DETAILED ACTION
This is in reference to communication received 18 November 2025. Claims 1 – 4, 6, 8 – 11, 13 and 15 – 18 are pending for examination. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1 – 4, 6, 8 – 11, 13 and 15 – 18 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Independent claim 15, representative of claims 1 and 8, in part is directed toward a statutory category of invention, the claim appears to be directed toward a judicial exception namely an abstract idea. Claim 15 recites invention directed to generate a fraud score for a user indicating the possibility of abnormal behavior of the user device and/or a likelihood that the user device is inauthentic and providing the generated fraud score to a merchant. Plurality of clickstream behavioral data of plurality of users and plurality of websites are received as activity logs and analyzed to generate (determine) user device identities associated each of the users in the received activity log and saved in a database as a reference file. When a data associated with a user device is received with information related to activity of the associated user with the merchant, identifier of the user device is used to determine whether there is an entry in the reference file and determination is made whether the user device is flagged as abnormal or inauthentic and a fraud score for the user device is provided to the merchant.
These limitations describe marketing/sales/advertising activities. Analyzing collected historic data associated with plurality of users and merchant-websites, and saving the result of analysis in a database for each of the user to generate a reference file, and when a request is received from a merchant to identify whether a user device accessing their website has been identified to be fraudulent before they would proceed with the transaction with the associated user. Providing a fraud-score for the user device as a response to the received request from the merchant would be the fraud-prevention team (or person) providing, such as a visual presentation of a fraud score to the merchant client of the fraud-prevention team.
Represented claims 1 and 8, which do recite statutory categories (machine, product of manufacture, for example), the same analysis as above applies to these claims since the method steps are the same. However, the judicial exception is not integrated into a practical application. These claims add the generic computer components (additional elements) of a system comprising one or more hardware processors and a memory (claim 1), and a non-transitory machine-readable medium comprising instructions that when executed by a processor of a machine cause the machine to perform the method addressed above (claim 8).
The processor, memory, and non-transitory machine-readable medium are recited at a high-level of generality such that they amount to no more than mere instructions to apply the exception using a generic computer component. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of the processor, memory, and non-transitory machine-readable medium amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible.
When taken as an ordered combination, nothing is added that is not already present when the elements are taken individually. When viewed as a whole, the marketing activities amount to instructions applied using generic computer components.
As for dependent claims 2 – 4, 6, 9 – 11, 13 and 16 – 18, these claims recite limitations that further define the same abstract idea of simply disclosing additional limitations that further limit the abstract idea with details regarding descriptions of various data, what decisions may be made by the merchant based upon the received fraudulent score, what algorithm and what data elements will be used to generate fraudulent score. Thus, the dependent claims merely provide additional non-structural (and predominantly non-functional) details that fail to meaningfully limit the claims or the abstract idea(s).
Therefore, claims 1–4, 6, 8–11, 13 and 15–18 are not drawn to eligible subject matter, as they are directed to an abstract idea without significantly more.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1 – 3, 6, 8 – 10, 13 and 15 – 17 are rejected under 35 U.S.C. 103 as being unpatentable over O'Connell et al. US Publication 2007/0239604 in view of Gang Wang et al. published article “You are How You Click: Clickstream Analysis for Sybil Detection” and Brian Pugh published article “Staying Ahead of Invalid Traffic in Digital Audience Measurement”.
Regarding claims 15, 1 and 8, O'Connell teaches a computer-implemented system and method for fraud detection for remote transactions (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server) [O'Connell, 0008] comprising:
one or more processors [O'Connell, 0040, Fig. 1, 2, and associated disclosure0;
non-transitory computer-readable storage media having computer-executable instructions stored thereon, wherein when executed by the one or more processors the computer-readable instructions (O'Connell, The computer program of the present invention typically is comprised of a multitude of instructions that will be translated by the native computer into a machine-readable format and hence executable instructions. Also, programs are comprised of variables and data structures that either reside locally to the program or are found in memory or on storage devices) [O'Connell, 0021] cause the one or more processors to perform:
receiving user device data generated by a user device accessing one or more webpages of a merchant website (O'Connell. request to analyze a user-browser interaction session for fraudulent behavior and to provide fraud detection results. The incoming interaction server 108 may receive user-browser interaction data from one or more client computer systems 102 at element 508. Via the interaction data manager 114, the incoming interaction server 108 may associate received user-browser interaction data with a particular user login at element 510) [O'Connell, 0051, 0052], the user device data including identifying characteristics of the user device and real-time click stream behavioral data for the user device on the merchant website (O'Connell, user-browser interaction details may be transmitted in near-real-time to a specified server. Factors that may represent potential fraudulent behavior and thus raise potential security issues may include a jittery mouse pointer, long pauses between information that a typical user will not pause on (such as mother's maiden name, birthday, address, birth location, etc.)) [O'Connell, 0026];
O’Connel does explicitly recite user device data to include clickstream behavior. However, Wang teaches building of a practical system for detecting fake identities using server-side clickstream models. Wang teaches developing a detection approach that groups “similar” user clickstreams into behavioral clusters. Wang further teaches using of clickstream models as a tool to detect fake identifiers in online services [Wang, page 241].
Therefore, at the time of filing, it would have been obvious to one of ordinary skill in the art to modify O’Connel by adopting teachings of Wang and use clickstream models as a tool to detect fake identifiers in online services.
O’Connel in view of Wang teaches system and method further comprising:
matching the user device data to a user device identity of a plurality of user device identities stored in a database (O'Connell, At element 512, the interaction database interface 304 of the incoming interaction server 108 may store user-browser interaction data and any associated information in the user-browser interaction database 130) [O'Connell, 0051], the user device identity including a plurality of attribute datapoints (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server, an interaction database interface to access stored user-browser interaction data, and a fraud detection module to analyze the stored user-browser interaction data associated with the established session by comparing the user-browser interaction data with known fraudulent behavior to determine fraud detection results) [O'Connell, 0008] including a representation of normal clickstream behavior of the user device [(Wang, Clickstreams are traces of click-through events generated by online users during each web browsing “session” and have been used in the past to model web traffic and user browsing patterns) [Wang, page 1];
O"Connel in view of Wang does not explicitly recite receiving a plurality of activity logs comprising clickstream behavioral data for interactions between a plurality of users and a plurality of websites. However, Pugh teaches
Comscore’s Unified Digital Measurement (UDM) methodology, which combines our global 2 million person panel with publishers’ site server data, provides us with a unique ability to differentiate behavior between people and site server logs and refine our audience estimates accordingly. This capability also enables us to employ proprietary methods to identify, quantify, and filter out the portion of server traffic that originates from bots, spiders, and other non-human sources. [Pugh, page 1].
Therefore, at the time of filing, it would have been obvious to one of ordinary skill in the art to modify O"Connel in view of Wang by adopting teachings of Pugh to detect push traffic, malware influence, automated clicks through bot nets, and other mechanisms that can inflate audience and ad measurement beyond the ‘user–intent’ definition.
O"Connel in view of Wang and Pugh teaches system and method further comprising:
receiving a plurality of activity logs comprising clickstream behavioral data for interactions between a plurality of users and a plurality of websites (Pugh, The Comscore panel allows us to see the full browsing activity of millions of panelists, which provides insight into the complete clickstream behavior leading up to any site visit) [Pugh, page 3];
generating, based on the plurality of activity logs and using a virtual agent for each of the plurality of users, a plurality of user device identities respectively corresponding to the plurality of users and representing normal clickstream behavior of the plurality of users (O'Connell, At element 512, the interaction database interface 304 of the incoming interaction server 108 may store user-browser interaction data and any associated information in the user-browser interaction database 130) [O'Connell, 0051];
storing the plurality of user device identities in a database (O'Connell, At element 512, the interaction database interface 304 of the incoming interaction server 108 may store user-browser interaction data and any associated information in the user-browser interaction database 130) [O'Connell, 0051];
receiving user device data generated by a user device accessing one or more webpages of a merchant website (O'Connell. request to analyze a user-browser interaction session for fraudulent behavior and to provide fraud detection results. The incoming interaction server 108 may receive user-browser interaction data from one or more client computer systems 102 at element 508. Via the interaction data manager 114, the incoming interaction server 108 may associate received user-browser interaction data with a particular user login at element 510) [O'Connell, 0051, 0052], the user device data including identifying characteristics of the user device and real-time click stream behavioral data for the user device on the merchant website (O'Connell, user-browser interaction details may be transmitted in near-real-time to a specified server. Factors that may represent potential fraudulent behavior and thus raise potential security issues may include a jittery mouse pointer, long pauses between information that a typical user will not pause on (such as mother's maiden name, birthday, address, birth location, etc.)) [O'Connell, 0026];
matching the user device data to a user device identity of a plurality of user device identities stored in a database (O'Connell, At element 512, the interaction database interface 304 of the incoming interaction server 108 may store user-browser interaction data and any associated information in the user-browser interaction database 130) [O'Connell, 0051], the user device identity including a plurality of attribute datapoints (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server, an interaction database interface to access stored user-browser interaction data, and a fraud detection module to analyze the stored user-browser interaction data associated with the established session by comparing the user-browser interaction data with known fraudulent behavior to determine fraud detection results) [O'Connell, 0008] including a representation of normal clickstream behavior of the user device [(Wang, Clickstreams are traces of click-through events generated by online users during each web browsing “session” and have been used in the past to model web traffic and user browsing patterns) [Wang, page 1];
comparing the user device data against the user device identity to generate a fraud score for the user device, the comparison and the fraud score indicating the possibility of one or both of: abnormal behavior of the user device; or (ii) a likelihood that the user device is inauthentic (claim 7) (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server, an interaction database interface to access stored user-browser interaction data, and a fraud detection module to analyze the stored user-browser interaction data associated with the established session by comparing the user-browser interaction data with known fraudulent behavior to determine fraud detection results; The fraud detection results may be a final result (i.e., it is fraudulent behavior or it is not), a fraud detection score that provides an indication of the degree of likelihood of fraudulent behavior evidenced by the user, or any other representation of the results) [O'Connell, 0008. 0034]; and
transmitting the fraud score to a merchant server corresponding to the merchant website (O'Connell, The fraud detection server 110 may transmit the determined fraud detection results to the requesting e-commerce application 118, which may in turn determine its course of action based at least in part on the fraud detection results) [O'Connell, 0035].
Regarding claims 16, 2 and 9, as combined and under the same rationale as above, O'Connell in view of Wang and Pugh teaches system and method further comprising, via the one or more transceivers and/or processors, declining a financial transaction requested by the user device on the merchant website based on the fraud score (O'Connell, The fraud detection server 110 may transmit the determined fraud detection results to the requesting e-commerce application 118, which may in turn determine its course of action based at least in part on the fraud detection results) [O'Connell, 0035].
Regarding claims 17, 3 and 10, as combined and under the same rationale as above, O'Connell in view of Wang and Pugh teaches system and method, wherein each of the plurality of user device identities includes a corresponding plurality of attribute datapoints and at least one of the plurality of attribute datapoints comprises a smart agent profile comprising a representation of normal historical data for the corresponding attribute datapoint for the user device (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server, an interaction database interface to access stored user-browser interaction data, and a fraud detection module to analyze the stored user-browser interaction data associated with the established session by comparing the user-browser interaction data with known fraudulent behavior to determine fraud detection results) [O'Connell, 0008, 0051];
Regarding claims 6 and 13, as combined and under the same rationale as above, O'Connell in view of Wang and Pugh teaches system and method, wherein
the user device data is received from the merchant website (O'Connell, receive a request for fraud detection analysis of user browser interaction and to transmit determined fraud detection results to the application server) [O'Connell, 0008] and
receive additional user device data generated by a plurality of additional user devices accessing a plurality of additional merchant websites (O'Connell, incoming interaction server 108 may receive user-browser interaction data from one or more client computer systems 102 and process and store the received data) [O'Connell, 0042], the user device data and the additional user device data being collected and transmitted via endpoint clients respectively installed on the user device and each of the plurality of additional user devices (O'Connell, the browser 112 may be enabled with JavaScript™ (of Sun Microsystems, Inc.) or other code that enables transmission of interaction details from a client to a server) [O'Connell, 0027].
Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over O'Connell et al. US Publication 2007/0239604 in view of Gang Wang et al. published article “You are How You Click: Clickstream Analysis for Sybil Detection”, Brian Pugh published article “Staying Ahead of Invalid Traffic in Digital Audience Measurement” and TutorialsPoint published article “Data Mining – Classification & Prediction”.
Regarding claims 18, 4 and 11, O'Connell in view of Wang and Pugh does not explicitly recite classification model. However, TutorialsPoint teaches there are two forms of data analysis that can be used for extract models describing important classes or predict future data trends. These two forms are as follows:
Classification
Prediction
These data analysis help us to provide a better understanding of large data. Classification predicts categorical and prediction models predicts continuous.
Therefore, at the time of filing, it would have been obvious to one or ordinary skill in the art to modify O'Connell in view of Wang and Pugh by adopting teachings of TutorialsPoint to build a classification model to categorize bank loan applications (online credit card transaction) as they are either safe or risky.
therefore, as combined and under the same rationale as above, O'Connell in view of Wang, Pugh and TutorialPoint teaches system and method, wherein each of the plurality of user device identities includes a classification model constructed [TutorialsPoint, page 1] according to one or more of data mining logic, a neural network, case-based-reasoning, clustering, fuzzy logic, a genetic algorithm, a decision tree, and business rules (TutorialsPoint, To compare the documents and rank the importance and relevance of the document the users need tools. Therefore, text mining has become popular and essential theme in data mining [TutorialsPoint, page 4].
Response to Arguments
Applicant's arguments are directed to added limitations in independent claims which have been acknowledged and considered. While performing an updated search, a new reference was found which teach added limitations.
Therefore applicant’s arguments are moot under new grounds of rejection.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Naresh Vig whose telephone number is (571)272-6810. The examiner can normally be reached Mon-Fri 06:30a - 04:00p.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ilana Spar can be reached at 571.270.7537. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NARESH VIG/Primary Examiner, Art Unit 3622
January 08, 2026