DETAILED ACTION
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview over both phone and email with Ramon, Michael on 08/29/2022.
Please amend the claims filed 06/06/2022 as follows:
1.	(Cancelled)

2. 	(Currently Amended) A system, comprising: 
a payment authorization device comprising one or more hardware processors configured to execute instructions that cause the payment authorization device to perform operations comprising:
actively detecting, prior to a transmission of information related to a payment portion of a purchase transaction to a payment provider and via a communication with a web browser plug-in that executes a background event detection application on a user device while the user device displays a merchant virtual storefront and based on a communication with the user device, an event associated with a merchant virtual storefront transaction request that was initiated by the user device, wherein the detected event includes an attempt to add an item to a virtual cart, wherein the user device is separate from the payment authorization device, and wherein the payment authorization device is a proxy between the user device and the payment provider;
in response to the actively detecting, automatically initiating an authentication of the merchant virtual storefront associated with the merchant virtual storefront transaction request;
matching identifying information associated with the merchant virtual storefront, the identifying information received from the user device including the web browser plug-in that executes the background event detection application, with baseline identifying information stored in a database, wherein the baseline identifying information identifies known authentic websites;
determining, based on the matching, that the merchant virtual storefront is authentic; 
after determining that the merchant virtual storefront is authentic, authorizing adding the item to the virtual cart and the merchant virtual storefront transaction request; and 
causing a transmission of user payment account information to the user device, wherein the transmission of the user payment account information automatically populates payment information fields within the merchant virtual storefront that enables a completion of at least the payment portion of the purchase transaction via the merchant virtual storefront.  

3. 	(Previously Presented) The system of claim 2, wherein the actively detecting the event and the automatically initiating the authentication of the merchant virtual storefront are performed by the payment authorization device without explicit instructions from the user device.  

4. 	(Previously Presented) The system of claim 2, wherein the detected event further includes a browsing of the merchant virtual storefront, proceeding to a checkout portion of the merchant virtual storefront, or an attempt to pay for an item.  

5. 	(Previously Presented) The system of claim 2, wherein the identifying information and the baseline identifying information include a hypertext markup language (HTML), metadata, secure sockets layer (SSL) data, an IP address, a website URL, DNS data, or TCP/IP data.  

6. 	(Previously Presented) The system of claim 2, wherein the operations performed by the payment authorization device further comprise: retrieving the baseline identifying information from a local database or a remote database.  

7. 	(Previously Presented) The system of claim 13, wherein the third-party approver has authority over a user payment account being used in association with the merchant virtual storefront transaction request.  

8. 	(Previously Presented) The system of claim 2, wherein the operations performed by the payment authorization device further comprise: 
displaying, through a graphical user interface, an authentication message that indicates an authenticity of the merchant virtual storefront; and 
based on the authentication message, receiving a user confirmation prior to the authorizing the merchant virtual storefront transaction request.  

9. 	(Previously Presented) The system of claim 2, wherein the authorizing the merchant virtual storefront transaction request includes completing, by the payment authorization device, the payment portion for the purchase transaction.  

10. 	(Previously Presented) The system of claim 2, wherein the operations performed by the payment authorization device further comprise: 
in response to the authorizing the merchant virtual storefront transaction request, retrieving the user payment account information; and 
transmitting the user payment account information to the payment provider, wherein the user payment account information is configured to allow the payment provider to transfer funds to a merchant account associated with the merchant virtual storefront.  

11. 	(Previously Presented) The system of claim 2, wherein the operations performed by the payment authorization device further comprise: 
in response to determining that the merchant virtual storefront is authentic, automatically authorizing, based on one or more user preferences stored in the database, the merchant virtual storefront transaction request, wherein the transmission is in response to the automatically authorizing.

12. 	(Previously Presented) The system of claim 11, wherein the one or more user preferences include a list of user-authorized merchant websites, a list of user-approved categories, an amount of the purchase transaction, or a type of transaction.  

13. 	(Previously Presented) The system of claim 2, wherein the operations performed by the payment authorization device further comprise: 
prior to the authorizing the merchant virtual storefront transaction request, transmitting an approval request over a network to a third-party approver; and 
receiving a decision to the approval request from the third-party approver.  

14. 	(Currently Amended) A method, comprising: 
actively detecting, prior to a transmission of information related to a payment portion of a purchase transaction to a payment provider and by a payment authorization device in a communication with a web browser plug-in that executes a background event detection application on a user device while the user device displays a merchant virtual storefront and based on a communication with the user device, an event associated with a merchant virtual storefront transaction request that was initiated by the user device, wherein the detected event includes an attempt to add an item to a virtual cart, wherein the user device is separate from the payment authorization device, and wherein the payment authorization device is an intermediary between the user device and the payment provider;
in response to the actively detecting, automatically initiating, by the payment authorization device, an authentication of the merchant virtual storefront associated with the merchant virtual storefront transaction request; 
comparing, by the payment authorization device, identifying information associated with the merchant virtual storefront, the identifying information received from the user device including the web browser plug-in that executes the background event detection application, with baseline identifying information stored in a database, the baseline identifying information including a whitelist that identifies authentic websites and a blacklist that identifies fraudulent websites;
determining, based on the comparing and by the payment authorization device, that the merchant virtual storefront is authentic; 
after determining that the merchant virtual storefront is authentic, transmitting, by the payment authorization device, an approval request over a network to a third-party approver, wherein the third-party approver has authority over a user payment account being used in association with the merchant virtual storefront transaction request;
after receiving a decision to the approval request from the third-party approver, authorizing, by the payment authorization device, the merchant virtual storefront transaction request; and 
transmitting, by the payment authorization device, user payment account information to the user device, wherein the transmitting the user payment account information automatically populates payment information fields within the merchant virtual storefront that enables a completion of at least the payment portion of the purchase transaction via the merchant virtual storefront.  

15. 	(Previously Presented) The method of claim 14, further comprising: retrieving the baseline identifying information from a local database or a remote database.  

16. 	(Previously Presented) The method of claim 14, further comprising: 
in response to the authorizing the merchant virtual storefront transaction request, retrieving the user payment account information; and
transmitting the user payment account information to the payment provider, wherein the user payment account information is configured to allow the payment provider to transfer funds to a merchant account associated with the merchant virtual storefront.  

17. 	(Previously Presented) The method of claim 14, wherein the authorizing the merchant virtual storefront transaction request is performed based on one or more user preferences.  

18. 	(Cancelled)  

19. 	(Currently Amended) A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause one or more machines to perform operations comprising: 
actively detecting, prior to a transmission of information related to a payment portion of a purchase transaction to a payment provider and by a payment authorization device in a communication with a web browser plug-in that executes a background event detection application on a user device while the user device displays a merchant virtual storefront and based on a communication with the user device, an attempt to add an item to a virtual cart in connection with a merchant virtual storefront transaction request that was initiated by the user device, wherein the user device is separate from the payment authorization device, and wherein the payment authorization device is an intermediary between the user device and the payment provider;
in response to the actively detecting, automatically initiating, by the payment authorization device, an authentication of the merchant virtual storefront associated with the merchant virtual storefront transaction request; 
detecting, by the payment authorization device, a presence or absence of fraudulent data within identifying information associated with the merchant virtual storefront, the identifying information received from the user device including the web browser plug-in that executes the background event detection application; 
determining, based on the detected absence of fraudulent data within the identifying information and by the payment authorization device, that the merchant virtual storefront is authentic; 
after determining that the merchant virtual storefront is authentic, authorizing, by the payment authorization device, adding the item to the virtual cart and the merchant virtual storefront transaction request; and 
transmitting, by the payment authorization device, user payment account information to the user device, wherein the transmitting the user payment account information automatically populates payment information fields within the merchant virtual storefront that enables a completion of at least the payment portion of the purchase transaction via the merchant virtual storefront.  

20. 	(Previously Presented) The non-transitory machine-readable medium of claim 19, wherein the operations further comprise: retrieving the baseline identifying information from a local database or a remote database.  

21. 	(Cancelled)

22. 	(Currently Amended) The method of claim 14, 
after determining that the merchant virtual storefront is authentic, authorizing, by the payment authorization device, adding the item to the virtual cart.

23. 	(Previously Presented) The non-transitory machine-readable medium of claim 19, wherein the operations further comprise:
after determining that the merchant virtual storefront is authentic, transmitting, by the payment authorization device, an approval request over a network to a third-party approver having authority over a user payment account being used in connection with the merchant virtual storefront transaction request; and
after receiving a decision to the approval request from the third-party approver, authorizing, by the payment authorization device, the merchant virtual storefront transaction request.

Claims 2-17, 19-20, and 22-23 are allowed. 

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: 

I. Prosecution History and New Language Limiting to Fig. 6
Examiner walked through the Spec. and found there exists two embodiments with the first one associated with Fig. 6 (reproduced left) and the second one associated with Fig. 8 (reproduced right).
Spec. Fig. 6
Spec. Fig. 8

    PNG
    media_image1.png
    352
    471
    media_image1.png
    Greyscale


    PNG
    media_image2.png
    369
    505
    media_image2.png
    Greyscale



With respect to the newly added language, Examiner’s Amended claim 2, supra. recites the critical language of “proxy.” Similarly, newly added language in claims 14 and 19, supra. recite the language of “intermediary.” According to Microsoft Computer Dictionary (5th Ed.) at p. 428, a proxy is a type of “barrier.” The definition is reproduced below.

    PNG
    media_image3.png
    157
    479
    media_image3.png
    Greyscale

According to Steven M. Kaplan, WILEY ELECTRICAL & ELECTRONICS ENGINEERING DICTIONARY 605 (2004) (“Wiley EE Dictionary”) at p. 610, is a type of intermediary. The definition is reproduced below.

    PNG
    media_image4.png
    170
    468
    media_image4.png
    Greyscale

In the Examiner’s eyes, the difference between proxy and intermediary is one of linguistic pedantry and there is no meaningful difference in scope between the two. Further, the intrinsic record is clear that the claims are limited to Fig. 6. See, e.g., instant O.A. Appendix of Email Chain (discussing Fig. 6). But c.f. MPEP 2111 (“[T]he Office does interpret claims [the same way] as the courts”).

II. Prosecution History and Language of Separate Device
With respect to the newly added language for claims 2, 14, and 19 of “separate,” Examiner wished to sharpen and hone the claims. Para. 0022 of the Spec recites in relevant parts:
[0022] The present disclosure provides payment authorization systems and methods that provide customers with a convenient, secure, and reliable way to avoid online fraud and confidently conduct online purchase transactions. For example, systems and methods are disclosed herein which provide for authentication of a merchant virtual storefront (i.e., a merchant website) by a trusted payment authorization device (PAD) that may be separate from but co-located with the user device upon which the purchase transaction was initiated. 
Id (emphasis added).
Para. 0022 does not make clear whether or not the PAD is separate or not. That is, the language of “may,” in view of “but,” can be taken as “is.” For example, the sentence may read as: “For example, systems and methods are disclosed herein which provide for authentication of a merchant virtual storefront (i.e., a merchant website) by a trusted payment authorization device (PAD) that [is] separate from [and is] co-located with the user device upon which the purchase transaction was initiated.” If the Spec. had contemplated that the PAD may be integrated into the user desktop, the Spec. departs from well-established patent parlance such as “in one embodiment” or “in a preferred embodiment.” Further, when look at the drawing for what they suggest, the PAD is never drawn as being integrated into the desktop. See, e.g., Figs. 5 (showing separate PAD), 6 (same), and 8 (same).
Nonetheless, Examiner proposed to the new language to sharpen the metes and bounds.1

III. Art
Following the proper claim construction, the claims are limited to Fig. 6. The claims as a whole are directed towards an online shopping system with a payment authorization device (PAD). The PAD interacts with a user computer with a browser, wherein the browser has a plugin or add in. The PAD allows for authentication and acts as a proxy or pass through. The previous art of Stevens (US 2011/0022837) (‘837) disclosed an authentication device, that is co-located with a personal computer, that allowed for authentication. 
The instant claims are however distinguished from Stevens as the Authentication Device in ‘837 is not a proxy. 
Spec. Fig. 6
Stevens ‘837 at Fig. 5 (relevant parts showing no proxy for authentication device)

    PNG
    media_image1.png
    352
    471
    media_image1.png
    Greyscale


    PNG
    media_image5.png
    338
    707
    media_image5.png
    Greyscale



In the NF, Examiner also used Sines US 2002/0174062 A1 (‘062) as primary. While Sines does disclose a MERCHANT INTERNET SITE (see Fig. 4 Item 110), the reference does not utilize web technologies such as plug-ins found in a browser. Nor does the reference disclose a proxy.
Other relevant art includes US20120323717 by Kirsch. This reference discloses a relaying party and authentication. It is silent however on a separate proxy device.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
US-20120150750-A1 (disclosing relying party)
CA-2873695-A1 (disclosing provider site for authentication)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DENNIS G KERITSIS whose telephone number is (313)446-6591.  The examiner can normally be reached on Mon-Fri 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hayes John can be reached on (571) 272-6708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/DENNIS G KERITSIS/Examiner, Art Unit 3685   

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685                                                                                                                                                                                                                                                                                                                                                                                                             




    
        
            
        
            
    

    
        1 Examiner notes that during the prosecution history, the art of Stevens US 2011/0022837 A1was applied and the authentication device found therein is separate. But c.f. MPEP 2111 (“[T]he Office does interpret claims [the same way] as the courts”).