs, which correspond to the public keys (FIG. 1) and the private keys); storing, in a key vault of the server computer system, private encryption keys form the first private key public key pairs generated by the server computer system (Paragraph 0055 teaches the key pairs are stored in the data store (FIG. 1)); and providing, by the server computer system to the merchant system, at least one public encryption key form the first private key public key pairs for merchant system use during card not present transactions with customers (Paragraph 0026 teaches the key management application is configured to generate sets of public/private key pairs and deploy the public keys to the network page server). 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Cacioppo as modified to further incorporate the teachings of Lee for prior to receiving the transaction request, the method to further comprises: generating, by the server computer system, first private key public key pairs; storing, in a key vault of the server computer system, private encryption keys form the first private key public key pairs generated by the server computer system; and providing, by the server computer system to the merchant system, at least one public encryption key form the first private key public key pairs for merchant system use during card not present transactions with customers.
There is motivation to further combine Lee into the combination of Cacioppo as modified because of the same reasons listed above for claims 1 and 11.

Regarding Claims 6 and 16, the combination of Cacioppo as modified teaches all the limitations of claims 1 and 11 above; however, the combination does not explicitly teach periodically generating second private key public key pairs; storing private keys from the generated second private key public key pairs in the key vault of the server computer system; distributing one or more public encryption keys form the generated second private key public key pairs to the merchant system; and expiring one or more private keys from first private key public key pairs generated prior the second private key public key pairs.
Lee further teaches periodically generating second private key public key pairs (Paragraphs 0026 and 0055 teach the key management application is also configured to replace sets of public keys and to delete retired sets of private keys periodically; the key management application generates a set of key pairs, which correspond to the public keys (FIG. 1) and the private keys); storing private keys from the generated second private key public key pairs in the key vault of the server computer system (Paragraph 0055 teaches the key pairs are stored in the data store  (FIG. 1)); distributing one or more public encryption keys form the generated second private key public key pairs to the merchant system (Paragraph 0056 teaches the key management application sends a subset of public keys to the network page server (FIG. 1) for use as the active public keys); and expiring one or more private keys from first private key public key pairs generated prior the second private key public key pairs (Paragraph 0055 teaches the key management application retires a current subset of the public keys that are being used by the encryption application  (FIG. 1) and the encryption code (FIG. 1) as the active public keys (FIG. 1); the subset of the public keys are retired after a relatively short time frame, e.g., five days, a week, etc., rather than a relatively long time frame, e.g., six months, a year, etc.).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Cacioppo as modified to further incorporate the teachings of Lee for prior to receiving the transaction request, the method to further comprises: generating, by the server computer system, first private key public key pairs; storing, in a key vault of the server computer system, private encryption keys form the first private key public key pairs generated by the server computer system; and providing, by the server computer system to the merchant system, at least one public encryption key form the first private key public key pairs for merchant system use during card not present transactions with customers.
There is motivation to further combine Lee into the combination of Cacioppo as modified because using a relatively short time frame reduces the security risks associated with intercepted, cracked, or otherwise stolen private keys (Lee Paragraph 0055).

Regarding Claims 7 and 17, the combination of Cacioppo as modified teaches all the limitations of Claims 1 and 11 above; however, the combination does not explicitly teach wherein the card identifier is a deterministic identifier generated by the merchant system to identify the payment card used for the transaction with the customer.
McGuire further teaches wherein the card identifier is a deterministic identifier generated by the merchant system to identify the payment card used for the transaction with the customer (Paragraph 0033 teaches a token application encrypts payment-card numbers as they are received and generates tokens corresponding to those payment-card numbers; a part of the token might contain part of the payment-card number, e.g., Such that the payment card type and the last four digits of the card are actually part of the token itself, to assist customers and customer-service representatives in confirming or identifying, generally, the card corresponding to the token; for example, a payment-card number having a value of “371449635398183” might have a corresponding token with a value of “37-Nc4×WKms-8183,” where (i) the first two digits, “37,” identify the card as being of type American Express, (ii) the middle portion of the token is a randomly-generated alphanumeric string, and (iii) the last four digits, “8183,” are usable to confirm the card number with the cardholder).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo as modified to further incorporate the teachings of McGuire for the card identifier to be a deterministic identifier generated by the merchant system to identify the payment card used for the transaction with the customer.
There is motivation to further combine McGuire into the combination of Cacioppo as modified because of the same reasons listed above for claims 1 and 11.

Regarding Claims 8, 18, and 24, the combination of Cacioppo as modified teaches all the limitations of Claims 7, 17, and 21 above; and Cacioppo further distributing, by the server computer system to the merchant system, a set of cryptographic salts for use by the SDK during card not present transactions with customers (Paragraph 0022 teaches each computing device associated with the consumer and the payment service, through execution of program instructions by the processor, generates encryption salts; the salt is generally a randomly generated number, and synchronized between the consumer computing device and the payment service computing device); and receiving the deterministic identifier as the card identifier, wherein the deterministic identifier is generated by the SDK executing within a merchant application during a card not present transaction by the SDK: selecting a cryptographic salt from the set of cryptographic salts based on the card data, and performing at least one hashing function on the selected cryptographic salt and the card data to obtain the deterministic identifier (Paragraph 0022 teaches the salt, in other embodiments, may be generated based on static data, including, for example, certain consumer-specific data).

Examiner Note: The phrase “for use by the SDK during card not present transactions with customers” does not have patentable weight as it states the intended use of the limitation “distributing, by the server computer system to the merchant system, a set of cryptographic salts.”

	Regarding Claims 10 and 20, the combination of Cacioppo as modified teaches all the limitations of Claims 1 and 11 above; however, the combination does not explicitly teach wherein communications exchanged between the merchant system and the server computer system are secured using encrypted communications links.
	Lee further teaches wherein communications exchanged between the merchant system and the server computer system are secured using encrypted communications links (Paragraph 0018 teaches the network page server may also support HTTP secure (HTTPS) with transport layer security (TLS), secure sockets layer (SSL), and/or other approaches to create encrypted channels of communication over the networks 109 and 115).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo as modified to further communications exchanged between the merchant system and the server computer system to be secured using encrypted communications links.
There is motivation to further combine Lee into the combination of Cacioppo as modified because of the same reasons listed above for claims 1 and 11.

Claims 2-3, 12-13, and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Cacioppo (US 20150310425) in view of McGuire (US 20100257612) in further view of Lee (US 20150312217) in further view of Wall (US 20180109508) in further view of Tang (US 20190034929).

Regarding Claims 2, 12, and 22, the combination of Cacioppo as modified teaches all the limitations of claims 1, 11, and 21 above; however, the combination does not explicitly teach distributing, by the server computer system, a software development kit (SDK) for development of a merchant application that enables card not present transaction processing by the server computer system on behalf of the merchant system using the card data of the customer, wherein the card identifier is generated and the card data is encrypted in an application layer by the SDK upon receipt of the card data by the merchant application preventing merchant system storage and access to the card data in unencrypted form.
Tang from same or similar field of endeavor teaches distributing, by the server computer system, a software development kit (SDK) for development of a merchant application that enables card not present transaction processing by the server computer system on behalf of the merchant system using the card data of the customer, wherein the card identifier is generated and the card data is encrypted in an application layer by the SDK upon receipt of the card data by the merchant application preventing merchant system storage and access to the card data in unencrypted form (Paragraphs 0046-0048 teach the payment vendor introduces a payment service application to capture the Sensitive Data; the payment library invokes the payment service application for information, the payment service application runs in the foreground, collects the data, processes the payment and then gets back to the payment library for the payment acknowledgement via an API; an example of such a secure card data collection approach is Poynt SDK for Android; exemplary embodiments are described herein with reference to FIG. 3, which shows a secure card data collection approach in accordance with one embodiment of the present invention; here, the ISV application incorporates the SDK Vendor payment library, which is configured to communicate with a PCI-DSS validated backend system and also with the native OS-owned app/browser, i.e., the native UI component of the OS that renders web pages; the ISV application makes a request to the payment library, which in turn requests a secure web page from the backend system; the secure web page includes fields for the user to enter the specific Sensitive Data to be collected (e.g., PAN, EXP, CVV, etc.); typically, some or all of the entered data is encrypted, e.g., using a public key embedded by the backend system in the secure web page (e.g., when generating the secure web page, the backend system may generate an asymmetric public/private encryption key pair, e.g., using E2EE principles, and embed the public key in the secure web page that it serves to the payment library, preferably along with a key reference ID (i.e., card identifier) associated with the public/private encryption key pair); upon completion of such data entry, the data entered via the secure web page is pushed back through the payment library to the backend system for processing, typically along with other data, such as, for example, the key reference ID that was received in the secure web page, card data obtained from a card reader device, and information regarding the card data collection device, the app, and/or the user).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo as modified to incorporate the teachings of Tang to distribute, by the server computer system, a software development kit (SDK) for development of a merchant application that enables card not present transaction processing by the server computer system on behalf of the merchant system using the card data of the customer, wherein the card identifier is generated and the card data is encrypted in an application layer by the SDK upon receipt of the card data by the merchant application preventing merchant system storage and access to the card data in unencrypted form.
There is motivation to combine Tang into the combination of Cacioppo as modified because the backend system can decrypt the encrypted data using the private key associated with the public/private encryption key pair. Thus, this solution leverages the PCI-DSS validation of the backend system to avoid the ISV having to meet the PCI compliance reporting requirements of the PCI-DSS. In certain exemplary embodiments, some or all of the Sensitive Data is encrypted on a digit-by-digit basis as it is entered into the secure web page. Specifically, a public key embedded in the secure web page may be used to encrypt the data as it is entered into the web page so that such data is not stored “in the clear” either on the UI or in the memory of the device. Among other things, this reduces the chances for a hacker to recover the Sensitive Data using a memory dump attack. (Tang Paragraphs 0048-0049).

Regarding Claims 3 and 13, the combination of Cacioppo as modified teaches all the limitations of claims 2 and 12 above; however, the combination does not explicitly teach wherein the merchant application comprises one of a web based application distributed over a network by the merchant system or an application executable on a mobile device associated with the merchant.
Lee further teaches wherein the merchant application comprises one of a web based application distributed over a network by the merchant system or an application executable on a mobile device associated with the merchant (Paragraphs 0030 and 0017 teach the client executes various applications such as a browser and/or other applications; the browser may be executed in a client, for example, to access and render network pages, such as web pages, or other network content served up by the computing device and/or other servers, thereby generating a rendered network page on the display; the browser may be configured to download and execute the encryption code provided by the network page server along with a network page; the network page may correspond, for example, to an online retailer, electronic marketplace).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo as modified to further incorporate the teachings of Lee for the merchant application to comprise one of a web-based application distributed over a network by the merchant system or an application executable on a mobile device associated with the merchant.
There is motivation to further combine Lee into the combination of Cacioppo as modified because of the same reasons listed above for claim 1.

Claims 9, 19, and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Cacioppo (US 20150310425) in view of McGuire (US 20100257612) in further view of Beye (US 20190259026).

Regarding Claims 9, 19, and 25, the combination of Cacioppo as modified teaches all the limitations of Claims 1, 11, and 21; however, the combination does not explicitly teach in response to the receipt of the transaction request from the merchant system, the server computer system generating a token, wherein the token comprises a unique identifier for the transaction associated with the transaction request; providing, by the server computer system to the merchant system, the token prior to performing the authorization; and returning the transaction authorization for the transaction request to the merchant system by reference to the token.
Beye from same or similar field of endeavor teaches in response to the receipt of the transaction request from the merchant system, the server computer system generating a token, wherein the token comprises a unique identifier for the transaction associated with the transaction request (Paragraphs 0055 and 0059 teach a request or demand for event processing may be generated that includes an amount associated with the event, a first unique identifier associated with the event, instructions for transmitting funds to an account of the vendor, and the like; a single-use event processing token may be generated for use in processing the event that includes an anonymous event processing source from which to transfer funds to the vendor account; the single-use event processing token may also include mapping data mapping the anonymous event processing source to a user event processing source); providing, by the server computer system to the merchant system, the token prior to performing the authorization (Paragraphs 0060-0061 teach the single-use event processing token may be transmitted to the client computing device; the single-use event processing token may be received by the client computing device and transmitted to the vendor computing system; the single-use event processing token may be received by the vendor computing system and may be used to process the requested event); and returning the transaction authorization for the transaction request to the merchant system by reference to the token (Paragraphs 0061 and 0064 teach processing the requested event may include generating an instruction to process the event based on the single-use event processing token and transmitting and receiving data between the vendor computing system and the event processing computing platform; processing the event may include executing an instruction to transfer funds from an anonymous payment source to the vendor account in order to provide payment to the vendor; the even processing computing platform may identify, from the mapping associated with the single-use token, the user event processing source from which funds should be transferred to reconcile the event; the event may be reconciled by executing an instruction to transfer funds from the user event processing source to the anonymous event processing source).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Cacioppo as modified to incorporate the teachings of Beye to in response to the receipt of the transaction request from the merchant system, the server computer system generating a token, wherein the token comprises a unique identifier for the transaction associated with the transaction request; providing, by the server computer system to the merchant system, the token prior to performing the authorization; and returning the transaction authorization for the transaction request to the merchant system by reference to the token.
There is motivation to combine Beye into the combination of Cacioppo as modified because a user may request to process an event (e.g., payment for goods or services) and may transmit a request to an event processing computing platform. the single-use token will include information for processing the event, such as an anonymous source from which the event may be processed. The single-use token may include no information identifying a user, event processing source of a user, or the like. In some examples, any information identifying a user, user event processing source, or the like, that may be used to process an event in a conventional arrangement may be identified via a unique mapping of user information to anonymous event processing source information that is discernable only to the event processing computing platform (e.g., an entity associated with, operating or implementing the event processing computing platform and not to the vendor computing system) (Beye Paragraph 0030).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Karkkainen et al. (US 20180144341) teaches An encryption system for encrypting data of party, wherein the party is provided with an encryption key wallet and one or more encryption keys of the encryption key wallet are identifiable using at least one reference code, The encryption key wallet is opened for accessing an encryption key via its reference code, for encrypting data to generate corresponding encrypted data and/or for decrypting encrypted data to generate corresponding decrypted data, wherein the encryption key is reproducibly generated by the encryption key wallet. When the encryption system enables exchange of encrypted data via the encryption system between two or more parties
the two or more parties are provided with the encryption key wallet; data exchanged between the parties are encrypted using one or more encryption keys obtained from the encryption key wallet; and the encryption key wallet is opened for use when encrypting and/or decrypting the data exchanged between the parties.
Jindal (US 20190068558) teaches a computer-implemented method is provided for encrypting a message using a plurality of keys and a plurality of encryption algorithms. The method includes mapping, by the computing device, each of the plurality of keys to an encryption algorithm randomly selected from the plurality of encryption algorithms, and storing, by the computing device, in an index table the plurality of keys correlated to their respective encryption algorithms. The method also includes decomposing, by the computing device, the message into one or more message segments and encrypting, by the computing device, each of the one or more message segments using the index table. The method further includes transmitting, by the computing device, at least one of the index table or the one or more encrypted message segments to a receiving computing device over the electronic network.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY JONES whose telephone number is (469)295-9137.  The examiner can normally be reached on 7:30 am - 5:00 pm CST (M-F).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/C.P.J./Examiner, Art Unit 3685                


/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3685