SYSTEM FOR ENHANCED EXPOSURE DETECTION IN DIGITAL CHANNELS

§103 §112

DETAILED ACTION Acknowledgements This Office Action is in response to Applicant’s correspondence filed on 2/20/26. The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Status of Claims Claims 1, 3, 5-9, 11, 13-17, 19 are currently pending. Claims 1, 3, 5-9, 11, 13-17, 19 are rejected as set forth below. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Claim Rejections - 35 U.S.C. § 112(b) Applicant’s arguments with respect to claim(s) 1, 9, 17 have been fully considered and are persuasive. The rejection (and corresponding rejections to its dependent claims, if applicable) is withdrawn. Applicant’s arguments with respect to claim(s) 5-6, 8, 13-14, 16 have been fully considered but are not persuasive. The rejection (and corresponding rejections to its dependent claims, if applicable) is maintained. Applicant has failed to address the dependent claims. Claim Rejections - 35 U.S.C. § 103 Applicant’s arguments with respect to claims 1, 3, 5-9, 11, 13-17, 19 have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection. Applicant contends Votaw fails to teach or suggest “extracting a functional workflow associated with the resource transfer in response to determining that the authorization level of the user meets the one or more authentication requirements associated with executing the resource transfer” because the functional workflow being extracted in Votaw is not equivalent to the functional workflow as claimed. In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Specifically, Spector is relied upon to teach the functional workflow as claimed. See the 35 USC 103 rejection. Applicant contends Saviano fails to teach or suggest “during runtime execution of the functional workflow, verifying, using a hashing function, that a user identification parameter of a login session associated with the request matches a corresponding user identification parameter associated with data retrieved from the file system” because Saviano does not match session identity to data identity at the file system level. The Examiner respectfully disagrees. The claims explicitly state matching a user identification parameter of a login session associated with a request with a corresponding user identification parameter associated with data retrieved from the file system. That is, user identification parameters are being matched, not session identification parameters. Furthermore, Saviano teaches a user identification parameter of a login session, i.e. the user identifier associated with the session when the user requests the document. See the 35 USC 103 rejection. Claim Rejections - 35 USC § 112(b) The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 5-6, 8, 13-14, 16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. As per claims 5-6, 8, 13-14, 16, the limitations “the one or more requirements of the set of rules”, “implementing the set of rules” render the scope of the claim definite because the antecedent basis of the underlined terms are unclear. There are two previous instances of a set of rules: “wherein the one or more predetermined class labels is associated with one or more rules” and “generate a set of rules”. By virtue of their dependence, the dependent claims are similarly rejected. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3, 5-9, 11, 13-17, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No. 20100100468 to Spector in view of United States Patent Application Publication No. 20210256396 to Meier, United States Patent No. 9946725 to Saviano, United States Patent Application Publication No. 20160055487 to Votaw, and United States Patent Application Publication No. 20180247312 to Loganathan. As per claims 1, 9, 17, Spector teaches: A system for enhanced exposure detection framework in digital channels, the system comprising: at least one non-transitory storage device; and at least one processing device coupled to the at least one non-transitory storage device, wherein the at least one processing device is configured to: receive, from a user input device and via a communication channel, a request to execute a resource transfer; ([0019], According to embodiments of the invention, transactions involving or otherwise associated with facility 110 may be forwarded for processing to fraud detection system 140 by facility 110. For example, a transaction received by facility 110 may be forwarded to system 140 for processing and fraud detection, possibly over a network other than network 130.”; [0086]) extract a functional workflow associated with the resource transfer, wherein the functional workflow comprises one or more functions; initiate a rule modelling engine on the functional workflow associated with the resource transfer; implement the set of rules on the one or more functions associated with the functional workflow in a descending order of priority; ([0045]-[0050], “Module 340 may be capable of monitoring, authorizing, blocking, prohibiting, filtering, manipulating, altering or otherwise affecting, transaction in progress. According to embodiments of the invention, some of the above functions, e.g., filtering may be performed by layer or module 410. According to embodiments of the invention, layer or module 410 may perform pre-processing of input information such as transaction records and provide higher layer or modules, e.g., rules layer or module 420 with various information and parameters or otherwise prepare data for processing by higher layer or modules. According to embodiments of the invention, identifying relevant information as described herein may be performed by layer or module 410 according to analytical rules, such rules may reflect or be associated with predefined business flows, conditions, constraints or other business, organizational or other aspects, and other rules. According to embodiments of the invention, rules layer or module 420 may comprise and execute a plurality of user defined, or other rules. According to embodiments of the invention, rules in sets 440 and 430 may be configured to find, identify, spot, recognize, distinguish, detect and/or discover events, conditions, parameters, paradigms, sequences, values, structures, thresholds, patterns, strings and/or segments in input data such as a transaction record.”; [0054], “According to embodiments of the invention, at least some of the rules in a rule set such as active rule set 440 or evaluated rule sets 430 may be associated with a priority level and may accordingly be referred to herein as "priority rules". The term "priority" used herein with reference to a rule or action may refer to a "priority level".”; [0059], “According to embodiments of the invention, choosing an action to be performed may be performed by conflict resolution logic layer or module 450. Layer or module 450 may observe rules priorities and decisions priorities of the resulting set of actions, where a "resulting set of actions" or "resulting action set" may be the set of actions produced by executing or applying the set of rules in a rule set, e.g. active rule set 440, on input data or record.”) determine that the functional workflow meets one or more requirements of the set of rules; and authorize the request to execute the resource transfer based on determining that the functional workflow meets the one or more requirements of the set of rules. ([0060], “According to embodiments of the invention, a rule may be associated with a plurality of actions. Typically, actions associated with a rule fall into one or more categories or planes. Exemplary categories or planes may be a reporting category, a stall or delay category or plane and a block/allow or pass plane. Accordingly, a block/allow plane may include a "block" action that may block a transaction and an "allow" or "pass" action that may cause the transaction to proceed.”) Spector does not explicitly teach, but Meier teaches: initiate a machine learning model on the one or more functions associated with the functional workflow; and classify, using the machine learning model, the one or more functions into one or more predetermined class labels based on at least one or more classification parameters, wherein the one or more predetermined class labels is associated with one or more rules; and generate a set of rules for the functional workflow based on at least classifying the one or more functions into the one or more predetermined class labels; ([0003], “Rule-based decision making is commonly used in computer systems, including enterprise systems, to provide decision making for various situations. These systems may be used in very different contexts and to accomplish heterogeneous tasks, such as classification of medical images, validation of medical reimbursements or identification of fraud in credit card transactions, to name a few.”; [0064], “More specifically, in embodiments, the system and method of the present disclosure combines usage of unsupervised machine learning and data visualization techniques to present results in an easily interpretable way and allows for automatic creation and maintenance of rules for classifying data exports and transfers in and out of business applications 402 using the computer system 100.”; [0081], “FIG. 19B illustrates and exemplary flow chart illustrating the steps used to generate a rule based on one or more clusters. In embodiments, the algorithm may include a pre-set list of attributes to be used as dimensions. In embodiments, at step S1904b, core data points in the log data are identified. In embodiments, these core data points are those that appear most often in the data. In step S1906b, border points in the data are identified. In embodiments, border points may be identified based on their distance from the core points. In embodiments, at step S1908b core points are associated with border points to identify one or more clusters in the data. In a step S1910b, outlier points that are not included in the identified one or more clusters are identified. In step S1912b, important dimensions may be identified in the clusters based on impact scores and the rule may be generated as noted above. In optional step S1914b, the important dimension and/or the generated rule may be proposed to a user for inclusion in the rule set. In embodiments, if the user approves (“Yes”), at step S1916b, the generated rule may be added to the rule set.”) One of ordinary skill in the art would have recognized that applying the known technique of Meier to the known invention of Spector would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such machine learning features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the initiating step to initiate a machine learning model on the one or more functions associated with the functional workflow; and classify, using the machine learning model, the one or more functions into one or more predetermined class labels based on at least one or more classification parameters, wherein the one or more predetermined class labels is associated with one or more rules; and generate a set of rules for the functional workflow based on at least classifying the one or more functions into the one or more predetermined class label, results in an improved invention because applying said technique leverages the advantages of using machine learning to determine a set of rules for the functional workflow, i.e. automation of tasks and improved accuracy, thus improving the overall efficiency of the invention (Meier, [0006]-[0007]). Furthermore, it would have been recognized by those of ordinary skill in the art that modifying the step of implementing the set of rules to execute a plurality of validation steps to verify an integrity of each function in real-time results in an improved invention because applying said technique ensures that the functions are properly classified, thus improving the overall accuracy of the invention. Spector as modified does not explicitly teach, but Saviano teaches: wherein the resource transfer comprises a request to access a file system; wherein the one or more functions comprises a data retrieval function associated with the file system; (col 3 lines 26-31, “Various viewers may be granted varying permission levels to access documents created via the system. Documents using the presentation application may be viewed in a time-consistent fashion, despite modifications made to the presentation by others.”) during runtime execution of the functional workflow, verifying, using a hashing function, that a user identification parameter of a login session associated with the request matches a corresponding user identification parameter associated with data retrieved from the file system; (col 6 lines 10-25, “In response to receiving the subsequent portion request 306, the server 120 verifies whether the user is permitted to download presentation portions from the document identifier-version identifier pair included in the subsequent portion request 306. In particular, the server calculates a hash of the user identifier, document identifier, and version identifier included in the subsequent portion request 306 using the same hash function used to create the hash included in the initial portion transmission 304. The server then compares the newly computed hash with the hash included in the subsequent portion request 306. Alternatively, the server 120 compares the newly computed hash with a locally saved copy of the hash included in the initial portion transmission 304. In either case, if the two hashes match, the server 120 transmits the requested subsequent portion to the user at the client 110 in a subsequent portion request response 308.”) One of ordinary skill in the art would have recognized that applying the known technique of Saviano to the known invention of Spector as modified would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such file access / user authentication features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the resource transfer so it is comprised of a request to access a file system results in an improved invention because applying said technique expands the range of uses to include accessing a file, thus improving the overall functionality of the invention. Furthermore, it would have been recognized by those of ordinary skill in the art that modifying the runtime execution of the functional workflow to verify, using a hashing function, that a user identification parameter of a login session associated with the request matches a corresponding user identification parameter associated with data retrieved from the file system results in an improved invention because applying said technique ensures that the user is securely authorized to access the file, thus improving the overall security of the invention. Spector as modified does not explicitly teach, but Votaw teaches: wherein the at least one processing device is further configured to: initiate an authentication protocol to determine an authorization level of the user in response to receiving the request; determine that the authorization level of the user meets one or more authentication requirements associated with executing the resource transfer; and in response to determining that the authorization level of the user meets the one or more authentication requirements associated with executing the resource transfer, extract the functional workflow associated with the resource transfer; ([0048], “The first step, represented by block 310, is to receive a request, from a user, to execute a user action associated with an application, where execution of the user action requires validation of one or more authentication credentials. Typically, the application may include one or more user actions or functions. For example, a mobile financial application may include functions such as a funds transfer, a check deposit, a balance check, a bill pay, or the like. In another example, the user action may be checking account balance, executing a money transfer, initiating a bill pay to a merchant, or the like.”; [0056]-[0058], “The next step, represented by block 340, is to determine a user pattern score associated with the user. The user pattern score is a quantification of how close the user's current pattern(s) of behavior are to historical pattern(s) of behavior, and therefore, indicates a relative level of potential exposure for a user request. Methods for determining the user pattern score are discussed below. Referring now to FIG. 3B, the next step, represented by block 350, is to determine a level of authentication associated with the determined user pattern score. Then, the system may be configured to determine which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the user pattern score, as shown in block 360. As illustrated in at least FIG. 1A, the one or more authentication levels may include a hard authentication, a soft authentication, and a zero authentication. In one aspect, the authentication types may include a username, a password, a personal identification number, biometric data, or the like. In some embodiments, each authentication level may include one or more authentication types in the continuum of authentication. In response to determining one or more authentication types, the system may be configured to request one or more authentication credentials corresponding to the determined one or more authentication types, as shown in block 370.”) One of ordinary skill in the art would have recognized that applying the known technique of Votaw to the known invention of Spector as modified would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such user authentication features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the processing device to initiate an authentication protocol to determine an authorization level of the user in response to receiving the request, determine that the authorization level of the user meets one or more authentication requirements associated with executing the resource transfer, and extract the functional workflow associated with the resource transfer in response to determining that the authorization level of the user meets the one or more authentication requirements associated with executing the resource transfer results in an improved invention because applying said technique ensures that the user is properly verified to perform the resource transfer, thus improving the overall security of the invention. Spector as modified does not explicitly teach, but Loganathan teaches: determine a likelihood of exposure for the resource transfer based on one or more pass/fail outcomes associated with implementing the generated set of rules on the one or more functions associated with the functional workflow; determine whether the likelihood of exposure for the resource transfer is lesser than a predetermined threshold; and authorize the request to execute the resource transfer based on determining that the functional workflow meets the one or more requirements of the generated set of rules and based on determining that the likelihood of exposure for the resource transfer is lesser than the predetermined threshold. ([0069], “In many embodiments, different types of risk models can be developed with different rules that are relevant to different types of actions attempted by users (e.g., 110 (FIGS. 1-2)). n a number of embodiments, the “levers and knobs” of the risk model that allow it to be tuned and/or calibrated for improving possible detection are the set of risk rules included, the risk points/scores/weights, thresholds for each risk rule, and the thresholds for the overall model. The weights can indicate a relative riskiness of an attempted action. Table 1 below shows a decline threshold for a provisioning risk model, and also shows statistical outcomes of the risk model, and Table 2 below shows an example set of risk rules that are applied for the provisioning risk model, along with the score and statistical outcomes for the rules.”) One of ordinary skill in the art would have recognized that applying the known technique of Loganathan to the known invention of Spector as modified would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such fraud detection features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the invention to determine a likelihood of exposure for the resource transfer based on one or more pass/fail outcomes associated with implementing the generated set of rules on the one or more functions associated with the functional workflow; determine whether the likelihood of exposure for the resource transfer is lesser than a predetermined threshold; and authorize the request to execute the resource transfer based on determining that the functional workflow meets the one or more requirements of the generated set of rules and based on determining that the likelihood of exposure for the resource transfer is lesser than the predetermined threshold, results in an improved invention because applying said technique improves the granularity in which fraud can be detected, thus improving the overall security of the invention. As per claims 3, 11, 19, Votaw teaches: wherein initiating the authentication protocol further comprises: transmitting, via the user input device, an authentication request; receiving, via the user input device, one or more authentication credentials from the user; and determining the authorization level of the user based on at least the one or more authentication credentials; ([0056]-[0058]) As per claims 5, 13, Spector teaches: wherein the at least one processing device is further configured to: determine that the functional workflow does not meet the one or more requirements of the set of rules; and deny the request to execute the resource transfer based on determining that the functional workflow does not meet the one or more requirements of the set of rules. ([0060]) As per claims 6, 14, Spector teaches: wherein the at least one processing device is further configured to: determine a likelihood of exposure for the resource transfer based on at least implementing the set of rules on the one or more functions associated with the functional workflow; determine whether the likelihood of exposure for the resource transfer is lesser than a predetermined threshold; and authorize the request to execute the resource transfer based on at least determining that the likelihood of exposure for the resource transfer is lesser than the predetermined threshold. ([0017], “Reference is now made to FIG. 1, illustrating a high level block diagram of an exemplary fraud detection and/or anti-money laundering (AML) environment according to embodiments of the invention.”; [0030], “According to embodiments of the invention, information presented to a user may be rate parameters, e.g., number of transactions per second or hour, number of risks identified per second, date and time information associated with inspected transactions and the like. According to embodiments of the invention, management module 210 may provide real-time information, e.g., information described herein may be presented in real-time, as it is being detected by, for example, processing module 250. Other information, such as warnings, alerts, thresholds violation and evaluations of rule sets may also be presented by one or more systems, sub-systems, modules or other components comprising management module 210.”; [0060]) As per claims 7, 15, Spector teaches: deny the request to execute the resource transfer based on at least determining that the likelihood of exposure for the resource transfer is greater than the predetermined threshold. ([0017], [0030], [0060]) As per claims 8, 16, Spector teaches: wherein the at least one processing device is further configured to: generate a resource transfer authentication event based on at least determining that the functional workflow meets one or more requirements of the set of rules; and record the resource transfer authentication event in an event log. ([0060]; [0041], “According to embodiments of the invention, module 350 may instruct, command or otherwise cause any module, possibly external to processing module 250 to act. For example, module 350 may instruct the forwarding of the transaction to its destination, a logging of information, statistics or parameters, or any other functions required to complete actions produced by module 340 or required in order to comply with decisions produced by module 340.”) Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: United States Patent Application Publication No. 20110276489 to Larkin discloses a card fraud prevention network and method. The network includes a plurality of network-connected data processing terminals, including at least one server. Electronic authorisation requests are received for authorising the processing of an electronic transaction associated with a cardholder's card data or account data. The received requests are filtered according to predetermined or configurable criteria. A cardholder terminal is identified, to which the request is sent in order to notify the cardholder that processing of an electronic transaction is proposed, a parameter of which is the cardholder's card data or account data. Means are provided for interrupting processing of the, or any further, electronic transaction with that card data or account data, should the request correspond to an unauthorised transaction Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAY HUANG whose telephone number is (408)918-9799. The examiner can normally be reached 9:00a - 5:30p PT. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Anita Coupe can be reached on (571) 270-3614. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAY HUANG/Primary Examiner, Art Unit 3619