DETAILED ACTION
Acknowledgements
This office action is in response to the claims filed 07/22/2022.
Claims 1, 14, and 27 are amended.
Claims 7-10, 20-23, 28 and 30 are cancelled. 
Claims 1-6, 11-19, 24-27 and 29 are pending.
Claims 1-6, 11-19, 24-27 and 29 have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Claim Objections
Claims 4-6 and 17-19 are objected to because of the following informalities: The claims recite “set of public key private key pairs”. Appropriate correction is required.

Response to Arguments
Applicant's arguments filed 07/22/2022 have been fully considered but they are not persuasive. 
103
McLaughlin teaches selecting, by the ingress server, a payment server that is associated with an egress server based on a network proximity between the payment server and the egress server, and further based on geographic proximity of the egress server to server computer systems of an authorization system (Figure 1, 4; ¶ 30-33, 47-58); 
McLaughlin - an executable process may determine the geographic location of a transaction or the processing server 102 and select the closest (e.g., geographically or via network communication) authorization system 110 for routing thereto… each of the processing servers 102 may be associated with a geographical region. In these embodiments, the processing servers 102 may be configured to communicate directly only to other processing servers 102 in that geographic region. In such cases, each geographic region may also include a hub server, also referred to as a region hub or zone hub. The processing servers 102 may be configured to communicate with the hub server in its geographic region, where each of the hub servers may be configured to communicate with other hub servers (¶ 30, 32)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Sheets, Dimmick and McLaughlin(¶ 1), which teaches “improved transaction processing and routing, specifically the use of cloud-based applications and intelligent switching to enable transaction of multiple types” in order to improve processing time and require less dedicated hardware for transactions (McLaughlin; ¶ 1-4).



Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-6, 11-19, 24-27 and 29 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 
Claims 1, 14 and 27 recite “selecting, by the ingress server, a payment server that is associated with an egress server based on a network proximity between the payment server and the egress server, and further based on geographic proximity of the egress server to server computer systems of an authorization system.” According to the disclosure (¶ 38, 39), “(e.g., to define which authorization network server to forward a transaction to by egress server instance 252), as well as to select transaction processing optimizations, such as selecting among different egress instances so that a selects egress instance is at a relevant location by geography, a location specified by legal constraints, is proximate to authorization network server, etc. … ingress transaction engine 216 may select among a plurality of payment server instances using the card data and additional transaction data discussed above to, for example, to select a payment server instance associated with a likely egress server instance, for network communication proximity between a payment server instance associated with a likely egress server instance, for a payment server instance associated with a card type, transaction type, bank, etc., for load balancing purposes, as well as other factors that may be used to select a payment server instance.” The limitation is directed at the ingress server selecting a payment server. The disclosure does not provide support for the ingress server selecting a payment server based on geographic proximity of the egress server to server computer systems of an authorization system. Dependent claims 2-6, 11-13, 15-19, 24-26 and 29 are also rejected.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 11-19, 24-27 and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Sheets et al. (20150019443) (“Sheets”), in view of Dimmick (20140164254) (“Dimmick”) and in view of McLaughlin et al. (20190019169) (“McLaughlin”).
Regarding claims 1, 14 and 27, Sheets discloses generating, at an ingress server of the servers of the commerce platform, an initial transaction message by generating a deterministic identifier for a card used in the transaction from card data received for the transaction and encrypting the received card data, (Figure 1, 3, 6, 7, 10, 11, element 308, 1106; ¶ 36-40, 58, 59, 70, 95, 115-120, 126, 164, 169, 179-181)
Sheets - A “remote transaction” may include any transaction where one party to a transaction is separated by some distance and/or by a device from another party to a transaction. For example, a remote transaction may include a “card-not present,” … The merchant application 121 may then transmit the payment request to the remote key manager 140. In some embodiments, the payment request may be encrypted using a session key established between the remote key manager 140 and the mobile device 120. The session key may be established and communicated through any suitable manner. (¶ 117);

the card data received from a merchant card data collection system and processed by the servers of the commerce platform on behalf of the merchant to clear the transaction and collect payment using an authorization network (¶ 58, 59, 132);
Sheets -For example, the merchant application 121 may have a consumer's payment credentials (e.g., account identifier, expiration date, card verification value (CVV), personal information, etc.) as well as a cryptogram or other dynamic value that may be used to authenticate that the mobile payment application 123 used to generate the transaction data is authentic. (¶ 132)

transmitting the initial transaction message from the ingress server to a-the payment server of the servers of the commerce platform (¶ 75, 134, 152-156, 214);
Sheets -  the merchant computer 130 may send the authorization request message to an acquirer computer 150 associated with the merchant for processing of the transaction. The authorization request message may be sent along a secure communication channel using an encrypted link encryption key or encryption process. Accordingly, in some embodiments, the payment information included in the authorization request message may be encrypted an additional time and sent to the acquirer computer 150 for processing. Any other secure process may be used to send the authorization request message to the acquirer through a secure process. Although not shown in FIG. 6, the acquirer computer 150 may then forward the authorization request message to a payment processing network 160 (¶ 134);

updating, by the payment server in response to an initial authorization of the transaction determined by the payment server based at least in part on the deterministic identifier for the card, the initial transaction message with initial authorization data (¶ 136, 145, 146, 171, 172, 183); 
Sheets -In some embodiments, the payment processing network 160 may determine that the authorization request message is associated with a remote payment transaction based on the type of cryptogram or dynamic data generated by the mobile payment application 123 or by a security level indicator provided in the payment information or authorization request message. For example, the mobile payment application 123, the merchant application 121, or the merchant computer 130 may provide a security level indicator that informs the payment network… Interfacing with a payment processing network 160 may allow for a number of advantages including additional authentication capabilities including validation of authentication values before a transaction is submitted through a payment network using an authorization request message to the payment processing network 160. Accordingly, the payment processing network 160 may perform additional authentication processes (e.g., risk management, velocity checks, etc.) on the payment request (and associated consumer account) before a payment is initiated, (¶ 136, 145);

transmitting the updated initial transaction message from the payment server to 
Sheets - the payment processing network 1060 forwards the updated authorization request message to the issuer for risk and authorization decisioning.  (¶ 217);

communicating the final transaction message, by the egress server to card data, the authorization system clearing the transaction using the card data and providing payment for the transaction in response to the clearing of the transaction (¶ 183-185, 217)
Sheets -  if the issuer authorizes the transaction, the issuer may generate an authorization response message that may be transmitted back to the merchant and/or mobile device 1020 for completion of the transaction.  (¶ 217);

wherein the ingress server is an instance of an ingress server executing on a first cluster of computer systems (¶ 58, 70);
Sheets -A “server computer” may include a powerful computer or cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database server coupled to a web server… Further, the merchant application may also include a general purpose browser or other software designed to interact with multiple merchant server computers (¶ 58, 70)
 
the payment server is an instance of a payment server executing on a second cluster of computer systems(¶ 75);
Sheets -The payment processing network 160 may include one or more server computers. A server computer is typically a powerful computer or cluster of computers.  (¶ 75)

wherein at least two of the first, second, and third clusters of computing systems are geographically distributed , and (¶ 36, 58, 60, 68, 70, 123, 124, 155);
Sheets - A “remote transaction” may include any transaction where one party to a transaction is separated by some distance and/or by a device from another party to a transaction… For instance, remote transactions may include devices that are not present in the same location or multiple devices where the two parties (e.g., a merchant and a consumer) are not using the same device to complete the transaction. (¶ 36)

and wherein the first cluster of computer systems is geographically proximate to a server computer systems of the merchant, and (¶ 58, 163, 164);
Sheets - Further, the merchant application may also include a general purpose browser or other software designed to interact with multiple merchant server computers (¶ 58)

Sheets does not disclose decrypting, by the egress server, the encrypted card data to populate a final transaction message; and the egress server is an instance of an egress server executing on a third cluster of computer systems, wherein the third cluster of computer systems is geographically proximate to a server computer systems of the authorization system.

Dimmick teaches  decrypting, by the egress server, the encrypted card data to populate a final transaction message; and (¶ 44, 48, 51, 64, 182, 183);
Dimmick - he issuer 908 may be same as the issuer 210 and may be associated with an issuer computer. The issuer 908 may be configured to verify the card PIN received in the zero dollar authorization request message against the stored card PIN associated with the consumer's alias or account. In one embodiment, the issuer 908 may decrypt the card PIN using a second issuer key before verifying the PIN. An authentication indicator may be generated with a positive or negative authentication result.  (¶ 182)

and the egress server is an instance of an egress server executing on a third cluster of computer systems, wherein the third cluster of computer systems is geographically proximate to a server computer systems of the authorization system. (¶ 36, 44, 45, 90, 91, 175);
Dimmick - A “server computer” may typically be a powerful computer or cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. The server computer may be associated with an entity such as a payment processing network, a wallet provider, a merchant, an authentication cloud, an acquirer or an issuer…. Note that each of the authentication cloud 904, payment processing network 906, issuer 908, wallet provider 910, acquirer 912 and the switch 914 may be associated with a computer apparatus (e.g., a server computer), … The issuer 114 may represent a traditional issuer/issuer processor and may be associated with an issuer computer. (¶ 36, 44, 175)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Sheets and Dimmick in order to reduce transaction costs in authenticating remote transactions (Dimmick; ¶ 2, 3).

Neither Sheets nor Dimmick teaches selecting, by the ingress server, a payment server that is associated with an egress server based on a network proximity between the payment server and the egress server, and further based on geographic proximity of the egress server to server computer systems of an authorization system. 

McLaughlin teaches selecting, by the ingress server, a payment server that is associated with an egress server based on a network proximity between the payment server and the egress server, and further based on geographic proximity of the egress server to server computer systems of an authorization system (Figure 1, 4; ¶ 30-33, 47-58); 
McLaughlin - an executable process may determine the geographic location of a transaction or the processing server 102 and select the closest (e.g., geographically or via network communication) authorization system 110 for routing thereto… each of the processing servers 102 may be associated with a geographical region. In these embodiments, the processing servers 102 may be configured to communicate directly only to other processing servers 102 in that geographic region. In such cases, each geographic region may also include a hub server, also referred to as a region hub or zone hub. The processing servers 102 may be configured to communicate with the hub server in its geographic region, where each of the hub servers may be configured to communicate with other hub servers (¶ 30, 32)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Sheets, Dimmick and McLaughlin(¶ 1), which teaches “improved transaction processing and routing, specifically the use of cloud-based applications and intelligent switching to enable transaction of multiple types” in order to improve processing time and require less dedicated hardware for transactions (McLaughlin; ¶ 1-4).

Regarding claims 2 and 15, Sheets discloses wherein the card data is obtained from the customer for the transaction between the merchant and the customer, and the card data is not exposed to the payment server in unencrypted form (¶ 29, 136, 145, 146, 171, 172, 183).  
Regarding claims 3 and 16, Sheets discloses wherein generating the deterministic identifier for the card comprises: selecting, by the ingress server, a cryptographic salt from a set of cryptographic salts based on the card data; and perform at least one hashing function, by the ingress server, on the selected cryptographic salt and the card data to obtain the deterministic identifier (¶ 29, 65, 66, 232, 235).  
Regarding claims 4 and 17, Sheets discloses teaches wherein encrypting the received card data further comprises: selecting, by the ingress server based on the deterministic identifier, a public key from a set of public key private key pairs provided to the ingress server; and encrypting, by the ingress system, the card data using the selected public key (¶ 31-40, 58-63, 70, 95, 115-120, 126, 150-155, 164, 169, 179-181, 209)
Regarding claims 5 and 18, Dimmick teaches  wherein decrypting the encrypted card data, further comprises: Application No.: 16/523,528Examiner: Backer, Firmin Attorney Docket No.: 210142.P025-3- Art Unit: 3685selecting, by the egress server, a private key associated with a public key selectable from the set of public key private key pairs based on the deterministic identifier for the card from the initial transaction message; and decrypting, by the egress system, the encrypted card data for population of the final transaction message (¶ 47).  selecting, by the egress server, a private key associated with a public key selectable from the set of public key private key pairs based on the deterministic identifier for the card from the initial transaction message; and decrypting, by the egress system, the encrypted card data for population of the final transaction message (¶ 44, 48, 51, 64, 182, 183).
Regarding claims 6 and 19, Sheets discloses teaches wherein the set of public key private key pairs are transient and periodically replaced by new sets of public key private key pairs (¶ 31, 53, 61-64).  
Regarding claims 11 and 24, Sheets discloses wherein the transaction is a card present transaction (¶ 31, 36).  
Regarding claims 12 and 25, Dimmick teaches  discloses wherein the card is a chip card, and the card data is captured from an integrated circuit of the card by an card reader of a personal identifier number (PIN) pad device of the merchant (¶ 71, 109, 110).  
Regarding claims 13 and 26, Sheets discloses wherein communications exchanged between the ingress server and the payment server, and communications exchanged between the payment server and the egress server, are secured using encrypted communications links (Figure 1, 6,7, 10; ¶ 36, 58, 60, 68, 70, 123, 124, 155).
Regarding claim 29, Sheets discloses wherein the first, second, and third clusters of computer systems are different computer system clusters (¶ 36, 58, 60, 68, 70, 123, 124, 155).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Irwin et al. (US 20170228965) teaches card control numbers with hashed values of the account number and a salt.
Robinson et al. (US 20170084118) teaches card information salted and hashed. 
Sachs et al., (US 2020259896) teaches the use of a cryptographic salt  with a hash of sensitive information for a transaction.
Gallager, III (US 20190333062) teaches the hashing of card information along with a salt and PIN for a transaction
Kouru et al. (US20170118301) selecting servers for a transaction based on proximity.


THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ILSE I IMMANUEL whose telephone number is (469)295-9094.  The examiner can normally be reached on Monday-Friday 9:00 am to 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NEHA PATEL can be reached on 571-270-1492.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ILSE I IMMANUEL/Primary Examiner, Art Unit 3685