Prosecution Insights
Last updated: July 17, 2026
Application No. 17/324,742

SYSTEMS AND METHODS FOR USE OF EMPLOYEE MESSAGE EXCHANGES FOR A SIMULATED PHISHING CAMPAIGN

Non-Final OA §101
Filed
May 19, 2021
Priority
May 21, 2020 — provisional 63/028,087
Examiner
SANTIAGO-MERCED, FRANCIS Z
Art Unit
3625
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
KnowBe4 Inc.
OA Round
11 (Non-Final)
28%
Grant Probability
At Risk
11-12
OA Rounds
0m
Est. Remaining
68%
With Interview

Examiner Intelligence

Grants only 28% of cases
28%
Career Allowance Rate
37 granted / 133 resolved
-24.2% vs TC avg
Strong +41% interview lift
Without
With
+40.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
30 currently pending
Career history
177
Total Applications
across all art units

Statute-Specific Performance

§101
27.2%
-12.8% vs TC avg
§103
67.1%
+27.1% vs TC avg
§102
3.7%
-36.3% vs TC avg
§112
1.8%
-38.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 133 resolved cases

Office Action

§101
DETAILED ACTION This is a Non-Final Office Action in response to the Request for Continued Examination filed 05/19/2026. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 05/19/2026 has been entered. Status of Claims Claims 1-22 are currently pending in the application and have been examined. Response to Amendment The amendment filed 05/07/2026 has been entered. Response to Arguments Claim Rejections 35 U.S.C. § 101: Applicant submits on page 9 of the remarks that the claims are patent eligible. Examiner respectfully disagrees and notes that according to the eligibility analysis, if a claim limitation covers observations or evaluations then it falls within the “mental process” grouping of abstract ideas. The “mental processes” grouping is defined as concepts performed in the human mind, and examples of mental processes include observations, evaluations, judgments, and opinions. Per the October 2019 Updated Guidance examples of claims that recite mental processes include: a claim directed to “collecting information, analyzing it, and displaying certain results of the collection and analysis” where the data analysis steps are recited at a high level of generality such that they could practically be performed in the human mind. Claims can recite a mental process even if they are claimed as being performed on a computer. As the Federal Circuit has explained, "Courts have examined claims that required the use of a computer and still found that the underlying, patent-ineligible invention could be performed via pen and paper or in a person’s mind." Versata Dev. Group v. SAP Am., Inc., 793 F.3d 1306, 1335, 115 USPQ2d 1681, 1702 (Fed. Cir. 2015). See also Intellectual Ventures I LLC v. Symantec Corp., 838 F.3d 1307, 1318, 120 USPQ2d 1353, 1360 (Fed. Cir. 2016) (‘‘[W]ith the exception of generic computer-implemented steps, there is nothing in the claims themselves that foreclose them from being performed by a human, mentally or with pen and paper.’’); Mortgage Grader, Inc. v. First Choice Loan Servs. Inc., 811 F.3d 1314, 1324, 117 USPQ2d 1693, 1699 (Fed. Cir. 2016). See MPEP 2106.04(a)(2). Applicant submits on page 15 of the remarks that the claim improves the technical field of computer security simulation and training. However, per the Revised October 2019 guidance: in order to determine if an invention improves the functioning of a computer or other technology (i.e. technical field) and integrate the judicial exception into a practical application, while the courts have not provided an explicit test for this consideration, MPEP 2106.04(a) and 2106.05(a) provide guidance, first the specification should be evaluated to determine if the disclosure provides sufficient details such that one of ordinary skill in the art would recognize the claimed invention as providing an improvement; second, if the specification sets forth an improvement in technology, the claim must be evaluated to ensure that the claim itself reflects the disclosed improvement. When looking at the specification, in view of the claims the disclosure supports that the provided improvement is not to the technology but to the abstract idea. Applicant submits on page 15 of the remarks that Even if some high-level "evaluation" where found to be implicated, the claim as a whole integrates any such exception into a practical application by requiring computer interactions (API scanning, message generator outputs, click-responsive signal handling) and model-based contextual selection using determines response rates-none of which is practically performable mentally and each of which is functionally tied to improved system operation in the security simulation domain. Examiner respectfully disagrees and notes that the present claims do not integrate the judicial exception into a practical application in a matter that imposes meaningful limit to the judicial exception. The claims as presented are merely linking the use of the judicial exception to a computer system. The additional elements recited in the claims do not provide improvement to the computer technology and do not provide a meaningful link of the abstract idea to a practical application. Applicant submits that the Claim also satisfies Step 2B and that the ordered combination of API-based scanning for structural layout characteristics, comparative dual-class response computation, and ML driven patterns-analysis-based contextual selection supports eligibility. Examiner respectfully disagrees and notes that these limitations do not impose meaningful limits on the judicial exception as they are directed to receiving or transmitting data over a network and the courts have recognized these computer functions as well-understood, routine, and conventional activity, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network). See MPEP 2106.05(d)(II)(i). Claim Rejections 35 U.S.C. § 103: Applicant’s arguments have been fully considered and are persuasive. The rejections has been withdrawn. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim(s) 1-22 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-patentable subject matter. The claims are directed to an abstract idea without significantly more. With respect to claims 1-22, the independent claims (claims 1 and 12) are directed, in part, to a method and a system for generating simulated phishing communications. Step 1 – Independent claims 1 (method) and 12 (system) and their dependent claims 2-11, 13-22, respectively, fall within at least one of the four statutory categories of 35 U.S.C. 101: (i) process; (ii) machine; (iii) manufacture; or (iv) composition of matter. Claim 1 is directed to a method (i.e. process), and claim 12 is directed to a system (i.e. machine). However, these claim elements are considered to be abstract ideas because they are directed to a mental process which includes observations or evaluations. As per Step 2A - Prong 1 of the subject matter eligibility analysis, the claims are directed, in part, to… generating a simulated phishing communication… scan and analyze… messages one of sent to or exchanged with other users…to identify one or more message characteristics of the messages; identifying… from content of messages… one or more message characteristics of one or more messages of a user of the one or more users, the one or more message characteristics comprising one or more of a message format, a message structure and a message status, wherein the message structure comprises a layout of a message and relative positions of items within the layout including one or more of the following: a title, a header, a text, an image, and a signature in each message; establishing…a machine learning model configured to receive input comprising one or more message characteristics identified from the content of messages…of the user including at least one of the message format, the message structure comprising the layout and relative positions of items, and the message status, and output contextual information to be provided to a message generator to tailor one or more simulated phishing communications of increased relevance to the user; providing…the one or more message characteristics of the user from messages that the user one of sent to or exchanged with other users as an input to the machine learning model; determining…using an output of the machine learning model generated responsive to the input comprising the one or more message characteristics of a message format, a message structure and a message status of the user from messages that the user one of sent to or exchanged with other users, contextual information from the one or more message characteristics of one or more messages of the user to generate a simulated phishing communication relevant to the user; generating… using the output of contextual information from the machine learning model, the simulated phishing communication based at least on the contextual information relevant to the user to increase the likelihood that the user will interact with an element of the simulated phishing communication; communicating… the simulated phishing communication to a device of the user, the user clicking on the element of the simulated phishing communication; receiving…responsive to the user clicking on the element of the simulated phishing communication, a response the user interacted with the simulated phishing communication that included the contextual information; determining… a response rate of the user to simulated phishing communications that include the contextual information and to real phishing communications, the response rate comprising a comparison of user interactions with the simulated phishing communications that include the contextual information against user interactions with real phishing communications received by the user; and determining, by the machine learning model based at least on the input to the machine learning model of the response that the user interacted with the simulated phishing communication that included the contextual information and the response rate of the user to simulated phishing communications that include the contextual information and to real phishing communications, a selected contextual information, as output from the machine learning model, that was more effective for engaging the user to interact with one or more elements of the simulated phishing communication, wherein the selected contextual information is determined by the machine learning model based on analysis of user interaction patterns across both the simulated phishing communications and the real phishing communications to identify which contextual information yielded higher user engagement; and generating… based at least on the selected contextual information determined from the machine learning model responsive to the user interacting with the simulated phishing communication, a subsequent simulated phishing communication to be communicated to the device of the user, the subsequent simulated phishing communication comprising the selected contextual information having increased relevance to the user than the contextual information of the simulated phishing communication and a higher likelihood that the user will interact with the subsequent simulated phishing communication than the simulated phishing communication; and communicating… the subsequent simulated phishing communication to the device of the user to determine whether or not the user will interact with the subsequent simulated phishing communication. If a claim limitation, under its broadest reasonable interpretation covers an observation or evaluation, then it falls under the “mental process” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. As per Step 2A - Prong 2 of the subject matter eligibility analysis, this judicial exception is not integrated into a practical application. In particular, the independent claims recite additional elements: message store, processors, application programming interface, messaging server, machine learning model, message generator, device, system, memory; dependent claims 3, 14, 19, recite a messaging application; dependent claims 7, 18 recite software tools; dependent claims 11, 22 recite an email client plug-in. These additional elements are recited at a high-level of generality (i.e., as a generic device performing a generic computer function of receiving and storing data) such that these elements amount no more than mere instructions to apply the exception using a generic computer component. Examiner looks to Applicant’s specification in at least figures 1A and 1B and related text and [0051-0052] to understand that the invention may be implemented in a generic environment that “Central processing unit 121 is any logic circuity that responds to and processes instructions fetched from main memory unit 122. In many embodiments, central processing unit 121 is provided by a microprocessor unit, e.g.: those manufactured by Intel Corporation of Mountain View, California; those manufactured by Motorola Corporation of Schaumburg, Illinois; the ARM processor and TEGRA system on a chip (SoC) manufactured by Nvidia of Santa Clara, California; the POWER7 processor, those manufactured by International Business Machines of White Plains, New York; or those manufactured by Advanced Micro Devices of Sunnyvale, California. Computing device 100 may be based on any of these processors, or any other processor capable of operating as described herein. Central processing unit 121 may utilize instruction level parallelism, thread level parallelism, different levels of cache, and multi-core processors. A multi- core processor may include two or more processing units on a single computing component. Examples of multi-core processors include the AMD PHENOM IIX2, INTEL CORE i5 and INTEL CORE i7. Main memory unit 122 may include one or more memory chips capable of storing data and allowing any storage location to be directly accessed by microprocessor 121. Main memory unit 122 may be volatile and faster than storage 128 memory. Main memory units 122 may be Dynamic Random-Access Memory (DRAM) or any variants, including static Random-Access Memory (SRAM), Burst SRAM or SynchBurst SRAM (BSRAM), Fast Page Mode DRAM (FPM DRAM), Enhanced DRAM (EDRAM), Extended Data Output RAM (EDO RAM), Extended Data Output DRAM (EDO DRAM), Burst Extended Data Output DRAM (BEDO DRAM), Single Data Rate Synchronous DRAM (SDR SDRAM), Double Data Rate SDRAM (DDR SDRAM), Direct Rambus DRAM (DRDRAM), or Extreme Data Rate DRAM (XDR DRAM). In some embodiments, main memory 122 or storage 128 may be non-volatile; e.g., non-volatile read access memory (NVRAM), flash memory non-volatile static RAM (nvSRAM), Ferroelectric RAM (FeRAM), Magnetoresistive RAM (MRAM), Phase-change memory (PRAM), conductive- bridging RAM (CBRAM), Silicon-Oxide-Nitride-Oxide-Silicon (SONOS), Resistive RAM (RRAM), Racetrack, Nano-RAM (NRAM), or Millipede memory. Main memory 122 may be based on any of the above described memory chips, or any other available memory chips capable of operating as described herein.” Accordingly, these additional elements do not integrate the abstract idea into a practical application because they are mere instructions to implement the abstract idea on a computer. The use of machine learning, as recited in the claims would not account for additional elements that integrate the judicial exception (e.g. abstract idea) into a practical application because it is being used as mere instruction s to implement the abstract idea on a computer (See PEG 2019 and MPEP 2106.05). As per Step 2B of the subject matter eligibility analysis, the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. The additional elements are mere instructions to apply the abstract idea on a computer. When considered individually, these claim elements only contribute generic recitations of technical elements to the claims. It is readily apparent, for example, that the claim is not directed to any specific improvements of these elements and the invention is not directed to a technical improvement. When the claims are considered individually and as a whole, the additional elements noted above, appear to merely apply the abstract concept to a technical environment in a very general sense – i.e. a generic computer receives information from another generic computer, processes the information and then sends information back. In addition, when taken as an ordered combination, the ordered combination adds nothing that is not already present as when the elements are taken individually. Their collective functions merely provide generic computer implementation. Therefore, when viewed as a whole, these additional claim elements do not provide meaningful limitations to transform the abstract idea into a practical application of the abstract idea or that amount to significantly more than the abstract idea itself. The most significant elements of the claims, that is the elements that really outline the inventive elements of the claims, are set forth in the elements identified as an abstract idea. The fact that the generic computing devices are facilitating the abstract concept is not enough to confer statutory subject matter eligibility. Lastly, Next, when the “machine learning” is evaluated as an additional element, this feature is recited at a high level of generality and encompasses well-understood, routine, and conventional prior art activity. See, e.g., Balsiger et al., US 2012/0054642, noting in paragraph [0077] that “Machine learning is well known to those skilled in the art.” See also, Djordjevic et al. US 2013/0018651, noting in paragraph [0019] that “As known in the art, a generative model can be used in machine learning to model observed data directly.” See also, Bauer et al., US 2017/0147941, noting at paragraph [0002] that “Problems of understanding the behavior or decisions made by machine learning models have been recognized in the conventional art and various techniques have been developed to provide solutions.” Accordingly, the use of machine learning to generate a learning model does not add significantly more to the claim. The dependent claims further refine the abstract idea. These claims do not provide a meaningful linking to the judicial exception. Rather, these claims offer further descriptive limitations of elements found in the independent claims and addressed above – such as by describing the nature and content of the data that is received/sent. While these descriptive elements may provide further helpful context for the claimed invention these elements do not serve to confer subject matter eligibility to the invention since their individual and combined significance is still not significantly more than the abstract concepts at the core of the claimed invention. Allowable Subject Matter Claims 1-22 are allowable over prior art but have other pending rejections as indicated above. Although the prior art made of record Covell discloses systems and methods for accessing user history of messages and predicting effective attach communications and content in messages using machine learning methods, the prior art does not specifically disclose the sequence of steps for establishing, by the one or more processors, a machine learning model configured to receive input comprising one or more message characteristics identified from the content of messages in the message store of the user including at least one of the message format, the message structure comprising the layout and relative positions of items, and the message status, and output contextual information to be provided to a message generator to tailor one or more simulated phishing communications of increased relevance to the user; determining, by the one or more processors, a response rate of the user to simulated phishing communications that include the contextual information and to real phishing communications, the response rate comprising a comparison of user interactions with the simulated phishing communications that include the contextual information against user interactions with real phishing communications received by the user, as recited in the claims. The claims would be allowable if rewritten or amended to overcome the rejection(s) set forth in this Office Action. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to FRANCIS Z SANTIAGO-MERCED whose telephone number is (571)270-5562. The examiner can normally be reached M-F 7am-4:30pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, BRIAN EPSTEIN can be reached at 571-270-5389. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FRANCIS Z. SANTIAGO MERCED/Examiner, Art Unit 3625
Read full office action

Prosecution Timeline

Show 36 earlier events
Jun 05, 2025
Response after Non-Final Action
Oct 02, 2025
Non-Final Rejection mailed — §101
Jan 02, 2026
Response Filed
Feb 23, 2026
Final Rejection mailed — §101
May 07, 2026
Response after Non-Final Action
May 19, 2026
Request for Continued Examination
May 21, 2026
Response after Non-Final Action
Jun 01, 2026
Non-Final Rejection mailed — §101 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12618668
METHOD FOR CALCULATING DIAMETER OF ANNULAR NON-FULL FORMWORK SUPPORT FOR CIRCULAR SHAFT
2y 4m to grant Granted May 05, 2026
Patent 12547958
SWAPPING TASK ASSIGNMENTS TO DETERMINE TASK SELECTION
3y 8m to grant Granted Feb 10, 2026
Patent 12524719
SYSTEMS AND METHODS FOR PREDICTING AND MANAGING TOOL ASSETS
3y 7m to grant Granted Jan 13, 2026
Patent 12493845
SYSTEMS AND METHODS FOR MULTI-CHANNEL CUSTOMER COMMUNICATIONS CONTENT RECOMMENDER
3y 2m to grant Granted Dec 09, 2025
Patent 12348826
HOTSPOT LIST DISPLAY METHOD, ELECTRONIC DEVICE, AND STORAGE MEDIUM
2y 1m to grant Granted Jul 01, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

11-12
Expected OA Rounds
28%
Grant Probability
68%
With Interview (+40.7%)
3y 4m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 133 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month