DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

                                                           Double Patenting
2.    The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) -706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).

The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-l.jsp.

3. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No 11,070,534. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the current application encompass the same subject matter as the patent claims, but with obvious wording variations. 

"A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi 759 F.2d at 896, 225 USPQat651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness- type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). " ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).

Claim Rejections - 35 USC § 112
4. The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


5. Claims 1,2,9,10 and 15-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

6. Regarding Claim 1, lines.18-20 recites: “transmit the token identifier to browser to be passed to the partner system; and upon receiving the token identifier from the partner system, transmit the one or more data tokens to the partner system”
 It is not clear what is meant by this limitation. 
Especially, it is not clear, “ who receives the token identifier from the partner system after the browser transmit the token identifier to the partner system”.
 and “who transmit the one or more data tokens to the partner system”.

Appropriate clarification is needed.

7. Claims 2 and 16 recites: “the iframe and tokenization system is further configured to: receive the one or more data tokens and token identifier; process the token identifier and extract the template identifier”. It is not clear what is meant by this limitation. 
It is not clear, “ who is sending the one or more data tokens and token identifier to the iframe and tokenization system”.  Appropriate clarification is needed.
8. Claim 9 recites: “the data security system, wherein after receiving the certain data input into the iframe, the iframe and tokenization system is configured to:
vaultlessly tokenize a first portion of the certain data as one or more format preserving data tokens via the token service according to the one or more obfuscation parameters; and 
 and encrypt a second portion of the certain data as format preserving encryption via an encryption service operatively connected to the token service according to the one or more obfuscation parameter”.
It is not clear what is meant by this limitation. 
Especially, it is not clear, what is meant by first portion and second portion; and what part of data is vaultlessly tokenize and what part is encrypted; and how is the determination made.

Appropriate clarification is needed.

9. Claim 10 recites: “the data security system, wherein the iframe and tokenization system is configured to: receive the one or more format preserving data tokens and the token identifier; process the token identifier to extract the template identifier”.
It is not clear what is meant by this limitation. 
It is not clear, “ who is sending the one or more format preserving data tokens and the token identifier to the iframe and tokenization system”.

 Claim 10 also recites:” extract the first portion of the certain data by detokenizing the one or more format preserving data tokens based on the one or more obfuscation parameters”; and “extract the second portion of the certain data by decrypting the format preserving encryption based on the one or more obfuscation parameters”. It is not clear what is meant by first portion and second portion.   
Appropriate clarification is needed.
10. Regarding Claim 15, recites: “transmit the token identifier to browser to be passed to the first third-party system; and upon receiving the token identifier from the first third-party system, transmit the one or more data tokens to the first third-party system”
 It is not clear what is meant by this limitation. 
Especially, it is not clear, “ who receives the token identifier from the first third-party system after the browser transmit the token identifier to the first third-party system”.
 and “who transmit the one or more data tokens to the first third-party system”.

11. Claim 15 also recites:  “provide a virtual terminal to a second third-party of the one or more third-party systems, the virtual terminal based on the template identifier; receive the one or more data tokens and token identifier via the virtual terminal; detokenize the one or more data tokens based on the template identifier and token identifier; and provide the certain data to the second third-party system via the virtual terminal”.

It is not clear what is meant  by this limitation, 
Especially, it is not clear why the virtual terminal  is sent to a second third-party, what is the purpose/utility/reason for sending the virtual terminal.

Appropriate clarification is needed.

12. Claims 3-8, 11-14 and 17-20 don’t cure the deficiency of claims 1 and 15 and are rejected under 35 USC 112 (b) for their dependency upon base claims 1 and 15.

Claim Rejections - 35 USC § 103
13. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



14. Claims 1-10,13 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Peterson (US Pub.No.2019/0342295) in view of  Anderson (US Pub.No.2019/0325445) and in view of Iyer (US Pub.No.2019/0207754).


15. Regarding claim 1 Peterson teaches a data security system comprising: an iframe and tokenization system comprising:
an iframe service for producing iframes in communication with a token service (Para:0036-0037); the token service for creating and detokenizing format preserving vaultless tokens (para:0007);  wherein the iframe and tokenization system is communicatively connected to a partner system and configured to: receive an iframe request from a browser accessing the partner system (Figs.1-3 and Para:0035-0037 teaches performing an online transaction utilizing tokens wherein a user will initiate a card-not-present (CNP) transaction. The user 201 will enter, into a browser 102, sensitive data such as, a personal account number (PAN), a card verification value (CVV), and/or an expiration date of the card, to execute an online purchase. This information may be entered in a web form that appears to the user to be owned by the merchant, but the form may actually be hosted by transaction processor 220 via, for example, an iFrame. The sensitive data will be transferred to the transaction processor 220, such as a payment processor. A server such as a CNP Server, which may be server or transaction services 204, will receive the sensitive data, which will be encrypted);

provide the iframe to the browser accessing the partner system to be presented at the browser according to the template; receive certain data input into the iframe from the browser;
transmit the token identifier to browser to be passed to the partner system; and upon receiving the token identifier from the partner system, transmit the one or more data tokens to the partner system (Figs.4-5 and Para: 0053-0055 teaches captured sensitive data, such as cardholder data, will be obtained from the customer or user, such as in a terminal or browser 102. The sensitive data will be provided to the transaction processor 220, such as to a card-not-present server 515.  The transaction processor 220 will provide a low-value token to the terminal, and/or browser. The transaction processor 220 will also provide the low-value token directly to the third-party service. The low-value token will be a token created by the transaction processor 220 for the limited purpose of being able to obtain one or more pieces of sensitive data of the user or customer, such as the PAN. The merchant will provide the low-value token to the third-party service. The third-party service will provide the low-value token to the transaction processor 220, for example to an encryption service, which will be the tokenizer encryption service 210. The third party will be validated, for example by the transaction processor 220, in order to be able to be trusted and perform detokenization);

Peterson teaches all the above claimed limitation but does not expressly teach receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe.

Anderson teaches receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe (Para:0053, Para:0062-0063, Para:0065, Para:0080, Para:0118 teaches obfuscating sensitive data and/or identifiers).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson to include receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe as taught by Anderson, such a setup would give a predictable result of preventing privacy leak of the user's details.

Both Peterson and Anderson teach all the above claimed limitations but does not expressly teach vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache.

Iyer teaches the token service for creating and detokenizing format preserving vaultless tokens (Figs.1-2 and Para: 0025, Para: 0029 teaches secure storage and transmission of data using vaultless tokenization and/or format preserving encryption. The entity or third-party party will securely store data utilizing the tokenization process and/or securely access the data utilizing a detokenization process);

vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache (Figs.2-3 shows vaultless tokenization and encryption system diagram. Figs.4-5 and Para: 0044-0045 teaches the system begins the vaultless tokenization and encryption process by creating the random token tables that are later used to map the segmented data portions. The random token tables will include a specific number of characters to map the data depending on how the data is segmented. The random token tables will be used by any entity and/or third-party in customizable ways to segment data in any way the entity, third-party, or sub-group thereof, which adds an additional layer of security to secure storage of the data. Fig.6 and Para: 0047 teaches the system tokenizes the data by splitting the data and retrieving random tokens from the one or more random token tables for each of the split data segments. Moreover, the data will be encrypted before or after splitting the data, and/or before or after reorganizing the random tokens. After tokenization, and potentially encryption, the tokenization module 102 can then return the tokenized sequence, such as to a database for storage and/or to a user 4).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson in view of Anderson to include vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache as taught by Iyer, such a setup would give a predictable result of storing data efficiently using reduced memory requirements.



16.  Regarding claims 2 and 16 Peterson teaches the data security system, wherein the iframe and tokenization system is further configured to: receive the one or more data tokens and token identifier; process the token identifier and extract the template identifier (Figs.4-5 and Para: 0053-0055 teaches capture of sensitive data, such as cardholder data, will be obtained from the customer or user, such as in a terminal or browser 102. The sensitive data will be provided to the transaction processor 220, such as to a card-not-present server 515.  The transaction processor 220 will provide a low-value token to the terminal, and/or browser. The low-value token will be a token that is not enabled to perform transactions, but rather is created by the transaction processor 220 for the limited purpose of being able to obtain one or more pieces of sensitive data for a given user or customer, such as the PAN. The merchant will provide the low-value token to the third-party service. The third-party service will provide the low-value token to the transaction processor 220, for example to an encryption service, which will be the tokenizer encryption service 210. The third party will be validated, for example by the transaction processor 220, in order to be able to be trusted and perform detokenization);
and detokenize the one or more data tokens based on the template identifier (Para: 0043-0046 teaches third parties will be authenticated in order to be able to detokenize with the transaction processor 220. An authentication of merchant high-value token to low-value token will be performed via an existing message interface specification. The third-party will be validated as a trusted requestor to call the transaction processor 220 to detokenize for every transaction. Third parties will perform detokenization operations with a low-value token [template identifier]).

17. Regarding claims 3 and 17 Iyer teaches the data security system, wherein the iframe and tokenization system receives the one or more data tokens and the token identifier from a third-party via an API (Figs.3-6 and Para: 0073 teaches tokenization is generally described in the area of interactions (e.g., transactions, or the like) as utilizing a token (e.g., an alias, substitute, surrogate, or other like identifier) as a replacement for sensitive information. As such, tokens or portions of tokens will be used as a stand in for a user account number, user name, social security number, physical address, password, pin number, routing information related to a financial account, security code, or other like information. Furthermore, sensitive information in the form of numerical digits, alphanumeric character, symbols, ASCII characters, are all contemplated by the system and will be tokenized. Once tokenized, the one or more tokens will be stored and transmitted securely for authentication, payment transfer, or information storage. Para: 0037-0039 teaches the tokenization module 102 provides tokenization services to users 4 (e.g., clients, customers, or the like) via the third party systems 104. Tokenization services will encompass all processes associated with tokenizing and detokenizing data. All requests for tokenization and detokenization received from the third party access systems 104 are received by the tokenization module 102, which must authorize any requests received from the third-party systems 104. The tokenization module 102 permits communication with the other systems (e.g., the one or more entity systems 10). As such, the tokenization module 102 provides a third-party facing application that provides cryptographic functions for allowing third-parties to tokenize and/or detokenize the data. Para: 0043 teaches the tokenization module 102 uses API standard).

18. Regarding claims 4 and 18 Iyer teaches the data security system, wherein the iframe and tokenization system receives the one or more data tokens and the token identifier from the partner system via an API (Fig.5 and Para: 0055-0056 teaches the tokenization of the desired data, the data will be any type of data received from the client system. For example, the data will be test data, confidential data, social security numbers, resource pool numbers (e.g., account numbers, such as savings, checking, credit card, or other like resource pool numbers), names, addresses, client lists, e-mail addresses, transaction information (e.g., amounts, product code, order numbers), or any other types of data that an entity would like to store securely. This step will include identifying the data to be secured (e.g., tokenized, or the like), identifying an application associated with the data through which the data will be accessed, identifying the database where the data will be stored, or the like. The first step of the process after identifying the data will be encrypting the data. The tokenization module 102 will access the proper encryption key and format key information from the encryption database 114. Thereafter the original data will be transform into encrypted data using the encryption key and/or format key.  Para: 0043 teaches the tokenization module 102 uses API standard).

19.    Regarding claim 5 Iyer teaches the data security system, wherein the iframe and tokenization system receives the one or more data tokens and token identifier from the partner system( Fig.5 and Para: 0055-0056 teaches the tokenization of the desired data, the data will be any type of data received from the client system. For example, the data will be test data, confidential data, social security numbers, resource pool numbers (e.g., account numbers, such as savings, checking, credit card, or other like resource pool numbers), names, addresses, client lists, e-mail addresses, transaction information (e.g., amounts, product code, order numbers), or any other types of data that an entity would like to store securely. This step will include identifying the data to be secured (e.g., tokenized, or the like), identifying an application associated with the data through which the data will be accessed, identifying the database where the data will be stored, or the like. The first step of the process after identifying the data will be encrypting the data. The tokenization module 102 will access the proper encryption key and format key information from the encryption database 114. Thereafter the original data will be transform into encrypted data using the encryption key and/or format key).

20.    Regarding claim 6 Iyer teaches the data security system, wherein the iframe and tokenization system receives the one or more data tokens and token identifier from a third-party system (Figs.3-6 and Para: 0073 teaches tokenization is generally described in the area of interactions (e.g., transactions, or the like) as utilizing a token (e.g., an alias, substitute, surrogate, or other like identifier) as a replacement for sensitive information. As such, tokens or portions of tokens will be used as a stand in for a user account number, user name, social security number, physical address, password, pin number, routing information related to a financial account, security code, or other like information. Furthermore, sensitive information in the form of numerical digits, alphanumeric character, symbols, ASCII characters, are all contemplated by the system and will be tokenized. Once tokenized, the one or more tokens will be stored and transmitted securely for authentication, payment transfer, or information storage. Para: 0037-0039 teaches the tokenization module 102 provides tokenization services to users 4 (e.g., clients, customers, or the like) via the third party systems 104. Tokenization services will encompass all processes associated with tokenizing and detokenizing data. All requests for tokenization and detokenization received from the third party access systems 104 are received by the tokenization module 102, which must authorize any requests received from the third-party systems 104. The tokenization module 102 permits communication with the other systems (e.g., the one or more entity systems 10). As such, the tokenization module 102 provides a third-party facing application that provides cryptographic functions for allowing third-parties to tokenize and/or detokenize the data).

21.    Regarding claims 7  and 19 Iyer teaches the data security system, wherein the one or more obfuscation parameters comprise format preserving tokenization (Para:0008 and para:0055-0056 teaches the tokenized sequence is encrypted, and encrypting the tokenized sequence further comprises encrypting the tokenized sequence using format preserving encryption).

22.    Regarding claims 8  and 20 Iyer teaches the data security system, wherein the one or more obfuscation parameters comprise format preserving encryption (Para:0008 and para:0055-0056 teaches the tokenized sequence is encrypted, and encrypting the tokenized sequence further comprises encrypting the tokenized sequence using format preserving encryption).

23.    Regarding claim 9 Iyer teaches the data security system, wherein after receiving the certain data input into the iframe, the iframe and tokenization system is configured to:
vaultlessly tokenize a first portion of the certain data as one or more format preserving data tokens via the token service according to the one or more obfuscation parameters; and 
 and encrypt a second portion of the certain data as format preserving encryption via an encryption service operatively connected to the token service according to the one or more obfuscation parameters  (Fig.5 and Para:0055-0056 teaches vaultless tokenization and encryption of data. The process begins by initiating the tokenization of the desired data. The data will be any type of data. For example, the data can be test data, confidential data, social security numbers, resource pool numbers (e.g., account numbers, such as savings, checking, credit card, or other like resource pool numbers), names, addresses, client lists, e-mail addresses, transaction information (e.g., amounts, product code, order numbers), or any other types of data that a third-party and/or entity would like to store securely. This step will include identifying the data to be secured (e.g., tokenized, or the like), identifying an application associated with the data through which the data will be accessed, identifying the database where the data can be stored, or the like. The first step of the process after identifying the data will be encrypting the data. The initial encryption of the data is achieved using an FPE protocol. The FPE key will be protected by HSM 116 and will be unique for each token format. Moreover, the unique encryption key will be stored in the encryption database 114. As such, the tokenization module 102 can access the proper encryption key and format key information from the encryption database 114. Thereafter the original data will be transform into encrypted data using the encryption key and/or format key). 

24.    Regarding claim 10 Iyer teaches the data security system, wherein the iframe and tokenization system is configured to: receive the one or more format preserving data tokens and the token identifier; process the token identifier to extract the template identifier; retrieve the one or more obfuscation parameters via the template identifier (Fig.5 and Para: 0055-0056 teaches vaultless tokenization and encryption of data. The process begins by initiating the tokenization of the desired data. The data will be any type of data. For example, the data can be test data, confidential data, social security numbers, resource pool numbers (e.g., account numbers, such as savings, checking, credit card, or other like resource pool numbers), names, addresses, client lists, e-mail addresses, transaction information (e.g., amounts, product code, order numbers), or any other types of data that a third-party and/or entity would like to store securely. This step will include identifying the data to be secured (e.g., tokenized, or the like), identifying an application associated with the data through which the data will be accessed, identifying the database where the data can be stored, or the like. The first step of the process after identifying the data will be encrypting the data. The initial encryption of the data is achieved using an FPE protocol. The FPE key will be protected by HSM 116 and will be unique for each token format. Moreover, the unique encryption key will be stored in the encryption database 114. As such, the tokenization module 102 can access the proper encryption key and format key information from the encryption database 114. Thereafter the original data will be transform into encrypted data using the encryption key and/or format key);
extract the first portion of the certain data by detokenizing the one or more format preserving data tokens based on the one or more obfuscation parameters (Fig.6, Para:0014 and para:0064 teaches vaultless detokenization of the encrypted tokenized sequence. The process begins by initiating the detokenization of the encrypted tokenized sequence. For example, the detokenization process will begin when an internal request or third-party request is made to access data that has been tokenized. Alternatively, the process will begin when an encrypted tokenized sequence is received as part of an interaction in which the third-party and/or the entity is involved); 

and extract the second portion of the certain data by decrypting the format preserving encryption based on the one or more obfuscation parameters (Fig.6, Para:0065 and Para:0070 teaches the encrypted tokenized sequence is decrypted by applying the associated encryption key. The associated encryption key is stored in the encryption database 114. The encrypted tokenized sequence will have encryption information attached thereto, such as metadata, which indicates the encryption key and/or location of the encryption key that is utilized to decrypt the encrypted tokenized sequence. After decryption, a tokenized sequence remains).

25.    Regarding claim 13 Peterson teaches the data security system, wherein the certain data comprises an SSN (Para: 0020 and Para: 0028 teaches the data comprises a social security number SSN).


26. Regarding claim 15 Peterson teaches a data security system comprising: an iframe and tokenization system comprising:
an iframe service for producing iframes in communication with a token service (Para:0036-0037); the token service for creating and detokenizing format preserving vaultless tokens (para:0007);  wherein the iframe and tokenization system is communicatively connected to one or more third-party system and configured to: receive an iframe request from a browser accessing a first third-party system (Figs.1-3 and Para:0035-0037 teaches performing an online transaction utilizing tokens wherein a user will initiate a card-not-present (CNP) transaction. The user 201 will enter, into a browser 102, sensitive data such as, a personal account number (PAN), a card verification value (CVV), and/or an expiration date of the card, to execute an online purchase. This information may be entered in a web form that appears to the user to be owned by the merchant, but the form may actually be hosted by transaction processor 220 via, for example, an iFrame. The sensitive data will be transferred to the transaction processor 220, such as a payment processor. A server such as a CNP Server, which may be server or transaction services 204, will receive the sensitive data, which will be encrypted);

provide the iframe to the browser accessing the first third-party system to be presented at the browser according to the template; receive certain data input into the iframe from the browser;
transmit the token identifier to browser to be passed to the first third-party system; and upon receiving the token identifier from the first third-party system, transmit the one or more data tokens to the first third-party system (Figs.4-5 and Para: 0053-0055 teaches captured sensitive data, such as cardholder data, will be obtained from the customer or user, such as in a terminal or browser 102. The sensitive data will be provided to the transaction processor 220, such as to a card-not-present server 515.  The transaction processor 220 will provide a low-value token to the terminal, and/or browser. The transaction processor 220 will also provide the low-value token directly to the third-party service. The low-value token will be a token created by the transaction processor 220 for the limited purpose of being able to obtain one or more pieces of sensitive data of the user or customer, such as the PAN. The merchant will provide the low-value token to the third-party service. The third-party service will provide the low-value token to the transaction processor 220, for example to an encryption service, which will be the tokenizer encryption service 210. The third party will be validated, for example by the transaction processor 220, in order to be able to be trusted and perform detokenization);

provide a terminal to a second third-party of the one or more third-party systems, the terminal based on the template identifier; receive the one or more data tokens and token identifier via the  terminal; detokenize the one or more data tokens based on the template identifier and token identifier; and provide the certain data to the second third-party system via the terminal (Figs.4-5 and Para: 0053-0055 teaches captured sensitive data, such as cardholder data, will be obtained from the customer or user, such as in a terminal or browser 102. The sensitive data will be provided to the transaction processor 220, such as to a card-not-present server 515.  The transaction processor 220 will provide a low-value token to the terminal, and/or browser. The transaction processor 220 will also provide the low-value token directly to the third-party service. The low-value token will be a token created by the transaction processor 220 for the limited purpose of being able to obtain one or more pieces of sensitive data of the user or customer, such as the PAN. The merchant will provide the low-value token to the third-party service. The third-party service will provide the low-value token to the transaction processor 220, for example to an encryption service, which will be the tokenizer encryption service 210. The third party will be validated, for example by the transaction processor 220, in order to be able to be trusted and perform detokenization);

Peterson teaches all the above claimed limitation but does not expressly teach a virtual terminal service for producing virtual terminals in communication with the token service;  receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe.

Anderson teaches a virtual terminal service for producing virtual terminals in communication with the token service (Para:0006-0007 teaches providing virtual services. Para:0031-0033 and Para:0072 teaches the terminals in communication with the token service);

 receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe (Para:0053, Para:0062-0063, Para:0065, Para:0080, Para:0118 teaches obfuscating sensitive data and/or identifiers).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson to include receiving a template identifier representing a template defining one or more obfuscating parameter for data to be received by an iframe as taught by Anderson, such a setup would give a predictable result of preventing privacy leak of the user's details.

Both Peterson and Anderson teach all the above claimed limitations but does not expressly teach vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache.

Iyer teaches the token service for creating and detokenizing format preserving vaultless tokens (Figs.1-2 and Para: 0025, Para: 0029 teaches secure storage and transmission of data using vaultless tokenization and/or format preserving encryption. The entity or third-party party will securely store data utilizing the tokenization process and/or securely access the data utilizing a detokenization process);

vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache (Figs.2-3 shows vaultless tokenization and encryption system diagram. Figs.4-5 and Para: 0044-0045 teaches the system begins the vaultless tokenization and encryption process by creating the random token tables that are later used to map the segmented data portions. The random token tables will include a specific number of characters to map the data depending on how the data is segmented. The random token tables will be used by any entity and/or third-party in customizable ways to segment data in any way the entity, third-party, or sub-group thereof, which adds an additional layer of security to secure storage of the data. Fig.6 and Para: 0047 teaches the system tokenizes the data by splitting the data and retrieving random tokens from the one or more random token tables for each of the split data segments. Moreover, the data will be encrypted before or after splitting the data, and/or before or after reorganizing the random tokens. After tokenization, and potentially encryption, the tokenization module 102 can then return the tokenized sequence, such as to a database for storage and/or to a user 4).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson in view of Anderson to include vaultlessly tokenize the certain data as one or more data tokens via the token service according to the one or more obfuscation parameters; store the one or more data tokens in a cache as taught by Iyer, such a setup would give a predictable result of storing data efficiently using reduced memory requirements.


27. Claims 11 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Peterson (US Pub.No.2019/0342295) in view of  Anderson (US Pub.No.2019/0325445) and in view of Iyer (US Pub.No.2019/0207754) as applied to claim 1 above and further in view of Dimmick (US Pub.No.2016/0148197).

28. Regarding claim 11 Peterson in view of Anderson and in view of Iyer teaches all the above claimed limitations, but does not expressly teach the data security system, wherein the iframe and tokenization system deletes the one or more data tokens from the cache after a predetermined amount of time.

Dimmick teaches the data security system, wherein the iframe and tokenization system deletes the one or more data tokens from the cache after a predetermined amount of time (Para: 0104 teaches assigning limits for payment tokens. For example, the payment token may only be valid for 1 hour, 10 minutes, 5 minutes, 1 minute, 30 seconds, or any other suitable amount of time. Para: 0138 teaches the payment token will be deleted after being used for a transaction).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson in view of Anderson and in view of Iyer to include deleting the one or more data tokens from the cache after a predetermined amount of time as taught by Dimmick, such a setup would not pose a security threat even if a token is compromised.

29. Regarding claim 12 Peterson in view of Anderson and in view of Iyer teaches all the above claimed limitations, but does not expressly teach the data security system, wherein the predetermined amount of time is about one hour.

Dimmick teaches the data security system, wherein the predetermined amount of time is about one hour (Para: 0104 teaches assigning limits for payment tokens. For example, the payment token will only be valid for 1 hour).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson in view of Anderson and in view of Iyer to include the predetermined amount of time is about one hour as taught by Dimmick, such a setup would not pose a security threat even if a token is compromised.

30. Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Peterson (US Pub.No.2019/0342295) in view of  Anderson (US Pub.No.2019/0325445) and in view of Iyer (US Pub.No.2019/0207754) as applied to claim 1 above and further in view of Kumar (US Pub.No.2018/0189502).

31. Regarding claim 14 Peterson in view of Anderson and in view of Iyer teaches all the above claimed limitations, but does not expressly teach the data security system, wherein the certain data comprises a birthdate.

Kumar teaches the data security system, wherein the certain data comprises a birthdate (Para:
0073 teaches the data comprises a birthdate).

It would have been obvious to one of the ordinary skills in the art before the invention was filed to modify Peterson in view of Anderson and in view of Iyer to include the certain data comprises a birthdate as taught by Kumar, such a setup would give a predictable result of adding more or/ and additional data.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506.  The examiner can normally be reached on Mon-Fri: 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431