Office Action Predictor
Last updated: April 15, 2026
Application No. 18/367,176

INTERMEDIARY-ENHANCED GRANULAR CONSENT MANAGEMENT

Final Rejection §101
Filed
Sep 12, 2023
Examiner
KHATRI, NILESH B
Art Unit
3699
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Symcor INC.
OA Round
2 (Final)
58%
Grant Probability
Moderate
3-4
OA Rounds
3y 3m
To Grant
75%
With Interview

Examiner Intelligence

Grants 58% of resolved cases
58%
Career Allow Rate
99 granted / 170 resolved
+6.2% vs TC avg
Strong +16% interview lift
Without
With
+16.5%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
28 currently pending
Career history
198
Total Applications
across all art units

Statute-Specific Performance

§101
30.4%
-9.6% vs TC avg
§103
39.7%
-0.3% vs TC avg
§102
6.2%
-33.8% vs TC avg
§112
16.0%
-24.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 170 resolved cases

Office Action

§101
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims This communication is responsive to the submission filed September 26, 2025. Claims 1 and 13 are amended. Claims 1-15 are pending. Response to Remarks 35 U.S.C. § 101 Applicant contends that the claims are directed towards patent eligible subject matter. Specifically, the functioning of the computer performing the claimed functions is improved by performing the claimed functions. Examiner respectfully disagrees. Examiners evaluate integration into a practical application by: (1) identifying whether there are any additional elements recited in the claim beyond the judicial exception(s); and (2) evaluating those additional elements individually and in combination to determine whether they integrate the exception into a practical application. See MPEP 2106.04(d)(II). Here, however, the claimed functions recite abstract ideas rather than additional elements that may serve to recite a practical application of the abstract ideas. For example, obtaining a first set of granular consents to access data and then expanding the first set of consents are examples of managing relationships between the data recipient and the data provider, i.e., the types of data the data recipient is allowed to access. In other words, they are not additional elements that could serve as a basis to recite a practical application of the abstract ideas. Therefore, Applicant’s contention that the claims are directed towards patent eligible subject matter is unpersuasive. Accordingly, this ground of rejection is maintained. 35 U.S.C. §§ 102/103 Applicant’s arguments, see pp. 7-13, filed September 26, 2025, with respect to claims 1-15 have been fully considered and are persuasive. The rejection of May 28, 2025, has been withdrawn. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to abstract ideas without significantly more. There are two criteria for subject matter eligibility. The first is that the claimed invention must be to one of the four statutory categories, i.e., a process, machine, manufacture, or composition of matter. See MPEP 2106(I). Second, the claimed invention also must qualify as patent-eligible subject matter, i.e., the claim must not be directed to a judicial exception unless the claim as a whole includes additional limitations amounting to significantly more than the exception. See MPEP 2106(I). Here, claims 1-15 are directed towards a process. Therefore, the analysis proceeds to determine whether the claims recite abstract ideas. Per Claim 1: Claim 1, as a whole, is directed towards the abstract idea of managing consent for data dissemination. In particular, the claim recites receiving, at a data access entity from a data receiver, a first request for user account details, the request including a first token issued to the data receiver. Then, the claim transmits, from the data access entity to a data provider, a second request for the user account details, the second request including a second token issued to the data access entity. The process then obtains a first set of granular consents to data from the data provider. The first set of consents are supported by existing data of the data provider. The claim then expands the first set of granular consents to a second set of granular consents. The second set of granular consents is not supported by data of the data provider. In other words, the claim recites Certain Methods of Organizing Human Activities recognized as reciting abstract ideas. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). receiving, at a data access platform from a data receiver, a first request for user account details, the first request including a first token that has been issued to the data receiver by the data access platform; transmitting, from the data access platform to a data provider, a second request for user account details, the second request including a second token that has been issued to the data access platform by the data provider; obtaining, by a consent management module executed at the data access platform, a first set of granular consents to data from the data provider, where the first set of granular consents are supported by existing data feeds of the data provider; and expanding, by the consent management module, the first set of granular consents to a second set of granular consents to the data, wherein the second set of granular consents are not supported by the existing data feeds of the data provider. Because the claim recites abstract ideas, the analysis proceeds to determine whether the claim recites additional elements that recite a practical application of the abstract ideas. According to MPEP 2106.04(d), additional elements that recite an instruction to apply the abstract ideas using a computer, that recite insignificant extra-solution activities, or that generally link the use of the abstract ideas to a particular technological environment or field of use are not indicative of a practical application. Here, the additional elements of a data access platform and a consent management module are computer tools that are used to implement the abstract ideas. In other words, they amount to instructions to apply the abstract ideas using computers. Therefore, the claim as a whole fails to recite a practical application of the abstract ideas. The analysis then proceeds to determine whether the additional elements, when considered individually and in combination, recite significantly more than the abstract ideas. According to MPEP 2106.05, additional elements that recite an instruction to apply the abstract ideas using a computer, that recite insignificant extra-solution activities, that generally link the use of the abstract ideas to a particular technological environment or field of use, or that recite well-understood, routine, and conventional activities are not indicative of reciting significantly more than the abstract ideas. Claim elements previously considered to recite insignificant extra-solution activities are reevaluated at this step to determine whether they recite well-understood, routine, and conventional activities. Such findings must be supported by the evidentiary requirements set forth in the Berkheimer Memo. Here, the additional elements of a data access platform and a consent management module are computer tools that are used to implement the abstract ideas. In other words, they amount to instructions to apply the abstract ideas using computers. Therefore, the additional claim elements, when considered individually and in combination, fail to recite significantly more than the abstract ideas. Accordingly, claim 1 is rejected as being directed towards patent ineligible subject matter. Per Claim 15: Claim 15, as a whole, is directed towards the abstract idea of managing consent for data dissemination. More specifically, the claim recites registering data recipients and banking data providers. The claim then receives, from the data recipient, a request for access to banking data for a user at a banking data provider. The method then confirms an identity for the user. The process obtains a first set of consents from the banking data provider and expands the set of consents to a second set of consents. In other words, the claim recites Certain Methods of Organizing Human Activities recognized as reciting abstract ideas. More specifically, the following underlined claim elements recite abstract ideas while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a). registering, by a data access platform, one or more open banking data recipients and one or more open banking data providers; receiving, from a first open banking data recipient among the one or more open banking data recipients, a request for access to open banking data for a given user at a first open banking data provider among the one or more open banking data providers; confirming, at the data access platform, an identity for the given user to, thereby, ensure that: the given user is entitled to access the open banking data for the given user at the first open banking data provider; and the open banking data recipient is entitled to access the open banking data for the given user at the first open banking data provider; obtaining, by the data access platform, a first set of granular consents from the first open banking data provider, where the first set of granular consents are supported by existing data feeds of the first open banking data provider; and expanding, by the data access platform, the first set of granular consents to a second set of granular consents that are not supported by the existing data feeds of the first open banking data provider, thereby enabling the open banking data recipient to present, to the given user, the second set of granular consents. The additional element of the platform is an instruction to apply the abstract ideas using a computer. Therefore, it fails to recite either a practical application of the abstract ideas or significantly more than the abstract ideas. Accordingly, claim 15 is rejected as being directed towards patent ineligible subject matter. Per Claims 2-14: Claims 2-14 have also been analyzed for subject matter eligibility. However, these claims also fail to recite patent eligible subject matter for the following reasons: Claim 2 recites the abstract idea of receiving a request to register and communicating with the data provider to register the data recipient, which is a Certain Method of Organizing Human Activities. Claim 3 recites the abstract idea of determining an identity provider to associate with the first request and registering the data recipient with the identity provider, which is a Certain Method of Organizing Human Activities. Claim 4 recites the abstract idea of receiving, from a data recipient, a request, editing the request to change the scope of the request, and transmitting, to the data provider, the edited request, which is a Certain Method of Organizing Huma Activities. Claim 5 recites the abstract idea of determining an identity provider to associate with the request and including, in the edited request, an indication of the identity provider, which is a Certain Method of Organizing Human Activities. Claim 6 recites the abstract idea of receiving, from the data provider, the second token, which is a Certain Method of Organizing Human Activities. Claim 7 recites the abstract idea of receiving, from the data recipient, consent regarding account details and issuing the first token to the data recipient, which is a Certain Method of Organizing Human Activities. Claim 8 recites the abstract idea of generally encrypting the first token, which is a Mental Process. Claim 9 recites the abstract idea that the encrypting is done with an encryption key, which is a Mental Process. Claim 10 recites the abstract idea of receiving, from the data provider, user account details and transmitting, to the data recipient, a subset of user account details, which is a Certain Method of Organizing Human Activities. Claim 11 recites the abstract idea of generally encrypting the transmitted user account details, which is a Mental Process. Claim 12 recites the abstract idea that the encrypting is done with an encryption key, which is a Mental Process. Claim 13 recites the abstract idea of verifying the first request, which is a Mental Process and Certain Method of Organizing Human Activities. Claim 14 recites the abstract idea of converting a first mechanism in the first request to a second mechanism for a second request, which is a Mental Process and Certain Methods of Organizing Human Activities. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. U.S. Patent Pub. No. 2022/0108305 discloses a computer system includes a database, a communication interface, and a processor. The processor is programmed to receive a request message from an issuer computing device. The consent message includes a client ID and encrypted transaction card details for a transaction card account. The processor is also programmed to decrypt transaction card details. The processor is also programmed to match the client ID to the transaction card details using a BIN mapping table stored in the database. Based on the mapping, the processor generates an issuer access token. The issuer access token is associated with the transaction card account. The processor stores the issuer access token in the database and transmits the token to the issuer computing device. U.S. Patent Pub. No. 2022/0300972 discloses a server includes a consent repository and a consent management interface. The consent repository is configured to store data and one or more existing consent receipts. A method performed by the server includes receiving a customer ID that corresponds to a customer. The customer ID is matched to a universal ID stored on the server. Financial account data associated with a financial account of the customer is retrieved from a financial institution associated with the customer. Furthermore, a consent request data submission is received from an external computing device. The consent request data submission includes one or more data access consents. In addition, a consent request is transmitted to the consent management interface. The consent request includes the one or more data access consents. Additionally, the consent request is digitally signed by the server and stored in the consent repository as a new consent receipt. U.S. Patent No. 8,474,012 discloses a consent management system is described which manages an entity's consent to consume application functionality on a per-feature level of granularity. To perform this task, the consent management system maintains consent information which describes a plurality of use conditions associated with the features of the application functionality. In one case, the consent information has a hierarchical data structure that identifies a hierarchy of application features. In operation, the consent management system accesses the content information whenever an entity seeks to access a particular application feature; it grants or denies access to the feature based on the consent information. The consent management system also includes a consent maintenance module that allows an administrator (or other entity) to cancel or modify any use condition in the consent information. U.S. Patent No. 9,621,357 discloses a system and method for managing consent for an enterprise to, for example, provide access to controlled data to another enterprise wherein the controlled data can be in the form of subject data records. The system includes a consent management module operative to associate a plurality of control levels with a subject data record and process a consent request requesting access to the controlled data. Access is determined based on the control levels associated with a subject of the controlled data, a requesting operator, and/or the controlled data itself, A control level data set comprising the control levels for use in controlling access to the controlled data and/or subject data records is stored in a database. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to NILESH B KHATRI whose telephone number is (571)270-7083. The examiner can normally be reached 8:30 AM - 5:30 PM Monday-Friday, alternating Fridays off. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NILESH B KHATRI/Primary Examiner, Art Unit 3699
Read full office action

Prosecution Timeline

Sep 12, 2023
Application Filed
May 22, 2025
Non-Final Rejection — §101
Sep 26, 2025
Response Filed
Dec 09, 2025
Final Rejection — §101
Apr 10, 2026
Notice of Allowance
Apr 10, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12597003
Coordination and Management of Digital Asset Endorsements
2y 5m to grant Granted Apr 07, 2026
Patent 12591870
SECURE PROCESSING OF CENTRAL BANK DIGITAL CURRENCY (CBDC) CARD PAYMENTS
2y 5m to grant Granted Mar 31, 2026
Patent 12591877
INTELLIGENT CARD UNLOCK
2y 5m to grant Granted Mar 31, 2026
Patent 12586047
SYSTEM AND METHOD FOR GENERATING DATA TRANSFER RECOMMENDATIONS
2y 5m to grant Granted Mar 24, 2026
Patent 12548001
SYSTEM FOR BLOCKCHAIN-BASED SHARE SUBSTANTIAL TRADE FOR OWNER UNSPECIFIED COMMON ASSET AND METHOD THEREFOR
2y 5m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
58%
Grant Probability
75%
With Interview (+16.5%)
3y 3m
Median Time to Grant
Moderate
PTA Risk
Based on 170 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month