DETECTING SECURITY BREACHES WITH WATCHDOG TRANSACTION ACCOUNTS

Detailed Action Status of Claims The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Action is in reply to the Amendment filed on 3/18/2026. Claims 1, 3-8, 10-15, 17-23 are currently pending and have been examined. Claims 2, 9, 16 and 53-92 stand cancelled. Claims 1, 8, 15 have been amended. Prior Art rejection has been overcome by amendment. Request for Continued Examination A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 3/18/2026 has been entered. Priority Applicant’s claim of priority to 18106798 is acknowledged. The claims are therefore afforded an effective filing date of 07/02/2020. Claim Objections Claim 1 is objected to for the following informality: the phrase “to be declined if presented for authorization” appears erroneous and should be struck-through, as in Claims 8 and 15. Appropriate correction is required. Claim Rejection - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1, 3-8, 10-15, 17-23 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. First, it is determined whether the claims are directed to a statutory category of invention. In the instant case, claims 1, 3-7, and 21 are directed to a machine, claims 8, 10-14, and 22 directed to a process, and claims 15, 17-20 and 23 are directed to an article of manufacture. Therefore, claims 1, 3-8, 10-15, 17-23 are directed to statutory subject matter under Step 1 as described in MPEP 2106 (Step 1: YES). The claims are then analyzed to determine whether the claims are directed to a judicial exception. In determining whether the claims are directed to a judicial exception, the claims are analyzed to evaluate whether the claims recite a judicial exception (Prong One of Step 2A), as well as analyzed to evaluate whether the claims recite additional elements that integrate the judicial exception into a practical application of the judicial exception (Prong Two of Step 2A). Claims 1, 8, and 15 recite at least the following limitations that are believed to recite an abstract idea: request a page of a commerce system; add an item to a purchase request mechanism: initiate a purchase with the commerce system; obtain a watchdog transaction account, wherein the watchdog transaction account comprises an unissued account number that is not associated with a valid transaction account, and wherein the watchdog transaction account comprises authentication information configured such that the watchdog transaction account would be declined when presented for payment in a transaction; provide the watchdog transaction account to the commerce system as payment for the purchase; submit a purchase request to the commerce system, wherein the purchase request includes the watchdog transaction account; initiate a watchdog transaction with the commerce system by submitting the watchdog transaction account as part of the purchase request to the commerce system; and store a record of the purchase, the record comprising a merchant identifier associated with the commerce system and the watchdog transaction account, wherein the record of the purchase can be compared against later declined transactions to detect fraudulent use. The above limitations recite the concept of retail checkout & payment security activity. These limitations, under their broadest reasonable interpretation, fall within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas, enumerated in MPEP 2106, in that they recite commercial interactions, e.g. sales activities/behaviors, and managing personal behavior or relationships or interactions between people, e.g., following rules or instructions. Accordingly, under Prong One of Step 2A, claims 1, 3-8, 10-15, 17-23 recite an abstract idea (Step 2A, Prong One: YES). Prong Two of Step 2A is the next step in the eligibility analyses and looks at whether the abstract idea is integrated into a practical application. This requires an additional element or combination of additional elements in the claims to apply, rely on, or user the judicial exception in a manner that imposes a meaningful limit on the judicial exception, such that the claim is more than a drafting effort designed to monopolize the exception. In this instance, the claims recite the additional elements of: a computing device comprising a processor and a memory; and machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to perform steps a web page the commerce system being electronic A non-transitory, computer-readable medium comprising machine-readable instructions that, when executed by a processor of a computing device, cause the computing device to perform steps However, these elements do not amount to an improvement in the functioning of a computer or any other technology or technical field; apply the judicial exception with, or by use of, a particular machine; or apply or use the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort to monopolize the exception. In addition, the recitations are recited at a high level of generality and also do not amount to an improvement in the functioning of a computer or any other technology or technical field; apply the judicial exception with, or by use of, a particular machine; or apply or use the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort to monopolize the exception. The dependent claims also fail to recite elements which amount to an improvement in the functioning of a computer or any other technology or technical field; apply the judicial exception with, or by use of, a particular machine; or apply or use the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort to monopolize the exception. For example, claims 3-7, 10-14, 17-23 are directed to the abstract idea itself and do not amount to an integration according to any one of the considerations above. Therefore, the dependent claims do not create an integration for the same reasons. Step 2B is the next step in the eligibility analyses and evaluates whether the claims recite additional elements that amount to an inventive concept (i.e., “significantly more”) than the recited judicial exception. According to Office procedure, revised Step 2A overlaps with Step 2B, and thus, many of the considerations need not be re-evaluated in Step 2B because the answer will be the same. In Step 2A, several additional elements were identified as additional limitations: a computing device comprising a processor and a memory; and machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to perform steps a web page the commerce system being electronic A non-transitory, computer-readable medium comprising machine-readable instructions that, when executed by a processor of a computing device, cause the computing device to perform steps These additional limitations, including the limitations in the dependent claims, do not amount to an inventive concept because they were already analyzed under Step 2A and did not amount to a practical application of the abstract idea. Therefore, the claims lack one or more limitations which amount to an inventive concept in the claims. For these reasons, the claims are rejected under 35 U.S.C. 101. Allowable over Prior Art of Record Claims 1, 3-8, 10-15, 17-23 are allowable over prior art though rejected on other grounds (e.g. 101) as discussed above. The combination of elements of the claim as a whole are not found in the prior art. Claims 1, 3-8, 10-15, 17-23 would be allowable over prior art if rewritten to overcome the rejections above and to include all of the limitations of the base claim and any intervening claims. Upon review of the evidence at hand, it is hereby concluded that the totality of the evidence, alone or in combination, neither anticipates, reasonably teaches, nor renders obvious the below noted features of the Applicant’s invention. In the present application, claims 1, 3-8, 10-15, 17-23 are allowable over prior art. The most related prior art patent of record include Lacoss-Arnold (US 20160110709 A1), hereinafter Lacoss-Arnold, Fort et al (US20210357941A1), hereinafter Fort, and Johansson et al (US10395243B1), hereinafter Johansson. Lacoss-Arnold teaches systems for detecting potentially compromised payment cards [Abstract], including a merchant website for viewing and purchasing items through an online store [0045, 0016], in which items can be selected to purchase [0045]. A card identifier, formatted as an account number, is used [0055], which is configured to be declined if used on other merchant website [0056-0057, 0004]. The account can also be declined if not in good standing [0033]. The card identifier token is provided to the merchant [0054] and used to perform a transaction when valid [0056]. Information about the transaction card is stored in a database [0034]; the stored information is used to detect subsequent attempts to use the card where not valid and to flag it as potentially compromised [0017-0019]. Fort teaches virtual cards tied to a specific merchant which, when used at another merchant, are declined & used to determine a security breach at the first merchant. Johansson teaches “shadow accounts” used to provide privacy protections at checkout, which can also be declined & used determine fraud when a transaction is requested at another merchant. However, each of these references fail to disclose or render obvious at least the limitations to: obtain a watchdog transaction account, wherein the watchdog transaction account comprises an unissued account number that is not associated with a valid transaction account, and wherein the watchdog transaction account comprises authentication information configured such that the watchdog transaction account would be declined when presented for payment in a transaction; initiate a watchdog transaction with the electronic commerce system by submitting the watchdog transaction account as part of the purchase request to the electronic commerce system; and store a record of the purchase, the record comprising a merchant identifier associated with the electronic commerce system and the watchdog transaction account, wherein the record of the purchase can be compared against later declined transactions to detect fraudulent use. Each of these references fail to disclose or render obvious the combination of limitations in the independent claims 1,8, and 15, alone or in obvious combination. Therefore, at least for the combination of elements recited in the independent claims, the independent claims and those that depend thereon are allowable over prior art if rewritten to include all of the limitations of the base claim and any intervening claims. Response to Arguments Applicant's arguments filed 3/4/2026 have been fully considered but they are not persuasive. Claim Rejection – 35 USC §101 Applicant argues with respect to Step 2A Prong 1 that the claims do not fall within "any...enumerated fundamental economic practices," and that the claims "cannot reasonably be characterized as retail checkout activity, e.g. sales activities/behaviors." Noting that the claims recite an account that "would be declined when presented for payment in a transaction," Applicant argues that "no commercial interactions such as retail activity are occurring." Examiner disagrees. With reference to the 101 rejection, it is noted that the claims, rather than being directed to a fundamental economic practice, are directed to commercial interactions and Managing Personal Behavior or Relationships or Interactions Between People and enumerated in MPEP 2106.04. The limitations of the claims, as amended, recite operations for retail checkout & payment security activity, and fall within the Commercial Interactions and Managing Personal Behavior or Relationships or Interactions Between People groupings within Certain Methods of Organizing Human Activity. Retail activity and payment-security operations are occurring, even if the claimed payment process does not result in a successful transaction. With reference to MPEP 2106.04(a)(2), commercial interactions include not just merely paying for an item, but a range of activities related to sales or commercial management. In contrast to McRO, where specific technical steps did not amount to an abstract idea, the pending claims recite steps for performing checkout operations/ managing a declined transaction in a commercial setting. Applicant further argues with respect to Step 2A Prong 2 that the additional elements integrate the abstract idea into a practical application, arguing that the claims "improve the functioning of computers in a technological environment related to the tracking of payments," such that that claims "recite[] a technical solution to a technical problem." Examiner disagrees. The alleged improvement of being able to irrefutably identify the source of a breach is at best a business improvement stemming solely from the abstract idea, which recites storing information which "can be" compared to detect fraud. The independent claims do not recite technical steps for how such a fraud is determined from the stored information, nor do they recite language related to the argued "time frame." The additional elements amount to mere instructions to apply this abstract idea to a technological environment, creating a general linking to computer technology [MPEP 2106.05(f)]. In particular, the alleged solution is a solution to a business problem in the field of payments, rather than a technological one specific to electronic payments or online checkouts. While technology is prominent in the field of payment processing, the identified problem of pinpointing the source of fraud is not specific to any technology, but to the abstract field of payments as a whole. Similarly, the alleged solution is not specific to a particular technological implementation or rooted in technology, but only generally linked to it; rather than being a technological solution specific to a particular technology, the claims merely provide a business solution to the business problem which is as relevant to any other form of payment as it is to the electronic checkouts that the claims recite instructions to apply it to. Applicant further argues that the claims amount to significantly more than the abstract idea, arguing that the claims provide “a non-conventional arrangement of elements that addresses a problem” with financial institutions ability to “pin-point the source of a data breach.” Examiner respectfully disagrees. Similar to the response above regarding Step 2A Prong 2, the claims do not address a technological problem, but a business one. The alleged solution is rooted solely in the abstract idea, and is applicable to a problem of pinpointing data breaches with any form of payment. Rather than providing a technological solution specific to electronic checkouts through a website, the additional elements provide only a general linking to computer technology, amounting to mere instructions to apply the abstract idea to a technological field. [MPEP 2106.05(f)] While computer technology is common in the field of payments, such that this problem may manifest frequently in scenarios that use electronic payment methods, it is not a technological problem specific to that technology, but a problem present in any form of account-based payment, e.g. in-store or by mail/phone, via credit card or check, etc. Similarly, the solution is not specific to the implementation of this problem in e-commerce, but is a business solution to a business problem, rooted in the abstract idea, that solves the issue of pinpointing the source of data breaches by proactively distributing “watchdog” account numbers to be monitored for attempted activity. The claimed solution achieves the argued result independent of computer technology providing a general linking to any particular technological field, and does not amount to significantly more than the abstract idea. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to THOMAS J SULLIVAN whose telephone number is (571)272-9736. The examiner can normally be reached Mon - Fri 8-5 PT. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Marissa Thein can be reached on (571) 272-6764. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /T.J.S./ Examiner, Art Unit 3689 /MARISSA THEIN/Supervisory Patent Examiner, Art Unit 3689