First Data CorporationDownload PDFPatent Trials and Appeals BoardJul 2, 20202019001868 (P.T.A.B. Jul. 2, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/309,397 06/19/2014 Craig A. Tieken 87188-793967 4884 20350 7590 07/02/2020 KILPATRICK TOWNSEND & STOCKTON LLP Mailstop: IP Docketing - 22 1100 Peachtree Street Suite 2800 Atlanta, GA 30309 EXAMINER NIGH, JAMES D ART UNIT PAPER NUMBER 3685 NOTIFICATION DATE DELIVERY MODE 07/02/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): KTSDocketing2@kilpatrick.foundationip.com ipefiling@kilpatricktownsend.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ________________ Ex parte CRAIG A. TIEKEN and DAVID LOW ________________ Appeal 2019-001868 Application 14/309,397 Technology Center 3600 ________________ Before JASON V. MORGAN, MICHAEL J. STRAUSS, and SCOTT RAEVSKY, Administrative Patent Judges. MORGAN, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Introduction Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the Examiner’s decision to reject claims 23, 27–29, 37–39, 41, and 42. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest as First Data Corporation, of Greenwood Village, Colorado. Appeal Br. 3. Appeal 2019-001868 Application 14/309,397 2 Summary of the disclosure Appellant’s claimed subject matter relates to providing secure transactions through the use of a generated token that is linked with a financial account identifier at a payment processor server. This allows the token to be transmitted to a recipient system or device that had stored the financial account identifier, but that replaces the stored financial account identifier with the token. Abstract. Exemplary claim (key limitations emphasized) 23. A method for providing secure transactions, the method comprising: receiving, at a merchant computer system, an identifier of a financial account from a remote communications device, the merchant computer system comprising a first computer having a first memory, a first network interface, and a first processor; creating, at the merchant computer system, a customer identifier linking a customer to a merchant, the customer identifier associated with the identifier of the financial account; providing the customer identifier and the identifier of the financial account to a payment processor system, the payment processor system comprising a second computer having a second memory, a second network interface, and a second processor; storing, at the first memory of the merchant computer system, the identifier of the financial account; initiating, by the merchant computer system, a transaction using the customer identifier; transmitting, by the merchant computer system, the customer identifier to the payment processor system, thereby enabling a copy of the identifier of the payment account stored at the payment processor system to be retrieved for transmission to a financial institution; Appeal 2019-001868 Application 14/309,397 3 receiving, at the merchant computer system, authorization and a token associated with the customer identifier and the identifier of the financial account from the payment processing system, wherein the token comprises a random number and is generated by the payment processing system; and replacing, at the first memory of the merchant computer system, the stored identifier of the financial account with the token to limit the use of the identifier of the financial account for enhanced security. The Examiner’s rejections and cited references The Examiner rejects claims 23, 27–29, 37–39, 41, and 42 under 35 U.S.C. § 101 as being directed to patent-ineligible subject matter. Final Act. 8–16. The Examiner rejects claims 23, 27–29, 37–39, 41, and 42 under 35 U.S.C. § 112, first paragraph, as failing to comply with the written description requirement. Final Act. 17–21. The Examiner rejects claims 37–39, 41, and 42 under 35 U.S.C. § 112, second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventors regard as the invention. Final Act. 21–23. The Examiner rejects claims 23, 27–29, 37–39, 41, and 42 under 35 U.S.C. § 103(a) as being unpatentable over Giordano et al. (US 2002/ 0152123 A1; published Oct. 17, 2002) (“Giordano”), Sahasranaman et al. (US 8,549,279 B1; issued Oct. 1, 2013) (“Sahasranaman”), and Kendrick et al. (US 2009/0240620 A1; published Sept. 24, 2009) (“Kendrick”). Final Act. 23–27. Appeal 2019-001868 Application 14/309,397 4 35 U.S.C. § 101 Principles of law To constitute patent-eligible subject matter, an invention must be a “new and useful process, machine, manufacture, or composition of matter, or [a] new and useful improvement thereof.” 35 U.S.C. § 101. There are implicit exceptions to the categories of patentable subject matter identified in 35 U.S.C. § 101, including: (1) laws of nature; (2) natural phenomena; and (3) abstract ideas. Alice Corp. v. CLS Bank Int’l, 573 U.S. 208, 216 (2014). The U.S. Supreme Court has set forth a framework for distinguishing patents with claims directed to these implicit exceptions “from those that claim patent-eligible applications of those concepts.” Id. at 217 (citing Mayo Collaborative Servs. v. Prometheus Labs., Inc., 566 U.S. 66 (2012)). The evaluation follows a two-part analysis: (1) determine whether the claim is directed to a patent-ineligible concept, e.g., an abstract idea; and (2) if so, then determine whether any element, or combination of elements, in the claim is sufficient to ensure that the claim amounts to significantly more than the patent-ineligible concept itself. See id. at 217–18. Last year, the U.S. Patent and Trademark Office (USPTO) published guidance on the application of the two-part analysis. USPTO, 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50 (January 7, 2019) (“2019 Revised Guidance”); see also USPTO, October 2019 Update: Subject Matter Eligibility, available at https://www.uspto.gov/sites/default/ files/documents/peg_oct_2019_update.pdf (Oct. 17, 2019). Under that guidance, we first look to whether the claim recites: (1) any judicial exceptions, including certain groupings of abstract ideas (i.e., mathematical concepts, certain methods Appeal 2019-001868 Application 14/309,397 5 of organizing human activity such as a fundamental economic practice, or mental processes) (see 2019 Revised Guidance, 84 Fed. Reg. at 54 (step 2A, prong one)); and (2) additional elements that integrate the judicial exception into a practical application (see id. at 54–55 (step 2A, prong two); MPEP §§ 2106.05(a)–(c), (e)–(h)). Only if a claim (1) recites a judicial exception and (2) does not integrate that exception into a practical application, do we then look to whether the claim: (3) adds a specific limitation beyond the judicial exception that is not “well-understood, routine, conventional” in the field (see MPEP § 2106.05(d)); or (4) simply appends well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception. See 2019 Revised Guidance, 84 Fed. Reg. at 56. Step 2A, prong one The Examiner determines that the operations of claim 23 “are merely the way in which the settlement of the transaction takes place.” Final Act. 10 (citing, Alice, 573 U.S. 208); see also Adv. Act. 2 (June 12, 2018). In other words, the Examiner determines that claim 23 recites certain methods of organizing human activity in the form of a fundamental economic principle or practice. See Final Act. 10; Adv. Act. 2; 2019 Revised Guidance, 84 Fed. Reg. at 52. The Examiner’s determination is supported by the claim 23 recitations of “receiving . . . an identifier of a financial account,” “creating a customer Appeal 2019-001868 Application 14/309,397 6 identifier . . . associated with the identifier of the financial account,” “storing . . . the identifier of the financial account,” “initiating . . . a transaction using the customer identifier,” “receiving . . . authorization and a token associated with the customer identifier and the identifier of the financial account,” and “replacing . . . the stored identifier of the financial account with the token to limit the use of the identifier of the financial account for enhanced security.” That is, claim 23 recites not just receiving and using a financial account identifier, but also storing the financial account identifier until a token associated with the financial account identifier (and a customer identifier) to replace the financial account identifier is received. The token can still be used for purposes related to the transaction, such as “initiating . . . a transaction adjustment, a transaction refund, or a transaction settlement.” Appeal Br. 20 (dependent claim 27) (emphasis added). Thus, these recitations support the Examiner’s determination that that the operations of claim 23 represent steps for settlement of a transaction. See Final Act. 10. The recited steps prevent fraud by replacing the sensitive financial account identifier with a token that, even if stolen, “may not be used to initiate a financial transaction.” Spec. ¶ 11. Appellant argues “‘data security’ has not been identified by a court as an abstract idea.” Reply Br. 3. But preventing fraud is a fundamental economic principle or practice. Bozeman Fin. LLC v. Fed. Reserve Bank of Atlanta, 955 F.3d 971, 976 (Fed. Cir. 2020); cf. also Subject Matter Eligibility Examples: Business Methods, USPTO, *9, available at https://www.uspto.gov/sites/default/files/ documents/101_examples_1to36.pdf (Dec. 2016) (“PEG Examples”) (“a method of fraud prevention . . . is a fundamental business practice and is similar to ideas found abstract by the courts”). Appeal 2019-001868 Application 14/309,397 7 Appellant argues claim 23 “recites features that firmly root the claimed invention in computer technology, and thereby remove it from the realm of abstract ideas.” Appeal Br. 7. That is, Appellant argues “[t]he claimed recitations cannot be performed by a general purpose computer, nor can these features by performed by the human mind.” Id. But the claimed invention does not relate to practices that are only made possible by use of computer technologies. Cf. DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1257–58 (Fed. Cir. 2014) (a patent-eligible claim related to preventing a website visitor from being “transported” to a third party website when clicking on an advertisement, a problem with no pre-Internet analog). Rather, using tokens (e.g., truncated bank card numbers such as those long commonly found on receipts) and replacing data (e.g., using an eraser or scribbling out information and adding new information to replace the redacted data) are practices that do not require computer technology. In any event, Appellant’s arguments that claim 23 is “not directed to a fundamental economic practice” (Appeal Br. 8) does not persuasively address our determination that claim 23 at least recites certain methods of organizing human activity in the form of a fundamental economic practice or principle. For these reasons, we determine that claim 23 recites an abstract idea in the form of certain methods of organizing human activity (a fundamental economic principle or practice). Step 2A, prong two Appellant argues that claim 23 is not directed to an abstract idea because it is limited to specific embodiments “for replacing financial account identifiers with tokens, and do[es] not preempt any conventional methods of performing such functions, which use different processes to Appeal 2019-001868 Application 14/309,397 8 provide distinct results.” Appeal Br. 8 (citing McRO, Inc. v. Bandai Namco Games Am. Inc., 837 F.3d 1299 (Fed. Cir. 2016)); see also id. at 10 (“the step of replacing the stored identifier of the financial account with the token . . . confines the claim to a particular application . . . and does not run the risk of monopolizing the alleged abstract idea”); Reply Br. 2 (“[t]he claims do not broadly recite tokenization alone, but utilize tokenization in a particular arrangement that provides greater security benefits than tokenization on its own”). Appellant’s arguments are unpersuasive because the use of a token to replace a financial account identifier is insufficient to integrate the underlying abstract idea into a practical application. See 2019 Revised Guidance, 84 Fed. Reg. at 55. An additional element may integrate an abstract idea into a practical application if it “reflects an improvement in the functioning of a computer, or an improvement to other technology or technical field.” Id. But the claimed token does not reflect such an improvement. Instead, claim 23 merely invokes “computers in the collection and arrangement of data” (Smart Sys. Innovations, LLC v. Chicago Transit Auth., 873 F.3d 1364, 1373) in “the formation of financial transactions” (id. at 1372). Appellant argues claim 23 improves “the field of data security” (Appeal Br. 9; Reply Br. 3) and that “there has not been a single showing that ‘replacing the stored identifier of the financial account with the token to limit the use of the identifier of the financial account for enhanced security’ is a well-known, routine or conventional element” (Appeal Br. 10). The Examiner determines, however, that “both providing data security and the operation of replacing one set of data with another set of data for the Appeal 2019-001868 Application 14/309,397 9 purposes of maintaining imposed security requirements . . . are themselves abstract ideas [that] cannot form the basis for establishing that the claims contain significantly more than the abstract idea.” Ans. 8. Appellant’s arguments are unpersuasive because, as the Examiner correctly notes, these recitations do not represent additional elements, but are instead part of the underlying abstract idea of claim 23. Moreover, the claimed use of a token, like the use of a hash identifier, does not provide an inventive concept. See, e.g., Smart Sys. Innovations, LLC v. Chicago Transit Auth., 873 F.3d at 1369, 1374 (use of a hash identifier based on bankcard data did not provide an inventive concept). Appellant further argues claim 23 recites a device that is similar to subject matter found eligible in the non-precedential, pre-2019 Revised Guidance Board opinion Ex parte Ravenel, No. 2016-003604, available at https://e-foia.uspto.gov/Foia/RetrievePdf?system=BPAI&flNm= fd2016003604-03-30-2016-1 (PTAB 2016). See Appeal Br. 11–13; Reply Br. 3–4. Although Ravenel’s holding is not binding on this panel, we have reviewed the opinion and compared the claims. We agree with the Examiner that “Ravenel is not even applicable to” claim 23. Ans. 16. In particular, the representative claim in Ravenel was a “system for managing display content in a plurality of quick service restaurant (QSR) environments” (Ravenel, No. 2016-003604, at *2) that recited specific “system device and[/]or modules . . . configured to cause the recited function” (id. at *6). In Ravenel, the panel held that “[w]hen the disclosed structure is a computer programmed to carry out an algorithm, ‘the disclosed structure is not the general purpose computer, but rather the special purpose computer programmed to perform the disclosed algorithm.’” Id. (citing WMS Gaming, Inc. v. International Appeal 2019-001868 Application 14/309,397 10 Game Technology, 184 F.3d at 1349 (citing In re Alappat, 33 F.3d 1526, 1545 (Fed. Cir. 1994) (en banc))). Here, in contrast, exemplary claim 23 (a “method for providing secure transactions”) fails to recite specific devices or modules. Because we do not agree that Ravenel is pertinent, we find Appellant’s arguments based on Ravenel unavailing. Appellant further argues there are “vast similarities” between exemplary claim 23 and “Claim 2 in Example 35 of the Subject Matter Eligibility Examples issued by the USPTO.” Appeal Br. 13 (citing PEG Examples, at *7–10). We agree with the Examiner, however, that not only is the cited example “merely for illustrative purposes” (i.e., is not binding on this panel), but the cited example fails to show that Appellant’s claim 23 has additional elements that are significantly more than the underlying abstract idea. See Ans. 16–17. In particular, “the claimed combination of additional elements [of example 35, claim 2,] presents a specific, discrete implementation of the abstract idea.” PEG Examples, at *10 (citing BASCOM Glob. Internet Servs., Inc. v. AT&T Mobility LLC, 827 F.3d 1341 (Fed. Cir. 2016)). That is, the steps of example 35, claim 2, “do not represent merely gathering data for comparison or security purposes, but instead set up a sequence of events that address unique problems associated with bank cards and ATMs (e.g., the use of stolen or ‘skimmed’ bank cards and/or customer information to perform unauthorized transactions).” Id. Example 35, claim 2, in fact, recites a number of specific interactions as part of the claimed “method of conducting a secure automated teller transaction,” including “obtaining customer-specific information from a bank card,” transmitting a random code “to a mobile communication device Appeal 2019-001868 Application 14/309,397 11 that is registered to the customer associated with the bank card,” “reading, by the automated teller machine, an image [that includes encrypted code data] from the customer’s mobile communication device,” and “analyzing the decrypted code data . . . and the generated code to determine” if they match. PEG Examples, at *7–8. In contrast, claim 23 fails to recite such specific interactions. Even the receipt of a financial account identifier does not require use of a bank card. See Spec. ¶ 8 (noting a customer may initiate a transaction through “a card not present (CNP) data entry”). Thus, claim 23 does not, for example, “address unique problems associated with bank cards and ATMs.” PEG Examples, at *10. Therefore, we are unpersuaded that example 35, claim 2, supports Appellant’s contention that claim 23 includes additional elements that integrate the underlying abstract idea of claim 23 into a patent-eligible practical application. Claim 23 also fails to include additional elements that, for example, implement the underlying abstract idea with “a particular machine or manufacture that is integral to the campaign,” that effect “a transportation or reduction of a particular article to a different state or thing,” or that apply or use the underlying abstract idea “in some other meaningful way beyond generally linking the use of the [abstract idea] to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception.” See 2019 Revised Guidance, 84 Fed. Reg. at 55. We further note that Appellant’s arguments, as they pertain specifically to preemption, are unpersuasive because “[w]hile preemption may signal patent ineligible subject matter, the absence of complete Appeal 2019-001868 Application 14/309,397 12 preemption does not demonstrate patent eligibility,” as “questions on preemption are inherent in and resolved by the § 101 analysis.” Ariosa Diagnostics, Inc. v. Sequenom, Inc., 788 F.3d 1371, 1379 (Fed. Cir. 2015) (internal quotation marks and citation omitted). No additional determination regarding preemption is necessary here because the two-part analysis (i.e., steps 2A (prongs one and two) and 2B, discussed below) shows that claim 23 is directed to patent-ineligible subject matter. For these reasons, we determine claim 23 does not include additional recitations that integrate the underlying abstract idea—certain methods of organizing human activity (a fundamental economic principle or practice)— into a practical application. Therefore, claim 23 is directed to an abstract idea. Step 2B Having determined that claim 23 is directed to an abstract idea, we now consider the additional elements of claim 23 individually and in combination to ascertain whether they provide an inventive concept such that claim 23 amounts to significantly more than the underlying abstract idea. See 2019 Revised Guidance, 84 Fed. Reg. at 56. We are unable to ascertain any additional elements, individually and as an ordered combination, that reveal an inventive concept that makes claim 23 patent-eligible. Recitations such as “a merchant computer system comprising a first computer having a first memory, a first network interface, and a first processor,” which the Specification discloses as broadly encompassing a number of well-understood, routine, and conventional computer technologies, fail to make claim 23 more than the underlying abstract idea. See, e.g., Spec. Fig. 2, ¶¶ 17, 43–54. Appeal 2019-001868 Application 14/309,397 13 Accordingly, we sustain the Examiner’s 35 U.S.C. § 101 rejection of claim 23, and claims 27–29, 37–39, 41, 42, which Appellant does not argue separately. Appeal Br. 15. 35 U.S.C. § 112, FIRST PARAGRAPH Claims 23 and 27–29 In rejecting claim 23 as lacking sufficient written description support, the Examiner finds that although the written description discloses a merchant system performing the step of “providing the customer identifier and the identifier of the financial account to a payment processor system,” the claim “does not limit the performing of [this recited step] to a merchant system.” Final Act. 19; see also Adv. Act. 6 (June 12, 2018). The Examiner correctly notes Appellant did not separately argue against this basis for rejecting claim 23. Ans. 21. Appellant, for the first time in the Reply Brief, argues the disputed recitation is not “broader in scope than the teachings of the disclosure” because the Specification “clearly supports the recitation that the merchant provides both the customer identifier and the identifier of the financial account to the payment processor system.” Reply Br. 6 (citing Spec. ¶ 70). This argument is not only untimely (see 37 C.F.R. § 41.41(b)(2) (2018)), it is also not responsive to the rejection. The Examiner acknowledges that the Specification discloses a merchant system performing the disputed step. See Final Act. 19. The issue the Examiner raises is that unlike the receiving, creating, storing, initiating, transmitting, and receiving steps, which all are performed by or affect the claimed merchant computer system, the providing step is not limited to Appeal 2019-001868 Application 14/309,397 14 being performed by or affecting the claimed merchant computer system. And thus, as the Examiner correctly notes, under the broadest reasonable interpretation, claim 23 encompasses embodiments where an entity other than the merchant system performs the providing step. See Final Act. 19. The Examiner concludes that because the Specification only supports the merchant (or service provider) performing the providing step, the Specification fails to provide sufficient written description support for claim 23. See id. Appellant’s conclusion is reasonable because claims that are broader in scope than the supporting disclosure because they omit an essential element of the invention do not comply with the written description requirement. See Gentry Gallery, Inc. v. Berkline Corp., 134. F.3d 1473, 1480 (Fed. Cir. 1998). Because Appellant’s untimely arguments fails to address the basis for the Examiner’s rejection, which we find reasonable, we sustain the Examiner’s 35 U.S.C. § 112, first paragraph, rejection of claim 23, and claims 27–29, which depend therefrom. Claims 37–39, 41, and 42 In rejecting claim 23 as failing to be supported by sufficient written description support in the Specification, the Examiner also finds that claim 23 (which we address above based on alternative reasoning set forth in the Examiner’s rejection)—by reciting steps that includes both storing a financial account identifier (at least until it is replaced by a token) and providing a customer identifier and financial account identifier to a payment processing system—mixes embodiments discloses in Figures 3 and 4 of the Specification. See Final Act. 17–18. The Examiner rejects claim 37 for similar reasons. Id. at 17. Appeal 2019-001868 Application 14/309,397 15 Although Appellant notes that in describing Figure 4, the Specification discloses “some or all of the steps or aspects of method 300 of FIG 3” (Appeal Br. 15 (citing Spec. ¶ 69)), the Examiner finds “the written disclosure actually teaches away from the claim” because a merchant that “actually stores the account identifier for an indefinite period of time . . . would be running afoul of” Payment Card Industry Data Security Standards (PCI DSS) “and would be required to ‘spend millions of dollars’ . . . to initially meet the security requirements prescribed” (Final Act. 18–19 (citing Spec. ¶¶ 4, 22); see also Ans. 17–20). Appellant contends the Examiner erred because “[n]ot only is the disclosure of replacement of the identifier with the token indicative that the identifier was stored in a temporary fashion, but such processes eliminate the need for the merchant to continue storing the identifier, and thus, can maintain compliance with PCI DSS.” Appeal Br. 15; Reply Br. 6. Although we cannot ascertain whether the merchant system of claim 37 would need to comply with PCI DSS, we agree with Appellant that the Specification provides sufficient written description support for the disputed limitations. As Appellant persuasively argues (Appeal Br. 15), the Specification explicitly discloses that the method depicted in Figure 4 “may utilize some or all of the steps or aspects of method 300 of FIG. 3” (Spec. ¶ 69). Moreover, even if implementing the merchant system of claim 37 would require extensive PCI DSS compliance costs—contrary to Appellant’s expressed interpretation of the applicability of PCI DSS (Appeal Br. 15; Reply Br. 6)—this would merely show that Appellant had possession of an embodiment of the claimed invention that that would require costs Appellant erroneously believed would not be incurred. Claim 37 does not have any Appeal 2019-001868 Application 14/309,397 16 recitations that preclude embodiments that require PCI DSS compliance. Therefore, whether such costs would or would not be incurred is irrelevant to the question of whether the Specification “reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date.” Ariad Pharm., Inc. v. Eli Lilly & Co., 598 F.3d 1336, 1351 (Fed. Cir. 2010). Accordingly, we do not sustain the Examiner’s 35 U.S.C. § 112, first paragraph, rejection of claim 37, and claims 38, 39, 41, and 42, which the Examiner rejects as depending therefrom. Final Act. 21. 35 U.S.C. § 112, SECOND PARAGRAPH In rejecting claim 37 as being indefinite, the Examiner notes that the claim recites both “provid[ing] the customer identifier and the identifier of the financial account to a payment processor system” (emphasis added) and “transmit[ting] the customer identifier to a payment processor system” (emphasis added) and concludes that “[a]s the claim previously recited a payment processor system it is unclear as to whether this is the same payment processor system or a different payment processor system given the indefinite article ‘a’ used.” Final Act. 22–23; Ans. 22. Appellant does not dispute the Examiner’s analysis (Reply Br. 7), and we, therefore, summarily affirm the Examiner’s 35 U.S.C. § 112, second paragraph, rejection of claim 37, and claims 38, 39, 41, and 42, which depend therefrom. 35 U.S.C. § 103(A) In rejecting claim 23 as obvious, the Examiner finds that “Sahasranaman teaches replacing the identifier of the financial account with Appeal 2019-001868 Application 14/309,397 17 the token to limit the use of the identifier of the financial account for enhanced security.” Final Act. 25 (citing Sahasranaman col. 2, ll. 4–18, col. 3, ll. 4–22, col. 6, ll. 49–63, col. 7, ll. 38–50, col. 11, ll. 44–51, and col. 11, l. 60–col. 12, l. 4); see also Ans. 23–24 (further citing Sahasranaman Fig. 2, col. 9, ll. 13–17, col. 11, ll. 52–59, col. 16, ll. 28–45, col. 20, ll. 5–17). Appellant contends the Examiner erred because Sahasranaman fails to teach or suggest “that a merchant system’s previously stored version of the character string is actually replaced by a token.” Appeal Br. 17 (emphasis added). Appellant argues that Sahasranaman teaches, for example, keeping “both the token and the identifier of the financial account (credit card number).” Id. (emphasis added) (citing Sahasranaman col. 8, ll. 32–38); see also id. (further citing Sahasranaman col. 7, ll. 16–24). Appellant further argues that “[e]ven when Sahasranaman discloses that the character string and token are stored on different devices, the reference performs both of these storage actions using the gatekeeper module, and thus a single entity is storing both pieces of data, rather than replacing an identifier with a token as presently claimed.” Id. at 18 (emphasis added). Appellant also argues that evidence cited by the Examiner regarding a batching module fails to teach or suggest “that the new credit card number is replaced by the token, but rather that the token is stored instead of the new credit card number.” Reply Br. 7 (emphases added). Appellant’s arguments are persuasive because none of the portions of Sahasranaman teach or suggest replacing a stored financial account identifier with a token. For example, Sahasranaman teaches “accessing the character string . . . by using the unique token associated with the character string and transmitting the character string.” Sahasranaman col. 2, ll. 16–18; Appeal 2019-001868 Application 14/309,397 18 see also id. col. 3, ll. 16–19. That is, Sahasranaman teaches or suggests using the unique token to look up (use to access) a character string (i.e., a financial account identifier) rather than replacing the character string (thus meaning it could not longer be accessed using the unique token). Sahasranaman further teaches “associat[ing] [a] random number with the encrypted credit card number.” Id. col. 6, ll. 61–63 (emphasis added); see also id. col. 11, l. 44–col. 12, l. 4, col. 20, ll. 5–17. Merely associating a financial account identifier (e.g., an encrypted credit card number) with a random number does not replace the financial account identifier. Even if an encrypted financial account identifier falls within a reasonably broad interpretation of the claimed token, the Examiner does not show that Sahasranaman teaches or suggest storing an unencrypted financial account identifier and replacing it with an encrypted financial account identifier. Sahasranaman further teaches or suggests storing a sub-string of a character string (i.e., a financial account identifier) in separate storage from a token. Id. col. 7, ll. 38–46. But storing a financial account identifier in separate storage from a token necessarily means that the financial account identifier is not replaced by the token. Sahasranaman further teaches use of a unique token associated with a credit card number instead of the actual credit card number to facilitate transactions. See id. col. 16, ll. 28–45. But the Examiner does not show that using a token instead of a financial account identifier (e.g., a credit card number) teaches or suggests replacing a stored financial account identifier. See Ans. 24. The Examiner does not rely on Giordano or Kendrick to cure the noted deficiency of Sahasranaman. See Final Act. 24–26; Ans. 23–24. Appeal 2019-001868 Application 14/309,397 19 Accordingly, we do not sustain the Examiner’s 35 U.S.C. § 103(a) rejection of claim 23, and claims 27–29, 37–39, 41, and 42, which contain similar recitations. In the event of further prosecution, we recommend the Examiner ascertain whether and to what extent the secure payment card transactions teachings of Oder et al. (US 7,770,789 B2; issued Aug 10, 2010) (“Oder”)— which include, for example, “stor[ing] false data 504 in place of the payment data” (Oder col. 18, ll. 15–16)—teach or suggest the recitations of the claimed invention. Appeal 2019-001868 Application 14/309,397 20 CONCLUSION Claims Rejected 35 U.S.C. § References/ Basis Affirmed Reversed 23, 27–29, 37–39, 41, 42 101 Eligibility 23, 27–29, 37–39, 41, 42 23, 27–29, 37–39, 41, 42 112 ¶ 1 Written Description 23, 27–29 37–39, 41, 42 37–39, 41, 42 112 ¶ 2 Definiteness 37–39, 41, 42 23, 27–29, 37–39, 41, 42 103(a) Giordano, Sahasranaman, Kendrick 23, 27–29, 37–39, 41, 42 Overall Outcome 23, 27–29, 37–39, 41, 42 TIME PERIOD FOR RESPONSE No time period for taking subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED Copy with citationCopy as parenthetical citation
