DETAILED ACTION
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office action is in response to Applicant’s communication filed on October 27, 2025. Amendments to claims 1, 5, 8, 12, and 15 and cancellation of claims 2, 3, 9, 10, 16, and 17 have been entered. Claims 1, 4-8, 11-15 and 18-20 are pending and have been examined. The statement of reasons for the indication of allowable subject matter over prior art was already discussed in the Office action mailed on September 16, 2024 and hence not repeated here. The rejections and response to arguments are stated below.
Claim Rejections - 35 USC § 101
2. 35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
3. Claims 1, 4-8, 11-15 and 18-20 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to an abstract idea without significantly more.
The claim(s) recite(s) a method for detecting anomalous activity, which is considered a judicial exception because it falls under the category of “Certain Methods of organizing human activity” such as fundamental economic practice as well as commercial or legal interactions including agreements as discussed below. This judicial exception is not integrated into a practical application as discussed below. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception as discussed below.
Analysis
Step 1: In the instant case, exemplary claim 1 is directed to a method.
Step 2A – Prong One: The limitations of “A method for detecting anomalous activity, the method comprising:
receiving, by at least one processor, alert statistics associated with at least one anomaly detection strategy configured to identify anomalous activity in transaction records, wherein the transaction records comprise of at least purchase orders and invoices, wherein the alert statistics comprise a number of true positive results and a number of false positive results;
determining, by the at least one processor, for each of the anomaly detection strategies, at least one effectiveness metric based on the alert statistics, wherein the at least one effectiveness metric comprises of a hit rate representative of a rate at which an anomaly detection strategy identifies true positive results and a normalized discounted cumulative gain (NDCG) score representative of ranking quality of the anomaly detection strategy;
determining, by the at least one processor, a weighted score for each of the anomaly detection strategies based on the at least one effectiveness metric, wherein determining the weighted score comprises:
averaging the hit rate and the NDCG score for each anomaly detection strategy; and
normalizing the weighted scores across each of the anomaly detection strategies;
receiving, by the at least one processor, anomalous activity data indicative of one or more activities identified as potentially anomalous by each of the anomaly detection strategies;
determining, by the at least one processor, a portion of the anomalous activity data identified by each of the anomaly detection strategies to be transmitted to an auditor for review based on the weighted score,
wherein the portion of potentially anomalous activities to be transmitted is substantially proportional to the normalized weighted score for each of the anomaly detection strategies, and wherein the anomalous activity data along with each of the anomalous detection strategies used to determine the anomalous activity data is stored in a database to link the anomalous activity data with the corresponding anomaly detection strategies, wherein determining the portion of potentially anomalous activity data comprises selecting a number of results from the database, in order of likelihood of being true positives, wherein the selected number of results are proportional to the normalized weighted score;
transmitting, over an electronic network, the selected number of results from the database to the auditor for review;
automatically updating, by the at least one processor, the alert statistics based on an auditor review data, wherein the auditor review data is associated with the portion of potentially anomalous activities determined by the auditor; and
ranking, by the at least one processor, the anomaly detection strategies based on the weighted score derived from the updated alert statistics” such as fundamental economic practice as well as commercial or legal interactions including agreements.
The step of “method for detecting anomalous activity, …. wherein the portion of potentially anomalous activities to be transmitted is substantially proportional to the weighted score for each of the anomaly detection strategies” is a fundamental economic practice such as mitigating risk by identifying business activity that is abnormal, skirts established business practices, is fraudulent, or the like (See Specification [0002]).
Also, the steps “transmitting, over an electronic network, the selected number of results from the database to the auditor for review; automatically updating, by the at least one processor, the alert statistics based on an auditor review data, wherein the auditor review data is associated with the portion of potentially anomalous activities determined by the auditor; and ranking, by the at least one processor, the anomaly detection strategies based on the weighted score derived from the updated alert statistics” considered collectively as an ordered combination without the italicized portions, is a form of fulfilling agreements. Hence, the steps of the claim, considered collectively as an ordered combination without the italicized portions, covers the abstract category of “Certain Methods of organizing human activity”.
That is, other than, at least one memory having processor-readable instructions, at least one processor, a database and an electronic network, nothing in the claim precludes the steps from being performed as a method of organizing human activity. If the claim limitations, under the broadest reasonable interpretation, covers methods of organizing human activity but for the recitation of generic computer components, then it falls within the “Certain methods of organizing human activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
Step 2A – Prong Two: The judicial exception is not integrated into a practical application. In particular, the claim only recites the additional elements of at least one memory having processor-readable instructions, at least one processor and an electronic network to perform all the steps. A plain reading of Figures 1-2 and 6 and descriptions in at least paragraphs [0002] – [0005], [00105] – [00109] reveals that the at least one processor comprises general processors suitably programmed to execute the claimed steps. The at least one memory having processor-readable instructions is a generic memory suitably programmed with all the provisions of the contract between the parties involved. The database may be a generic database suitably programmed to store the associated information/data. The electronic network may be a generic communication network such as a LAN, WAN or Internet. Hence, the additional elements in the claims are all generic components suitably programmed to perform their respective functions. The additional elements in all the steps are recited at a high-level of generality (i.e., as generic computer components performing generic computer functions) such that it amounts no more than mere instructions to apply the exception using generic computer components. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Hence, claim 1 is directed to an abstract idea.
Step 2B: The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, using the additional elements (identified above) to perform the claimed steps amounts to no more than mere instructions to apply the exception using a generic computer component. The additional elements of the instant underlying process, when taken in combination, together do not offer substantially more than the sum of the functions of the elements when each is taken alone. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Hence, independent claim 1 is not patent eligible. Independent claims 8 and 15 are also not patent eligible based on similar reasoning and rationale.
Dependent claims 4-7, 11-14 and 18-20, when analyzed as a whole are held to be patent ineligible under 35 U.S.C. 101 because the additional recited limitations only refine the abstract idea further.
For instance, in claims 4, 11, and 18, the step “wherein a number of potentially anomalous activities to be reviewed is at least one for each of the anomaly detection strategies” under the broadest reasonable interpretation, further defines the methods of organizing human activity because this step describes an intermediate step of the underlying process.
In claims 5 and 12, the steps “wherein the alert statistics for each of the anomaly detection strategies comprise at least one of: rankings of the results identified by each of the anomaly detection strategies” under the broadest reasonable interpretation, further define the methods of organizing human activity because these steps describe alert statistics used in the intermediate steps of the underlying process.
In claims 6, 13, and 19, the step “further comprising:
receiving, by at least one processor, the auditor review data associated with the portion of potentially anomalous activities transmitted to the auditor” under the broadest reasonable interpretation, further defines the methods of organizing human activity because this step describes an intermediate step of the underlying process.
In claims 7, 14 and 20, the steps “further comprising: determining, by at least one processor, that one of the at least one anomaly detection strategies is an ineffective strategy based on the alert statistics; and replacing, by at least one processor, the ineffective strategy with a new anomaly detection strategy” under the broadest reasonable interpretation, further define methods of organizing human activity because these steps describe the intermediate/final steps of the underlying process.
In all the dependent claims, the judicial exception is not integrated into a practical application because the limitations are recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using generic computer components. Also, the claims do not affect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a computer system itself; the claims do not affect a transformation or reduction of a particular article to a different state or thing; and the claims do not move beyond a general link of the use of an abstract idea to a particular technological environment. In addition, the dependent claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. The additional elements of the instant underlying process, when taken in combination, together do not offer substantially more than the sum of the functions of the elements when each is taken alone. The claims as a whole, do not amount to significantly more than the abstract idea itself. For these reasons, the dependent claims also are not patent eligible.
Response to Arguments
4. In response to Applicants arguments on pages 8-14 of the Applicant’s remarks that the claims are patent-eligible under 35 USC 101 when considered under MPEP 2106, the Examiner respectfully disagrees.
The fact that the claims are Patent-Ineligible when considered under the MPEP 2106 has already been addressed in the rejection and hence not all the details of the rejection are repeated here.
Response to Applicants’ arguments regarding Step 2A – Prong one and Prong two:
The claims recite a method for detecting anomalous activity, which is considered a judicial exception because it falls under the category of “Certain Methods of organizing human activity” such as fundamental economic practice as well as commercial or legal interactions including agreements as discussed in the rejection. The step of “A method for detecting anomalous activity, …. wherein the portion of potentially anomalous activities to be transmitted is substantially proportional to the weighted score for each of the anomaly detection strategies” is a fundamental economic practice such as mitigating risk by identifying business activity that is abnormal, skirts established business practices, is fraudulent, or the like (See Specification [0002]). Also the steps of claim 1 and those recited on pages 8-9 of the remarks such as “receiving, by at least one processor, alert statistics associated with at least one anomaly detection strategy configured to identify anomalous activity in transaction records, wherein the transaction records comprise of at least purchase orders and invoices; …… automatically updating, by the at least one processor, the alert statistics based on an auditor review data, wherein the auditor review data is associated with the portion of potentially anomalous activities determined by the auditor, and ranking, by the at least one processor, the anomaly detection strategies based on the weighted score derived from the updated alert statistics” considered collectively as an ordered combination without the italicized portions, is a form of fulfilling agreements. Hence, the steps of the claim, considered collectively as an ordered combination without the italicized portions, covers the abstract category of “Certain Methods of organizing human activity”. Therefore, the claims recite an abstract idea.
The additional elements, identified in the rejection, are used as tools in their ordinary capacity, to apply the abstract idea. Therefore, the Applicant’s arguments are not persuasive.
According to MPEP 2106, limitations that are indicative of integration into a practical application include:
Improvements to the functioning of a computer, or to any other technology or technical field - see MPEP 2106.05(a)
Applying or using a judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition
Applying the judicial exception with, or by use of, a particular machine - see MPEP 2106.05(b)
Effecting a transformation or reduction of a particular article to a different state or thing - see MPEP 2106.05(c)
Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception - see MPEP 2106.05(e).
In the instant case, the judicial exception is not integrated into a practical application, because none of the above criteria is met. The claims only recite the additional elements of at least one memory having processor-readable instructions, at least one processor and an electronic network to perform all the steps. A plain reading of Figures 1-2 and 6 and descriptions in at least paragraphs [0002] – [0005], [00105] – [00109] reveals that the at least one processor comprises general processors suitably programmed to execute the claimed steps. The at least one memory having processor-readable instructions is a generic memory suitably programmed with all the provisions of the contract between the parties involved. The database may be a generic database suitably programmed to store the associated information/data. The electronic network may be a generic communication network such as a LAN, WAN or Internet. Hence, the additional elements in the claims are all generic components suitably programmed to perform their respective functions. The additional elements in all the steps are recited at a high-level of generality (i.e., as generic computer components performing generic computer functions) such that it amounts no more than mere instructions to apply the exception using generic computer components. Hence, the claims are directed to an abstract idea.
The claimed features including those mentioned on pages 11-12 of the remarks such as “leveraging multiple anomaly detection strategies and continuously adjusting their use based on effectiveness metrics, ensuring that the most relevant anomalies are flagged for review. The claimed subject matter of claim 1 uses statistical metrics such as true positive counts, false positive counts, hit rate values, and normalized discounted cumulative gain (NDCG) scores to dynamically evaluate the effectiveness of anomaly detection strategies, and then applies proportional allocation logic to select and transmit only a targeted subset of anomalous activity data for auditor review. The claimed method's ability to automatically refine and adapt its approach based on real-time feedback from human auditors provides a technical solution to the challenge of efficiently managing large datasets and identifying critical anomalies” may be characterized as an improvement in the abstract idea of a method for detecting anomalous activity, using the additional elements as tools in their ordinary capacity, to apply the abstract idea. An improvement in abstract idea is still abstract (SAP America v. Investpic *2-3 (“We may assume that the techniques claimed are “groundbreaking, innovative, or even brilliant,” but that is not enough for eligibility. Association for Molecular Pathology v. Myriad Genetics, Inc., 569 U.S. 576, 591 (2013); accord buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1352 (Fed. Cir. 2014). Nor is it enough for subject-matter eligibility that claimed techniques be novel and nonobvious in light of prior art, passing muster under 35 U.S.C. §§ 102 and 103. See Mayo Collaborative Servs. v. Prometheus Labs., Inc., 566 U.S. 66, 89–90 (2012); Synopsys, Inc. v. Mentor Graphics Corp., 839 F.3d 1138, 1151 (Fed. Cir. 2016) (“A claim for a new abstract idea is still an abstract idea). The additional elements (identified in the rejection) are generic computer components, used as tools in their ordinary capacity, to apply the abstract idea. It does not involve any improvements to another technology, technical field, or improvements to the functioning of the computer itself. Therefore, the Applicants’ arguments are not persuasive.
Response to Applicants’ arguments regarding Step 2B:
As discussed in the rejection, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, using the additional elements (identified in the rejection) to perform the claimed steps, amount to no more than mere instructions to apply the exception using a generic computer component. The additional elements of the instant underlying process, when taken in combination, together do not offer substantially more than the sum of the functions of the elements when each is taken alone. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Hence, the claims are not patent eligible.
There is no mention of any “specialized computing resources” anywhere in the claims or the specification. The Specification mentions that the steps may be performed by a general-purpose processor that is suitably programmed to perform the associate functions. Calculating metrics such as hit rates and false positive rates are well known techniques in the field of statistical analysis. The Applicants are merely using these well-known techniques as tools to apply the abstract idea of detecting anomalous activity. Analyzing transaction records, applying statistical models, and prioritizing and transmitting potentially anomalous data to human auditors (in real time) are well known manual processes. However, automating a manual process is insufficient to render a claim patent-eligible. See, e.g., Tranxition, Inc.v. Lenovo (U.S.) Inc., 664 F. App’x 968, 971 (Fed. Cir. 2016). Also, See Bancorp Servs., L.L.C. v. Sun Life Assurance Co. of Can. (U.S.), 687 F.3d 1266, 1278 (Fed. Cir. 2012) (“[T]he fact that the required calculations could be performed more efficiently via a computer does not materially alter the patent eligibility of the claimed subject matter.”); OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363 (Fed. Cir. 2015) (relying on a computer to perform routine tasks more quickly or more accurately is insufficient to render a claims patent-eligible).
The alleged advantages that Applicants tout, such as “automating the anomaly detection process, dynamically adjusting detection strategies based on real-time performance metrics ….. receiving alert statistics that explicitly include both true positive and false positive results for each anomaly detection strategy, enabling it to compute effectiveness metrics comprising a hit rate and a normalized discounted cumulative gain (NDCG) score …. dynamically generating weighted scores by averaging and normalizing these effectiveness metrics across strategies….. ensuring that high-performing strategies are emphasized and low-performing strategies are de-emphasized, resulting in a more accurate and resource-efficient allocation of anomalies for auditor review …. determining portions of this anomalous activity data to transmit to auditors by selecting a number of results directly from the database, in strict proportion to the normalized weighted scores, and ordering them according to their likelihood of being true positives ….. reducing bandwidth consumption, avoids unnecessary duplication of false positives, and ensures that auditor resources are applied to the most promising anomalies, thereby improving throughput and accuracy of enterprise compliance systems …. recalculating effectiveness metrics, adjusting weighted scores, and re-ranking anomaly detection strategies in real time …. providing a self-learning anomaly detection engine that continuously optimizes its precision, ensuring that the claimed subject matter evolves as transactional patterns and fraud techniques change …. reducing computational and network overhead, improving the ranking and prioritization of anomalies, and dynamically adapting detection strategies based on live feedback, thereby enhancing scalability and responsiveness in enterprise-scale environments” do not concern an improvement in computer capabilities but instead relate to an improvement in the abstract idea. Therefore, the Applicant’s arguments are not persuasive.
Functions such as “receiving, determining, averaging, normalizing, determining, transmitting, monitoring, updating, and ranking” are conventional functions of a computer system. Calculating metrics such as hit rates and false positive rates are well known techniques in the field of statistical analysis. Storing data in a database for efficient linking and retrieval, ensuring that the relationships between anomalous activities and detection strategies are maintained accurately are normal functions of a computer and the associated database. The Applicants are merely using these well-known techniques as tools to apply the abstract idea of detecting anomalous activity. Analyzing transaction records in a structured database, applying statistical models, and prioritizing and transmitting potentially anomalous data to human auditors (in real time) are well known manual processes. However, automating a manual process is insufficient to render a claim patent-eligible. See, e.g., Tranxition, Inc.v. Lenovo (U.S.) Inc., 664 F. App’x 968, 971 (Fed. Cir. 2016). Also, See Bancorp Servs., L.L.C. v. Sun Life Assurance Co. of Can. (U.S.), 687 F.3d 1266, 1278 (Fed. Cir. 2012) (“[T]he fact that the required calculations could be performed more efficiently via a computer does not materially alter the patent eligibility of the claimed subject matter.”); OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363 (Fed. Cir. 2015). By relying on a computer to perform routine tasks more quickly or more accurately is insufficient to render a claim patent eligible (See Alice, 134 S. Ct. at 2359 (use of a computer to create electronic records, track multiple transactions, and issue simultaneous instructions” is not an inventive concept). The Applicant’s claims do not recite sufficient subject matter to take them from being in the realm of what is encompassed as an abstract idea into patentable subject matter and fail to add significantly more to “transform” the nature of the claims. Hence, the claims do not recite significantly more than an abstract idea. In Summary, the computer system is merely a platform on which the abstract idea is implemented. Therefore, the Applicant’s arguments are not persuasive.
For these reasons and those discussed in the rejection, the rejections under 35 USC § 101 are maintained.
Conclusion
5. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
(a) Roundy; Kevin et al. (US Patent 12034764 B1) discloses a computer-implemented method for detecting malware based on anomalous cross-customer financial transactions may include (i) detecting, using a machine-learning algorithm, a set of anomalies associated with fraudulent financial transactions for source user accounts in a group of customer financial accounts, (ii) identifying, based on customer transaction metadata associated with a group of target user accounts in the customer financial accounts, a cluster of financial transactions having anomaly instances in common with the set of anomalies, (iii) linking each of the customer financial accounts having the common anomaly instances in the cluster of financial transactions with a corresponding customer threat protection account to discover a user device identification, (iv) determining that artifacts appearing on a group of user devices are associated with a potential malware attack, and (v) performing a security action that protects against the potential malware attack. Various other methods, systems, and computer-readable media are also disclosed.
(b) Vanga; Siva Surya Teja et al. (US Pub. 20200334680 A1) discloses techniques relating to detecting anomalous transactions using machine learning. For example, in various embodiments, an anomaly detection computer system may access an input dataset that includes data indicative of transactions submitted to a transaction network for both a first entity and by a plurality of other entities. The computer system may parse this input dataset and, based on a set of data feature definitions, determine a training dataset. The computer system may then train an autoencoder machine learning model based on the training dataset such that, once trained, the autoencoder is operable to detect one or more anomalous transactions submitted for the first entity to the transaction network during a specified time period.
6. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Narayanswamy Subramanian whose telephone number is (571) 272-6751. The examiner can normally be reached Monday-Friday from 9:00 AM to 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Abhishek Vyas can be reached at (571) 270-1836. The fax number for Formal or Official faxes and Draft to the Patent Office is (571) 273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Narayanswamy Subramanian/
Primary Examiner
Art Unit 3691
February 13, 2026