COMPOSITE EVENT SIGNATURE ANALYSIS

§101 §103

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is in response to the Applicant’s Amendment filed November 26, 2025. Claims 1-20 are pending and under examination in this case. Claims 1-4, 9-13, and 17-20 are currently amended. Response to Arguments Applicant's arguments filed November 26, 2025, have been fully considered but they are not persuasive. Applicant argues, regarding the claims, as currently amended, that the claims recite statutory subject matter. Specifically, Applicant argues that given the newly-added language “sending a message over a network to one or more computing devices to thereby cause the one or more computing devices to perform a first mitigation action”, the claim does not recite an abstract idea especially in view of McRO, Inc. v. Bandai Namco Games America Inc., 837 F. 3d 1299 (2016). Examiner respectfully disagrees. We find that the claims are not in any way similar to McRo as the claims do not make any technological improvement to any algorithm in performing improvement to animation techniques. Clearly this is simply a gratuitous citation to a case that was held as eligible when the facts clearly argue against any kind of McRo improvement. The claims in the instant case are clearly directed to grouping transactions and customers according to risk of fraud which is an abstract idea. Applicant further argues Example 45 for subject matter eligibility with respect of a technical improvement. Examiner respectfully disagrees. We find that the claims are not in any way similar to the claims in Example 45, which discloses a controller for an injection molding apparatus. The claims in the instant case are clearly directed to grouping transactions and customers according to risk of fraud and do not recite a technical improvement. Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests establishing a first composite event signature for the customer by combining the transaction category identifier with the demographic category identifier. Examiner respectfully disagrees. Attention is directed to Keithly at par 35 “the rules 28 and the denial rule set 26 are typically applied to data fields 24 populated with demographic data”. Further, Russell discloses at par 17 “signature-based . . . transactions”, It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests determining a first transaction category identifier based on data for a first financial transaction initiated by a customer. Examiner respectfully disagrees. Attention is directed to Keithly at par 34 “The transaction data set 22 typically includes multiple data fields 24 that completely describe the transaction, the consumer 12, the entity 14 (such as a merchant) and similar factors. For example, the data fields 24 may reflect certain demographic data of the consumer 12 for use in connection with the denial rule set 26. Any number of data fields 24 are envisioned, for example, the data fields 24 may be populated with data reflecting a consumer's name, an account number, an address, a city, a state, a zip code, a country, a telephone number, an e-mail address, a social security number, a date of birth, the merchant's name, an identification, an order number, an authorization number, an authorization time, an authorization amount, a ship-to address, a bill-to address, a transaction amount, a consumer purchase demographic, a transaction date, a transaction type, a product identification, a service identification, shipping costs, delivery type, customer type, a company identity, a merchant identity, a third-party risk score, risk data, authentication data, verification data, consumer rating data, profitability data, credit risk data, fraud risk data, transaction risk data, denial data, processing data, a general credit risk score, a credit bureau risk score, a prior approval, prior report data, previous transaction data, a geographical risk factor, credit account data, bankcard balance data, delinquency data, credit segment data, time between transactions data, previous transaction amount, previous transaction approval status, previous transaction time stamp data, a response code, active trades in database, public record data, trade line data, transaction medium, credit segment data, consumer payment type, consumer payment method, consumer payment history, consumer account history, consumer credit account balance, merchant history, private label entity data, affiliated private label entity, etc.” Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests determining a demographic category identifier based on a set of demographic data associated with the customer. Examiner respectfully disagrees. Attention is directed to Keithly at par 34 “The transaction data set 22 typically includes multiple data fields 24 that completely describe the transaction, the consumer 12, the entity 14 (such as a merchant) and similar factors. For example, the data fields 24 may reflect certain demographic data of the consumer 12 for use in connection with the denial rule set 26. Any number of data fields 24 are envisioned, for example, the data fields 24 may be populated with data reflecting a consumer's name, an account number, an address, a city, a state, a zip code, a country, a telephone number, an e-mail address, a social security number, a date of birth . . . “ Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests determining a first risk level associated with the first profile group based on a number of historical fraud events associated with the customers assigned to the first profile group. Examiner respectfully disagrees. Attention is directed to Russell at par 23 “The FEWS online interface 117 also populates the historical /statistical database 111 with data from the real time wire transfers 115 and online transactions 116. Risk parameters from the FEWS risk parameters 119 (see above) are also supplied to the FEWS online interface 117. The fraud engine/display 104 then determines, for example, whether a particular customer sent wires out before, has the customer sent wires to the particular address before, and/or has the customer gone on record as saying that these are wires that he/she will make”. Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests assigning the customer to a first profile group of customers having the first composite event signature. Examiner respectfully disagrees. Attention is directed to Russell at par 31 “interface 404 may associate the data 401 with data from a historical/statistical database 406. The historical/statistical database 406 may be populated with demographic changes and financial history 407, such as address changes, financial investigations conducted, etc. Risk parameters 405 are supplied to the interface 404. Further, the interface 404 may also populate the historical/statistical database 406. The fraud engine 408 identifies and/or categorizes transactions that may be suspicious or otherwise should receive attention. An alerts database 409 is operatively coupled to the fraud engine 408 and is able to store details regarding prior transactions, as well as, details regarding possible future fraudulent activity that can be accessed by the fraud engine”. It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Applicant argues, regarding claims 1, 10, and 18, as currently amended, that nothing in the cited references teaches, discloses, or suggests when the first risk level associated with the first profile group exceeds a first threshold, sending a message over a network to one or more computing devices to thereby cause the one or more computing devices to perform a first mitigation action with respect to the first financial transaction. Examiner respectfully disagrees. Attention is directed to Russell at par 18 “ transaction data may be sent directly from feed normalizer 102 to the Fraud Early Warning System (FEWS) batch interface 103. In another embodiment, rather than sending the data directly to the FEWS batch interface 103, the data is first sent to a feed enhancer 114 (further described below) before being sent to the FEWS batch interface 103. At the FEWS batch interface 103, risk parameters for the machine-driven transactions stored in a FEWS risk parameters database 119 and are associated with the transaction data such that the FEWS fraud engine/display 104 can, for example, place individual transactions in queues based on a weighted risk basis or otherwise identify and/or categorize transactions that deserve attention. For example, if there is a particularly suspicious transaction, that data will be placed in a high priority queue for immediate review, for example by a human analyst”; also par 28 “transactional data 201 is received by the system 200 from, for example, an ATM. The transactional data 201 may be fed to a normalizer 202. The data is then fed to an interface 203 where risk parameters 204 are associated with the transactional data 201. A fraud engine 205 then identifies and/or categorizes transactions that may be suspicious or otherwise should receive attention. An alerts database 206 is operatively coupled to the fraud engine 205 and is able to store details regarding prior transactions, as well as, details regarding possible future fraudulent activity that can be accessed by the fraud engine 205. The system 200 may also provide an interface 207 for hot keying to a customer application”. Applicant argues, regarding claims 2, 11, and 19, as currently amended, that nothing in the cited references teaches, discloses, or suggests re-assigning the customer from the first profile group to a second profile group of customers having the second composite event signature; determining a second risk level associated with the second profile group based on a number of historical fraud events associated with the customers assigned to the second profile group; and when the second risk level associated with the second profile group exceeds the first risk level associated with the first profile group by at least a second threshold indicative of a risk escalation for the customer, sending a message over the network to the one or more computing devices to thereby cause the one or more computing devices to perform a second mitigation action with respect to the second financial transaction. Examiner respectfully disagrees. Russell discloses, as Keithley does not, and in a similar field of endeavor, re-assigning the customer from the first profile group to a second profile group of customers having the second composite event signature; see par 31 “associate the data 401 with data from a historical/statistical database 406. The historical/statistical database 406 may be populated with demographic changes and financial history 407, such as address changes, financial investigations conducted, etc. Risk parameters 405 are supplied to the interface 404. Further, the interface 404 may also populate the historical/statistical database 406. The fraud engine 408 identifies and/or categorizes transactions that may be suspicious or otherwise should receive attention. An alerts database 409 is operatively coupled to the fraud engine 408 and is able to store details regarding prior transactions, as well as, details regarding possible future fraudulent activity that can be accessed by the fraud engine 408.” determining a second risk level associated with the second profile group based on a number of historical fraud events associated with the customers assigned to the second profile group; par 23 “FEWS online interface 117 takes the real time wire transfer data 115 and online transaction data 116 and associates that data to the data from the historical/statistical database 111 (see above). The FEWS online interface 117 also populates the historical /statistical database 111 with data from the real time wire transfers 115 and online transactions 116. Risk parameters from the FEWS risk parameters 119 (see above) are also supplied to the FEWS online interface 117. The fraud engine/display 104 then determines, for example, whether a particular customer sent wires out before, has the customer sent wires to the particular address before, and/or has the customer gone on record as saying that these are wires that he/she will make”, and when the second risk level associated with the second profile group exceeds the first risk level associated with the first profile group by at least a second threshold indicative of a risk escalation for the customer, sending a message over the network to the one or more computing devices to thereby cause the one or more computing devices to perform a second mitigation action with respect to the second financial transaction. See par 18 “transaction data may be sent directly from feed normalizer 102 to the Fraud Early Warning System (FEWS) batch interface 103. In another embodiment, rather than sending the data directly to the FEWS batch interface 103, the data is first sent to a feed enhancer 114 (further described below) before being sent to the FEWS batch interface 103. At the FEWS batch interface 103, risk parameters for the machine-driven transactions stored in a FEWS risk parameters database 119 and are associated with the transaction data such that the FEWS fraud engine/display 104 can, for example, place individual transactions in queues based on a weighted risk basis or otherwise identify and/or categorize transactions that deserve attention. For example, if there is a particularly suspicious transaction, that data will be placed in a high priority queue for immediate review, for example by a human analyst. If the transaction is placed on a low priority queue, the transaction may not be reviewed but rather the data may be stored for later review if warranted. A FEWS alerts database 105 is operatively coupled to the FEWS fraud engine/display 104 and is able to store details, for example, regarding prior transactions, as well as, details regarding possible future fraudulent activity that can be accessed by the FEWS fraud engine/display 104”, also par 28 “risk parameters 204 are associated with the transactional data 201. A fraud engine 205 then identifies and/or categorizes transactions that may be suspicious or otherwise should receive attention. An alerts database 206 is operatively coupled to the fraud engine 205 and is able to store details regarding prior transactions, as well as, details regarding possible future fraudulent activity that can be accessed by the fraud engine”. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Regarding claims 1-20 – Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. In the instant case, claims 10-17 are directed to a system, while claims 1-9 are directed to a method, and claims 18-20 are directed to a non-transitory computer-readable medium. Therefore, these claims fall within the four statutory categories of invention. The claims recite grouping transactions and customers according to risk of fraud. Specifically, the claims recite determining a transaction category, determining a demographic category, combining the categories to establish a signature, assigning the customer to a profile group, determining a risk for the profile group, generating a fraud report or alert, which is described a commercial or legal interaction/ transaction and is therefore grouped within the within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See MPEP 2106). Accordingly, the claims recite an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; MPEP 2106). This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106), the additional elements of the claims such as the memory and processor(s), merely use a computer as a tool to perform an abstract idea. Specifically, the memory and processor(s) perform the steps or functions of determining a transaction category, determining a demographic category, combining the categories to establish a signature, assigning the customer to a profile group, determining a risk for the profile group, generating a fraud report or alert. The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106), the additional element(s) of using processor(s) and a memory to perform the steps amounts to no more than using a computer to automate and/or implement the abstract idea of grouping transactions and customers according risk of fraud. As discussed above, taking the claim elements separately, the memory and processor(s) perform the steps or functions of determining a transaction category, determining a demographic category, combining the categories to establish a signature, assigning the customer to a profile group, determining a risk for the profile group, generating a fraud report or alert. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of determining a transaction category, determining a demographic category, combining the categories to establish a signature, assigning the customer to a profile group, determining a risk for the profile group, generating a fraud report or alert Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05 (f) & (h)). Therefore, the claim is not patent eligible. Dependent claims 2-9, 11-17, and 19-20, further describe the abstract idea of grouping transactions and customers according risk of fraud. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Keithley et al (US 2006/0226216) in view of Russell et al (US 2007/0203826). Regarding claims 1, 10 and 18 – Keithley discloses determining a first transaction category identifier based on data for a first financial transaction initiated by a customer; (par 34) determining a demographic category identifier based on a set of demographic data associated with the customer; (par 34) establishing a first composite event signature for the customer by combining the transaction category identifier with the demographic category identifier; (par 35) determining a first risk level associated with the first profile group based on a number of historical fraud events associated with the customers assigned to the first profile group. (par 38, denial data) Russell discloses, as Keithley does not, and in a similar field of endeavor, assigning the customer to a first profile group of customers having the first composite event signature; (par 31) determining a first risk level associated with the first profile group based on a number of historical fraud events associated with the customers assigned to the first profile group; (par 23) and when the first risk level associated with the first profile group exceeds a first threshold, sending a message over a network to one or more computing devices to thereby cause the one or more computing devices to perform a first mitigation action with respect to the first financial transaction. (par 18, 28) It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 2, 11, and 19 – Keithley discloses determining a second transaction category identifier based on data for a second financial transaction initiated by the customer; (par 34, par 38) establishing a second composite event signature for the customer by combining the second transaction category identifier with the demographic category identifier. (par 35) Russell discloses, as Keithley does not, and in a similar field of endeavor, re-assigning the customer from the first profile group to a second profile group of customers having the second composite event signature; (par 31) determining a second risk level associated with the second profile group based on a number of historical fraud events associated with the customers assigned to the second profile group; (par 23) and when the second risk level associated with the second profile group exceeds the first risk level associated with the first profile group by at least a second threshold indicative of a risk escalation for the customer, sending a message over the network to the one or more computing devices to thereby cause the one or more computing devices to perform a second mitigation action with respect to the second financial transaction. (par 18, 28) It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 3, 12, and 20 – Russell discloses wherein sending the message comprises sending the message over the network to one or more of: a mobile device associated with the customer or a computing device associated with a financial institution. (par 18-19, 21). It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 4 and 13 – Russell discloses wherein the first mitigation action comprises generating a first fraud report, and wherein the first fraud report comprises at least one of a textual report, a graphical report, or a displayed report forwarded to one or more of: a mobile device associated with the customer or a computing device associated with a financial institution. (par 18-19, 21). It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 5 and 14 – Keithley discloses wherein the first mitigation action comprises one or more of: not completing the first financial transaction, reversing the first financial transaction, or providing a message, to a mobile device associated with the customer, asking the customer to confirm the transaction. (par 23, 32, 42) Regarding claim 6 - Keithley discloses wherein the second financial transaction occurs after the first financial transaction. (par 34) Regarding claims 7 and 15 - Russell discloses determining the transaction category identifier by determining a channel used to perform the transaction. (par 5) It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 8 and 16 – Russell discloses wherein the channel comprises one or more of an online portal, a store, a phone, or an automated teller machine (ATM). (par17) It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Regarding claims 9 and 17 – Russell discloses determining a false positive probability for determining the first risk level associated with the first profile group. (par 18, 26) It would be obvious to one of ordinary skill in the art to combine Keithley and Russell in order to better monitor for suspicious activities. (Russell, par 1) Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CRISTINA OWEN SHERR whose telephone number is (571)272-6711. The examiner can normally be reached 8:30 - 5:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached at 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Cristina Owen Sherr/Examiner, Art Unit 3697 /JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3697