Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1, 7 and 14 have been amended. Claims 1, 3-5 and 7-15 have been examined.

Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/27/2022 has been entered.
 
Response to Arguments
3.	Applicant’s arguments with respect to claims 1 and 14 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Interpretation
4.	For claims 3-4 and 7-9, the phrases “of the group” and “or” has been given the broadest, reasonable interpretation of only requiring a single element from the given list in order to satisfy the requirements of the limitation.

Claim Objections
5.	Claims 1, 5 and 14 are objected to because of the following informalities:
Claims 1 and 14 recite two separate “an authentication token” limitations.
Claim 5 depends on claim 2, which is canceled.
Appropriate correction is required.

6.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

7.	The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


8.	Claims 1, 3, 7-8 and 13-14 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Wall et al. (U.S. Patent Application Publication 2013/0198066; hereafter “Wall”).
	For claim 1, Wall teaches a method for authenticating a first party to a second party for a transaction (note paragraph [0019], authentication of user for purchase), the method comprising:
	providing a token, wherein the token is at least a part of a mobile entity (note paragraph [0031], FPA application, i.e. token, is part of a user device, i.e. mobile entity), wherein the token is coupled to a secret being indicative for the identity of the first party (note paragraphs [0017] and [0044], FPA is coupled to financial account information and verification data including device identifiers, i.e. a secret), wherein at least a part of the mobile entity has a processing unit coupled to the token (note paragraphs [0026] and [0087], user device includes a processor);
	coupling the token with an access point by establishing a physical contact, using a first communication channel between the token, the processing unit, and a point-of-sale terminal of the access point (note paragraphs [0063]-[0064], user device makes NFC or Bluetooth connection to POS terminal when in proximity, i.e. physical contact as defined by page 4 of Applicant’s Specification);
	transferring the secret to the access point (note paragraphs [0063]-[0064], block 335, user device transfers financial account information, i.e. secret, to POS terminal; note paragraph [0083], FPA produces encrypted data package of verification information, i.e. secret, and sends it to merchant system);
	linking the secret with a location information of the access point, wherein an authentication token comprises the secret and the location information, thereby providing an authentication token being indicative for the identity and the location of the first party (note paragraphs [0062] and [0068], merchant creates transaction details that include financial account identifier, i.e. secret, and transaction data from POS which includes merchant location, i.e. location of the first party; note paragraph [0083], merchant system attached encrypted data package, i.e. secret, with transaction data that includes merchant location); 
	providing the authentication token to the second party (note paragraphs [0068] and [0083], block 355, merchant transmits the transaction details to CCI system) using the first communication channel (note paragraphs [0063] and [0083], user device sends account information to the POS system using NFC, i.e. first communication channel was “used” in providing transaction details to CCI system) 
	establishing a second communication channel between the first party and the second party (note paragraph [0066], FPA of user device initiates independent commination with CCI server through network 105) via the processing unit of the mobile entity to a processor of the access point, to the point-of-sale of the access point, and to the second party via a communication network (note Fig.1 and paragraphs [0028] and [0034], user device, POS terminal, payment processor and CCI server are all connected via network 105), wherein the second communication channel is not location referenced (note paragraph [0028], network 105 examples include network types that are not location referenced, e.g. WAN, Internet, MAN) and the second communication channel is for executing the transaction with the point-of-sale terminal after completing the location referenced authentication with the authentication token via the first communication channel (note paragraphs [0044], [0069] and [0074], network 105 connection is used for executing POS transaction after verification which includes location information), and wherein a bandwidth of the second communication channel is larger than a bandwidth of the first communication channel (note paragraph [0028], network 105, i.e. second communication channel, examples include network types that are not location referenced, e.g. WAN, Internet, MAN with higher bandwidth than Bluetooth or NFC connection, i.e. first communication channel).


	For claim 14, Wall teaches a communication system, comprising:
	a token, wherein the token is at least a part of a mobile entity (note paragraph [0031], FPA application, i.e. token, is part of a user device, i.e. mobile entity), and wherein the token is coupled to a secret being indicative for the identity of a first party (note paragraphs [0017] and [0044], FPA is coupled to financial account information and verification data including device identifiers, i.e. a secret), wherein at least a part of the mobile entity has a processing unit coupled to the token (note paragraphs [0026] and [0087], user device includes a processor);
	an access point (note paragraph [0034], merchant system includes POS), configured to be coupleable to the token by establishing a physical contact (note paragraphs [0063]-[0064], user device makes NFC or Bluetooth connection to POS terminal when in proximity, i.e. physical contact as defined by page 4 of Applicant’s Specification) such that the secret can be transferred to the access point, using a first communication channel between the token, the processing unit, and a point-of-sale terminal of the access point (note paragraphs [0063]-[0064], block 335, user device transfers financial account information, i.e. secret, to POS terminal; note paragraph [0083], FPA produces encrypted data package of verification information, i.e. secret, and sends it to merchant system), wherein the access point is coupled to a processor (note paragraph [0034], merchant system includes payment processor), and wherein the processor is configured to link the secret with a location information of the access point, wherein an authentication token comprises the secret and the location information, thereby providing an authentication token being indicative for the identity and the location of the first party (note paragraphs [0062] and [0068], merchant creates transaction details that include financial account identifier, i.e. secret, and transaction data from POS which includes merchant location, i.e. location of the first party; note paragraph [0083], merchant system attached encrypted data package, i.e. secret, with transaction data that includes merchant location); 
	an authentication unit of a second party (note paragraph [0035], CCI server), configured to receive the authentication token (note paragraphs [0068] and [0083], block 355, merchant transmits the transaction details to CCI system) via the first communication channel (note paragraphs [0063] and [0083], user device sends account information to the POS system using NFC, i.e. transaction details were sent “via” first communication channel in providing transaction details to CCI system); and
	a second communication channel between the first party and the second party (note paragraph [0066], FPA of user device initiates independent commination with CCI server through network 105) via the processing unit of the mobile entity to a processor of the access point, to the point-of-sale terminal of the access point, and to the second party via a communication network (note Fig.1 and paragraphs [0028] and [0034], user device, POS terminal, payment processor and CCI server are all connected via network 105), wherein the second communication channel is not location referenced (note paragraph [0028], network 105 examples include network types that are not location referenced, e.g. WAN, Internet, MAN) and the second communication channel is for executing the transaction with the point-of-sale terminal after completing the location referenced authentication with the authentication token via the first communication channel (note paragraphs [0044], [0069] and [0074], network 105 connection is used for executing POS transaction after verification which includes location information), and wherein a bandwidth of the second communication channel is larger than a bandwidth of the first communication channel (note paragraph [0028], network 105, i.e. second communication channel, examples include network types that are not location referenced, e.g. WAN, Internet, MAN with higher bandwidth than Bluetooth or NFC connection, i.e. first communication channel).


	For claim 3, Wall teaches claim 1, wherein the first communication channel comprises one of the group consisting of a galvanic interface, an electrical interface, an electromagnetic interface, an acoustic interface, and an optical interface (note paragraph [0033], communication channel between user device and POS includes NFC, Bluetooth, infrared, i.e. electromagnetic).

	For claim 7, Wall teaches claim 1, wherein the transaction is one of the group consisting of reception of goods or services for payment (note paragraph [0061], transaction is purchase of products), access to a facility, access to one of a vehicle, a vessel, an apartment, and a home.

	For claim 8, Wall teaches claim 1, wherein the processing unit, in particular also the token, is embedded in a mobile device, in particular one of the group consisting of a wristwatch, a wristband, a mobile phone (note paragraph [0026], smartphone), a smart card, a breast-band, and a body area network.

	For claim 13, Wall teaches claim 1, wherein the access point is at least a part of a point of sale (note paragraph [0034], merchant system includes POS), and the method further comprises: 	establishing a remote communication between the access point and a network of the second party (note paragraphs [0034], [0068] and [0074], merchant system connects to CCI server).

Claim Rejections - 35 USC § 103
9.	Claims 4 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Wall as applied to claim 1 above, and further in view of Hazard et al. (U.S. Patent Application Publication 2019/0108731; hereafter “Hazard”)

	For claim 4, Wall differs from the claimed invention in that they fail to teach:
	wherein the secret is a credential of the group consisting of a PIN code and a biometric, in particular a fingerprint or a heart rate.

	Hazard teaches:
	wherein the secret is a credential of the group consisting of a PIN code (note paragraph [0043], passcode) and a biometric, in particular a fingerprint (note paragraph [0042], fingerprint) or a heart rate.

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the user credentials of Hazard. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user credentials of Hazard) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the verification data transmitted includes a passcode and user biometric (Hazard).

	For claim 11, the combination of Wall and Hazard teaches claim 1, wherein the secret comprises a first credential and a second credential, in particular wherein the first credential is more secure than the second credential (note paragraphs [0042]-[0044] of Hazard, passcode and biometric; biometric is more secure than passcode since an attacker can learn and enter a passcode while a real-time biometric is harder to fake).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the user credentials of Hazard. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user credentials of Hazard) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the verification data transmitted includes a passcode and user biometric (Hazard).


10.	Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Wall as applied to claim 2 above, and further in view of Dolev et al. (U.S. Patent Application Publication 2019/0089717; hereafter “Dolev”).
	For claim 5, Wall differs from the claimed invention in that they fail to teach:
	further comprising: receiving a session key from the second party via the first communication channel at the processing unit in return to providing the authentication token, in particular wherein the validity of the session key is time-limited.

	Dolev teaches:
	further comprising: receiving a session key from the second party via the first communication channel at the processing unit in return to providing the authentication token (note paragraphs [0056] and [0058], secret value is received over out of band channel, i.e. first communication channel; paragraphs [0061], secret values are used as encryption key), in particular wherein the validity of the session key is time-limited (Note paragraphs [0080] and [0085], secret values are done for each session, e.g. time between reboots and resets).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the out of band session key of Dolev. It would have been obvious because combining prior art elements (verifying a transaction using two communication channels of Wall; sending a secret key over an out of band communication channel to use as encryption key of Dolev) would yield the predictable results of sending transaction data including a secret value over the first communication channel between the user device and a POS (Wall) where the data includes a session key for encryption (Dolev).


11.	Claims 9-10, 12 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Wall as applied to claims 1, 4 and 14 above, and further in view of Li (U.S. Patent Application Publication 2019/0095926).
	For claim 9, Wall differs from the claimed invention in that they fail to teach:
	wherein the token is the finger of a human, in particular wherein coupling comprises a galvanic or capacitive coupling between the finger and the access point.

	Li teaches:
	wherein the token is the finger of a human, in particular wherein coupling comprises a galvanic or capacitive coupling between the finger and the access point (note paragraphs [0042] and [0073], POS device collects fingerprint information when finger, i.e. token, is touching a touch component of the POS, i.e. galvanic or capacitive coupling).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the collecting fingerprint information through a touch component of the POS of Li. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user biometrics of Li) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the first communication channel includes a touch component of the POS for biometric collection (Li).


	For claim 10, the combination of Wall and Li teaches claim 9, wherein the processing unit is embedded in a mobile device carried by the human (note paragraphs [0026] and [0087] of Wall, user device includes a processor; note paragraph [0024] of Li, user device may be wearable device).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the collecting fingerprint information through a touch component of the POS of Li. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user biometrics of Li) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the first communication channel includes a touch component of the POS for biometric collection (Li).


	For claim 12, the combination of Wall and Li teaches claim 1, wherein the secret is obtained from a body area network (note paragraphs [0024] and [0042] of Li, secret is transmitted through connection between wearable device and POS is through body area network.

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the collecting fingerprint information through a touch component of the POS of Li. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user biometrics of Li) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the first communication channel includes a touch component of the POS for biometric collection (Li).


	For claim 15, the combination of Wall and Li teaches claim 14, wherein the access point comprises an interface, in particular configured as a button, more in particular a button comprising a sensor, the processor (note paragraphs [0042] and [0073] of Li, POS device collects fingerprint information when finger is touching a touch component of the POS, i.e. sensor in button), and a terminal configured to establish a remote communication between the access point and a communication network of the second party (note paragraphs [0034], [0068] and [0074] of Wall, merchant system connects to CCI server).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the transaction verification of Wall and the collecting fingerprint information through a touch component of the POS of Li. It would have been obvious because combining prior art elements (verification an NFC transaction with two communication channels of Wall and authenticating a transaction using user biometrics of Li) would yield the predictable results of sending payment information and verification data over a first communication channel between the user device and a merchant POS (Wall) where the first communication channel includes a touch component of the POS for biometric collection (Li).

Conclusion
12.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
	Sofronas (U.S. Patent Application Publication 2018/0276652) teaches an NFC connection between a mobile device and a POS (note paragraph [0050]) where the POS forwards a financial transaction request that includes the wireless device ID and a POS location information (note paragraph [0057]) and the transaction server makes a separate connection to receive user PIN authorization (note paragraphs [0057] and [0060]).

	Xing (U.S. Patent Application Publication 2017/0243195) teaches an NFC connection between a user device and a POS (note paragraphs [0053] and [0082]) and a separate, second connection between the mobile device and a cloud server for transaction verification (note paragraphs [0045] and [0053]).

13.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID J PEARSON whose telephone number is (571)272-0711. The examiner can normally be reached 6:00 - 5:30 pm; Monday through Thursday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/David J Pearson/Primary Examiner, Art Unit 2438