DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Acknowledgements
The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.
This communication is in response to claim amendments and applicant’s remarks filed on 09/06/2022.
Claim 7 has been amended.
No claims have been added.
Claims 1-6 and 12-17 have been cancelled.
Claims 7-11 are pending and are presented for examination on the merits.




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim(s) 7, 8, 9, 10, 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dimmick (US 20140164254), Henryk (WO 2010131989), Kumar (US 20210342850), Pawar (US 20170331815), Harold (US 11188523), Dunford (WO 2019157267), and Imanishi (US 20040226992).
Regarding claim(s) 7, Dimmick discloses:
         a transaction processor operable to execute a transaction (By disclosing, “The consumer can execute the wallet provider's ([transaction processor]) mobile application on a mobile device, select goods, and initiate the check-out process using the same consumer alias as registered with the wallet provider.” ([0073] of Dimmick)); 
         a user interface on a point-of-sale device, said user interface providing a front-end for the transaction processor (By disclosing, “One embodiment of the invention allows biometric authentication using a transaction device (e.g., a non-personal device) such as an ATM (Automated Teller Machine) or a merchant device such as a POS terminal or a mobile POS terminal.” ([0192] of Dimmick)); 
         a user interface on a mobile device operable to receive user input relating to the transaction (By disclosing, “The consumer may be able to access an application or a website on a consumer device.” ([0035] of Dimmick)); 
           - 27 -wherein: 
           the transaction is initiated at the user interface on the point-of-sale device (By disclosing, “The transaction initiation channel provider 104 may provide a communication channel for a consumer or a merchant to initiate a payment transaction. … Merchant initiated transactions may be initiated via a mobile application/mobile internet, mobile POS, IVR system, SMS or USSD messages, PC/internet portal, in-store POS (for face to face purchases or money transfers), and remote POS (for phone purchases or money transfers).” ([0039] and [0054] of Dimmick)); 
           the transaction processor transmits a message to a processor over the first line of communication, the message comprising transaction details, said transaction details comprising a phone number associated with the mobile device (By disclosing, “The wallet provider ([transaction processor]) 704 may forward the transaction details to the authentication cloud 706 in a message 722. Transaction details may include consumer's alias, mobile phone number, and the payment account details.” ([0155] and [0156] of Dimmick)); and
             the processor transmits the verification to the transaction processor via the first line of communication (By disclosing, “The authentication cloud 706 may forward the authentication indicator with a positive authentication result to the wallet provider 704 in a message” ([0155]-[0156], [0161]- [0164] of Dimmick)).
           Dimmick does not disclose:
           a first line of communication with an unstructured supplementary service data ("USSD") rail processor, said first line of communication that links the USSD rail processor to the transaction processor;
           a second line of communication, said second line of communication that links the USSD rail processor to the user interface on the mobile device;
          a third line of communication, said third line of communication that links the user interface on the mobile device to the connected identifier repository;
           a fourth line of communication, said fourth line of communication that links the transaction processor to the connected identifier repository;
           wherein:
           the transaction processor transmits a message to the USSD rail processor over the first line of communication; 
           the USSD rail processor transmits, in response to receipt of the message from the transaction processor, a push notification to the user interface on the mobile device via the second line of communication, said push notification requesting entry of a personal identification number ("PIN") and/or phrase on the user interface of the mobile device;
           the USSD rail processor receives the personal identification number and/or phrase via the second line of communication;
          the USSD rail processor executes a verification of the personal identification number and/or phrase;
          the transaction processor instructs the user interface on the mobile device to verify, using the connected identifier repository, a user identity;
          the user interface on the mobile device communicates with the connected identifier repository to verify the user identity via the third line of communication;
           the connected identifier repository verifies the user identity by communicating with a plurality of internet- of-things endpoints, each of the internet-of-things endpoints that comprises a stored verification usage process relating to the user identity;
          the connected identifier repository transmits the verification to the transaction processor via the fourth line of communication; and
           upon receipt of the verification from the USSD rail processor via the first line of communication and upon receipt of the verification from the connected identifier repository via the fourth line of communication, the transaction processor executes the transaction.
           However, Henryk teaches:
          a first line of communication with an unstructured supplementary service data ("USSD") rail processor, said first line of communication that links the USSD rail processor to the transaction processor (By disclosing, “The connection requested by the user, 102, is serviced by a telecommunications modem connected to a computer ([transaction processor]) designated to servicing of payments. … A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset. The server GTW uses the USSD session to send, 114, a message to the user, requesting the input of the payment card PIN code. The PIN code is entered by the user and sent by the server GTW to a computer, which verifies it and displays the transaction confirmation code on the website” (Page 15 Example 5 of Henryk)) (Note: the “server GTW” and the computer which verifies the PIN in the prior art can be the “USSD rail processor” of the claim); 
           a second line of communication, said second line of communication that links the USSD rail processor to the user interface on the mobile device (By disclosing, “A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset. The server GTW uses the USSD session to send, 114, a message to the user, requesting the input of the payment card PIN code. The PIN code is entered by the user and sent by the server GTW to a computer, which verifies it and displays the transaction confirmation code on the website” (Page 15 Example 5 of Henryk)); 
              the transaction processor transmits a message to the USSD rail processor over the first line of communication (By disclosing, “The connection requested by the user, 102, is serviced by a telecommunications modem connected to a computer ([transaction processor]) designated to servicing of payments. … A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset.” (Page 15 Example 5 of Henryk));
         the USSD rail processor transmits, in response to receipt of the message from the transaction processor, a push notification to the user interface on the mobile device via the second line of communication, said push notification requesting entry of a personal identification number ("PIN") and/or phrase on the user interface of the mobile device (By disclosing, “The connection requested by the user, 102, is serviced by a telecommunications modem connected to a computer ([transaction processor]) designated to servicing of payments. … A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset. The server GTW uses the USSD session to send, 114, a message to the user, requesting the input of the payment card PIN code. The PIN code is entered by the user and sent by the server GTW to a computer, which verifies it and displays the transaction confirmation code on the website” (Page 15 Example 5 of Henryk)); 
            the USSD rail processor receives the personal identification number and/or phrase via the second line of communication (By disclosing, “A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset. The server GTW uses the USSD session to send, 114, a message to the user, requesting the input of the payment card PIN code. The PIN code is entered by the user and sent by the server GTW to a computer, which verifies it and displays the transaction confirmation code on the website” (Page 15 Example 5 of Henryk)); 
           the USSD rail processor executes a verification of the personal identification number and/or phrase (By disclosing, “A software application installed in the computer sends a request to the server GTW to establish, 112, a USSD session to the user's handset. The server GTW uses the USSD session to send, 114, a message to the user, requesting the input of the payment card PIN code. The PIN code is entered by the user and sent by the server GTW to a computer, which verifies it and displays the transaction confirmation code on the website” (Page 15 Example 5 of Henryk)).
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of  Dimmick in view of Henryk to include a first line of communication with an unstructured supplementary service data ("USSD") rail processor, said first line of communication that links the USSD rail processor to the transaction processor; a second line of communication, said second line of communication that links the USSD rail processor to the user interface on the mobile device; the transaction processor transmits a message to the USSD rail processor over the first line of communication; the USSD rail processor transmits, in response to receipt of the message from the transaction processor, a push notification to the user interface on the mobile device via the second line of communication, said push notification requesting entry of a personal identification number ("PIN") and/or phrase on the user interface of the mobile device; the USSD rail processor receives the personal identification number and/or phrase via the second line of communication; and the USSD rail processor executes a verification of the personal identification number and/or phrase. Doing so would result in an improved invention because this would leverage the advantages of using USSD message to communicate a PIN number between the user device and the transaction processor, such as instant messaging, so the user can be verified right away through the use of the USSD transmitted PIN number.
          Kumar teaches:
          a third line of communication, said third line of communication that links the user interface on the mobile device to the connected identifier repository (By disclosing, “At 510, the device 104 captures the requested user face data, including face image data and face liveness data, and provides the captured user face data to the identity platform 116” ([0045] of Kumar)); 
           the connected identifier repository comprising payer and payee details for the transaction, the connected identifier repository is configured to: enable each of one or more data owners to directly edit, update and delete data owned by each of the one or more data owners; store transaction data, included in the transaction, in a consistent format; and store a name, an address, an account number and one or more know your customer ("KYC") data elements for the transaction (Note: this limitation is not given patentable weight because the connected identifier repository is not a structural element of the system being claimed.)
           a fourth line of communication, said fourth line of communication that links the transaction processor to the connected identifier repository (By disclosing, the identity platform verifies the user face data and transmits the response to the payment network ([0046]-[0047] and Fig. 5 step 512 of Kumar)); 
           the transaction processor instructs the user interface on the mobile device to verify, using the connected identifier repository, a user identity (By disclosing, “The identity platform ([identifier repository]) 116 receives the ID token from the payment network ([transaction processor]) 110 and responds to the validation request at 506. The response may include a request for user face image and/or liveness data to be captured by the user at the current time.” ([0043] of Kumar); and “At 508, the payment network 110 sends a request for a user face check to the device 104. The request may include instructions to the device 104 to prompt the user to provide current face data and/or instructions to capture the user's face for a defined period of time (e.g., a half second, one second, or five seconds)” ([0044] of Kumar)); 
            the user interface on the mobile device communicates with the connected identifier repository to verify the user identity via the third line of communication (By disclosing, “At 510, the device 104 captures the requested user face data, including face image data and face liveness data, and provides the captured user face data to the identity platform 116” ([0045] of Kumar)); and
           - 28 -the connected identifier repository transmits the verification to the transaction processor via the fourth line of communication (By disclosing, the identity platform verifies the user face data and transmits the response to the payment network ([0046]-[0047] and Fig. 5 step 512 of Kumar)).
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Dimmick, Henryk, in view of Kumar to include a third line of communication, said third line of communication that links the user interface on the mobile device to the connected identifier repository; a fourth line of communication, said fourth line of communication that links the transaction processor to the connected identifier repository; the transaction processor instructs the user interface on the mobile device to verify, using the connected identifier repository, a user identity; the user interface on the mobile device communicates with the connected identifier repository to verify the user identity via the third line of communication; and the connected identifier repository transmits the verification to the transaction processor via the fourth line of communication. Doing so would result in an improved invention because this would allow the transaction processor obtain another identity authentication from the identity repository when the PIN verification is not enough, thus improving the security of the claimed invention. 
          Pawar teaches:
          the connected identifier repository verifies the user identity by communicating with a plurality of internet- of-things endpoints, each of the internet-of-things endpoints that comprises a stored verification usage process relating to the user identity (By disclosing, “In various embodiments, an approval workflow such as the one illustrated in FIG. 8 may be used to provide secure registration and deployment of devices, including without limitation so called “Internet of Things” (IoT) and other network connected devices. In some embodiments, secure deployment of IoT devices, or other device registration, may be provided using approval techniques such as illustrated in FIG. 8. For example, in some embodiments, a user deploys an IoT device. The IoT device registers with its server, which is configured to authenticate it with the identity provider” ([0101] and Fig. 8 of Pawar); and “Once the identity provider determines who the user claims to be, it will look up any VPN registered device that has been assigned to that user.” ([0058] of Pawar)) (Note: The limitation “each of the internet-of-things endpoints that comprises a stored verification usage process relating to the user identity” is found in the nonfunctional descriptive material and are not functionally involved in the steps recited. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the identifier repository, in view of Pawar to include an identifier repository that verifies the user identity by communicating with a plurality of internet- of-things endpoints.  Doing so would result in an improved invention because this would allow the identity repository gather user data from a plurality of data sources (IoT devices) and authenticate the user based on the user data obtained from the plurality of IoT devices, thus improving the accuracy of the user authentication.
            Harold teaches:  
            Internet of Things devices work as distributed ledger nodes (By disclosing, “It is a further object of the present invention to enable the creation of a distributed ledger using handheld wireless devices, including smartphones and Internet of Things (IoT) devices, as distributed ledger nodes in a network.” (Col 3 lines 40-43 of Harold)).
            Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the identifier repository which verifies the user identity by communicating with a plurality of internet- of-things endpoints, in view of Harold to include distributed ledger nodes that works as IoT devices. Doing so would result in an improved invention because this would leverage the advantages of using blockchain technology for the authentication (e.g. transparency, immutable records, etc.).
            Dunford teaches:
          each node comprising a stored verification usage process relating to a user associated with the mobile device (By disclosing, “The nodes 105i-105n may include readable program code 120i-120n stored on at least one non-transitory computer readable medium for carrying out and executing the process steps described herein to effect a distributed verification system 140i-140n when executed by processors 125i-125n. The computer readable medium may include memories 130i-130n which may also store a distributed ledger 135i-135n.” ([0041] and Fig. 1 of Dunford); and “The verified user ID 410 may be used to execute the smart contract 402 and may be stored in the distributed ledger 135i-135n.” ([0056] of Dunford); nodes verifies user identities ([0007] of Dunford); “The consensus engine 510 may include a pre-defined endorsement policy that dictates the number and type of nodes that need to endorse each transaction type before it can proceed.” ([0061] of Dunford)).
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of using distributed nodes as IoT devices, in view of Dunford to include techniques of each node comprising a stored verification usage process relating to a user associated with the mobile device.  Doing so would result in an improved invention because this would allow the third-party gather user data from a plurality of data sources (IoT devices) and authenticate the user based on the user data obtained from the plurality of IoT devices, thus improving the accuracy of the authentication.
           Imanishi teaches:
           upon receipt of the PIN verification and upon receipt of the verification from the connected identifier repository, the transaction processor executes the transaction (By disclosing, “If the result of the processing at Step 3 reveals that the card personal identification number is matched with the user-inputted personal identification number (Y at Step 3), the card authenticating host 104 carries out second judgment necessity judgment.” ([0102] of Imanishi); and “If the received transaction approval/rejection information is "approved" (Y at Step 12), the card authenticating host 104 transmits some information to the identified card-ready terminal 102 as the result of the second judgment (Step 14). The transmitted information indicates an affirmative result (and will be hereafter referred to as "second permission allowed"). In this case, the card-ready terminal 102 executes the transaction whose details are inputted at Step 8.” ([0110] of Imanishi)).  
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of receiving PIN verification from the USSD rail processor and receiving identity verification from the identity repository, in view of Imanishi to include techniques of upon receipt of the PIN verification and upon receipt of the verification from the connected identifier repository, the transaction processor executes the transaction. Doing so would result in an improved invention because this would allow  two layer of authentication performed before the transaction being executed, thus improving the security of the claimed invention.

Regarding claim(s) 8, Dimmick discloses:
           wherein the transaction details further comprise an amount, a date and a timestamp (By disclosing, “transaction details may include a consumer alias, a payment card type, a transaction amount” ([0030] of Dimmick); and “the transaction details may include geo-location data, time and date of the transaction” ([0055] of Dimmick)).  

Regarding claim(s) 9, Dimmick does not disclose:
          wherein each of the internet-of- things endpoints stores data relating to the user identity.  
          However, Harold teaches:  
          Internet of Things devices work as distributed ledger nodes (By disclosing, “It is a further object of the present invention to enable the creation of a distributed ledger using handheld wireless devices, including smartphones and Internet of Things (IoT) devices, as distributed ledger nodes in a network.” (Col 3 lines 40-43 of Harold)).
            Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the identifier repository which verifies the user identity by communicating with a plurality of internet- of-things endpoints, in view of Harold to include distributed ledger nodes that works as IoT devices. Doing so would result in an improved invention because this would leverage the advantages of using blockchain technology for the authentication (e.g. transparency, immutable records, etc.).
          And Dunford teaches:
          wherein each of the nodes stores data relating to the user (By disclosing, “The nodes 105i-105n may include readable program code 120i-120n stored on at least one non-transitory computer readable medium for carrying out and executing the process steps described herein to effect a distributed verification system 140i-140n when executed by processors 125i-125n. The computer readable medium may include memories 130i-130n which may also store a distributed ledger 135i-135n.” ([0041] and Fig. 1 of Dunford); and “The verified user ID 410 may be used to execute the smart contract 402 and may be stored in the distributed ledger 135i-135n.” ([0056] of Dunford)).
          Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of using distributed nodes as IoT devices, in view of Dunford to include techniques of wherein each of the nodes stores data relating to the user.  Doing so would result in an improved invention because this would allow the identity repository gather user data from a plurality of data sources (IoT devices) and authenticate the user based on the user data obtained from the plurality of IoT devices, thus improving the accuracy of the authentication.
Regarding claim(s) 10, Dimmick does not disclose:
            the transaction is rated on an impact scale;
          the connected identifier repository transmits a percentage of certainty relating to the verification; and
         the transaction is executed when the percentage of certainty is above a predetermined threshold level with respect to the impact scale.
          However, Kumar teaches:
          the transaction is rated on an impact scale (By disclosing, “FIG. 7 is a flow chart illustrating a computerized method for verifying a user's identity during processing of an electronic transaction using an ID token according to an embodiment” ([0011] of Kumar); and “If the two templates match with a defined degree of confidence, the user face data is verified (e.g., if the two face identification templates match for a defined threshold value of 80% of the data points or data patterns in the templates, the user face data is verified)” ([0046] of Kumar)); 
          the connected identifier repository transmits a percentage of certainty relating to the verification (By disclosing, “The verification of the current face identification template against the template of the ID token may include comparison of the data patterns in each template to determine the percentage or fraction of the templates that match and/or the percentage or fraction of the templates that do not match. The determined match percentage or fraction may be compared to a defined threshold value to determine whether the current template is verified with respect to the template of the ID token (e.g., if the templates match for 70% or greater of the data points therein, the current template is verified)” ([0057] of Kumar)); and 
         the transaction is executed when the percentage of certainty is above a predetermined threshold level with respect to the impact scale (By disclosing, “The verification of the current face identification template against the template of the ID token may include comparison of the data patterns in each template to determine the percentage or fraction of the templates that match and/or the percentage or fraction of the templates that do not match. The determined match percentage or fraction may be compared to a defined threshold value to determine whether the current template is verified with respect to the template of the ID token (e.g., if the templates match for 70% or greater of the data points therein, the current template is verified)” ([0057] of Kumar)).  
            Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the combination of Dimmick, Henryk, Pawar, Harold, Dunford, Imanishi, in view of Kumar to include techniques of the transaction is rated on an impact scale; the connected identifier repository transmits a percentage of certainty relating to the verification; and predetermined threshold level with respect to the impact scale. Doing so would result in an improved invention because this would provide a more intelligent verification algorithm especially when the data needed to be authenticated are not pure numbers, such as image data and/or biometric data, thus improving the accuracy of the claimed invention.

Regarding claim(s) 11, Dimmick discloses:
          wherein the USSD rail processor transmits the push notification to the mobile device and receives the PIN and/or phrase from the mobile device via a subscriber identity module ("SIM") card included in the mobile device (By disclosing, “The authentication channel 108 may be configured to facilitate card PIN collection from the cardholder's mobile device via a mobile application or a SIM (Subscriber Identity Module)-based application” ([0041] of Dimmick)).  

Response to Arguments
Applicant’s arguments with regard to the 35 U.S.C. § 103 rejection have been considered but are not persuasive.
The Applicant argues that the added limitation is not disclosed in the cited prior art. However, the added limitation is not given patentable weight because the connected identifier repository is not a structural element of the system being claimed. Therefore, the 35 U.S.C. § 103 rejection will be maintained.
	

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
CN 111324879 A to Zhao for disclosing using IoT devices to authenticate user identities.
EP 3139329 to Sofronas for disclosing using an over-the-air server to transmit USSD messages.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUAN ZHANG whose telephone number is (571)272-4642. The examiner can normally be reached Mon - Fri 10 AM-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 5712701492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DUAN ZHANG/Examiner, Art Unit 3685                                                                                                                                                                                                        
/JAY HUANG/Primary Examiner, Art Unit 3619