DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
Claims 1, 5-8, 14 and 20 have been amended.
Claims 28-24 are new.
Claims 3, 4, 15-19, and 21-27 are canceled.
Claims 1-2, 5-14, 20 and 28-34 are pending and have been examined herein. 
Drawings
The drawings were received on 6 April 2021.  These drawings are acceptable.
Duplicate Claims
Applicant is advised that 1) should claim 7 be found allowable, claim 33 will be objected to under 37 CFR 1.75 as being a substantial duplicate thereof and 2) that should claim 8 be found allowable, claim 34 will be objected to under 37 CFR 1.75 as being a substantial duplicate thereof. When two claims in an application are duplicates or else are so close in content that they both cover the same thing, despite a slight difference in wording, it is proper after allowing one claim to object to the other as being a substantial duplicate of the allowed claim. See MPEP § 608.01(m).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 8 and 34 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 8 recites “wherein at least one customer identifier to present to the customer on the logon page based on the device identifier.” Similarly, claim 34 recites “wherein at least one customer identifier to present to the customer on the logon page based on the device identifier.”
The claims are missing one or more verbs and thus require considerable speculation as to the intended meaning of the claims and assumptions as to the scope of the claims. Thus, the metes and bounds of claims 8 and 34 cannot be determined. In the interest of compact prosecution and for purposes of examination, the limitation “wherein at least one customer identifier to present to the customer on the logon page based on the device identifier” in each of claims 8 and 34 is interpreted to mean “wherein at least one customer identifier to present to the customer on the logon page is based on the device identifier.”
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-2, 5-14, 20 and 28-34 are directed to a method, and thus fall into at least one category enumerated in 35 U.S.C. § 101.
Nonetheless, claims 1-2, 5-14, 20 and 28-34  are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 
Claim 1 recites facilitating a transaction, comprising establishing  session with a merchant involved in an transaction with a customer; validating the merchant as a registered merchant; providing the merchant with a session identifier; receiving financial institution logon information from the customer; validating the customer logon information; receiving a selection of a payment account and a shipping address for the online transaction; providing the merchant with a token for the payment account; receiving a payment request from the merchant, the payment request comprising the token and the session identifier; and approving the payment request. This is a sales activity or commercial interaction that falls under the abstract idea grouping of Certain Methods of Organizing Human Activity -- commercial or legal interactions: sales activities or behaviors; and managing interactions between people. See MPEP § 2106.04(a)(2)(II).  Receiving and approving a payment request arising from a transaction between a merchant and customer fits into the category of commercial interaction or sales activity. 
This judicial exception is not integrated into a practical application because the claimed invention does not apply or use the judicial exception in a meaningful way beyond generally linking the use of the judicial exception to a particular technological environment.  The additional elements in claim 1 include: information processing device, computer processor, online session, online transaction, a first interface, a logon page, a second interface, and a separate browser window. The Specification reveals that the claims require no more than a general-purpose computer (Specification  [135] and  [138]: “general purpose computer”) and generic network components (Specification  [142]: “a network”, “LAN”, “wireless communication via cell tower or satellite”). The claims do not provide improvements to the functioning of a computer, or to any other technology or technical field. The recited hardware and operations are recited at a high-level of generality and are basic components of an online commerce environment; and so, merely limit the abstract idea to the particular technological environment of networked computers and online commerce.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception because when considered separately or in combination, they do no more than limit the abstract idea of receiving and approving a payment request arising from a transaction between a merchant and customer to the particular technological environment of online commerce, as discussed above. Limitations that merely confine the use of the abstract idea to a particular technological environment fail to add an inventive concept to the claims (see MPEP 2106.05(h) discussing Affinity Labs of Texas v. DirecTV, LLC, 838 F.3d 1253, 120 USPQ2d 1201 (Fed. Cir. 2016) (particular technological environment of cellular telephones).
Independent claim 20 recites a similar method but also adds that the identifier can only be used with the merchant and that the merchant stores the token for future transactions with the customer. These limitations are directed to the abstract idea and do not recite significantly more than the abstract idea or integrate the abstract idea into a practical application.
Dependent claim  2 specifies that the session identifier is a token. This narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  5 specifies that the logon page is prepopulated with a customer identifier. Using an identifier for a customer narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  6 specifies that the session identifier is received with logon information from the customer. Specifying the order in which the information is received related to the transaction narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  7 specifies that a device identifier is received prior to providing the logon page. Identifying a device and specifying when information is received related to the transaction narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  8 involves presenting a customer identifier based on a device identifier. Tying the information together narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  9 recites receiving data about the customer (IP address) and narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  10 adds presenting at least one payment account as a payment option. Presenting payment accounts to use in a transaction narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  11 specifies a type of account that is to be used. This narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  12 specifies a type of account that is to be used. This narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  13 specifies that the account selected is an application for an account. This is a fundamental economic practice or commercial activity and narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  14 specifies that an account be pre-selected. This narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  28 specifies that the session identifier be associated with the online transaction.  Associating an identifier with a transaction is part of the abstract idea and does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  29 recites identifying a payment account using a token and identifier. Identifying a payment account based on data is part of the abstract idea and does not add additional elements. The claim is directed to an abstract idea. 
Dependent claim  33 specifies that a device identifier is received prior to providing the logon page. Identifying a device and specifying when information is received related to the transaction narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  34 involves presenting a customer identifier based on a device identifier. Tying the information together narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  30 specifies that the session identifier is a token. This narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  31 specifies that the logon page is prepopulated with a customer identifier. Using an identifier for a customer narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Dependent claim  32 specifies that the session identifier is received with logon information from the customer. Specifying the order in which the information is received related to the transaction narrows the abstract idea but does not add additional elements. The claim is directed to an abstract idea.
Accordingly, claims 1-2, 5-14, 20 and 28-34 are patent-ineligible under 35 U.S.C. § 101.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-2, 5, 9-14, 20 and 28-31 are rejected under 35 U.S.C. 103 as being unpatentable over PURVES (US 20130346302 A1 to PURVES, T. et al.) in view of STARRS (US 7389913 B2 to Starrs, E.).
Regarding claim(s) 1,
PURVES discloses:
A method for facilitating a transaction, comprising (see, at least, PURVES: ¶[0100]:  METHODS AND SYSTEMS (hereinafter "Bill-Pay") facilitates, enhances, enables, creates, generates, and/or provides enhanced transactions, transaction management, data collection, data management and/or analysis, interactions, communications, and/or the like, relating to effectuating payments.): 
at a financial institution comprising an information processing device comprising at least one computer processor (see, at least, PURVES: ¶[0118]: the Bill-Pay server may be a remote server which is accessed by the user via a communication network 213; ¶[0620]: "server" [...] refers generally to a computer, other device, program, or combination thereof that processes and responds to the requests of remote users across a communications network; ¶[0122]: the Bill-Pay server may be part of, and/or integrated with financial network to process the financial transaction; ¶[126]: the Bill-Pay server, which may be integrated with a financial processing server; ¶[126]: the Bill-Pay server may process the transaction so as to transfer funds for the purchase into an account stored on an acquirer of the merchant; ¶[138]: In another implementation, the Bill-Pay server 220 may integrate with issuers): 
establishing an online session with a merchant involved in an online transaction with a customer in a first interface  (see, at least, PURVES: [0293]: users may be permitted by the Bill Pay to generate widgets on behalf of any merchant;  the Bill Pay server may determine if the currently active widget generator session is associated with any pricing and/or item information services, e.g., 10312; the Bill Pay server may generate a merchant content update request, e.g., 10313, and transmit the request to merchant server 10303. The merchant server may query and parse the request, retrieve updated item information; the merchant server may generate an update response package, e.g., 10315, and transmit the package to the Bill Pay server. The Bill Pay server may extract the updated merchant content and update the local or remote merchant content database, e.g., 10316.; ¶[651]: database component may include A Shop Sessions table with  fields such as user_id, session_id, timestamp, expiry_lapse, merchant_id, store_id, and/or the like.; ¶[295]: user device sends checkout widget request to Bill Pay server); 
validating the merchant as a registered merchant (see, at least, PURVES: [0115]: the Bill-Pay server may verify the received entity registration information and then generate a Bill-Pay widget. For example, the Bill-Pay may verify whether the requesting business entity is an eligible entity that has a business agreement with Bill-Pay, etc.);
[...]
providing the merchant with a financial institution logon page for the customer in a second interface (see, at least, PURVES: ¶[112]: clicking on bill-pay widget to proceed to payment leads to a pop-up window; figure 109E and ¶[325]: the merchant's website 10908 may be displayed as an iframe. The consumer may then go back the previous page by selecting the link 10928 (e.g., return to twitter.com) or may select a checkout widget (not shown). When the checkout widget is clicked or selected, an overlay similar to overlay 10930 may be displayed where the consumer may enter their wallet login credentials.; figure 2031A and [0519]: example user interfaces illustrating wallet overlay on mobile devices (e.g., mobile phones, tablets, etc.) in some embodiments of the Bill Pay (figure 2031A shows user login and password field in an overlay; figure 25 and [0271]: figure 25 shows username and password fields; ¶[271]:  regarding figure 25, consumer may choose the POTBELLY transaction 2505, and a widget may display [interface window] for the consumer to enter the consumer's log in information.), 
[...]
and is provided in a separate browser window (see, at least, PURVES: ¶a[112]: clicking on bill-pay widget to proceed to payment leads to a pop-up window; figure 109E and ¶[325]: the merchant's website 10908 may be displayed as an iframe. The consumer may then go back the previous page by selecting the link 10928 (e.g., return to twitter.com) or may select a checkout widget (not shown). When the checkout widget is clicked or selected, an overlay similar to overlay 10930 may be displayed where the consumer may enter their wallet login credentials.; figure 2031A and [0519]: example user interfaces illustrating wallet overlay on mobile devices (e.g., mobile phones, tablets, etc.) in some embodiments of the Bill Pay (figure 2031A shows user login and password field in an overlay; figure 25 and [0271]: figure 25 shows username and password fields; ¶[271]:  regarding figure 25, consumer may choose the POTBELLY transaction 2505, and a widget may display [interface window] for the consumer to enter the consumer's log in information.);
 receiving financial institution logon information from the customer from the second interface (see, at least, PURVES: figure 2031C Wallet Overlay on Mobile Devices; ¶[ [0469]: the lightbox may solicit from the user credentials sufficient to identify the virtual wallet account to which the payment accounts should be added. In some embodiments, the credentials may be in the form of a user name/password combination, a user name/Email combination, and/or the like 202005. Once the user has entered the appropriate wallet credentials, they may then link the payment accounts to the wallet 202006. This may result in the lightbox (e.g., from an issuer, merchant, and/or a like source) creating message 202221 and pulling the information from the issuer server (see FIG. 2022b); ¶[434]: When the login with wallet button is selected, a wallet widget 20815 may be launched within the merchant site 20805. The customer may provide wallet username and password 20815a to login to the merchant site via the wallet); 
validating the customer logon information (see, at least, PURVES: ¶[325]: The consumer provided login credentials may be authenticated by the wallet server, and upon successful authentication, an overlay 10930 may be displayed.; ¶[434]: once the customer is authenticated via the wallet, the wallet may send the merchant the customer ID corresponding to the relationship between the customer and the merchant.); 
receiving a selection of a payment account (see, at least, PURVES: ¶[111]: In one implementation, the Bill-Pay may determine a remaining balance 148, and provide a list of accounts 149 for the user to select. The user may select an account to pay the remaining balance; ¶[162]: In one implementation, a user may select payment methods by clicking to pay, e.g., 406, with a credit card, a debit card, and bank accounts that have been added by the user to his Bill-Pay account during registration, e.g., 404.)
 and a shipping address for the online transaction from the second interface (see, at least, PURVES: ¶[455]: The customer may select one or more of the shipping addresses for sharing with the merchant, and may add another address 201215d to the wallet directly from the shipping address panel 201215; figure 1021B: Address; figure 2012: list of multiple shipping addresses.; figure 2031A: Shipping address menu; ¶[493]: the address book may include more than one address, and the user may select an address to use as default shipping and/or billing addresses);
providing the merchant with a token for the payment account in the first interface (see, at least, PURVES: [0157] In one implementation, the consumer may need to enroll in Bill-Pay to manage their recurring bill payments. The biller or their payment processor is also enrolled with Bill-Pay, which stores card numbers on behalf of the merchant (e.g., a tokenization service)); ¶[161]: Within implementations, the biller 360 may send instruction to their payment gateway or process to bill the consumer including the consumers unique token 396, and may request the consumers PAN number from the tokenization service managed by the Bill-Pay 397); 
receiving a payment request from the merchant, the payment request comprising the token (see, at least, PURVES: ¶[158]: The biller may retain a token representing the consumers default card account 392. The consumers actual default card account numbers may be sent to and stored by the Bill-Pay in the tokenization service 393.; ¶[161]: [0161] Within implementations, the biller 360 may send instruction to their payment gateway or process to bill the consumer including the consumers unique token 396, and may request the consumers PAN number from the tokenization service managed by the Bill-Pay 397)
and the session identifier (see, at least, PURVES: ¶[219]: in some embodiments, the card authorization request may include at least a session ID for the user's shopping session with the merchant.); 
and approving the payment request (see, at least, PURVES: ¶[122]: In one embodiment, the Bill-Pay server 220 may be part of, and/or integrated with financial network 230 to process the financial transaction. In another implementation, the financial network 230 may receive the authorization request 223 and generate an authorization response 224 to approve or disapprove the transaction.).  
PURVES does not expressly disclose the following limitations, which STARRS however, teaches:
providing the merchant with a session identifier for the online session that uniquely identifies online session between the financial institution and the merchant (see, at least, STARRS:  column(s) 8, line(s) 60-67: Check Processing System creates secure session with Customer inside frames on Merchant Web Site), Check Processing System creates a unique session ID and transaction ID, Check Processing System serves a log-in page)
the second interface associated with the session identifier (see, at least, STARRS:  column(s) 8, line(s) 60-67: Check Processing System creates secure session with Customer inside frames on Merchant Web Site), Check Processing System creates a unique session ID and transaction ID, Check Processing System serves a log-in page)
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the system/method of PURVES, which discloses techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) with the technique of STARRS, which discloses a technique for processing an online payment for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments, increase convenience for the customer, while avoiding the costs associated with payment fraud   (STARRS column(s) 1, line(s) 25-30), and simplify payment transactions for a user (STARRS column(s) 7, line(s) 30-31).
Regarding claim(s) 2,
PURVES and STARRS teaches the method of claim 1, 
PURVES further discloses:
wherein the session identifier comprises a session token (see, at least, PURVES: ¶[395]: In one embodiment, a token is generated that represents a unique combination of widget parameters. As described herein, one or more of the unique widget parameters (e.g., amount, and/or the like) may be representative of a range of acceptable values, one value, and/or the like. In one embodiment, a token is generated using an SHA256 hashing algorithm that hashes the string combination of a shared secret key, the amount calculated above or provided by the seller, the currency, a merchant transaction identifier and a product identifier, e.g., 102211. In other embodiments, the hash is generated using MD5, Whirlpool, Gost, Haval, and/or the like; ¶[440]: In one implementation, the merchant server may use the user sign as a trigger to request current user information from the wallet server. The merchant server may generate and send a user information request message 20926 to the wallet server. The user information request message 20926 may include, without limitation, the customer ID that is unique to the customer and the merchant relationship, a token, an API key, a digital certificate, and/or the like. In one implementation, the token may be generated using one or more parameters such as the merchant's API key, customer ID, merchant ID, merchant name, customer name, and/or the like.; ¶[447]: Using the customer ID and/or API keys or tokens, the merchant may request customer information such as shipping address, payment method, and/or the like at 201055. The wallet may provide the merchant the information that is permitted for sharing by the customer preferences and permissions. At 201060, the merchant may use the information from the wallet to conduct a transaction. In one implementation, the transaction may be via the wallet. In another implementation, the transaction may be via a lightbox widget rendered within the merchant site.).  
Regarding claim(s) 5,
PURVES and STARRS teaches the method of claim 1, 
PURVES further discloses:
wherein the logon page is pre-populated with a customer identifier (see, at least, PURVES: ¶[474]: The Bill Pay may then use the user's account number or other credential such as a username/password combination or the like to initiate a request for retrieval of pre-provisioned data associated with the payment account 202106. In some embodiments, the request for retrieval of pre-provisioned data 202106 (e.g., "prefill data") may be in the form of an HTTP(S) message including XML-formatted data containing fields substantially similar to the following: [“CID Customer ID of the Cardholder”; ¶[476]: In some embodiments, the virtual wallet may then pre-populate the provided information 202108 into a form for enrollment of the user's payment account, rewards account, and/or like in the user's virtual wallet).  
Regarding claim(s) 9,
PURVES and STARRS teaches the method of claim 1, 
PURVES does not expressly disclose the following limitations, which STARRS however, teaches:
wherein the merchant receives an IP address of the customer (see, at least, STARRS: column(s) 6, line(s) 10-15: risk score is generated using Network Geolocation Technology (NGT)) to determine a user's physical location, which is compared to a reported location and IP address of the user's (hardware) system).  
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the system/method of PURVES, which discloses techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) with the technique of STARRS, which discloses a technique for processing an online payment for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments, increase convenience for the customer, while avoiding the costs associated with payment fraud   (STARRS column(s) 1, line(s) 25-30), and simplify payment transactions for a user (STARRS column(s) 7, line(s) 30-31).
Regarding claim(s) 10,
PURVES and STARRS teaches the method of claim 1, 
PURVES further discloses:
 wherein the at least one computer processor for the financial institution presents at least one payment account in the electronic wallet to the customer as a payment option (see, at least, PURVES: ¶[406]: an image may be displayed to facilitate the selection of payment accounts; ¶[481]: the consumer may be presented with a list of the payment accounts transferred from the issuer; ¶[186] and figure 9B: Funds tab for making a payment (figure 9B) and forms of payments are listed (¶[186]); “Discover”, “PayPal,” and “Visa” options listed in figure 9B).  
Regarding claim(s) 11,
PURVES and STARRS teaches the method of claim 1, 
PURVES further discloses:
 wherein the account is a non- payment account (see, at least, PURVES: figure 9B: item 935, “Rewards *667” and “22,000 points”; ¶[181]: The user may also have the option of paying, wholly or in part, with reward points. For example, the graphical indicator 918 on the user interface shows the number of points available, the graphical indicator 919 shows the number of points to be used towards the amount due 234.56 and the equivalent 920 of the number of points in a selected currency (USD, for example).).  
Regarding claim(s) 12,
PURVES and STARRS teaches the method of claims 1,
PURVES further discloses:
 wherein the non-payment account is one of a line of credit, a mortgage, and a rewards point account (see, at least, PURVES: figure 9B: item 935, “Rewards *667” and “22,000 points”; ¶[181]: The user may also have the option of paying, wholly or in part, with reward points. For example, the graphical indicator 918 on the user interface shows the number of points available, the graphical indicator 919 shows the number of points to be used towards the amount due 234.56 and the equivalent 920 of the number of points in a selected currency (USD, for example); ¶[422]: points balance information.).  
Regarding claim(s) 13,
PURVES and STARRS teaches the method of claims 1,
PURVES further discloses:
 wherein the account comprises an application for an account (see, at least, PURVES: ¶[164]: In a further implementation, the Bill-Pay widget may provide issuer promotions, e.g., a user may apply for a new credit card, etc., 410 via the widget.; figure 4B: item 410: Apply for new card).  
Regarding claim(s) 14,
PURVES and STARRS teaches the method of claims 1,
PURVES further discloses:
wherein one of a plurality of accounts in the electronic wallet is pre-selected (see, at least, PURVES: ¶[186]: the wallet mobile application may automatically rearrange the order in which the forms of payments 935 are listed to reflect the popularity or acceptability of various forms of payment. In one implementation, the arrangement may reflect the user's preference, which may not be changed by the wallet mobile application; ¶[201]: In one implementation, the user may decide to pay with default method of payment. The wallet application may then use the user's default method of payment, in this example the wallet, to complete the purchase transaction).  
Regarding claim(s) 28,
PURVES and STARRS teaches the method of claims 1,
PURVES further discloses:
further comprising associating the session identifier with the online transaction (see, at least, PURVES: ¶[219]: , the card authorization request may include at least a session ID for the user's shopping session with the merchant. The session ID may be utilized by any component and/or entity having the appropriate access authority to access a secure site on the merchant server to obtain alerts, reminders, and/or other data about the transaction(s) within that shopping session between the user and the merchant.).  
Regarding claim(s) 29,
PURVES and STARRS teaches the method of claims 1,
PURVES further discloses:
further comprising identifying the payment account using the token and the session identifier received from the merchant (see, at least, PURVES: [0157]: Bill-Pay stores card numbers on behalf of the merchant (e.g., a tokenization service)); ¶[219]: the card authorization request may include at least a session ID for the user's shopping session with the merchant; ¶[219]: The merchant server may forward the card authorization request to a pay gateway server, e.g., 1604a, for routing the card authorization request to the appropriate payment network for payment processing.) .  

Regarding claim(s) 20,
PURVES discloses:
 A method for facilitating a transaction, (see, at least, PURVES: ¶[0100]:  METHODS AND SYSTEMS (hereinafter "Bill-Pay") facilitates, enhances, enables, creates, generates, and/or provides enhanced transactions, transaction management, data collection, data management and/or analysis, interactions, communications, and/or the like, relating to effectuating payments.):
comprising at a financial institution comprising an information processing device comprising at least one computer processor (see, at least, PURVES: ¶[0118]: the Bill-Pay server may be a remote server which is accessed by the user via a communication network 213; ¶[0620]: "server" [...] refers generally to a computer, other device, program, or combination thereof that processes and responds to the requests of remote users across a communications network; ¶[0122]: the Bill-Pay server may be part of, and/or integrated with financial network to process the financial transaction; ¶[126]: the Bill-Pay server, which may be integrated with a financial processing server; ¶[126]: the Bill-Pay server may process the transaction so as to transfer funds for the purchase into an account stored on an acquirer of the merchant; ¶[138]: In another implementation, the Bill-Pay server 220 may integrate with issuers): 
authenticating a customer that has selected a good or service to purchase from a merchant (see, at least, PURVES: ¶[325]: The consumer provided login credentials may be authenticated by the wallet server, and upon successful authentication, an overlay may be displayed.; ¶[434]: once the customer is authenticated via the wallet, the wallet may send the merchant the customer ID corresponding to the relationship between the customer and the merchant.; ¶[323]:  the initially selected item may be displayed to the consumer in the store application 10918a, from where the consumer may add the item to a shopping cart; ¶[210]: the user may select a product from a webpage catalog on the merchant's website, and add the product to a virtual shopping cart);
 establishing an online session with the merchant in a first interface (see, at least, PURVES: [0293]: users may be permitted by the Bill Pay to generate widgets on behalf of any merchant;  the Bill Pay server may determine if the currently active widget generator session is associated with any pricing and/or item information services, e.g., 10312; the Bill Pay server may generate a merchant content update request, e.g., 10313, and transmit the request to merchant server 10303. The merchant server may query and parse the request, retrieve updated item information; the merchant server may generate an update response package, e.g., 10315, and transmit the package to the Bill Pay server. The Bill Pay server may extract the updated merchant content and update the local or remote merchant content database, e.g., 10316.; ¶[651]: database component may include A Shop Sessions table with  fields such as user_id, session_id, timestamp, expiry_lapse, merchant_id, store_id, and/or the like.; ¶[295]: user device sends checkout widget request to Bill Pay server)
[...]
providing the merchant with a financial institution logon page for the customer in a second interface (see, at least, PURVES: ¶[112]: clicking on bill-pay widget to proceed to payment leads to a pop-up window; figure 109E and ¶[325]: the merchant's website 10908 may be displayed as an iframe. The consumer may then go back the previous page by selecting the link 10928 (e.g., return to twitter.com) or may select a checkout widget (not shown). When the checkout widget is clicked or selected, an overlay similar to overlay 10930 may be displayed where the consumer may enter their wallet login credentials.; figure 2031A and [0519]: example user interfaces illustrating wallet overlay on mobile devices (e.g., mobile phones, tablets, etc.) in some embodiments of the Bill Pay (figure 2031A shows user login and password field in an overlay; figure 25 and [0271]: figure 25 shows username and password fields; ¶[271]:  regarding figure 25, consumer may choose the POTBELLY transaction 2505, and a widget may display [interface window] for the consumer to enter the consumer's log in information.), 
[...]
and is provided in a separate browser window  (see, at least, PURVES: ¶a[112]: clicking on bill-pay widget to proceed to payment leads to a pop-up window; figure 109E and ¶[325]: the merchant's website 10908 may be displayed as an iframe. The consumer may then go back the previous page by selecting the link 10928 (e.g., return to twitter.com) or may select a checkout widget (not shown). When the checkout widget is clicked or selected, an overlay similar to overlay 10930 may be displayed where the consumer may enter their wallet login credentials.; figure 2031A and [0519]: example user interfaces illustrating wallet overlay on mobile devices (e.g., mobile phones, tablets, etc.) in some embodiments of the Bill Pay (figure 2031A shows user login and password field in an overlay; figure 25 and [0271]: figure 25 shows username and password fields; ¶[271]:  regarding figure 25, consumer may choose the POTBELLY transaction 2505, and a widget may display [interface window] for the consumer to enter the consumer's log in information.);
 receiving financial institution logon information from the customer in the online session from the second interface (see, at least, PURVES: figure 2031C Wallet Overlay on Mobile Devices; ¶[ [0469]: the lightbox may solicit from the user credentials sufficient to identify the virtual wallet account to which the payment accounts should be added. In some embodiments, the credentials may be in the form of a user name/password combination, a user name/Email combination, and/or the like 202005. Once the user has entered the appropriate wallet credentials, they may then link the payment accounts to the wallet 202006. This may result in the lightbox (e.g., from an issuer, merchant, and/or a like source) creating message 202221 and pulling the information from the issuer server (see FIG. 2022b); ¶[434]: When the login with wallet button is selected, a wallet widget 20815 may be launched within the merchant site 20805. The customer may provide wallet username and password 20815a to login to the merchant site via the wallet);
 validating the financial institution customer logon information (see, at least, PURVES: ¶[325]: The consumer provided login credentials may be authenticated by the wallet server, and upon successful authentication, an overlay 10930 may be displayed.; ¶[434]: once the customer is authenticated via the wallet, the wallet may send the merchant the customer ID corresponding to the relationship between the customer and the merchant.);
 receiving a selection of a payment account for conducting the transaction and the session identifier from the second interface  (see, at least, PURVES: ¶[111]: In one implementation, the Bill-Pay may determine a remaining balance 148, and provide a list of accounts 149 for the user to select. The user may select an account to pay the remaining balance; ¶[162]: In one implementation, a user may select payment methods by clicking to pay, e.g., 406, with a credit card, a debit card, and bank accounts that have been added by the user to his Bill-Pay account during registration, e.g., 404.);
 provisioning a merchant-specific identifier for the merchant (see, at least, PURVES: [0326]: an API key and token may also be required to create the checkout widget. The token may be an encrypted token for the merchant account; [425]: The Bill Pay may return the merchant's customer ID (or contract ID) to the merchant, and facilitate the customer login to the merchant account; [434]:  Referring to FIG. 208b, once the customer is authenticated via the wallet, the wallet may send the merchant the customer ID corresponding to the relationship between the customer and the merchant; [0440]: the merchant server may use the user sign as a trigger to request current user information from the wallet server. The merchant server may generate and send a user information request message 20926 to the wallet server. The user information request message 20926 may include, without limitation, the customer ID that is unique to the customer and the merchant relationship, a token, an API key, a digital certificate, and/or the like. In one implementation, the token may be generated using one or more parameters such as the merchant's API key, customer ID, merchant ID, merchant name, customer name, and/or the like. In a further implementation, the token may be encrypted; [447]: the wallet may create a customer ID as a record of the relationship between the customer and the merchant, and the associated preferences and permissions. The customer ID may be sent to the merchant. Using the customer ID and/or API keys or tokens, the merchant may request customer information such as shipping address, payment method, and/or the like at 201055.; ¶[440]: the token may be generated using one or more parameters such as the merchant's API key, [...], merchant ID,);
 and providing the merchant-specific identifier to the merchant wherein the merchant-specific identifier can only be used with the merchant (see, at least, PURVES: ¶[326]: the token may be an encrypted token for the merchant account.; [425]: The Bill Pay may return the merchant's customer ID (or contract ID) to the merchant, and facilitate the customer login to the merchant account; ¶[424]: Unlike storing card information with a merchant, which, if compromised, could be used at any merchant, the customer identifier can only be used by the designated entity. Any other entity attempting to use another entities identifier to access a customer's wallet account would be denied. In some implementations, the merchant may use this unique identifier to make calls to the wallet to retrieve and/or update commerce-relevant or other customer data; ¶[440]: The merchant server may generate and send a user information request message to the wallet server. The user information request message 20926 may include, without limitation, the customer ID that is unique to the customer and the merchant relationship, a token, an API key, a digital certificate, and/or the like. In one implementation, the token may be generated using one or more parameters such as the merchant's API key, [...], merchant ID, merchant name, [...], and/or the like. In a further implementation, the token may be encrypted. In one implementation, the token may be a string that is created by the MD5 Message Digest algorithm hash of one or more of the parameters listed above.);
 wherein the merchant stores the merchant-specific token for a future transaction with the customer (see, at least, PURVES: [0424]: In some embodiments, the initial connection between an entity and Wallet creates a customer identifier unique to that relationship. Unlike storing card information with a merchant, which, if compromised, could be used at any merchant, the customer identifier can only be used by the designated entity. Any other entity attempting to use another entities identifier to access a customer's wallet account would be denied. In some implementations, the merchant may use this unique identifier to make calls to the wallet to retrieve and/or update commerce-relevant or other customer data. The customer has the option to maintain, in one place, address book, payment methods, and payment preferences. If the customer moves addresses for example, or obtains a new payment card, these changes may be remotely propagated to all the merchants they do ongoing business with. In some implementations, the merchant has a set of callbacks that the merchant can invoke to the wallet in order to offer seamless and uninterrupted service to the customer. Under the appropriate permissions, the merchant may make these calls independently and/or under certain triggers such as the appearance of the customer starting a new shopping session.; [0462]: FIG. 2015 shows an example enrollment lightbox for creating a Bill Pay link between a user's virtual wallet and a merchant. The enrollment form may contain details about the transactions authorized which may be one-time transactions, periodic transactions, recurring transactions, or any combination thereof.; ¶[409]: the consumer may agree to or designate certain payment options to be used in recurrent transactions. the consumer may permit flexible recurring commerce, wherein future transactions from a merchant may be billed to the reference alias without further intervention from the user).  
  
PURVES does not expressly disclose the following limitations, which STARRS however, teaches:
the second interface associated with the session identifier (see, at least, STARRS:  column(s) 8, line(s) 60-67: Check Processing System creates secure session with Customer inside frames on Merchant Web Site), Check Processing System creates a unique session ID and transaction ID, Check Processing System serves a log-in page) 
and providing the merchant with a session identifier for the online session that uniquely identifies the online session between the financial institution and the merchant  (see, at least, STARRS:  column(s) 8, line(s) 60-67: Check Processing System creates secure session with Customer inside frames on Merchant Web Site), Check Processing System creates a unique session ID and transaction ID, Check Processing System serves a log-in page);
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the system/method of PURVES, which discloses techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) with the technique of STARRS, which discloses a technique for processing an online payment for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments, increase convenience for the customer, while avoiding the costs associated with payment fraud   (STARRS column(s) 1, line(s) 25-30), and simplify payment transactions for a user (STARRS column(s) 7, line(s) 30-31).
Regarding claim(s) 30,
PURVES and STARRS teaches the method of claim 20.
PURVES further discloses:
 wherein the session identifier comprises a session token  (see, at least, PURVES: ¶[395]: In one embodiment, a token is generated that represents a unique combination of widget parameters. As described herein, one or more of the unique widget parameters (e.g., amount, and/or the like) may be representative of a range of acceptable values, one value, and/or the like. In one embodiment, a token is generated using an SHA256 hashing algorithm that hashes the string combination of a shared secret key, the amount calculated above or provided by the seller, the currency, a merchant transaction identifier and a product identifier, e.g., 102211. In other embodiments, the hash is generated using MD5, Whirlpool, Gost, Haval, and/or the like; ¶[440]: In one implementation, the merchant server may use the user sign as a trigger to request current user information from the wallet server. The merchant server may generate and send a user information request message 20926 to the wallet server. The user information request message 20926 may include, without limitation, the customer ID that is unique to the customer and the merchant relationship, a token, an API key, a digital certificate, and/or the like. In one implementation, the token may be generated using one or more parameters such as the merchant's API key, customer ID, merchant ID, merchant name, customer name, and/or the like.; ¶[447]: Using the customer ID and/or API keys or tokens, the merchant may request customer information such as shipping address, payment method, and/or the like at 201055. The wallet may provide the merchant the information that is permitted for sharing by the customer preferences and permissions. At 201060, the merchant may use the information from the wallet to conduct a transaction. In one implementation, the transaction may be via the wallet. In another implementation, the transaction may be via a lightbox widget rendered within the merchant site.).  
Regarding claim(s) 31,
PURVES and STARRS teaches the method of claim 20.
PURVES further discloses:
wherein the logon page is pre- populated with a customer identifier (see, at least, PURVES: ¶[474]: The Bill Pay may then use the user's account number or other credential such as a username/password combination or the like to initiate a request for retrieval of pre-provisioned data associated with the payment account 202106. In some embodiments, the request for retrieval of pre-provisioned data 202106 (e.g., "prefill data") may be in the form of an HTTP(S) message including XML-formatted data containing fields substantially similar to the following: [“CID Customer ID of the Cardholder”; ¶[476]: In some embodiments, the virtual wallet may then pre-populate the provided information 202108 into a form for enrollment of the user's payment account, rewards account, and/or like in the user's virtual wallet).  

Claim(s) 6-8 and 32-34 are rejected under 35 U.S.C. 103 as being unpatentable over PURVES (US 20130346302 A1 to PURVES, T. et al.) in view of STARRS (US 7389913 B2 to Starrs, E.) in further view of CALHOON (US 20020188573 A1 to Calhoon, Gordon W.)
Regarding claim(s) 6,
PURVES and STARRS teaches the method of claim 1, 
The combination of PURVES and STARRS does not teach the following, which CALHOON, however teaches:
 wherein the session identifier is received with the logon information from the customer (see, at least, CALHOON: [0007] a method of conducting secure transactions over a network is provided; ¶[33]: The member, having logged in, is now free to shop on-line a participating merchants. Even as the member surfs to different web sites and/or connects with different merchant servers, the session link between the member and the coordinator is maintained. Additionally, the session is assigned a unique session code identifying the same; ¶[007]: Members are assigned a unique user ID and have a financial account associated therewith. Members connected to the network are logging in with their unique user ID, and assigned a unique session code. Purchase authorization requests from merchants indicate a purchase amount and a session code.; ¶[28]: This code is issued at the sign-on of each individual session and is valid for no more than a single session. As each session ends, the data link will delete and no longer recognize this unique session code.);   
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Regarding claim(s) 7,
PURVES and STARRS teaches the method of claim 1, 
The combination of PURVES and STARRS does not teach the following, which CALHOON, however teaches:
wherein a device identifier is received prior to providing the logon page (see, at least, CALHOON: ¶[27]: member 30 is able to access the system A from remote locations. In this case, the coordinator 10 will ask for verification of the member's identity by asking for the physical key; ¶[31]: the coordinator 10 identifies some physical aspect of what the member has in their possession. At decision step 230, it is determined it if there is a physical key attached to the member's computer.; figure 4: 230 and 232: code from physical key).  
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Regarding claim(s) 8,
PURVES, STARRS, and CALHOON teaches the method of claims 1 & 7, 
PURVES and STARRS do not teach the following, which CALHOON, however further teaches:
wherein at least one customer identifier to present to the customer on the logon page based on the device identifier (see, at least, CALHOON: ¶[31]: [0031] At this point, the coordinator 10 identifies some physical aspect of what the member 30 has in their possession.  ¶[31]: the user ID is obtained from the physical key after determining there is a physical key attached to the user’s computer).  
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Regarding claim(s) 32,
PURVES and STARRS teaches the method of claim 20, 
The combination of PURVES and STARRS does not teach the following, which CALHOON, however teaches:
 wherein the session identifier is received with the logon information from the customer (see, at least, CALHOON: [0007] a method of conducting secure transactions over a network is provided; ¶[33]: The member, having logged in, is now free to shop on-line a participating merchants. Even as the member surfs to different web sites and/or connects with different merchant servers, the session link between the member and the coordinator is maintained. Additionally, the session is assigned a unique session code identifying the same; ¶[007]: Members are assigned a unique user ID and have a financial account associated therewith. Members connected to the network are logging in with their unique user ID, and assigned a unique session code. Purchase authorization requests from merchants indicate a purchase amount and a session code.; ¶[28]: This code is issued at the sign-on of each individual session and is valid for no more than a single session. As each session ends, the data link will delete and no longer recognize this unique session code.);   
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Regarding claim(s) 33,
PURVES and STARRS teaches the method of claims 1,
PURVES and STARRS do not teach the following, which CALHOON, however further teaches:
wherein a device identifier is received prior to providing the logon page  (see, at least, CALHOON: ¶[31]: [0031] At this point, the coordinator 10 identifies some physical aspect of what the member 30 has in their possession.  ¶[31]: the user ID is obtained from the physical key after determining there is a physical key attached to the user’s computer; ¶[32]: after the member 30 has been positively identified, a unique, electronic session identification number or code is generated. This session identification number or code is unique to the period of time that the member is accessing the Internet contiguously or for a specified period of time. Each session code corresponds to a particular logged-in member.). 
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Regarding claim(s) 34,
PURVES, STARRS, and CALHOON teaches the method of claims 1 and 33, 
PURVES and STARRS do not teach the following, which CALHOON, however further teaches:
wherein at least one customer identifier to present to the customer on the logon page based on the device identifier  (see, at least, CALHOON: ¶[31]: At this point, the coordinator 10 identifies some physical aspect of what the member has in their possession.  ¶[31]: the user ID is obtained from the physical key after determining there is a physical key attached to the user’s computer).
It would have been obvious to one of ordinary skill in the art at the time of filing to combine/modify the combination of PURVES and STARRS, which involve techniques of online commerce (PURVES  [333]) including shopping at a merchant’s website  (PURVES [210]) and  processing an online payments for an item (STARRS column(s) 1, line(s) 55-57) in order to improve security of payments (CALHOON [0009]) and protect buyers and sellers from fraudulent or otherwise unauthorized transactions (CALHOON [0010]).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BOLKO HAMERSKI whose telephone number is (571)270-7621. The examiner can normally be reached Monday-Friday 10:00 AM to 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, BENNETT SIGMOND can be reached on (303) 297-4411. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

BOLKO HAMERSKI
Examiner
Art Unit 3694



/BOLKO M HAMERSKI/           Examiner, Art Unit 3694                                                                                                                                                                                             
/BENNETT M SIGMOND/           Supervisory Patent Examiner, Art Unit 3694