DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Preliminary Amendment
All pending claims 1-20 filed January 30, 2024 are examined in this non-final office action.
Specification
The specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-11 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
The claims do not fall within at least one of the four categories of patent eligible subject matter because: The body of claim 1 is set-up to be a computer-based system claim yet lacks computing structure specificity. A user access module is software. A purchasing facility is software. “the user restricted….” appears to be claiming a user, i.e. a human being. Corrections are requested.
Claims 12-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
The claims do not fall within at least one of the four categories of patent eligible subject matter because: Claim 12 is set-up to be a computer-based system method claim. “a user accessing a user access module …” appears to be claiming “a user” i.e. a human being, as a structural element of the computer system.
Please note: In general, method claims are typically written using the present participle of the verb. For example in claim 12:
accessing, by a user, a user access module …
accessing, by a user, a hosted application …
restricting the hosting system to utilizing …
accessing, by the user, a purchasing facility … etc.
Corrections to all such occurrences in claims 12-18 are requested.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 4-8, 10-12, 15-17 and 19 are rejected under 35 USC 103 as being unpatentable over Kumar et al., US 2021/0168133 “Kumar,” in view of Cella et al., US 2022/0036302 “Cella,” further in view of Engstrom, US 7,240,035.
In Kumar see at least (underlined text is for emphasis):
Regarding claim 12: (Original) A method for conducting online transactions using a hosting system that hosts a plurality of computer executable applications when the applications are accessible by a plurality of users registered to use the hosted plurality of applications, the computer executable applications including at least an internet browser, the method including:
, by a user, a user access module that enables individual users to access the hosting system using personal credentials and upon entering valid personal credentials, …
[Kumar: Figs. 2A-2D]
[Kumar: 0046] As mentioned, the user device 210 may be associated with or otherwise under the control of the user 201. The user device 210 may be any type of reasonable device such as, but not limited to, a mobile phone, other mobile device, or any type of computing device. The user device 210 may store or otherwise have access to user credentials 211. The user credentials 211 may include a first user credential 211A, a second user credential 211B, and any number of additional user credentials as illustrated by the ellipses 211C. As will be explained in more detail to follow, user credentials 211 may be used by the trusted identity provider 220 to verify the identity of the user 201. In some embodiments, the user credentials 211 may include a username and password. In other embodiments, the user credentials 211 may include biometric elements such as a fingerprint or a retinal scan. Of course, the user credentials may include any combination or type of credentials as circumstances may warrant.
[Kumar: 0083] FIG. 5 illustrates a flow chart for an example method 500 for using a persona as an identity of a user when the user interacts with one or more service providers. The method 500 will be described with respect to one or more of FIGS. 2A-2D, 3 and 4 discussed previously.
[Kumar: 0084] The method 500 includes verifying an identity of a user who is to interact with one or more service providers (510). For example, as previously described the trusted identity provider 220, specifically the verification module 228, may verify the identity of the user 201 in response to the request 207 to interact with one of the service providers 230, 240, and potentially 250. In some embodiments, the verification is performed by verifying one or more of the user credentials 211 such as a username and password or a biometric element such as a fingerprint or retinal scan.
Rejection is based upon the teachings applied to claim 12 by Kumar and further upon the teachings and suggestions of known identity management system by Kumar.
[Kumar: 0001] Identity management service includes the task of controlling information about users of various computing systems, including digital identities. Digital identity is an entity's online presence that may encompass personal identifying information and ancillary information (e.g., metadata). It may include the codification of identity names and attributes of a physical instance in a way that facilitates processing. Such information may include information that authenticates the identity of a user, and information that describes data and actions they are authorized to access and/or perform. It may also include the management of descriptive information about the user and how and by whom that information can be accessed and/or modified. Managed entities may include users, hardware devices, software applications, and/or network resources.
It would have been obvious to one of ordinary skill in the art before the effective filing date to modify the system and methods of Kumar to host software applications. For example, Verification Module 228 and Selection Module 229 of the Trusted Identity Provider 220 are examples of hosted applications. Specifically the verification module 228 may verify the identity of the user 201 in response to the request 207 to interact with one of the service providers 230, 240, and potentially 250.
… the user is assigned a series of system personas for use when the user executes one or more hosted applications;
[Kumar: 0085] The method 500 includes accessing a plurality of different personas related to the identity of the user, each individual persona of the plurality of different personas including user information related to the identity of the user (520). For example, as previously described, the trusted identity provider 220, specifically the selection module 229, may access the personas 223, 224, 225, 226, and potentially 227. Each of these personas may include an amount of user information 215 (i.e., user information 215A, 215B, and potentially 215C) as determined by the user 201.
, by a user, a hosted application to access an online service external to the hosting system;
[Kumar: 0086] The method 500 includes selecting a specific one of the plurality of different personas for use in interacting with a service provider (530). For example, as previously described, the trusted identity provider 220, specifically the selection module 229, may select one of the personas 223, 224, 225, 226, and potentially 227. The selection may be based on how much user information 211 the user desires to provide to the service provider or on the type of the service provider.
restricting the hosting system
[Kumar: 0022: Known conventional systems] For example, conventional identity management systems typically require that a user have a separate account with an identity provider for each service provider the user wants to interact with. The identity provider and/or the service provider then determines what types of user credentials and other user information about the user that the user must provider in order to gain access to a service provider associated with the identity provider. Thus, it is the identity provider and/or the service provider who dictate how the user is to be represented when interacting with the service provider. In addition, it is the service provider who typically controls the operation of the identity provider.
[Kumar: 0023: Known conventional systems] Such conventional systems thus provide many disadvantages to the user. For example, because the user typically is required to set up a separate account for each service provider, he or she must remember the different user credentials and other user information that is required for interaction with each service provider. This can often be a challenge for the user, especially for an account with a service provider that is rarely used. In addition, because the identity provider and/or the service provider determines what types of user information is required before interaction is allowed, privacy issues may be raised as user may have to provide user information about the user that he or she would not choose to provide if not required to.
[Kumar: 0026] The embodiments related herein allow the user to use the trusted identity provider to select which persona to use when interacting with a given service provider. In some embodiments, a user interface may allow the user to select the persona or to create a new persona or modify an existing persona when requesting interaction with a service provider. In other embodiments, the user may link a persona to a service provider so that the persona is automatically selected, or a persona may be automatically selected based on past selection of the persona. The selected persona may then be used to represent the user when interacting with the service provider.
[Kumar: 0058] The persona generation module 221 may also generate a third persona 225 that discloses little or no user information 215 and thus includes less user information 215 than both the first persona 223 and the second persona 224. Thus, the third persona 225 may be considered a fully anonymous persona. For example, the third persona 225 may only include a single description 225A about the user 201, such as job title or other background data (e.g., a school teacher, an FBI agent, an adult older than 21 years old) that is unlikely to fully identify user 201 since the single description 225A may apply to many users. Alternatively, the second persona 225 may include made-up information 225B such as a made up name or other related information that may be used so that it is very hard to determine the identity of the user 201. Thus, the third persona 225 may be used when the user 201 does not want to disclose his or her true identity during an interaction with the service provider.
Please note: The trusted identity provider (i.e. hosting system) is restricted to utilizing an assigned system persona for the user for the purpose of the online service external to the hosting system.
, by the user, a purchasing facility operated by the hosting system and in instances where the user seeks to access funds to purchase goods and/or services online, the user completing a financial transaction with the online service external to the hosting system utilising funds from the purchasing facility thereby completing a transaction with the online service external to the hosting system whilst retaining the privacy of the user's personal details and in the event of a user purchasing goods from a service online that is external to the hosting system and requiring physical delivery, the user receiving those goods through a collection and delivery arrangement that includes at least one intermediary exchange wherein the user's preferred delivery address is with-held from transfer between parties involved in the intermediary exchange thereby avoiding the divulgence of those details to the online service external to the hosting system and/or any goods provider and their delivery agents.
Rejection is based in part upon the teachings and rationale applied to claim 12 by Kumar and further upon the combination of Kumar-Cella. Although Kumar’s host system manages the user’s identity/personae, hosts software applications, e.g. identity/personae management, and facilitates user interaction with external sources, e.g. service providers, Kumar does not expressly mention hosting electronic commerce software applications. Cella on the other hand would have taught Kumar techniques for hosting an identity management application with electronic commerce applications.
In Cella see at least:
[Cella: 0350] Referring to FIG. 9, orchestration of a set of deeply interconnected value chain network entities 652 in a value chain network 668 by the value chain network management platform 604 is illustrated. Each of the value chain network entities 652 may have a connection to the VCNP 604, to a set of other value chain network entities 652 (which may be a local network connection, a peer-to-peer connection, a mobile network connection, a connection via a cloud, or other connection), and/or through the VCNP 604 to other value chain network entities 652. The value chain network management platform 604 may manage the connections, configure or provision resources to enable connectivity, and/or manage applications 630 that take advantage of the connections, such as by using information from one set of entities 652 to inform applications 630 involving another set of entities 652, by coordinating activities of a set of entities 652, by providing input to an artificial intelligence system of the VCNP 604 or of or about a set of entities 652, by interacting with edge computation systems deployed on or in entities 652 and their environments, and the like.
[Cella: 0353] Referring to FIG. 10, the set of applications 630 provided on the VCNP 604, integrated with the VCNP 604 and/or managed by or for the VCNP 604 and/or involving a set of value chain network entities 652 may include, without limitation, one or more of any of a wide range of types of applications, such as: a supply chain management application 812 (such as, without limitation, for management of timing, quantities, logistics, shipping, delivery, and other details of orders for goods, components, and other items); … a finance application 822 (such as, without limitation, for handling finance matters relating to value chain entities and assets, such as involving payments, security, collateral, bonds, customs, duties, imposts, taxes and others); … an e-commerce application, … an identity management application 830 (such as for managing one or more identities of entities 652 involved in a value chain, such as, without limitation, one or more of an identity verification application, a biometric identify validation application, a pattern-based identity verification application, a location-based identity verification application, … a blockchain application 844 (such as, without limitation, a distributed ledger capturing a series of transactions, such as debits or credits, purchases or sales, exchanges of in kind consideration, smart contract events, or the like, or other blockchain-based application) … a commerce application, solution or service 854 (such as, without limitation an e-commerce site marketplace, an online site, an auction site or marketplace, a physical goods marketplace, …
One of ordinary skill in the art before the effective filing date would have recognized that applying the known techniques of Cella, which manage an identity management application and various ecommerce applications, e.g. purchasing, payment, shipping etc., in a single platform, would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the techniques of Cella to the teachings of Kumar would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such data processing features into similar systems. Obviousness under 35 USC 103 in view of the Supreme Court decision KSR International Co. vs. Teleflex Inc.
Although Kumar-Cella teach and suggest a) managing the user’s identity information using a plurality of personae to conceal the user’s personal information from an external service provider, b) hosting identity management with electronic commerce services, and c) selecting shipping/delivery services, Kumar-Cella do not expressly mention an intermediary exchange wherein the user's preferred delivery address is with-held from transfer between parties involved in the intermediary exchange. Engstrom on the other hand would have taught Kumar-Cella such techniques.
In Engstrom see at least:
(Engstrom: D13: col. 3, lines 11-16) In various embodiments of the invention, a consumer is able to purchase and receive goods from web sites without revealing private delivery information, such as mailing address, to a web site/business from whom the consumer purchases goods. For the purpose of this application, the terms "purchaser" and "consumer" are synonymous.
(Engstrom: D14: col. 3, lines 17-30) FIG. 1 illustrates a network view of the present invention, in accordance with one embodiment. As illustrated, an online consumer or purchaser, such as purchaser 100, is communicatively coupled to various e-commerce web sites, such as business web site of business 102 hosted by server 103, via his/her client device 101 and network 104. The business web site may e.g. be a general e-commerce retail site, an online direct sales channel of the business, or other business-to-business commerce sites. Client device 101 may comprise a computing device, such as a personal computer, which operates on behalf of user 100. In alternate embodiments, client device 101 may be a personal digital assistant (PDA), a wireless mobile telephone, or other appliance devices of like kind, instead.
(Engstrom: D16: col. 3, lines 39-58) Also shown in FIG. 1, in accordance with the present invention, a delivery address service 106 is also in communication with purchaser 100, via their respective equipment, i.e. server or servers 107 and client device 101, through network 104. Purchaser 100 is a subscriber of the delivery/mailing address privacy protection service of delivery address service 106, which advantageously protects the privacy of the "real" delivery or mailing address of user 100. For the illustrated embodiment, the privacy enhanced delivery service is offered by the delivery address service 106 in conjunction with delivery service 108. In various embodiments, the services, i.e. delivery address service 106 and delivery service 108, may be offered by the same or different business entities. While typically purchaser 100 will be charged for a fee for the privacy enhanced delivery service, however the present invention may be practiced without purchaser 100 being charged for the service. For example, the cost for providing the privacy enhanced delivery service may be borne by the e-commerce businesses 102 or alternatively by delivery service 108 to attract customers.
(Engstrom: D17: col. 3, line 49-col. 4, line 8) In one embodiment, once purchaser 100 subscribes to the privacy enhanced delivery address service offered by delivery address service 106 (in conjunction with delivery service 108), delivery address service 106 facilitates commercial transactions; in particular, delivery of purchased goods to purchaser 100, by generating substitute delivery addresses that purchaser 100 may use (in lieu of his/her own personal private mailing address), when engaging in commercial transactions with online businesses, such as business 102. The phrase "substitute delivery addresses" refers to delivery addresses and/or associated control information that are owned and/or controlled by the delivery address service 106. The substitute delivery address (and its associated control information) are temporarily assigned to purchaser 100 to substitute for the personal and/or private mailing address of the purchaser 100, while purchaser 100 remains a service subscriber.
(Engstrom: D21: col. 4, lines33-42) In FIG. 2, delivery address service 106 receives a subscription request from user 100 (operation 21). In response, the subscription request is processed by delivery address service 106, resulting in an exchange of relevant information between purchaser 100 and delivery address service 106. In particular, a mailing address 225 of purchaser 100 is provided to, and received by delivery address service 106. Typically, mailing address 225 of purchaser 100 is the address information that purchaser 100 desires to maintain private, and not wish to disclose to online businesses.
(Engstrom: D47: col. 9, lines 10-21) As for the embodiment of FIG. 5, upon receipt of the order confirmation information (either from purchaser 100 or online business 102), block 530, delivery address service 106 awaits notification from delivery service 108 with respect to its receipt of a request by business 102 to deliver purchased goods 210, block 532, in support of the embodiment of FIG. 3. As shown, eventually, delivery address service 106 is notified of the request to deliver purchased goods 210. In response, delivery address service 106 determines the identity and the mailing address of purchaser 100, and provides the information to delivery service 108, block 534.
One of ordinary skill in the art before the effective filing date would have recognized that applying the known techniques of Engstrom, which a) withhold the user's preferred delivery address from the external service provider, e.g. online business, involved in the intermediary exchange and b) reveal the user’s preferred delivery address only to the delivery service, would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the techniques of Engstrom to the teachings of Kumar-Cella would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such data processing features into similar systems. Obviousness under 35 USC 103 in view of the Supreme Court decision KSR International Co. vs. Teleflex Inc.
Regarding claims 1 and 19: Rejections are based upon the teachings and rationales applied to claim 12 by Kumar-Cella-Engstrom and further upon the combination of Kumar-Cella-Engstrom regarding system computing elements, see [Kumar: Fig. 6 (602, 604, 606, 620/626); 0068-0071] regarding processor, memory and network interface.
Regarding claim 4: Rejection is based upon the teachings and rationales applied to claim 1 by Kumar-Cella-Engstrom noted above.
Regarding claims 5 and 15: Rejections are based upon the teachings and rationales applied to claim 1 by Kumar-Cella-Engstrom and further upon the combination of Kumar-Cella-Engstrom previously recited:
[Kumar: 0026] The embodiments related herein allow the user to use the trusted identity provider to select which persona to use when interacting with a given service provider. In some embodiments, a user interface may allow the user to select the persona or to create a new persona or modify an existing persona when requesting interaction with a service provider.
Regarding claims 6, 10 and 11: Rejections are based upon the teachings and rationales applied to claim 1 by Kumar-Cella-Engstrom and further upon the teachings, rationales and suggestion of Kumar-Cella-Engstrom.
Given that Kumar-Cella-Engstrom only reveal the user’s real delivery address to the delivery service making a physical delivery to the user’s real delivery address, it would have been obvious to one of ordinary skill in the art before the effective filing date to ascertain the user’s real delivery address remaining unknown to any intermediate entity, e.g. agents, warehouse system/personnel.
Regarding claims 7 and 16: Rejections are based upon the teachings and rationales applied to claim 1 by Kumar-Cella-Engstrom and further upon the teachings, rationales and suggestion of Kumar-Cella-Engstrom.
(Engstrom: D26: col. 5, lines 18-31) In one embodiment, the assignment of a substitute delivery address 220 may also include the assignment of a substitute email address (not shown) for purchaser 100. The substitute email address may designate an email address of delivery address service 106 as the recipient of any electronic communication, and further protect the email address of purchaser 100. The association between the assigned substitute email address and the user's actual email address may in like manner be stored in the earlier described table/view data structure 230. Accordingly, electronic communication such as order confirmation and so forth, between business 102 and purchaser 100 may also be facilitated by delivery address service 106 without revealing the email address of purchaser 100.
Regarding claims 8 and 17: Rejections are based upon the teachings and rationales applied to claims 1 and 12 by Kumar-Cella-Engstrom and further upon the teachings, rationales and suggestions of Kumar-Cella-Engstrom.
[Kumar: 0026] … In other embodiments, the user may link a persona to a service provider so that the persona is automatically selected, or a persona may be automatically selected based on past selection of the persona. The selected persona may then be used to represent the user when interacting with the service provider.
[Kumar: 0079] In this embodiment, the selection module 229 may be configured to automatically select a persona based on the service provider that the user 201 desires to interact with. Since the service provider 250 is a job search service provider, the selection module 229 may automatically select the activity specific persona 226 that is configured as a job search persona as previously described. In other words, since the activity specific persona 226 matches or at least is related to the activity of the service provider (i.e., job search), the selection module 229 may automatically determine that the user 201 would likely want to interact with the service provider using the activity specific persona 226. Of course, there may be more than one persona that matches or is at least related to the specific activity of the service provider. In such case, a UI such as UI 229A may list all the persona that are related to the specific activity of the service provider and allow the user 201 to select which one to use.
Please note: For example, the system would activate the user’s persona linked to a specific online shopping provider as the user transitions from a service provider to the specific purchase site.
Claims 2, 13 and 20 are rejected under 35 USC 103 as being unpatentable over Kumar, US 2021/0168133, Cella, US 2022/0036302, and Engstrom, US 7,240,035, as applied to claim 1, 12 and 19, further in view of Dam et al., US 2017/0366421 “Dam.”
Rejections are based in part upon the teachings and rationales applied to claims 1, 12 and 19 by Kumar-Cella-Engstrom and further upon the combination of Kumar-Cella-Engstrom-Dam. Although Kumar-Cella-Engstrom teach identity management and protection, Kumar-Cella-Engstrom do not expressly mention removing artifacts. Dam on the other hand would have taught Kumar-Cella-Engstrom such techniques.
In Dam see at least:
[Dam: 0108] Security and Privacy for Data Collection by Endpoint Agents
[Dam: 0109] As discussed above, collecting data from end-user devices sets high requirements for privacy and security. As such, in an example implementation, all communication with the NMSP cloud is performed over the HTTPS or another secure protocol and authenticated. For example, the authentication can be performed using a globally unique machineId and authentication token generated by the endpoint agent itself. Also, to protect end-user privacy, HTTP body content and cookies can be removed from the HTTP Archive (HAR) data before leaving the browser memory space (e.g., metadata is retained). Please note: The cookie is in this context an artifact.
One of ordinary skill in the art before the effective filing date would have recognized that applying the known techniques of Dam, which remove artifacts, e.g. cookies, to protect the user’s privacy, would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the techniques of Dam to the teachings of Kumar-Cella-Engstrom would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such data processing features into similar systems. Obviousness under 35 USC 103 in view of the Supreme Court decision KSR International Co. vs. Teleflex Inc.
Claims 3 and 14 are rejected under 35 USC 103 as being unpatentable over Kumar, US 2021/0168133, Cella, US 2022/0036302, and Engstrom, US 7,240,035, as applied to claim 1 and 12, further in view Ashley et al., US 10,320,753.
Rejections are based in part upon the teachings and rationales applied to claims 1 and 12 by Kumar-Cella-Engstrom and further upon the combination of Kumar-Cella-Engstrom-Ashley. Although Kumar-Cella-Engstrom teach changing a user’s personal linked to specific external service providers, Kumar-Cella-Engstrom do not expressly mention automatically changing the user’s persona IP address on each instance of access. Ashley on the other hand would have taught Kumar-Cella-Engstrom such techniques.
In Ashley see at least:
(Ashley: D13: col. 3, lines 9-17) A common solution that is used on the Internet to mask a device's IP address from an Internet server is a VPN service. A VPN provides an encrypted tunnel from the user's device, e.g., mobile or desktop to a VPN server. Most VPN services use standardized protocols, e.g., OpenVPN, IPSec and so on. Also shown is a separate connection made from the VPN server to the Internet 108. Due to the separate connection, the Internet server sees an IP address owned by the VPN provider rather than the original user's IP address.
(Ashley: D15: col. 3, lines 25-31) To the Internet server it therefore appears that the user has an IP address from the location of the VPN service's data center, rather than the user's actual location. Also note that the IP address will most likely change each time the service is invoked as the VPN services carry pools of IP addresses which they regularly take in and out of service (called IP address tumbling).
(Ashley: D16: col. 3, lines 32-40) There is a natural alignment of the use of multiple VPN egress points and IP address tumbling and the need to mask persona network addresses. So that personas can't be correlated together, or correlated with the user's primary identity, or the user's physical location determined, the persona application establishes a connection with a different VPN Server (egress point) as the active persona changes. If a user wishes a persona to appear to be in London, then the egress point is selected as London.
(Ashley: D17: col. 3, lines 41-49) A user that is regularly changing their active personas can't be expected to manually switch between different egress points. Therefore an aspect of the solution is to automate the selection of VPN server (VPN provider egress point) in the persona application based on the active persona. The automation is crucial as the user will forget on occasion to change egress point as they swap from one persona to another, therefore unintentionally allowing tracking of their IP address.
One of ordinary skill in the art before the effective filing date would have recognized that applying the known techniques of Ashley, which automatically change the user’s persona IP address on each instance of access, would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the techniques of Ashley to the teachings of Kumar-Cella-Engstrom would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such data processing features into similar systems. Obviousness under 35 USC 103 in view of the Supreme Court decision KSR International Co. vs. Teleflex Inc.
Claims 9 and 18 are rejected under 35 USC 103 as being unpatentable over Kumar, US 2021/0168133, Cella, US 2022/0036302, and Engstrom, US 7,240,035, as applied to claim 1 and 12, further in view of Greene, US 2004/0225609.
Rejections are based in part upon the teachings and rationales applied to claims 1 and 12 by Kumar-Cella-Engstrom and further upon the combination of Kumar-Cella-Engstrom-Greene. Although Kumar-Cella-Engstrom teach transferring funds (see Cella), Kumar-Cella-Engstrom do not expressly mention requesting the user to transfer funds due to insufficient funds. Greene on the other hand would have taught Kumar-Cella-Engstrom such techniques.
In Greene see at least:
[Greene: 0054] At step 412, once one or more bills have been selected for payment, the user may select the "pay bill" button 1118. The one or more bills will be paid out of the default account unless another account was selected by the user. At step 414, if there are insufficient funds in the account from which funds are to be withdrawn, then, at step 416, the user is prompted to provide an alternate account to transfer funds to the account having insufficient funds. The prompt may be as shown in FIG. 10b, indicating that there is an error (i.e., insufficient funds) and prompting the user to complete the transfer of funds before proceeding. At step 418, the user follows the prompts by providing an alternate account or transfers finds to the account having insufficient funds.
One of ordinary skill in the art before the effective filing date would have recognized that applying the known techniques of Greene, which prompt the user to provide an alternate account to transfer funds to the account having insufficient funds, would have yielded predictable results and resulted in an improved system. It would have been recognized that applying the techniques of Green to the teachings of Kumar-Cella-Engstrom would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such data processing features into similar systems. Obviousness under 35 USC 103 in view of the Supreme Court decision KSR International Co. vs. Teleflex Inc.
Pertinent Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 2012/0167234 (Donfried et al.) “Persona-Based Identity Management System,” discloses:
[0015] Personal data collection and access system 110 may include one or more devices (e.g., server devices) that interact with user device 120 to register a user associated with user device 120 and to receive personal information, associated with that user. For example, personal data collection and access system 110 may receive identifying information from user device 120, authenticate user device 120 based on the identifying information, receive additional data from user device 120, and provide credentials to user device 120, once it is authenticated. As further described below, personal data collection and access system 110 may further organize the data received from user device 120 into multiple personas 111, with each of the personas 111 being available to a particular classification of data requesting devices 130.
[0061] Consumer persona 600b may be shared, by data access interface component 340, with data requesters that are classified, for example, as vendors. Core attributes included in the consumer persona 600b may include, for example, the user's address and payment information. It should be appreciated, however, that sub-personas may be generated as needed by the registered users and data requesters. For example, a user may be associated with multiple consumer personas, such as a mail-order consumer persona to receive products to the user's home, a business consumer persona to receive products to the user's workplace, and a personal services persona to receive services at an appropriate location. Similarly, a sub-persona may be associated with a particular vender such that personal information required for transaction with that vendor may be included in the persona and available for access by the vender. For example, a car rental company may require personal information (e.g., driver's license number, insurance policy number, age, etc.) that may not be needed by other types of vendors. To meet the specific needs, a vender may provide information to the personal data collection and access system 110 to define a sub-persona that contains specific information.
[0032] Examples of fields in a database storing the user's personal information are described below with reference to FIG. 4A. As depicted in FIG. 4A, data collection interface component 320 may store one or more personal data record entries 401 (referred to herein collectively as "personal data record entries 401" and individually as "personal data record entry 401"). In one implementation, personal data record entries 401 may be implemented in a storage device included as part of memory 230. It should be appreciated, however, that in other implementations, personal data record entries 401 may be stored in a memory associated with another device or a group of devices, separate from or including memory 230. As shown in FIG. 4A, personal data record entries 401 may include user identification (ID) field 410, user data field 420, and persona type field 430.
US 2013/0298187 (Black et al.) “Managing Virtual Identities,” discloses:
[0004] Disclosed is a method for managing virtual identities comprising providing a list of available personas associated with an authenticated user on a workspace, each available persona comprises policy information and configuration information, receiving a selection of a persona selected from the list of available personas and providing the policy information and configuration information to a security enforcement point for a program for the selected persona.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT M POND whose telephone number is (571)272-6760. The examiner can normally be reached M-F, 8:30 AM-6:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Smith can be reached at 571-272-6763. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ROBERT M POND/Primary Examiner, Art Unit 3688 October 14, 2025