DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application is being examined under the pre-AIA first to invent provisions.
Response to Arguments
Applicant's arguments filed on 01/29/2026 have been fully considered but they are not persuasive.
With respect to U.S.C. 101 rejection, Applicant is of the opinion that claims are not directed to abstract idea. Claims provide for improvement to the functioning of a computer and add specific limitations other than well-understood, routine, conventional activity in the field. However, examine respectfully disagrees.
The claims recite authenticating a transaction to prevent fraudulent transaction which is an abstract idea. Specifically, the claims recite “downloading…; registering a second electronic device….; connecting a first electronic device with a transaction receiver; receiving…data…; displaying the received data…; prior to authorizing the transaction…; sending…the received data…; configuring…; performing the transaction…; configuring…; terminating the transaction…; and saving the updated device identification.…”, which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See MPEP 2106) because the claims involve a series of steps for downloading data, registering device data; receiving data, displaying data, obtaining device data, sending plurality of data for authentication, performing authentication and storing the data, which is a process that deals with fundamental economic principles or practice and commercial interactions that manage interactions between people, and more specifically involves authenticating a transaction to prevent fraudulent transaction. Accordingly, the claims recite an abstract idea (See MPEP 2106). The additional elements of the claims such as, first electronic device, second electronic device, application and authentication server merely use a computer as a tool to perform an abstract idea. The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of performing a transaction and utilizing the credential for fraud prevention. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)).
Claims are not directed to any improvement to functioning of computing systems. Claims are directed to authenticating a transaction to prevent fraudulent transaction which is an abstract idea. Applicant must also take into consideration that in order to view the claims as supplying an inventive concept the technological improvement must be present within the claims themselves (Accenture Global Servs., GmbH v. Guidewire Software, inc., 108 USPQ2d 1173 (Fed. Cir. 2013)), (Synopsys, inc. v. Mentor Graphics Corp... 120 USPQ2d 1473 (Fed. Cir. 2016). Additionally, specification does not provide any evidence that how the claims provide an improvement to functioning of computing systems. Applicant failed to provide persuasive arguments supported by any necessary evidence to demonstrate that one of ordinary skill in the art would understand that the disclosed invention improves technology.
Further, Examiner notes that judicial exceptions need not be old or long-prevalent, and that even newly discovered judicial exceptions are still exceptions, despite their novelty (See MPEP 2106.04 I).
Therefore, the rejection is maintained.
With respect to U.S.C. 103 rejection, Applicant is of the opinion that prior art fails to teach “configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60% and the device identification and the updated device identification are not identical; performing the transaction when the authentication server confirms authentication; configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical; and terminating the transaction when the authentication server does not confirm authentication. However, Examiner respectfully disagrees.
Laracey discloses: configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60%; performing the transaction when authentication server confirms authentication (See paragraph 0025-0026, 0038-0041 and 0052); Leontiev discloses: performing authentication when the device identification and the updated device identification are determined by the authentication server to not be identical; (See paragraphs 0040-0044). Therefore, it would have been obvious to one of the ordinary skills in the art at the time invention was filed to modify the Laracey technique of authentication with Leontiev technique in order to authenticate client electronic device by determining legitimate hardware modification (See Leontiev paragraph 0003).
With respect to “configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical; and terminating the transaction when the authentication server does not confirm authentication” these limitations are optional and does not have patentable weight because it has been determined in the first configuring step (“configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60% and the device identification and the updated device identification are not identical; performing the transaction when the authentication server confirms authentication”) that the device identification and the updated device identification are not identification and perform the transaction, then the limitation of “configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical; and terminating the transaction when the authentication server does not confirm authentication” will not occur. It has been held that conditional/optional languages do not narrow the claims because they can be omitted. According to MPEP "Language that suggests or makes optional but does not require steps to be performed or does not limit a claim to a particular structure does not limit the scope of a claim or claim limitation" (MPEP §2103 I. C). The broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met. (MPEP 2111.04 II).
Therefore, the rejection is maintained.
Status of Claims
Claims 25-31 and 33-35 have been examined.
Claims 1-24 and 32 have been canceled by the Applicant.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 25-31 and 33-35 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
In the instance case, claims 25-31 and 33-35 are directed to a method. Therefore, these claims fall within the four statutory categories of invention.
The claims recite authenticating a transaction to prevent fraudulent transaction which is an abstract idea. Specifically, the claims recite “downloading…; registering a second electronic device….; connecting a first electronic device with a transaction receiver; receiving…data…; displaying the received data…; prior to authorizing the transaction…; sending…the received data…; configuring…; performing the transaction…; configuring…; terminating the transaction…; and saving the updated device identification.…”, which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See MPEP 2106) because the claims involve a series of steps for downloading data, registering device data; receiving data, displaying data, obtaining device data, sending plurality of data for authentication, performing authentication and storing the data, which is a process that deals with fundamental economic principles or practice and commercial interactions that manage interactions between people, and more specifically involves authenticating a transaction to prevent fraudulent transaction. Accordingly, the claims recite an abstract idea (See MPEP 2106).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106), the additional elements of the claims such as, first electronic device, second electronic device, application and authentication server merely use a computer as a tool to perform an abstract idea. Specifically, first electronic device, second electronic device, application and authentication server perform the steps of downloading data, registering device data; receiving data, displaying data, obtaining device data, sending plurality of data for authentication, performing authentication and storing the data. The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106), the additional elements of first electronic device, second electronic device, application and authentication server, to perform the steps amounts to no more than using a computer or processor to automate and/or implement the abstract idea of authenticating a transaction to prevent fraudulent transaction. As discussed above, taking the claim elements separately, first electronic device, second electronic device, application and authentication server perform the steps of downloading data, registering device data; receiving data, displaying data, obtaining device data, sending plurality of data for authentication, performing authentication and storing the data. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of performing a transaction and utilizing the credential for fraud prevention. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible.
Dependent claims further describe the abstract idea of authenticating a transaction to prevent fraudulent transaction. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 25-31 and 33-35 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 25 recites “configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60% and the device identification and the updated device identification are not identical”; “configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical”. However, the specification does not describe these limitations.
Specification discloses: In one version multiple user hardware profiles are obtained for user information data and the percent differences between user hardware profiles are computed. The differences are used to create statistical distributions which can be used to create statistical probabilities by which a user data or information differs from another user and which can be used to determine that a device to which a user has been assigned is statistically different from another user. This information can be used to determine that a particular device belongs to a particular user. (See original spec paragraph 0133). However, specification is silent with respect to any kind of configuring and also who is performing the configuring step.
Claims 26-31 and 33-35 are also rejected as each depends from claim 25.
Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.
Claims 25-31 and 33-35 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Laracey (US 20120160912) in view of Leontiev (US 20050027657).
With respect to claim 25, Laracey discloses:
a) downloading an application onto a second electronic communication device (See paragraph 0018);
b) registering the second electronic communication device through the application with an authentication server, the registration including: generating with the application on the second electronic communication device a device identification; storing the device identification at the second electronic communication device, and storing the device identification at the authentication server (See paragraphs 0017-0019, 0025);
c) connecting a first electronic communication device with a transaction receiver (See paragraph 0014);
d) receiving electronic data from the transaction receiver (See paragraph 0014);
e) displaying the received electronic data on the first electronic communication device (See paragraph 0014);
f) prior to authorizing the transaction, obtain an updated device identification with the application on the second electronic communication device (See paragraph 0025-26);
g) sending with the second electronic communication device the received electronic data, the updated device identification, and a user information profile to the authentication server (See paragraph 0025-0026); and
h) configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60% to confirm authentication; performing the transaction when the authentication server confirms authentication (See paragraph 0025-0026, 0038-0041 and 0052);
i) saving the updated device identification at the authentication server when the authentication server confirms authentication (See paragraph 0021, 0025, 0094)
Laracey does not explicitly disclose: confirming the authentication when the device identification and the updated device identification are confirmed by the authentication server to not be identical.
Leontiev discloses: performing authentication when the device identification and the updated device identification are determined by the authentication server to not be identical; saving the updated device identification at the authentication server if the transaction is allowed to proceed (See paragraphs 0040-0044). Therefore, it would have been obvious to one of the ordinary skills in the art at the time invention was filed to modify the Laracey technique of authentication with Leontiev technique in order to authenticate client electronic device by determining legitimate hardware modification (See Leontiev paragraph 0003).
With respect to “configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical; and terminating the transaction when the authentication server does not confirm authentication” these limitations are optional and does not have patentable weight because it has been determined in the first configuring step (“configuring the authentication server to confirm authentication when that the device identification and the updated device identification match by at least 60% and the device identification and the updated device identification are not identical; performing the transaction when the authentication server confirms authentication”) that the device identification and the updated device identification are not identification and perform the transaction, then the limitation of “configuring the authentication server to not confirm authentication when the device identification and the updated device identification are identical; and terminating the transaction when the authentication server does not confirm authentication” will not occur. It has been held that conditional/optional languages do not narrow the claims because they can be omitted. According to MPEP "Language that suggests or makes optional but does not require steps to be performed or does not limit a claim to a particular structure does not limit the scope of a claim or claim limitation" (MPEP §2103 I. C). The broadest reasonable interpretation of a method (or process) claim having contingent limitations requires only those steps that must be performed and does not include steps that are not required to be performed because the condition(s) precedent are not met. (MPEP 2111.04 II).
With respect to “wherein the device identification is sufficient to differentiate the second electronic communication device to which the user has been assigned from another user” this is nonfunctional descriptive material because it just describing the type of data (i.e., the device identification) and not functionally involved in the steps recited. The downloading, registering, connecting, obtaining, sending, determining, performing and saving steps performed the same regardless of the descriptive material since none of the steps explicitly interact therewith. Limitations that are not functionally interrelated with the useful acts, structure, or properties of the claimed invention carry little or no patentable weight. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see /n re Ngai, 70 USPQ2d 1862 (CAFC 2004); In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). Therefore, it would have been obvious to a person of ordinary skill in the art at the time invention was filed to utilize any type data because type of data such does not functionally relate to the steps in the method claimed because the type of data does not patentably distinguish the claimed invention.
With respect to claim 26, Laracey in view of Leontiev discloses all the limitations. Leontiev further disclose: where allowing the transaction to proceed occurs when the device identification and the updated device identification are determined by the authentication server to be different by at least 0.02% (See paragraph 0042). Therefore, it would have been obvious to one of the ordinary skills in the art at the time invention was filed to modify the Laracey technique of authentication with Leontiev technique in order to authenticate client electronic device by determining legitimate hardware modification (See Leontiev paragraph 0003).
With respect to claim 27, Laracey in view of Leontiev discloses all the limitations. Laracey further disclose: using a biometric or pin to access the application on the second electronic communication device before obtaining the updated device identification (See paragraphs 0018 and 0064).
With respect to claim 28, Laracey in view of Leontiev discloses all the limitations. Laracey further disclose: displaying a QR code and sending information in the QR code to the authentication server using the application on the second electronic communication device (See paragraph 0018-0026).
With respect to claim 29, Laracey in view of Leontiev discloses all the limitations. Laracey further disclose: wherein the device identification and the updated device identification comprises data stored on the second electronic communication device (See paragraphs 0017-0019, 0025).
Additionally, with respect to “wherein the device identification and the updated device identification comprises data stored on the second electronic communication device” these are nonfunctional descriptive material as these only describe the data that is contained in the device identification and the updated device identification, while the data contained in the device identification and the updated device identification is not used to perform any of the recited steps. Therefore, it has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. (In re Gulack, 217 USPQ 401 (Fed. Cir. 1983), In re Ngai, 70 USPQ2d (Fed. Cir. 2004), In re Lowry, 32 USPQ2d 1031 (Fed. Cir. 1994); MPEP 2111.05), Ex parte Nehls 88 USPQ2d 1883 (BPAI 2008) (precedential).
With respect to claim 30, Laracey in view of Leontiev discloses all the limitations. Leontiev further disclose: replacing the device identification at the authentication server with the updated device identification (See paragraphs 0040-0044). Therefore, it would have been obvious to one of the ordinary skills in the art at the time invention was filed to modify the Laracey technique of authentication with Leontiev technique in order to authenticate client electronic device by determining legitimate hardware modification (See Leontiev paragraph 0003).
With respect to claim 31, Laracey in view of Leontiev discloses all the limitations. Laracey further disclose: wherein the first electronic communication device and the second electronic communication device are different devices (See Fig 1).
In addition, with respect to claim, type of devices does not have patentable weight; in order to be entitled to weight in method claims, a structural limitation therein must affect the method in a manipulative sense and not to an amount to the mere claiming of a use of a particular structure (Ex parte Pfeiffer, 135 USPQ 31 (BdPatApp&Int 1961)).
With respect to claim 33, Laracey in view of Leontiev discloses all the limitations. Laracey discloses device identification and the updated device identification (See paragraph 0025-0026). Laracey in view of Leontiev does not explicitly disclose: device identification and the updated device identification includes information that is selective of the user. However, the difference between device identification and updated device identification of Laracey and the claim is only found in the non-functional descriptive material and not functionally involved in the steps recited. The downloading, registering, connecting, obtaining and sending steps performed the same regardless of the descriptive material since none of the steps explicitly interact therewith. Limitations that are not functionally interrelated with the useful acts, structure, or properties of the claimed invention carry little or no patentable weight. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see /n re Ngai, 70 USPQ2d 1862 (CAFC 2004); In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). Therefore, it would have been obvious to a person of ordinary skill in the art at the time invention was filed to utilize any type of device identification and updated device identification because type of device identification such “selective of the user” does not functionally relate to the steps in the method claimed because the type of data does not patentably distinguish the claimed invention.
With respect to claim 34, Laracey in view of Leontiev discloses all the limitations. Laracey further discloses: wherein the device identification and the updated device identification are connected to the user (See paragraph 0025-0026).
In addition, with respect to “wherein the device identification and the updated device identification are connected to the user” these are nonfunctional descriptive material as these only describe the data that is contained in the device identification and the updated device identification, while the data contained in the device identification and the updated device identification is not used to perform any of the recited steps. Therefore, it has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. (In re Gulack, 217 USPQ 401 (Fed. Cir. 1983), In re Ngai, 70 USPQ2d (Fed. Cir. 2004), In re Lowry, 32 USPQ2d 1031 (Fed. Cir. 1994); MPEP 2111.05), Ex parte Nehls 88 USPQ2d 1883 (BPAI 2008) (precedential).
With respect to claim 35, Laracey in view of Leontiev discloses all the limitations. Laracey further discloses: the device identification and the updated device identification stored on second device (See paragraph 0025-0026). Leontiev discloses: device identification and the updated device identification comprises user generated data (See paragraph 0040-0044 and 0052). Therefore, it would have been obvious to one of the ordinary skills in the art at the time invention was filed to modify the Laracey technique of authentication with Leontiev technique in order to authenticate client electronic device by determining legitimate hardware modification (See Leontiev paragraph 0003).
In addition, the difference between device identification and updated device identification of Laracey and the claim is only found in the non-functional descriptive material and not functionally involved in the steps recited. The downloading, registering, connecting, obtaining and sending steps performed the same regardless of the descriptive material since none of the steps explicitly interact therewith. Limitations that are not functionally interrelated with the useful acts, structure, or properties of the claimed invention carry little or no patentable weight. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see /n re Ngai, 70 USPQ2d 1862 (CAFC 2004); In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). Therefore, it would have been obvious to a person of ordinary skill in the art at the time invention was filed to utilize any type of device identification and updated device identification because type of device identification such “user generated data” does not functionally relate to the steps in the method claimed because the type of data does not patentably distinguish the claimed invention.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZESHAN QAYYUM whose telephone number is (571)270-3323. The examiner can normally be reached Monday-Friday 9:00AM-6:00PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached at (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZESHAN QAYYUM/Primary Examiner, Art Unit 3697
Prosecution Insights