REAL-TIME ACCOUNT ANALYTICS FOR DETECTING FRAUDULENT ACTIVITY

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 have been examined and are pending. Claims 1, 10, 11, and 20 have been amended. Claims 2, 7, 9, 12, 16 & 18 were previously canceled. Priority Application 17/880,154 was filed 08/03/2022. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1, 3-6, 8, 10-11, 13-15, 17, and 19-20 are directed to a system, method, or product which are/is one of the statutory categories of invention. (Step 1: YES). Claims 1, 11, and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites a system and method for detecting fraudulent activity using account analytics. For Claims 1, 11, and 20 the limitations of (Claim 1 being representative): […], cause the system to: Obtain. […], an interaction record for an interaction between a […] and a user account […], wherein the interaction comprises an attempt to access the user account, wherein the interaction record comprises […] activity data for the interaction […] and the user account, authentication activity data relating to the user account, and behavioral activity data relating to the interaction, and further wherein behavioral activity data comprises an indication of whether a user […] attempted to transfer to a customer service agent; during the interaction, obtain historical data relating the user account and the interaction […], wherein the historical data comprises one or more historical interaction records relating to the user account, activity records relating to past user account access attempts originating from the interaction […], and a plurality of threat scores previously calculated for the user account; request a risk score for the interaction […]; receive the risk score for the interaction […] in response to the request; receive context data for the interaction, wherein the context data comprises a summary or topic of the interaction; during the interaction, calculate a threat score for the user account based on the interaction record, the received risk score for the interaction […], the context data, and the one or more historical interaction records, wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity; during the interaction, generate a […] record based on the interaction record that includes the threat score; and during the interaction and in response to the threat score exceeding a predetermined threshold, initiate a corrective action, wherein the corrective action comprises […] reconfiguring the interaction […] to blacklist the interaction […] to prevent […] accessing the account or any other accounts, as drafted, are processes that, under the broadest reasonable interpretation, covers certain methods of organizing human activity (i.e., managing personal behavior including following rules or instructions) but for recitation of generic computer components. The Examiner notes that “certain method[s] of organizing human activity” includes a person's interaction with a computer (see MPEP 2106.04(a)(2)(II)). That is, other than reciting a system implemented by a processor, a memory, application programming interface, database record, interaction channel, remote device, electronically reconfiguring, remote system, computing device and, a non-transitory computer-readable storage medium, the claimed invention amounts to managing personal behavior or interaction between people. For example, but for the processor, a memory, application programming interface, database record, interaction channel, remote device, electronically reconfiguring, remote system, computing device and, a non-transitory computer-readable storage medium, this claim encompasses a person to obtain an interaction record for an interaction between an interaction and a user account, wherein the interaction comprises an attempt to access the user account, wherein the interaction record comprises activity data for the interaction and the user account, authentication activity data relating to the user account, and behavioral activity data relating to the interaction, and further wherein behavioral activity data comprises an indication of whether a user attempted to transfer to a customer service agent, and during the interaction obtaining historical data relating the user account and the interaction wherein the historical data comprises one or more historical interaction records relating to the user account, activity records relating to past user account access attempts originating from the interaction, and a plurality of threat scores previously calculated for the user account, and requesting a risk score for the interaction, receiving the risk score for the interaction in response to the request, receiving context data for the interaction wherein the context data comprises a summary or topic of the interaction, during the interaction calculating a threat score for the user account based on the interaction record, the received risk score for the interaction, the context data, and the one or more historical interaction records wherein the threat score indicates a likelihood that the user account is subject to fraudulent activity, during the interaction generating a record based on the interaction record that includes the threat score, and during the interaction and in response to the threat score exceeding a predetermined threshold initiating a corrective action if the threat score exceeds a predetermined threshold wherein the corrective action comprises blacklisting the interaction to prevent accessing the account or any other accounts based on this data in the manner described in the identified abstract idea, supra. If a claim limitation, under its broadest reasonable interpretation, covers managing personal behavior or interactions between people but for the recitation of generic computer components, then it falls within the “certain methods of organizing human activity” grouping of abstract ideas. Accordingly, Claims 1, 11 and 20 recite an abstract idea. (Step 2A- Prong 1: YES. The claims recite an abstract idea). This judicial exception is not integrated into a practical application. Claims 1, 11, and 20 recite the additional elements of one or more processors (Claims 1, and 20), application programming interface (Claims 1, 11, and 20), a memory (Claim 1), database record (Claims 1, and 11), interaction channel (Claim 1, 11, and 20), remote device (Claims 1, 11 and 20), remote system (Claims 1, 11, and 20), electronically reconfiguring (Claims 1, 11, and 20), computing device (Claim 20), and a non-transitory computer-readable storage medium (Claim 20) that implements the identified abstract idea. These additional elements are not described by the applicant and are recited at a high-level of generality (i.e., one or more generic computers performing a generic computer functions) such that it amounts no more than mere instructions to apply the exception using a generic computer components. Accordingly, even in combination these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Claims 1, 11, and 20 are directed to an abstract idea. (Step 2A-Prong 2: NO: the additional claimed elements are not integrated into a practical application). The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of one or more processors (Claims 1, and 20), application programming interface (Claims 1, 11, and 20), a memory (Claim 1), database record (Claims 1, and 11), interaction channel (Claim 1, 11, and 20), remote device (Claims 1, 11 and 20), remote system (Claims 1, 11, and 20), electronically reconfiguring (Claims 1, 11, and 20), computing device (Claim 20), and a non-transitory computer-readable storage medium (Claim 20), to perform the noted steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept (“significantly more”). Accordingly, even in combination, these additional elements do not provide significantly more. As such claims 1, 11, and 20 are not patent eligible. (Step 2B: NO. The claims do not provide significantly more). Dependent Claims 3-6, 8, 10, 13-15, 17, and 19 are similarly rejected because they either further define/narrow the abstract idea of independent claims 1, 11 and 20 as discussed above and/or do not further limit the claim to a practical application or provide an inventive concept such that the claims are subject matter eligible even when considered individually or as an ordered combination. Claim(s) 3, 4 & 13 merely describe the corrective action. Claim(s) 8 & 17 merely describe the behavioral activity data. Therefore claims 3, 4, 8, 13, and 17 are considered patent ineligible for the reasons given above. Dependent Claim(s) 5, 6, 10, 14, 15, and 19 recite limitations that further define the abstract idea noted in independent claims 1, 11, and 20. In addition, it recites the additional elements of a user interface, client device, application programming interface, and machine learning model. The user interface, client device, application programming interface, and machine learning model, are recited at a high level of generality such that it amounts to no more than mere instructions to apply the exception using a generic computing component. Even in combination, these additional elements do not integrate the abstract idea into a practical application and do not amount to significantly more than the abstract idea itself. Therefore, dependent claims 3-6, 8, 10, 13-15, 17, and 19 are considered patent ineligible for the reasons given above. Subject Matter Distinguishable from Prior Art As previously disclosed in the Non-Final Rejection on 12/18/2026 claims 1, 11, and 20 are distinguishable over the prior art. Claims 3-6, 8, 10, 13-15, 17, and 19 are also allowable over prior art due to their dependency on claims 1, and 11. An updated search was conducted. Response to Arguments Applicant's arguments filed 03 with respect to 35 U.S.C. § 101, have been fully considered but they are not persuasive. Applicant argues that the additional elements integrate the judicial exception into a practical application, in particular that the feature of “electronically reconfiguring the interaction channel” to blacklist it is not a “method of organizing human activity” or a “business method” for closing an account” since it automatically protects accounts from fraudulent actors and attacks. The Examiner respectfully disagrees. MPEP 2106.04(a)(2)(II) states that a claimed invention is directed to certain methods of organizing human activity if the identified claim elements contain limitations that encompass fundamental economic principles or practices, commercial or legal interactions, or managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions). The Examiner submits that the identified claim elements represent a series of rules or instructions that a person or persons, with or without the aid of a computer, would follow to prevent fraudulent activity. Because the claim elements fall under a series of rules or instructions that a person or persons would follow to ensure the prevention of fraudulent activity, the claimed invention is directed to an abstract idea. The additional elements of one or more processors, application programming interface, memory, database record, interaction channel, remote device, remote system, electronically reconfigur[ation], computing device, and non-transitory computer-readable storage medium are recited at a high level of generality and do not amount to a practical application that integrates the abstract idea into a specific technical improvement in computer functionality or another technology. The claimed features do not reflect an improvement to the technology used to reconfigure the interaction channel, but rather use that technology as a tool to perform the abstract analysis. Therefore the claims do not recite significantly more. Further, the problem of automatically protecting accounts from fraudulent actors and attacks was not a problem caused by the computer/processor that is involved in the process. At best, the problem(s) described in the as-filed disclosure are business problems. Applicant further argues that, the specific data integration and processing steps of the claims are not “well-understood, routine, or conventional” therefore providing significantly more. The Examiner respectfully disagrees as the rejection does not rely on a finding that the claimed elements are well-understood, routine or conventional, but instead solely relies on the fact that the combination of elements are no more than “apply it” level elements. Therefore, this argument is moot. Based on the updated rejection above and the response presented here, the 101 rejection holds. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Emily M Kraisinger whose telephone number is (703)756-4583. The examiner can normally be reached M-F 7:30 AM -4:30 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jessica Lemieux can be reached at 571-270-3445. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /E.M.K./Examiner, Art Unit 3626 /JESSICA LEMIEUX/Supervisory Patent Examiner, Art Unit 3626