Prosecution Insights
Last updated: May 04, 2026
Application No. 18/400,060

METHOD FOR DETECTING ANOMALIES IN GROUPS OF USER VERIFICATION REQUESTS

Non-Final OA §102§103§112§DP
Filed
Dec 29, 2023
Examiner
DOLLY, KENDALL LYNN
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Raritex Trade Ltd.
OA Round
1 (Non-Final)
88%
Grant Probability
Favorable
1-2
OA Rounds
0m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 88% — above average
88%
Career Allowance Rate
490 granted / 560 resolved
+29.5% vs TC avg
Strong +22% interview lift
Without
With
+22.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 4m
Avg Prosecution
9 currently pending
Career history
569
Total Applications
across all art units

Statute-Specific Performance

§101
19.4%
-20.6% vs TC avg
§103
39.5%
-0.5% vs TC avg
§102
7.6%
-32.4% vs TC avg
§112
17.7%
-22.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 560 resolved cases

Office Action

§102 §103 §112 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Claim Objections Claim 6 and 14 are objected to because of the following informalities: the claims recite “device ip address” without first defining the acronym “ip” within the claim language . The applicant should first introduce an acronym into the language as its complete meaning (i.e. “the device Internet Protocol (IP) address.” Appropriate correction is required. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg , 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman , 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi , 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum , 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel , 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington , 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA/25, or PTO/AIA/26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto- processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer . Claim 1-16 are rejected on the ground of nonstatutory double patenting a s being unpatentable over claim 1-20 of U.S. Patent No. 12,255,911 . Although the claims at issue are not identical, they are not patentably distinct from each other because they are both drawn to the detection of anomalies in groups of user verification requests. See for example an illustrative embodiment of independent claims 1 in both the instant application and the patented application: Instant Application: 18/400,060 Patented Application: 12,255,911 A method for detecting anomalies in groups of user verification requests performed by a processor comprising the following steps: Receiving users' verification requests and users' device identifying parameters, Generating device fingerprint based on the user's device identifying parameters for each verification request, Grouping verification requests that match by device fingerprint, Within the group of verification requests with matching device fingerprints searching for verification requests that match by at least one additional attribute of the request, In response to identifying coincidence of at least one additional attribute of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of said additional attribute of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise marking the verification requests for which no coinciding additional attribute of the request has been found as non-anomalous. A method for detecting anomalies in groups of user verification requests performed by one or more processors comprising the following steps: receiving users' verification requests and users' device identifying parameters from users' devices, for each user's device generating a device fingerprint based on the user's device identifying parameters for each verification request using a one or more fingerprinting methods that encodes hardware or software characteristics of the device as a string of alphanumeric characters, grouping verification requests that match by device fingerprint, performing analysis of additional attributes within the group of verification requests with matching device fingerprints, in response to identifying a match within of at least one additional attribute of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of said additional attribute of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise, performing further analysis using predefined threshold values and one or more clustering algorithms and marking the verification requests for which no coinciding additional attribute of the request has been found as non-anomalous, wherein the additional attribute of the request is a descriptor generated using a convolutional neural network for the background of the image or video depicting the face of the user being verified, and the matching is performed by identifying descriptors that surpass predetermined similarity threshold within the descriptors database, or the additional attribute of the request is a descriptor generated using a convolutional neural network for the background of the image or video depicting a document provided with the verification request and the matching is performed by identifying descriptors that surpass predetermined similarity threshold within the descriptors database, or the additional attribute of the request is a descriptor generated using a convolutional neural network for the text extracted from a document provided with the verification request and the matching is performed by identifying descriptors that surpass predetermined similarity threshold within the descriptors database, or the additional attribute of the request is the time when the verification request has been submitted and the matching is performed by identifying the verification requests made within a predefined timeframe; and wherein in response to marking the verification requests as anomalous, rejecting them or subjecting them to additional checks. Please note, the additional limitations within independent claim 1 of the patented application are further embodied within claims 2-16 in the instant application. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b ) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the appl icant regards as his invention. Claim s 1-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Regarding claim 1, 6, 11 and 14 , the phrase "such as" renders the claim indefinite because it is unclear whether the limitations following the phrase are part of the claimed invention. See MPEP § 2173.05(d). Regarding c laim s 1 - 1 6 , the claims recite the limitation s “the background of the image,” “the face,” “the text,” “the timeframe, ” and/or “the device ip,” There is insufficient antecedent basis for th ese limitation s in the claim s . It is recommended to the applicant to ensure each claim limitation is properly introduced within the claim before referring back to it. Regarding claim 1, 6, 11 and 14, the applicant recites “verification requests,” “users’ verification request,” “each verification request, “said verification requests,” and/or “the request,” which renders the claims indefinite as it is unclear if the applicant is referring back to the same user verification request or a different one. It is recommended to the applicant to recite something of the like “receiving a plurality of user verification requests… generating… for each verification request of the plurality of user verification requests… grouping each verification request of the plurality of user verification requests…” Dependent claims 2-5, 7-10, 12-13 and 15-16 are rejected under the same rationale as they do not cure the deficiencies of independent claims 1, 6, 11, and 14. Claim Rejections - 35 USC § 10 2 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis ( i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale , or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claim(s) 1, 5-6, 10- 16 is/are rejected under 35 U.S.C. 102(a)(1)/(a)(2) as being anticipated by Varghese et al (US 2006/0282660) . Regarding claim 1, Varghese et al discloses a method for detecting anomalies in groups of user verification requests performed by a processor comprising the following steps [0068] : Receiving users' verification requests and users' device identifying parameters [0089, 0065] (authenticating the user requests pre and post authentication) ; Generating device fingerprint based on the user's device identifying parameters for each verification request [ 0031, 00132, 0072, 0180 ] (the user’s device is fingerprinted by obtaining device identifying information); Grouping verification requests that match by device fingerprint [0104, 0089] (request attributes are broken into related information groupings); Within the group of verification requests with matching device fingerprints searching for verification requests that match by at least one additional attribute of the request [0100, 0065 , 0104 ] (security policies can be applied pre and post authentication , i.e., the same device used from a different location with a given time period ); In response to identifying coincidence of at least one additional attribute of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of said additional attribute of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise marking the verification requests for which no coinciding additional attribute of the request has been found as non anomalou s [0105] (A service provider may find certain conditions associated with a user request require that this user's access must be prevented. Restricted models gather data items and factors relevant to determining that a particular access must be prevented. Alternatively, a service provider may find certain user behavior patterns suggest that this user is a hacker or malicious. Hacker models accordingly gather relevant data items and factors). Regarding claim 5, Varghese et al further discloses wherein the additional attribute of the request is the timeframe when the verification request has been submitted [ 0104] (the same device used from a different location with a given time period). Regarding claim 6, Varghese et al discloses a method for detecting anomalies in groups of user verification requests performed by a processor comprising the following steps [0068]: Receiving users' verification requests and for each request at least one user's device identification token such as the device ip address or device fingerprint or device identification code [0089, 0065] (authenticating the user requests pre and post authentication) ; Grouping verification requests that match by at least one user's device identification token [0104, 0089] (request attributes are broken into related information groupings); Within the group of verification requests with matching device identification tokens searching for verification requests that match by at least one additional attribute of the request [0100, 0065, 0104] (security policies can be applied pre and post authentication , i.e., the same device used from a different location with a given time period ); In response to identifying coincidence of at least one additional attribute of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of said additional attribute of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise marking the verification requests for which no coinciding additional attribute of the request has been found as non anomalous [0105] (A service provider may find certain conditions associated with a user request require that this user's access must be prevented. Restricted models gather data items and factors relevant to determining that a particular access must be prevented. Alternatively, a service provider may find certain user behavior patterns suggest that this user is a hacker or malicious. Hacker models accordingly gather relevant data items and factors). Regarding claim 10 , Varghese et al further discloses wherein the additional attribute of the request is the timeframe when the verification request has been submitted [0104] (the same device used from a different location with a given time period). Regarding claim 11, Varghese et al discloses a method for detecting anomalies in groups of user verification requests performed by a processor comprising the following steps [0068]: Receiving users' verification requests and users' device identifying parameters [0089, 0065] (authenticating the user requests pre and post authentication) ; Generating device fingerprint based on the user's device identifying parameters for each verification reques t [0031, 00132, 0072, 0180] (the user’s device is fingerprinted by obtaining device identifying information); Grouping verification requests that match by device fingerprint [0104, 0089] (request attributes are broken into related information groupings); Within the group of verification requests with matching device fingerprints searching for verification requests that match by any of additional attributes of the request such as: a descriptor generated for the background of the image or video depicting the face of the user being verified; or a descriptor generated for the image or a video of the document provided with the verification request; or a descriptor generated for the text extracted from a document provided with the verification request; or the timeframe when the verification request has been submitted [0100, 0065, 0104] (security policies can be applied pre and post authentication , i.e., the same device used from a different location with a given time period ); In response to identifying coincidence of any of the searched additional attributes of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of any of said additional attributes of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise marking the verification requests for which no coinciding additional attributes of the request have been found as non anomalous [0105] (A service provider may find certain conditions associated with a user request require that this user's access must be prevented. Restricted models gather data items and factors relevant to determining that a particular access must be prevented. Alternatively, a service provider may find certain user behavior patterns suggest that this user is a hacker or malicious. Hacker models accordingly gather relevant data items and factors). Regarding claim 12, Varghese et al further discloses wherein the searching for verification requests that match by any of additional attributes of the request is done sequentially for each said additional attribute of the request [0085-0087] (the analysis may be done in a particular sequence or may be compressed ). Regarding claim 13, Varghese et al further discloses wherein the searching for verification requests that match by any of additional attributes of the request is done simultaneously for all said additional attributes of the request [0085-0087] (the analysis may be done in a particular sequence or may be compressed ). Regarding claim 14, Varghese et al discloses a method for detecting anomalies in groups of user verification requests performed by a processor comprising the following steps [0068]: Receiving users' verification requests and for each request at least one user's device identification token such as device ip address or device fingerprint or device identification code [0089, 0065] (authenticating the user requests pre and post authentication) ; Grouping verification requests that match by at least one user's device identification token [0104, 0089] (request attributes are broken into related information groupings); Within the group of verification requests with matching device fingerprints searching for verification requests that match by any of additional attributes of the request such as: a descriptor generated for the background of an image or video depicting the face of the user being verified; or a descriptor generated for the image of a document provided with the verification request; or a descriptor generated for the text extracted from a document provided with the verification request; or the timeframe when the verification request has been submitted [0100, 0065, 0104] (security policies can be applied pre and post authentication , i.e., the same device used from a different location with a given time period ); I n response to identifying coincidence of any of the searched additional attributes of the request for the whole group of said verification requests, marking the whole group as anomalous, in response to identifying coincidence of any of said additional attributes of the request in a subgroup or multiple subgroups within said group of verification requests, marking such subgroup or subgroups as anomalous; otherwise marking the verification requests for which no coinciding additional attributes of the request have been found as non anomalous [0105] (A service provider may find certain conditions associated with a user request require that this user's access must be prevented. Restricted models gather data items and factors relevant to determining that a particular access must be prevented. Alternatively, a service provider may find certain user behavior patterns suggest that this user is a hacker or malicious. Hacker models accordingly gather relevant data items and factors). Regarding claim 15, Varghese et al further discloses wherein the searching for verification requests that match by any of additional attributes of the request is done sequentially for each said additional attribute of the request [0085-0087] (the analysis may be done in a particular sequence or may be compressed ). Regarding claim 16, Varghese et al further discloses wherein the searching for verification requests that match by any of additional attributes of the request is done simultaneously for all said additional attributes of the request [0085-0087] (the analysis may be done in a particular sequence or may be compressed ). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 2- 4 and 7- 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Varghese et al (US 2006/0282660) in view of Kelly (US 2014/0207672). Regarding claims 2 and 7, Varghese et al discloses all the limitations of independent claims 1 and 6. Varghese et al does not expressly disclose but Kelly discloses wherein the additional attribute of the request is a descriptor generated for the background of the image or video depicting the face of the user being verified [0053-0054] (biometrics). It would have been obvious to one of ordinary skill in the art at to create the invention as claimed for the following reasons. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Varghese et al by using biometrics , for the purpose of verification , based upon the beneficial teachings provided by Kelly , see for example [0053-0054 ]. These modifications would result in ease of use and increased security , both of which are obvious benefits to the skilled artisan. Additionally, the cited references are in the field of computer security , as is the current application, and thus, are in analogous arts. Regarding claims 3 and 8, Varghese et al discloses all the limitations of independent claims 1 and 6. Varghese et al does not expressly disclose but Kelly discloses wherein the additional attribute of the request is a descriptor generated for the background of the image or video depicting a document provided with the verification request [0053-0054] (biometrics , different security measures may be implemented to verify the user and user device ). The motivation to combine is the same as disclosed in point ( 30 ) above. Regarding claims 4 and 9, Varghese et al discloses all the limitations of independent claims 1 and 6. Varghese et al does not expressly disclose but Kelly discloses wherein the additional attribute of the request is a descriptor generated for the text extracted from a document provided with the verification request [0053-0054] (biometrics , different security measures may be implemented to verify the user and user device ). The motivation to combine is the same as disclosed in point ( 30 ) above. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Aldweesh (US 2025/0233743): discloses a blockchain-based authentication system for electric vehicles and drones, and a method for authenticating electric vehicles or drones in a smart city. Any inquiry concerning this communication or earlier communications from the examiner should be directed to FILLIN "Examiner name" \* MERGEFORMAT KENDALL DOLLY whose telephone number is FILLIN "Phone number" \* MERGEFORMAT (571)270-1948 . The examiner can normally be reached FILLIN "Work Schedule?" \* MERGEFORMAT Monday-Friday 7am-3pm (EST) . Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice . If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FILLIN "SPE Name?" \* MERGEFORMAT Shewaye Gelagay can be reached at FILLIN "SPE Phone?" \* MERGEFORMAT (571)272-4219 . The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KENDALL DOLLY/ Primary Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Dec 29, 2023
Application Filed
Mar 26, 2026
Non-Final Rejection — §102, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12615273
INFORMATION PROCESSING
2y 4m to grant Granted Apr 28, 2026
Patent 12603890
Method for Sensitive Infrastructure Protection
2y 4m to grant Granted Apr 14, 2026
Patent 12602459
SYSTEMS AND METHODS FOR CHATBOT AUTHENTICATION
1y 6m to grant Granted Apr 14, 2026
Patent 12592909
Systems and methods for endpoint process metadata based policy enforcement
2y 1m to grant Granted Mar 31, 2026
Patent 12585824
MANAGING TEAM ACCESS TO WORKBOOKS EMBEDDED IN CLIENT DOMAINS
2y 4m to grant Granted Mar 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
88%
Grant Probability
99%
With Interview (+22.0%)
2y 4m (~0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 560 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month