REAL-TIME ACCOUNT ANALYTICS FOR DETECTING FRAUDULENT ACTIVITY

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 have been examined and are pending. Claims 1, 11, and 20 have been amended. Claims 2, and 12 have been canceled. Claims 7, 9, 16 & 18 were previously canceled. Priority Application 17/880,154 was filed 08/03/2022. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/11/2025 has been entered. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 are directed to a system, method, or product which are/is one of the statutory categories of invention. (Step 1: YES). Claims 1, 11, and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites a system and method for detecting fraudulent activity using account analytics. For Claims 1, 11, and 20 the limitations of (Claim 1 being representative): […], cause the system to: obtain an interaction record for an interaction between a […] and a user account […], wherein the interaction comprises an attempt to access the user account, wherein the interaction record comprises […] activity data for the interaction […] and the user account, authentication activity data relating to the user account, and behavioral activity data relating to the interaction, and further wherein behavioral activity data comprises an indication of whether a user […] attempted to transfer to a customer service agent; during the interaction, obtain historical data relating the user account and the interaction […], wherein the historical data comprises one or more historical interaction records relating to the user account, activity records relating to past user account access attempts originating from the interaction […], and a plurality of threat scores previously calculated for the user account; request a risk score for the interaction […]; receive the risk score for the interaction […] in response to the request; receive context data for the interaction, wherein the context data comprises a summary or topic of the interaction; during the interaction, calculate a threat score for the user account based on the interaction record, the received risk score for the interaction […], the context data, and the one or more historical interaction records, wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity; during the interaction, generate a […] record based on the interaction record that includes the threat score; and during the interaction and in response to the threat score exceeding a predetermined threshold, initiate a corrective action if the threat score exceeds a predetermined threshold, wherein the corrective action comprises blacklisting the interaction […] to prevent […] accessing the account or any other accounts, as drafted, are processes that, under the broadest reasonable interpretation, covers certain methods of organizing human activity (i.e., managing personal behavior including following rules or instructions) but for recitation of generic computer components. The Examiner notes that “certain method[s] of organizing human activity” includes a person's interaction with a computer (see MPEP 2106.04(a)(2)(II)). That is, other than reciting a system implemented by a processor, a memory, database record, interaction channel, remote device, remote system, computing device and, a non-transitory computer-readable storage medium, the claimed invention amounts to managing personal behavior or interaction between people. For example, but for the processor, a memory, database record, interaction channel, remote device, remote system, computing device and, a non-transitory computer-readable storage medium, this claim encompasses a person to obtain an interaction record for an interaction between an interaction and a user account, wherein the interaction comprises an attempt to access the user account, wherein the interaction record comprises activity data for the interaction and the user account, authentication activity data relating to the user account, and behavioral activity data relating to the interaction, and further wherein behavioral activity data comprises an indication of whether a user attempted to transfer to a customer service agent, and during the interaction obtaining historical data relating the user account and the interaction wherein the historical data comprises one or more historical interaction records relating to the user account, activity records relating to past user account access attempts originating from the interaction, and a plurality of threat scores previously calculated for the user account, and requesting a risk score for the interaction, receiving the risk score for the interaction in response to the request, receiving context data for the interaction wherein the context data comprises a summary or topic of the interaction, during the interaction calculating a threat score for the user account based on the interaction record, the received risk score for the interaction, the context data, and the one or more historical interaction records wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity, during the interaction generating a record based on the interaction record that includes the threat score, and during the interaction and in response to the threat score exceeding a predetermined threshold initiating a corrective action if the threat score exceeds a predetermined threshold wherein the corrective action comprises blacklisting the interaction to prevent accessing the account or any other accounts based on this data in the manner described in the identified abstract idea, supra. If a claim limitation, under its broadest reasonable interpretation, covers managing personal behavior or interactions between people but for the recitation of generic computer components, then it falls within the “certain methods of organizing human activity” grouping of abstract ideas. Accordingly, Claims 1, 11 and 20 recite an abstract idea. (Step 2A- Prong 1: YES. The claims recite an abstract idea). This judicial exception is not integrated into a practical application. Claims 1, 11, and 20 recite the additional elements of one or more processors (Claims 1, and 20), a memory (Claim 1), database record (Claims 1, and 11), interaction channel (Claim 1, 11, and 20), remote device (Claims 1, 11 and 20), remote system (Claims 1, 11, and 20), computing device (Claim 20), and a non-transitory computer-readable storage medium (Claim 20) that implements the identified abstract idea. These additional elements are not described by the applicant and are recited at a high-level of generality (i.e., one or more generic computers performing a generic computer functions) such that it amounts no more than mere instructions to apply the exception using a generic computer components. Accordingly, even in combination these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Claims 1, 11, and 20 are directed to an abstract idea. (Step 2A-Prong 2: NO: the additional claimed elements are not integrated into a practical application). The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of one or more processors (Claims 1, and 20), a memory (Claim 1), database record (Claims 1, and 11), interaction channel (Claim 1, 11, and 20), remote device (Claims 1, 11 and 20), remote system (Claims 1, 11, and 20), computing device (Claim 20), and a non-transitory computer-readable storage medium (Claim 20), to perform the noted steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept (“significantly more”). Accordingly, even in combination, these additional elements do not provide significantly more. As such claims 1, 11, and 20 are not patent eligible. (Step 2B: NO. The claims do not provide significantly more). Dependent Claims 3-6, 8, 10, 13-15, 17, and 19 are similarly rejected because they either further define/narrow the abstract idea of independent claims 1, 11 and 20 as discussed above. Claim(s) 3, 4 & 13 merely describe the corrective action. Claim(s) 8 & 17 merely describe the behavioral activity data. Therefore claims 3, 4, 8, 13, and 17 are considered patent ineligible for the reasons given above. Dependent Claim(s) 5, 6, 10, 14, 15, and 19 recite limitations that further define the abstract idea noted in independent claims 1, 11, and 20. In addition, it recites the additional elements of a user interface, client device, application programming interface, and machine learning model. The user interface, client device, application programming interface, and machine learning model, are recited at a high level of generality such that it amounts to no more than mere instructions to apply the exception using a generic computing component. Even in combination, these additional elements do not integrate the abstract idea into a practical application and do not amount to significantly more than the abstract idea itself. Therefore, dependent claims 3-6, 8, 10, 13-15, 17, and 19 are considered patent ineligible for the reasons given above. Subject Matter Distinguishable from Prior Art The cited prior art fails to expressly teach or suggest, either alone or in combination, the features of receiving the risk score for the interaction channel from the remote system in response to the request, and during the interaction calculating a threat score for the user account based on the interaction record, the received risk score for the interaction channel, the context data, and the one or more historical interaction records, wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity. DelloStritto (US 10887452 B2) discloses a system for detecting fraudulent activity using account analytics, the system comprising: one or more processors, a memory having instructions stored thereon that, when executed by the one or more processors, cause the system to: obtain an interaction record for an interaction between a remote device and a user account via an interaction channel, wherein the interaction comprises an attempt to access the user account, wherein the interaction record comprises channel activity data for the interaction channel and the user account, authentication activity data relating to the user account, and behavioral activity data relating to the interaction, during the interaction obtaining historical data relating the user account and the interaction channel, wherein the historical data comprises one or more historical interaction records relating to the user account, activity records relating to past user account access attempts originating from the interaction channel, and a plurality of threat scores previously calculated for the user account, a summary or topic of the interaction, during the interaction calculating a threat score for the user account based on the interaction record, and the one or more historical interaction records, wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity, during the interaction generating a database record based on the interaction record that includes the threat score. Vlahovic (US 20210352097 A1) discloses in response to the threat score exceeding a predetermined threshold, initiating a corrective action to prevent the channel from accessing the account or any other accounts. Farrand (US 20150086001 A1) discloses during the interaction wherein the corrective action comprises blacklisting the interaction channel. Deegan (US 20230353675 A1) discloses [further wherein behavioral activity data comprises] an indication of whether a user of the remote device attempted to transfer to a customer service agent. The combinations fail to teach requesting a risk score for the interaction channel from a remote system, receiving the risk score for the interaction channel from the remote system in response to the request, and calculating a threat score for the user account based on the interaction record, the received risk score for the interaction channel, the context data, and the one or more historical interaction records, wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity in combination with the other claim limitations. Therefore, in combination with the other limitations clearly claimed render claims 1, 11, and 20 allowable over the prior art. Claims 3-6, 8, 10, 13-15, 17, and 19 are also allowable over prior art due to their dependency on claims 1, and 11. A Non-Patent Literature search was conducted and no relevant art was found. Response to Arguments Applicant's arguments filed 11 with respect to 35 U.S.C. § 101, have been fully considered but they are not persuasive. Applicant argues that the amended claims recite additional elements of “requesting a risk score for the interaction channel from a remote system; receiving the risk score for the interaction channel from the remote system in response to the request; [and] receiving context data for the interaction, wherein the context data comprises a summary or topic of the interaction” integrates the judicial exception into a practical application that automatically protects accounts from fraudulent actors and attacks. The Examiner respectfully disagrees. The risk score and context data that the Applicant argues does not recite a technical solution to a technical problem. Here, the Applicant’s argued problem is not a technological problem caused by the technological environment to which the claims are confined (computing system). Further, the problem of determining a risk score and receiving data to protect an account was not a problem caused by the computer/processor that is involved in the process. At best, the problem(s) described in the as-filed disclosure are business problems. Based on the updated rejection above and the response presented here, the 101 rejection holds. Applicant's arguments filed 11 with respect to 35 U.S.C. § 103, have been fully considered, and they are persuasive. The 103 Rejection is withdrawn in light of the amendments. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Emily M Kraisinger whose telephone number is (703)756-4583. The examiner can normally be reached M-F 7:30 AM -4:30 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jessica Lemieux can be reached at 571-270-3445. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /E.M.K./Examiner, Art Unit 3626 /JESSICA LEMIEUX/Supervisory Patent Examiner, Art Unit 3626