Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsUBIQ Security, Inc. › 18035069
Last updated: April 19, 2026
Application No. 18/035,069

SYSTEMS AND METHODS FOR API-BASED ENCRYPTION AND KEY MANAGEMENT

Final Rejection §103
Filed
May 02, 2023
Examiner
VU, VIET D
Art Unit
2455
Tech Center
2400 — Computer Networks
Assignee
UBIQ Security, Inc.
OA Round
2 (Final)
84%
Grant Probability
Favorable
3-4
OA Rounds
2y 9m
To Grant
98%
With Interview

Interview Optional

+14.2% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 1048 resolved cases, 2023–2026

Examiner Intelligence

VU, VIET D View full profile →
Grants 84% — above average
84%
Career Allow Rate
882 granted / 1048 resolved
+26.2% vs TC avg
Moderate +14% lift
Without
With
+14.2%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
18 currently pending
Career history
1066
Total Applications
across all art units

Statute-Specific Performance

§101
2.5%
-37.5% vs TC avg
§103
71.2%
+31.2% vs TC avg
§102
4.5%
-35.5% vs TC avg
§112
1.7%
-38.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 1048 resolved cases

Office Action

§103
1. Applicant is requested to cancel withdrawn claims 10-20 in the next correspondence. Art Rejection 2. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. 3. Claims 1-9 are rejected under 35 U.S.C. 103 as being unpatentable over Horowitz, U.S. pat. Appl. Pub. No. 2017/0262638, in view of Qian, U.S. pat. Appl. Pub. No. 2016/0294548. Per claim 1, Horowitz discloses a computer implemented method for implementing data encryption in an application using an application programming interface (API), the method comprising: a) accessing an online platform, e.g., database API 160 and storage API 108, to create an application profile (i.e., configuration metadata file) for the database application, i.e., storing defined encryption type/policy for each database storage in a configuration metadata file (see par 0040, 0087-0088); b) selecting encryption policies for the application based on the application profile, i.e., setting encryption on individual storage engine (104, 106) (see par 0040, 0116-0117); c) creating a set of encryption keys for the application based on the application profile (see par 0040, 0226); d) storing the set of encryption keys as secret information (see par 0227); e) installing at least one client extension library for performing encryption functions (see par 0116); and f) updating the application with the API call information and credential information for encrypting data (see par 0007, 0116). Horowitz does not explicitly teach installing at least one client extension library based on a programming language of the application. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to recognize that the pluggable module or extension library must have been compatible to the programming language of the application in order for the application to utilize. Horowitz also does not teach creating a set of secret keys for the application to access the API and storing the set of secret keys as credential information. However, Qian discloses a prior art method for managing the encryption keys, wherein credentials are used by the application to generate secret keys or used as secret keys to access and operate the encryption function (see Qian, par 0036). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Horowitz with Qian teaching because it would have ensured secured access to the application and the key manager. Per claim 2, Horowitz teaches that the application profile, i.e., configuration metadata, includes a number of storage locations/components associated with corresponding storage engines (see par 0016). Per claim 3, Horowitz teaches that the set of encryption keys comprises a master key and API keys (see par 0226). Per claim 4, Horowitz teaches that the use can specify any encryption policies (see par 0040). It would have been obvious to one skilled in the art to practice Horowitz invention with any known encryption policies including FPE. Claims 5-9 are similar in scope as that of claims 1-4. Response to Amendment 4. Applicant's arguments filed on February 6, 2026 with respect to claims 1-9 have been fully considered but are not deemed persuasive. It is submitted that the rejection has been revised to better address claim limitations. Applicant alleges that neither Horowitz nor Qian teach creating an application profile that can be used to select encryption policies and create encryption keys. Examiner disagrees. The examiner submits that the claims in the current forms do not define how the application profile is used to select encryption policies and create encryption keys other than a use of a file for storing selected encryption policies and created encryption keys. On the other hand, Horowitz clearly teaches creating a profile or configuration file for storing configuration metadata for the database application which defines encryption policies and encryption keys for respective databases (see par 0040, 0087-0088). Particularly, Horowitz teaches that encryption policy for each database can be defined/selected and stored in the profile/configuration file (see par 0040). Horowitz also teaches that encryption key information can be obtained or created and then stored in the profile/configuration file (see par 0226-0227). Thus, it is submitted that Horowitz discloses the alleged claim limitations. Conclusion 5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 C.F.R. 1.136(a). A SHORTENED STATUTORY PERIOD FOR RESPONSE TO THIS FINAL ACTION IS SET TO EXPIRE THREE MONTHS FROM THE DATE OF THIS ACTION. IN THE EVENT A FIRST RESPONSE IS FILED WITHIN TWO MONTHS OF THE MAILING DATE OF THIS FINAL ACTION AND THE ADVISORY ACTION IS NOT MAILED UNTIL AFTER THE END OF THE THREE-MONTH SHORTENED STATUTORY PERIOD, THEN THE SHORTENED STATUTORY PERIOD WILL EXPIRE ON THE DATE THE ADVISORY ACTION IS MAILED, AND ANY EXTENSION FEE PURSUANT TO 37 C.F.R. § 1.136(a) WILL BE CALCULATED FROM THE MAILING DATE OF THE ADVISORY ACTION. IN NO EVENT WILL THE STATUTORY PERIOD FOR RESPONSE EXPIRE LATER THAN SIX MONTHS FROM THE DATE OF THIS FINAL ACTION. 6. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Viet Vu whose telephone number is 571-272-3977. The examiner can normally be reached on Monday through Thursday from 8:00am to 6:00pm. The Group general information number is 571-272-2400. The Group fax number is 571-273-8300. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Emmanuel Moise, can be reached at 571-272-3865. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /Viet D Vu/ Primary Examiner, Art Unit 2455 2/10/26
Read full office action

Prosecution Timeline

May 02, 2023
Application Filed
Jul 29, 2025
Examiner Interview (Telephonic)
Aug 03, 2025
Non-Final Rejection — §103
Feb 06, 2026
Response Filed
Feb 10, 2026
Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/598,012
Patent 12602476
SYSTEMS AND METHODS FOR FORENSIC RESOLUTION OF RANSOMWARE ATTACKS
2y 5m to grant Granted Apr 14, 2026
17/992,223
Patent 12591693
SECURITY ARCHITECTURE SYSTEM, CRYPTOGRAPHIC OPERATION METHOD FOR SECURITY ARCHITECTURE SYSTEM, AND COMPUTING DEVICE
2y 5m to grant Granted Mar 31, 2026
18/636,556
Patent 12592972
COMPUTING SYSTEM TO MANAGE SECURITY PROTOCOLS FOR MULTIPLE ELECTRONIC MESSAGING PROVIDERS BASED ON DOMAIN DELEGATION
2y 5m to grant Granted Mar 31, 2026
18/655,296
Patent 12584657
WATER HEATER WITH WIRELESS COMMUNICATION PART
2y 5m to grant Granted Mar 24, 2026
18/622,605
Patent 12580888
SECURE UNIDIRECTIONAL NETWORK ACCESS USING CONSUMER-CONFIGURED LIMITED-ACCESS ENDPOINTS
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
84%
Grant Probability
98%
With Interview (+14.2%)
2y 9m
Median Time to Grant
Moderate
PTA Risk
Based on 1048 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month