DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 06/03/2022 has been entered.

Status of Claims
Claims 1, 5-6, 15, 18, 22, 26 and 29 are amended.
Claims 1-29 are pending.

Response to Remarks
35 U.S.C. § 103
Applicant contends that the claimed invention overcomes reference Basu at least based on the distinction that the token is generated based on both the controller ID and the provider ID (as well as the data itself), whereas in Basu there is an intention to generate only one token per account ID. Moreover, Applicant contends that Basu seems to equate the account ID to both the provider ID and the data itself, which is incorrect. Examiner respectfully disagrees. Basu discloses that a MVV is used and a TDK in the tokenization process of generating a token. Furthermore, it is noted that the TDK and the account Identifier are then further used for the final generation of the token. As Applicant’s claim recites “using” these three elements as “inputs to a tokenization process”, Basu thus reads upon the claim. Therefore, applicant’s arguments are not persuasive. 
Applicant also contends Basu does not appear to store the data itself in a data vault, instead only stores the tokenized version of the account ID. Examiner respectfully disagrees as Basu does disclose storing the data itself (paras 44, 73-74, 146, 168).

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-29 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.

The claims have been evaluated for patent subject matter eligibility under 35 U.S.C. 101 using the 2019 Revised Patent Subject Matter Eligibility Guidance (2019 PEG).




Claims 1-14:
Step 1
Claims 1-14 are directed to a computer-implemented method (i.e. process). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 1 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs, wherein the data is determined using a schema. Specifically, but for the additional elements, claim 1 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 1 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 1 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed tokenization of data inputs, wherein the data is determined using a schema is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
accessing a schema for an online store of a merchant
determining a type of affiliation for tokenization specified in the schema, wherein the type of affiliation includes at least one of per-schema affiliation and a per-field affiliation
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a data controller
determining, based on the type of affiliation for tokenization specified in the schema, a unique data controller ID for the data controller
determining a unique data provider ID for the data provider
generating, by the tokenization engine, a corresponding token using the data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the unique data controller ID and the unique data provider ID used in generating the corresponding token
storing a unique data record in a data vault, the unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record

Step 2A Prong Two
Claim 1 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 1, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.

Dependent Claims
Claims 2-14 have also been analyzed according to the 2019 PEG. However, the subject matter of these claims also fails to recite patent eligible subject matter for the following reasons:
Claim 2 recites additional details of the type of data included in the “data provider”. Therefore, it recites additional abstract ideas.
Claim 3 recites additional details of the type of data included in the “data controller”. Therefore, it recites additional abstract ideas.
Claim 4 recites the abstract idea of authenticating data access. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 4 recites the additional element of “by the tokenization engine”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 5 recites additional details of the type of data included in the “unique data record”. Therefore, it recites additional abstract ideas.
Claim 6 recites additional details of the type of data included in the “unique data record”. Therefore, it recites additional abstract ideas.
Claim 7 further recites the abstract idea of unique tokenization of data inputs. In other words, it recites limitations grouped within the “mental processes” grouping of abstract ideas. Claim 7 recites the additional element of “wherein the tokenization engine”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 8 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 8 recites the additional element of “in the data vault … by the data provider”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 9 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 9 recites the additional element of “by the data provider”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 10 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 10 recites the additional element of “in a database of an e-commerce platform”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 11 recites additional details of the type of data included in the “data provider ID”. Therefore, it recites additional abstract ideas.
Claim 12 recites additional details of the type of data included in the “data controller ID”. Therefore, it recites additional abstract ideas.
Claim 13 further recites the abstract idea of analyzing data. In other words, it recites limitations grouped within the “mental processes” grouping of abstract ideas.
Claim 14 recites the abstract idea of authenticating data access and analyzing data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” and “mental processes” groupings of abstract ideas. Claim 14 recites the additional element of “by the tokenization engine”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.

Claims 15-17:
Step 1
Claims 15-17 are directed to a computer-implemented system (i.e. machine). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 15 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs, wherein the data is determined using a schema. Specifically, but for the additional elements, claim 15 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 15 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 15 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed unique tokenization of data inputs, wherein the data is determined using a schema is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
a tokenization engine that receives data to be protected which is provided by a data provider and obtained by or on behalf of a data controller
a data vault
wherein the tokenization engine is enabled to determine affiliation between the data controller and the data provided according to a schema specification, and wherein the tokenization engine is further enabled to determine a unique data controller ID associated with the data controller and a unique data provider ID associated with the data provider and generate a corresponding token using the data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the data controller ID and the data provider ID used in generating the corresponding token
wherein the data vault stores a unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record

Step 2A Prong Two
Claim 15 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 15, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.

Dependent Claims
Claims 16-17 have also been analyzed according to the 2019 PEG. However, the subject matter of these claims also fails to recite patent eligible subject matter for the following reasons:
Claim 16 recites additional details of the type of data included in the “data provider”. Therefore, it recites additional abstract ideas.
Claim 17 recites additional details of the type of data included in the “data controller”. Therefore, it recites additional abstract ideas.

Claims 18-21:
Step 1
Claims 18-21 are directed to a computer-implemented method (i.e. process). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 18 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs. Specifically, but for the additional elements, claim 18 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 18 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 18 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed tokenization of data inputs is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
receiving, by a tokenization engine, data to be protected which is provided by a customer and obtained by or on behalf of a merchant
determining a merchant ID associated with the merchant, wherein the merchant ID is unique for each merchant
determining a customer ID associated with the customer, wherein the customer ID is unique for each customer
generating, by the tokenization engine, a corresponding token using the merchant ID, the customer ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the merchant ID or the customer ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the merchant ID and the customer ID used in generating the corresponding token
storing a unique data record in a data vault, the unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record

Step 2A Prong Two
Claim 18 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 18, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.

Dependent Claims
Claims 19-21 have also been analyzed according to the 2019 PEG. However, the subject matter of these claims also fails to recite patent eligible subject matter for the following reasons:
Claim 19 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 19 recites the additional element of “in the data vault … by the customer”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 20 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 20 recites the additional element of “by the customer”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.
Claim 21 further recites the abstract idea of bookkeeping of tokens and associated data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas. Claim 21 recites the additional element of “by the customer”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.

Claims 22-25:
Step 1
Claims 22-25 are directed to a computer-implemented method (i.e. process). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 22 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs. Specifically, but for the additional elements, claim 22 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 22 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 22 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed tokenization of data inputs is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data, and preventing access to data upon a request is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a first data controller
determining a first data controller ID associated with the first data controller and a data provider ID associated with the data provider
generating, by the tokenization engine, a first token using the first data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the data to be protected in association with the first data controller ID and the data provider ID used in generating the corresponding first token
receiving, by the tokenization engine, the data to be protected which is provided by the data provider and obtained by or on behalf of a second data controller
determining a second data controller ID associated with the second data controller
generating, by the tokenization engine, a second token using the second data controller ID, the data provider ID, and the data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data controller ID which is different than the first data controller ID, and wherein the second token is a reference that maps back to the data to be protected in association with the second data controller ID and the data provider ID used in generating the corresponding second token
determining a second data provider ID associated with a second data provider
generating, by the tokenization engine, a third token using the first data controller ID, the second data provider ID, and the data to be protected as inputs to the tokenization process, wherein the third token is different than the first and second tokens by being generated using the second data provider ID which is different than the first data provider ID, and, wherein the third token is a reference that maps back to the data to be protected in association with the first data controller ID and the second data provider ID used in generating the corresponding third token
storing a first data record in a data vault, the first data record comprising the data to be protected and the corresponding first token, wherein the data to be protected is accessible from the data vault when the first token is presented by matching the presented first token with the corresponding first token stored with the data to be protected in the first data record
storing a second data record in the data vault, the second data record comprising the data to be protected and the corresponding second token, wherein the data to be protected is accessible from the data vault when the second token is presented by matching the presented second token with the corresponding second token stored with the data to be protected in the second data record
storing a third data record in the data vault, the third data record comprising the data to be protected and the corresponding third token, wherein the data to be protected is accessible from the data vault when the third token is presented by matching the presented third token with the corresponding third token stored with the data to be protected in the third data record
receiving a request from the data provider to delete the data to be protected with respect to the first data controller, and in response to the request, preventing the data to be protected from being accessed with the first token

Step 2A Prong Two
Claim 22 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 22, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.

Dependent Claims
Claims 23-25 have also been analyzed according to the 2019 PEG. However, the subject matter of these claims also fails to recite patent eligible subject matter for the following reasons:
Claim 23 recites additional details of the type of data included in the “data to be protected”. Therefore, it recites additional abstract ideas.
Claim 24 recites additional details of the type of data included in the “data to be protected”. Therefore, it recites additional abstract ideas.
Claim 25 recites the abstract idea of auditing data. In other words, it recites limitations grouped within the “certain methods of organizing human activity” and “mental processes” groupings of abstract ideas. Claim 25 recites the additional element of “by the tokenization engine … in the data vault”. However, this additional element fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea.

Claims 26-28:
Step 1
Claims 26-28 are directed to a computer-implemented method (i.e. process). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 26 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs. Specifically, but for the additional elements, claim 26 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 26 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 26 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed tokenization of data inputs is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
receiving, by a tokenization engine, first data to be protected
receiving, by the tokenization engine, a first data controller ID associated with a first data controller and a first data provider ID associated with the first data provider corresponding to the first data to be protected
receiving, by the tokenization engine, a second data controller ID associated with a second data controller
receiving, by the tokenization engine, a second data provider ID associated with a second data provider
generating, by the tokenization engine, a corresponding first token using the first data controller ID, the first data provider ID, and the first data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the first data to be protected in association with the first data controller ID and the first data provider ID used in generating the corresponding first token
generating, by the tokenization engine, a corresponding second token using the second data controller ID, the first data provider ID, and the first data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data controller ID which is different than the first data controller ID
generating, by the tokenization engine, a corresponding third token using the first data controller ID, the second data provider ID, and the first data to be protected as inputs to the tokenization process, wherein the third token is different than the first and second tokens by being generated using the second data provider ID which is different than the first data provider ID
storing a first data record in a data vault, the first data record comprising the first data to be protected and the corresponding first token, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented by matching the presented first token with the corresponding first token stored with the first data to be protected in the first data record
storing a second data record in the data vault, the second data record comprising the first data to be protected and the corresponding second token, wherein the first data to be protected is accessible from the data vault when the corresponding second token is presented by matching the presented second token with the corresponding second token stored with the first data to be protected in the second data record
storing a third data record in the data vault, the third data record comprising the first data to be protected and the corresponding third token, wherein the first data to be protected is accessible from the data vault when the corresponding third token is presented by matching the presented third token with the corresponding third token stored with the first data to be protected in the third data record



Step 2A Prong Two
Claim 26 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 26, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.



Dependent Claims
Claims 27-28 have also been analyzed according to the 2019 PEG. However, the subject matter of these claims also fails to recite patent eligible subject matter for the following reasons:
Claim 27 recites additional details of the type of data included in the “first data provider ID”. Therefore, it recites additional abstract ideas.
Claim 28 recites additional details of the type of data included in the “first and the second data controller ID”. Therefore, it recites additional abstract ideas.

Claim 29:
Step 1
Claim 29 is directed to a computer-implemented method (i.e. process). Therefore, these claims fall within the four statutory categories of invention.

Step 2A Prong One
Claim 29 recites (i.e., sets forth or describes) an abstract idea of unique tokenization of data inputs. Specifically, but for the additional elements, claim 29 under its broadest reasonable interpretation recites limitations grouped within the “mental processes” grouping of abstract ideas because the claim recites a process that deals with concepts performed in the human mind. Claim 29 also recites (i.e., sets forth or describes) an abstract idea of bookkeeping of tokens and associated data. Specifically, but for the additional elements, claim 29 under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas because the claim recites a process that deals with fundamental economic principles or practices, as well as commercial or legal interactions. For instance, the claimed tokenization of data inputs is an example of concepts performed in the human mind because it involves concepts practically performed in the human mind. Additionally, the claimed storing of tokens and associated data is an example of fundamental economic principles or practices, as well as commercial or legal interactions because it involves bookkeeping as well as business relations. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). 
receiving, by a tokenization engine, first and second data to be protected
determining, by the tokenization engine, a data controller ID associated with a data controller
determining, by the tokenization engine, a first data provider ID associated with a first data provider corresponding to the first data to be protected
determining, by the tokenization engine, a second data provider ID associated with a second data provider corresponding to the second data to be protected
generating, by the tokenization engine, a corresponding first token using the data controller ID, the first data provider ID, and the first data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the first data to be protected in association with the data controller ID and the first data provider ID used in generating the corresponding first token
generating, by the tokenization engine, a corresponding second token using, the data controller ID, the second data provider ID, and the second data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data provider ID which is different than the first data provider ID, wherein the second token is a reference that maps back to the second data to be protected in association with the data controller ID and the second data provider ID used in generating the corresponding second token
storing a first data record in a data vault, the first data record comprising the first data to be protected and the corresponding first token, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented by matching the presented first token with the corresponding first token stored with the first data to be protected in the first data record
storing a second data record in the data vault, the second data record comprising the second data to be protected and the corresponding second token, wherein the second data to be protected is accessible from the data vault when the corresponding second token is presented by matching the presented second token with the corresponding second token stored with the second data to be protected in the second data record

Step 2A Prong Two
Claim 29 as a whole, looking at the additional elements individually and in combination, does not integrate the judicial exception into a practical application. First, the non-underlined additional elements above merely serve as a tool to perform the abstract idea. Additionally, regarding the specification and claims, there is no improvement in the functioning of a computer or an improvement to other technology or technical field present, there is no applying or using the judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition present, there is no implementing the judicial exception with or using the judicial exception in conjunction with a particular machine or manufacture that is integral to the claim present, there is no effecting a transformation or reduction of a particular article to a different state or thing present, and there is no applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment present such that the claim as a whole is more than a drafting effort designed to monopolize the exception. 

Step 2B
The additional elements, taken individually and in combination, do not result in claim 29, as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Therefore, the claim does not provide an inventive concept, and thus, is not patent eligible.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim 18 is rejected under 35 U.S.C. 102(a)(1) as being anticipated by US 2012/0041881 A1 to Basu et al. (hereinafter “Basu”).

Regarding independent claim 18:
BASU discloses a method comprising:
receiving, by a tokenization engine, data to be protected which is provided by a customer and obtained by or on behalf of a merchant (paras 3-7, 32-43)
determining a merchant ID associated with the merchant, wherein the merchant ID is unique for each merchant; determining a customer ID associated with the customer, wherein the customer ID is unique for each customer (paras 3-7, 32-43)
generating, by the tokenization engine, a corresponding token using the merchant ID, the customer ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the merchant ID or the customer ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the merchant ID and the customer ID used in generating the corresponding token (paras 32-43, 70-71, 100, 144)
storing a unique data record in a data vault, the unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record (paras 44, 73-74, 146, 168)


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-6, 10-17 are rejected under 35 U.S.C. 103 as being unpatentable over Basu in view of US 10,025,941 B1 to Griffin et al. (hereinafter “Griffin”).



Regarding claim 1:
BASU, which like the present invention is directed to systems and methods for providing an account token, teaches:
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a data controller (paras 3-7, 32-43) 
determining … a unique data controller ID for the data controller; determining a unique data provider ID for the data provider (paras 3-7, 32-43)
generating, by the tokenization engine, a corresponding token using the data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the unique data controller ID and the unique data provider ID used in generating the corresponding token (paras 32-43, 70-71, 100, 144)
storing a unique data record in a data vault, the unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record (paras 44, 73-74, 146, 168)
BASU does not specifically disclose:
accessing a schema for an online store of a merchant; determining a type of affiliation for tokenization specified in the schema, wherein the type of affiliation includes at least one of per-schema affiliation and a per-field affiliation;… based on the type of affiliation for tokenization specified in the schema
GRIFFIN an analogous art of BASU and the current application, teaches:
accessing a schema for an online store of a merchant; determining a type of affiliation for tokenization specified in the schema, wherein the type of affiliation includes at least one of per-schema affiliation and a per-field affiliation;… based on the type of affiliation for tokenization specified in the schema (Col/Line 11/15-12/15)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention to combine the teachings of using schemas to determine tokenization procedures and data processing as disclosed by GRIFFIN to the teachings of using tokens for a variety of data as disclosed by BASU by having data centers and processors determine schema matched to an entity and use them for tokenization. Such a combination would be performed in order to allow for the tokenization process to be utilized by a variety of payment processing systems and merchants thereby allowing for an increase in security while still being available for as many people as possible. 

Regarding independent claim 15:
BASU discloses a system comprising: 
a tokenization engine that receives data to be protected which is provided by a data provider and obtained by or on behalf of a data controller (paras 3-7, 32-43)
a data vault (paras 44, 73-74, 146, 168)
wherein the tokenization engine is enabled to … and wherein the tokenization engine is further enabled to determine a unique data controller ID associated with the data controller and a unique data provider ID associated with the data provider (paras 3-7, 32-43)
and generate a corresponding token using the data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the token is a reference that maps back to the data to be protected in association with the data controller ID and the data provider ID used in generating the corresponding token (paras 32-43, 70-71, 100, 144)
wherein the data vault stores a unique data record comprising the data to be protected and the corresponding token, wherein the data to be protected is accessible from the data vault when the corresponding token is presented by matching the presented token with the corresponding token stored with the data to be protected in the unique data record (paras 44, 73-74, 146, 168)
BASU does not specifically disclose:
determine affiliation between the data controller and the data provided according to a schema specification
GRIFFIN an analogous art of BASU and the current application, teaches:
determine affiliation between the data controller and the data provided according to a schema specification (Col/Line 11/15-12/15)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention to combine the teachings of using schemas to determine tokenization procedures and data processing as disclosed by GRIFFIN to the teachings of using tokens for a variety of data as disclosed by BASU by having data centers and processors determine schema matched to an entity and use them for tokenization. Such a combination would be performed in order to allow for the tokenization process to be utilized by a variety of payment processing systems and merchants thereby allowing for an increase in security while still being available for as many people as possible. 

Regarding claims 2 and 16:
BASU further teaches:
wherein the data provider is one of the merchant or a customer [a merchant and a customer] of the merchant (paras 3-7, 32-43)

Regarding claims 3 and 17:
BASU further teaches:
wherein the data controller is one of an e- commerce platform and the merchant (paras 3-7, 32-43)

Regarding claim 4:
BASU further teaches:
authenticating, by the tokenization engine, access to the data to be protected upon receipt of the corresponding token (paras 44-45)



Regarding claim 5:
BASU further teaches:
wherein the unique data record comprises the unique data controller ID (paras 32-43, 70-71, 100, 144)

Regarding claim 6:
BASU further teaches:
wherein the unique data record comprises the unique data provider ID (paras 32-43, 70-71, 100, 144)

Regarding claim 10:
BASU further teaches:
transmitting the data provider ID and the token for storage in a database of an e-commerce platform (paras 63-65)

Regarding claims 11:
BASU further teaches:
wherein the data provider ID comprises at least one of a ID kind and an ID value (paras 3-7, 32-43)




Regarding to claims 12:
BASU further teaches:
wherein the data controller ID comprises at least one of a controller kind, an ID kind, and an ID value (paras 3-7, 32-43)

Regarding to claim 13:
BASU further teaches:
authorizing a data analysis to be performed on the data controller and the data provider and using the corresponding token as a placeholder (paras 46-48)

Regarding to claim 14:
BASU further teaches:
receiving and authenticating, by the tokenization engine, the corresponding token, and authorizing a data analysis to be performed on the data controller and the data provider using the data to be protected when the corresponding token is authenticated (paras 45-48)

Claims 26-29 are rejected under 35 U.S.C. 103 as being unpatentable over Basu.

Regarding independent claim 26:
BASU discloses a method comprising: 
receiving, by a tokenization engine, first data to be protected (paras 3-7, 32-43)
receiving, by the tokenization engine, a first data controller ID associated with a first data controller and a first data provider ID associated with the first data provider corresponding to the first data to be protected (paras 3-7, 32-43)
receiving, by the tokenization engine, a second data controller ID associated with a second data controller (paras 3-7, 32-43)
receiving, by the tokenization engine, a second data provider ID associated with a second data provider (paras 3-7, 32-43)
generating, by the tokenization engine, a corresponding first token using the first data controller ID, the first data provider ID, and the first data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the first data to be protected in association with the first data controller ID and the first data provider ID used in generating the corresponding first token (paras 32-43, 70-71, 100, 144)
generating, by the tokenization engine, a corresponding second token using the second data controller ID, the first data provider ID, and the first data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data controller ID which is different than the first data controller ID (paras 32-43, 70-71, 100, 144)
generating, by the tokenization engine, a corresponding third token using the first data controller ID, the second data provider ID, and the first data to be protected as inputs to the tokenization process, wherein the third token is different than the first and second tokens by being generated using the second data provider ID which is different than the first data provider ID (paras 32-43, 70-71, 100, 144)
storing a first data record in a data vault, the first data record comprising the first data to be protected and the corresponding first token, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented by matching the presented first token with the corresponding first token stored with the first data to be protected in the first data record (paras 44, 73-74, 146, 168)
storing a second data record in the data vault, the second data record comprising the first data to be protected and the corresponding second token, wherein the first data to be protected is accessible from the data vault when the corresponding second token is presented by matching the presented second token with the corresponding second token stored with the first data to be protected in the second data record (paras 44, 73-74, 146, 168)
storing a third data record in the data vault, the third data record comprising the first data to be protected and the corresponding third token, wherein the first data to be protected is accessible from the data vault when the corresponding third token is presented by matching the presented third token with the corresponding third token stored with the first data to be protected in the third data record (paras 44, 73-74, 146, 168)
BASU does not explicitly disclose that the second and third versions and combinations of these processes are performed. However, such processes merely read as the duplication of parts/processes. Therefore, it would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to perform the processes described above as often or as many times as desired with any variety of data as desired, e.g. using a second data controller ID with the first data provider ID and first data to be protected.) In re Harza, 274 F.2d 669, 124 USPQ 378 (CCPA 1960)

Regarding independent claim 29:
BASU discloses a method comprising: 
receiving, by a tokenization engine, first and second data to be protected (paras 3-7, 32-43)
determining, by the tokenization engine, a data controller ID associated with a data controller (paras 3-7, 32-43)
determining, by the tokenization engine, a first data provider ID associated with a first data provider corresponding to the first data to be protected (paras 3-7, 32-43)
determining, by the tokenization engine, a second data provider ID associated with a second data provider corresponding to the second data to be protected (paras 3-7, 32-43)
generating, by the tokenization engine, a corresponding first token using the data controller ID, the first data provider ID, and the first data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the first data to be protected in association with the data controller ID and the first data provider ID used in generating the corresponding first token (paras 32-43, 70-71, 100, 144)
generating, by the tokenization engine, a corresponding second token using, the data controller ID, the second data provider ID, and the second data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data provider ID which is different than the first data provider ID, wherein the second token is a reference that maps back to the second data to be protected in association with the data controller ID and the second data provider ID used in generating the corresponding second token (paras 32-43, 70-71, 100, 144)
storing a first data record in a data vault, the first data record comprising the first data to be protected and the corresponding first token, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented by matching the presented first token with the corresponding first token stored with the first data to be protected in the first data record (paras 44, 73-74, 146, 168)
storing a second data record in the data vault, the second data record comprising the second data to be protected and the corresponding second token, wherein the second data to be protected is accessible from the data vault when the corresponding second token is presented by matching the presented second token with the corresponding second token stored with the second data to be protected in the second data record (paras 44, 73-74, 146, 168)
BASU does not explicitly disclose that the second versions and combinations of these processes are performed. However, such processes merely read as the duplication of parts/processes. Therefore, it would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to perform the processes described above as often or as many times as desired with any variety of data as desired, e.g. using a second data controller ID with the first data provider ID and first data to be protected.) In re Harza, 274 F.2d 669, 124 USPQ 378 (CCPA 1960)



Regarding claim 27:
BASU further teaches:
wherein each of the first data provider ID comprises at least one of a ID kind and an ID value (paras 3-7, 32-43)

Regarding to claim 28:
BASU further teaches:
wherein each of the first and the second data controller ID comprises at least one of a controller kind, an ID kind, and an ID value (paras 3-7, 32-43)

Claim 7 is rejected as being unpatentable under 35 U.S.C. 103 over Basu in view of Griffin as applied above in further view of US 10,565,596 B2 to DeTella et al. (hereinafter “DeTella”).

Regarding claim 7:
DETELLA, in an analogous art of providing data in compliance with data security standards, teaches:
wherein the tokenization engine provides placeholder data in a case of a missing data controller ID and in a case of a missing data provider ID (Col/Line 4/42-44)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of using placeholder data as disclosed by DETELLA to the teachings of using data for tokenization of merchant transactions as disclosed by the combination of BASU and GRIFFIN by having placeholder data be used in place of missing or awaited data such as IDs.  This would simplify the tokenization process so that tokenization could be carried out even in the case of missing data information, and thereby reducing the cost of computing equipment and other costs, as well as allow for increased convenience to customers, as recognized by BASU.

Claims 8-9, are rejected under 35 U.S.C. § 103 as being unpatentable over Basu in view of Griffin as applied above in further view of US 2019/0370487 A1 to Veltman et al. (hereinafter “Veltman”).

Regarding claim 8:
VELTMAN, an analogous art of BASU and the current application, teaches:
deleting the data to be protected in the data vault upon receipt of a request by the data provider to delete the data to be protected (para 28)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of deleting data when requested as disclosed by VELTMAN to the teachings of using data to form tokens and store them as disclosed by the combination of BASU and GRIFFIN by allowing data that is stored in memory be deleted upon request. Doing so would allow more control of users in regards to what they want to be stored by a separate memory device, as well as increase security by allowing users to delete potentially sensitive data in places they don’t want it to be, as well as reduce the difficulty of managing private/sensitive information across service/products that need access to the information, as recognized by VELTMAN.

Regarding claim 9:
VELTMAN teaches:
preventing the data to be protected from being accessed by any entity upon receipt of a request by the data provider to delete the data to be protected (para 28)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of deleting data when requested as disclosed by VELTMAN to the teachings of using data to form tokens and store them as disclosed by the combination of BASU and GRIFFIN by allowing data that is stored in memory be deleted upon request. Doing so would allow more control of users in regards to what they want to be stored by a separate memory device, as well as increase security by allowing users to delete potentially sensitive data in places they don’t want it to be, as well as reduce the difficulty of managing private/sensitive information across service/products that need access to the information, as recognized by VELTMAN.

Claims 19-25 are rejected under 35 U.S.C. § 103 as being unpatentable over Basu as applied above in view of Veltman.

Regarding independent claim 22:
BASU discloses a method comprising: 
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a first data controller (paras 3-7, 32-43)
determining a first data controller ID associated with the first data controller and a data provider ID associated with the data provider (paras 3-7, 32-43)
generating, by the tokenization engine, a first token using the first data controller ID, the data provider ID, and the data to be protected as inputs to a tokenization process, wherein the tokenization engine generates a different token for the same data to be protected when the data controller ID or the data provider ID is different, and wherein the first token is a reference that maps back to the data to be protected in association with the first data controller ID and the data provider ID used in generating the corresponding first token (paras 32-43, 70-71, 100, 144)
receiving, by the tokenization engine, the data to be protected which is provided by the data provider and obtained by or on behalf of a second data controller (paras 3-7, 32-43)
determining a second data controller ID associated with the second data controller (paras 3-7, 32-43)
generating, by the tokenization engine, a second token using the second data controller ID, the data provider ID, and the data to be protected as inputs to the tokenization process, wherein the second token is different than the first token by being generated using the second data controller ID which is different than the first data controller ID, and wherein the second token is a reference that maps back to the data to be protected in association with the second data controller ID and the data provider ID used in generating the corresponding second token (paras 32-43, 70-71, 100, 144)
determining a second data provider ID associated with a second data provider (paras 3-7, 32-43)
generating, by the tokenization engine, a third token using the first data controller ID, the second data provider ID, and the data to be protected as inputs to the tokenization process, wherein the third token is different than the first and second tokens by being generated using the second data provider ID which is different than the first data provider ID, and, wherein the third token is a reference that maps back to the data to be protected in association with the first data controller ID and the second data provider ID used in generating the corresponding third token (paras 32-43, 70-71, 100, 144)
storing a first data record in a data vault, the first data record comprising the data to be protected and the corresponding first token, wherein the data to be protected is accessible from the data vault when the first token is presented by matching the presented first token with the corresponding first token stored with the data to be protected in the first data record (paras 44, 73-74, 146, 168)
storing a second data record in the data vault, the second data record comprising the data to be protected and the corresponding second token, wherein the data to be protected is accessible from the data vault when the second token is presented by matching the presented second token with the corresponding second token stored with the data to be protected in the second data record (paras 44, 73-74, 146, 168)
storing a third data record in the data vault, the third data record comprising the data to be protected and the corresponding third token, wherein the data to be protected is accessible from the data vault when the third token is presented by matching the presented third token with the corresponding third token stored with the data to be protected in the third data record (paras 44, 73-74, 146, 168)
BASU does not explicitly disclose:
receiving a request from the data provider to delete the data to be protected with respect to the first data controller, and in response to the request, preventing the data to be protected from being accessed with the first token
VELTMAN an analogous art of BASU and the current application, teaches:
receiving a request from the data provider to delete the data to be protected with respect to the first data controller, and in response to the request, preventing the data to be protected from being accessed with the first token (para 28)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of deleting data when requested as disclosed by VELTMAN to the teachings of using data to form tokens and store them as disclosed by the combination of BASU by allowing data that is stored in memory be deleted upon request. Doing so would allow more control of users in regards to what they want to be stored by a separate memory device, as well as increase security by allowing users to delete potentially sensitive data in places they don’t want it to be, as well as reduce the difficulty of managing private/sensitive information across service/products that need access to the information, as recognized by Veltman.
It is noted that the secondary and tertiary receiving, determining, generating, and storing processes read as a duplication of parts/processes.  It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to perform the processes described above as often or as many times as desired with any variety of data as desired, e.g. using a second data controller ID with the first data provider ID and first data to be protected, using different sets of data, etc. ) In re Harza, 274 F.2d 669, 124 USPQ 378 (CCPA 1960).

Regarding claim 19:
VELTMAN, an analogous art of BASU and the current application, teaches:
deleting the data to be protected in the data vault upon receipt of a request by the customer to delete the data to be protected (para 28)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of deleting data when requested as disclosed by VELTMAN to the teachings of using data to form tokens and store them as disclosed by the combination of BASU and GRIFFIN by allowing data that is stored in memory be deleted upon request. Doing so would allow more control of users in regards to what they want to be stored by a separate memory device, as well as increase security by allowing users to delete potentially sensitive data in places they don’t want it to be, as well as reduce the difficulty of managing private/sensitive information across service/products that need access to the information, as recognized by VELTMAN.

Regarding claim 20:
VELTMAN teaches:
preventing the data to be protected from being accessed by any entity upon receipt of a request by the customer to delete the data to be protected (para 28)
It would have been obvious to one of ordinary skill in the art at the time of applicant’s filing to combine the teachings of deleting data when requested as disclosed by VELTMAN to the teachings of using data to form tokens and store them as disclosed by the combination of BASU and GRIFFIN by allowing data that is stored in memory be deleted upon request. Doing so would allow more control of users in regards to what they want to be stored by a separate memory device, as well as increase security by allowing users to delete potentially sensitive data in places they don’t want it to be, as well as reduce the difficulty of managing private/sensitive information across service/products that need access to the information, as recognized by VELTMAN.

Regarding claim 21:
VELTMAN further teaches:
wherein the corresponding token is invalidated upon receipt of a request by the customer to delete the data to be protected (para 63)

Regarding claim 23:
BASU further teaches:
wherein the data to be protected is personally identifiable information of the data provider (para 32)

Regarding claim 24:
BASU further teaches:
wherein the data to be protected is an email address, a phone number or a physical address (para 32)

Regarding claim 25:
BASU further teaches:
performing an audit, by the tokenization engine, of access to the data to be protected in the data vault (para 22)



Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure is cited in the Notice of Reference Cited (PTO-892). The additional cited art, including but not limited to the excerpts below, further establishes the state of the art prior to the effective filing date for the applicant’s claimed invention:
Daniel (US 20160283936 A1) (“Daniel”) discloses: Systems and methods for facilitating anonymous communications between a user and a merchant vie a social networking system, wherein the user’s identifying information is obfuscated from the merchant. Daniel recites a token manager that can generate a permanent opaque token by creating a hash based on: a unique identifier associated with a particular social networking system user, a unique identifier associated with a particular merchant, and other information such as the date and time at which the token is created.
Yoo (US 20200051070 A1) (“Yo”) discloses: A system and method that may generate a virtual token generated at each time point without duplication and may search for an actual card number based on the virtual token to make a payment. In Yoo, a virtual token is generated based on a combination of a first code and a second code, where the first code is generated based on an unique value and the card security code, and the second code is generated based on the unit count elapsing from a time point when the actual card number is registered.
Ko (US 10878411 B2) (“Ko”) discloses: An apparatus and a method for issued token management for multiple instantiations for a virtual currency instrument. In Ko, a token server may generate a plurality of tokens for the plurality of devices. Each token is generated based on a reversible cryptographic function, a one-way non-reversible hash function, or an index function. Each of the plurality of tokens may comprise information utilized for instantiation of the virtual currency instrument. The information may comprise electronic device information that indicates an associated electronic device associated with the token, time information that indicates at least one of an issue date and an expiration date of the token, and/or virtual currency instrument information of the virtual currency instrument linked to the token. The information may further comprise metadata of a service provider of the associated electronic device.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ari Shahabi whose telephone number is (571)272-2565. The examiner can normally be reached M-F: 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/Ari Shahabi/Examiner, Art Unit 3685