Prosecution Insights
Last updated: April 18, 2026
Application No. 18/478,006

LARGE LANGUAGE MODEL-BASED AUTHENTICATION

Final Rejection §103
Filed
Sep 29, 2023
Examiner
PENA-SANTANA, TANIA M
Art Unit
2443
Tech Center
2400 — Computer Networks
Assignee
Crowdstrike Inc.
OA Round
4 (Final)
72%
Grant Probability
Favorable
5-6
OA Rounds
2y 10m
To Grant
66%
With Interview

Examiner Intelligence

Grants 72% — above average
72%
Career Allow Rate
176 granted / 245 resolved
+13.8% vs TC avg
Minimal -6% lift
Without
With
+-6.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
29 currently pending
Career history
274
Total Applications
across all art units

Statute-Specific Performance

§101
10.4%
-29.6% vs TC avg
§103
54.8%
+14.8% vs TC avg
§102
17.6%
-22.4% vs TC avg
§112
10.0%
-30.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 245 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTIONClaims StatusClaims 1, 9, 11, 16 and 17 filed 03/09/2026 have been amended. Claims 1-20 are pending and have been rejected. Response to Arguments Applicant’s arguments with respect to the independent claims 1, 9 & 17 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claim 1, 2, 9, 10 & 17 are rejected under 35 U.S.C. 103 as being unpatentable over Telem et al. (U.S. Publication 2019/0295082), hereinafter ‘Telem’ in view of Guedalia et al. (U.S. Publication 2016/0300049), hereinafter ‘Guedalia’ and Clauss et al. (U.S. Patent No. 11,405,379), hereinafter ‘Clauss’. As to claims 1, 9 & 17, Telem discloses a method, a system and a non-transitory computer readable medium comprising: a processing device (Telem, see fig. 4, processor); and a memory to store instructions that (Telem, see fig. 4, memory), when executed by the processing device cause the processing device to: accessing a knowledge base comprising user-specific data of a user device associated with a domain (Telem, see [0048], a mobile device, the user/cardholder can request a card balance for a particular payment card using a messenger-based communication channel/platform/network); generating, by a processing device, in response to a request from the user device for access to a resource of the domain, one or more authentication challenges based on the user-specific data, the one or more authentication challenges being generated by a large language model (LLM) trained on the user-specific data and contextual interactions associated with the user device (Telem, see [0049], AI bot receives request for balance inquiry in order to have user authentication issued. See [0052-0055], AI submits instructions in order to have the issuer authenticate the user/cardholder asking challenge questions); in response to determining that a response to the one or more authentication challenges matches the user-specific data of the knowledge base and the contextual interactions, providing the user device access to the resource of the domain (Telem, see [0052-0055], once user/cardholder responds to authentication questions and passes, the user/cardholder is provided with the requested credit card information), Telem is silent to wherein the determining is performed by the LLM and further comprises identifying whether the user device exhibits interaction patterns that differ from previously observed behavioral characteristics associated with the user. wherein the interaction patterns include at least one of: a deviation in average response time, a deviation in average response length, a deviation in stopword usage, or a deviation in spelling error frequency. However, Guedalia discloses wherein the determining is performed by the LLM and further comprises identifying whether the user device exhibits interaction patterns that differ from previously observed behavioral characteristics associated with the user (Guedalia, see [0060], the distance metrics can trigger appropriate action if the distance metrics indicate that the user who engaged in the subsequent behavior differ from the person who engaged in the behavior that resulted in the base profile model (e.g., broadcasting a location, shutting the device down, etc.)). wherein the interaction patterns include at least one of: a deviation in average response time, a deviation in average response length, a deviation in stopword usage, or a deviation in spelling error frequency (Guedalia, see [0174-0175], determining user-specific behavior in order to obtain an established based line profile of the user. System determined if user deviates from the previously obtained user-specific behavior (e.g., time period used in order to obtain input, comparing grammar use, etc.)) Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia in order to further modify the method from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia. One of ordinary skill in the art would have been motivated because it would allow to make a comparison between the new profile model and the base profile model (Guedalia – Abstract). Telem in view of Guedalia is silent to determining, after providing the user device access to the resource of the domain, that the user device is associated with an existing multifactor authentication (MFA) token; and invalidating the existing MFA token associated with the user device. However, Clauss discloses determining, after providing the user device access to the resource of the domain, that the user device is associated with an existing multifactor authentication (MFA) token (Clauss, see fig. 2, col. 1 lines 40-43 and col. 14 lines 22-67, authenticating the user for accessing the network resource can involve various steps or operations); and invalidating the existing MFA token associated with the user device (Clauss, see fig. 2, col. 1 lines 40-43 and col. 14 lines 22-67, if the token is invalid or has expired, the authentication service may transmit an indication to the authentication application (or the user device) to deny the user access to the website). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia and Clauss in order to further modify the method from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia and the method of authentication process that provides secure and verified access to content from the teachings of Clauss. One of ordinary skill in the art would have been motivated because it would allow to regulate access to content in order to facilitate transmission and exchange of content (Clauss – col. 1 lines 7-14). As to claims 2 & 10, Telem in view of Guedalia and Clauss discloses everything disclosed in claim 1 & 9. Telem further discloses providing the one or more authentication challenges to the user device, the one or more authentication challenges being based on the contextual interactions and corresponding to at least one of: a natural language query for the user device, or information associated with the user-specific data of the knowledge base (Telem, see [0073], communication device/AI bot has a machine learner logic learns communication patterns associated with respective users/cardholders and can tailor the choices of words used for communication to specific cardholders, wherein natural language can be used to communicate between user/cardholders and computing device/AI bot). Claims 3-5, 7, 8, 11-13, 15, 16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Telem et al. (U.S. Publication 2019/0295082), hereinafter ‘Telem’ in view of Guedalia et al. (U.S. Publication 2016/0300049), hereinafter ‘Guedalia’, Clauss et al. (U.S. Patent No. 11,405,379), hereinafter ‘Clauss’ and Narendranathan et al. (U.S. Publication 2024/0333699), hereinafter ‘Narendranathan’. As to claims 3, 11 & 18, Telem in view of Guedalia and Clauss discloses everything disclosed in claims 1, 9 & 17, but is silent to wherein the contextual interactions correspond to at least one of: an authentication fact, an authentication statement, an average response time, an average response length, a number of spelling mistakes, or a stopword pattern. However, Narendranathan discloses the contextual interactions correspond to at least one of: an authentication fact, an authentication statement, an average response time, an average response length, a number of spelling mistakes, or a stopword pattern (Narendranathan, see [0050], personalized knowledge-based authentication questions). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia, Clauss and Narendranathan in order to further modify the method for payment system using artificial intelligence (AI) platform from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia with the method of authentication process that provides secure and verified access to content from the teachings of Clauss and the method for knowledge-based authentication techniques from the teachings of Narendranathan. One of ordinary skill in the art would have been motivated because it would allow to make the authentication more robust (Narendranathan – Abstract). As to claims 4 & 12, Telem in view of Guedalia and Clauss discloses everything disclosed in claims 1 & 9, is silent to receiving, from the user device, the response to the one or more authentication challenges, the response being in a natural language format; and generating a first embedding from the response to map the response to the knowledge base. However, Narendranathan discloses receiving, from the user device, the response to the one or more authentication challenges, the response being in a natural language format (Narendranathan, see [0046], receives, from the applicant device, one or more responses to the one or more queries where the one or more response comprise authentication information); and generating a first embedding from the response to map the response to the knowledge base (Narendranathan, see [0050], it is determined to authenticate the user in response to the user correctly answering a requisite number of current dynamic, personalized knowledge-based authentication questions). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia, Clauss and Narendranathan in order to further modify the method for payment system using artificial intelligence (AI) platform from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia with the method of authentication process that provides secure and verified access to content from the teachings of Clauss and the method for knowledge-based authentication techniques from the teachings of Narendranathan. One of ordinary skill in the art would have been motivated because it would allow to make the authentication more robust (Narendranathan – Abstract). As to claims 5 & 13, Telem in view of Guedalia, Clauss and Narendranathan discloses everything disclosed in claims 4 & 12. Narendranathan further discloses determining, based on the first embedding, whether the response to the one or more authentication challenges matches the user-specific data of the knowledge base with a threshold level of confidence for authentication of the user device (Narendranathan, see [0050], in order for the user to be authenticated, the user requisite number of responses need to match the information of the dynamic, personalized knowledge-based authentication questions). As to claims 7, 15 & 19, Telem in view of Guedalia, Clauss discloses everything disclosed in claims 1, 9 & 17, but is silent to wherein the determining that the response to the one or more authentication challenges matches the user-specific data of the knowledge base, comprises: comparing a first embedding of the response to a second embedding of the user-specific data. However, Narendranathan discloses wherein the determining that the response to the one or more authentication challenges matches the user-specific data of the knowledge base, comprises: comparing a first embedding of the response to a second embedding of the user-specific data (Narendranathan, see [0042], generating questions to questioned users based on answers to challenge questions of a desired transaction for which authentication is requested. See [0045], personal computing device analytics used as a knowledge-based authentication source in order to generate knowledge-based authentication questions). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia, Clauss and Narendranathan in order to further modify the method for payment system using artificial intelligence (AI) platform from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia with the method of authentication process that provides secure and verified access to content from the teachings of Clauss and the method for knowledge-based authentication techniques from the teachings of Narendranathan. One of ordinary skill in the art would have been motivated because it would allow to make the authentication more robust (Narendranathan – Abstract). As to claims 8, 16 & 20, Telem in view of Guedalia, Clauss and Narendranathan discloses everything disclosed in claims 7, 15 & 19. Narendranathan further discloses determining whether the first embedding of the response is nearest in the knowledge base to the second embedding of the user-specific data (Narendranathan, see [0042], generating questions to questioned users based on answers to challenge questions of a desired transaction for which authentication is requested. See [0045], personalized knowledge-based authentication questions are generated from analytics stream data). Claims 6 & 14 are rejected under 35 U.S.C. 103 as being unpatentable over Telem et al. (U.S. Publication 2019/0295082), hereinafter ‘Telem’ in view of Guedalia et al. (U.S. Publication 2016/0300049), hereinafter ‘Guedalia’, Clauss et al. (U.S. Patent No. 11,405,379), hereinafter ‘Clauss’, Narendranathan et al. (U.S. Publication 2024/0333699), hereinafter ‘Narendranathan’ and Berkman et al. (U.S. Publication 2014/0282942), hereinafter ‘Berkman’. As to claims 6 & 14, Telem in view of Guedalia, Clauss and Narendranathan discloses everything disclosed in claims 4 & 12, but is silent to wherein in response to determining, based on the first embedding, that the response to the one or more authentication challenges does not match the user-specific data of the knowledge base and the contextual interactions, denying the user device access to the resource of the domain. However, Berkman discloses wherein in response to determining, based on the first embedding, that the response to the one or more authentication challenges does not match the user-specific data of the knowledge base and the contextual interactions, denying the user device access to the resource of the domain (Berkman, see [0074], deny access (NO) when the authentication hash does not match the secret authentication hash). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Telem in view of Guedalia, Clauss and Narendranathan and Berkman in order to further modify the method for payment system using artificial intelligence (AI) platform from the teachings of Telem with the method to machine-learning behavioral analysis from the teachings of Guedalia with the method of authentication process that provides secure and verified access to content from the teachings of Clauss and the method for knowledge-based authentication techniques from the teachings of Narendranathan and the method of authentication based on the user's private factors from the teachings of Berkman. One of ordinary skill in the art would have been motivated because it would allow for the user to answer questions with authentication factors in order to gain access to account (Berkman – Abstract). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to TANIA M PENA-SANTANA whose telephone number is (571)270-0627. The examiner can normally be reached Monday - Friday 8am to 4pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R Taylor can be reached at 5712723889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /TANIA M PENA-SANTANA/Examiner, Art Unit 2443 /NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2443
Read full office action

Prosecution Timeline

Sep 29, 2023
Application Filed
May 02, 2025
Non-Final Rejection — §103
Jul 31, 2025
Examiner Interview Summary
Jul 31, 2025
Applicant Interview (Telephonic)
Aug 05, 2025
Response Filed
Aug 15, 2025
Final Rejection — §103
Nov 13, 2025
Applicant Interview (Telephonic)
Nov 13, 2025
Examiner Interview Summary
Nov 20, 2025
Request for Continued Examination
Nov 30, 2025
Response after Non-Final Action
Dec 04, 2025
Non-Final Rejection — §103
Mar 09, 2026
Response Filed
Apr 02, 2026
Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12592924
SMART HUB QUANTUM KEY DISTRIBUTION AND SECURITY MANAGEMENT IN ADVANCED NETWORKS
2y 5m to grant Granted Mar 31, 2026
Patent 12585754
TRUSTED ROOT RECOVERY
2y 5m to grant Granted Mar 24, 2026
Patent 12574343
SYSTEMS AND METHODS FOR MULTI-AGENT CONVERSATIONS
2y 5m to grant Granted Mar 10, 2026
Patent 12574260
CONSENSUS PROCESSING METHOD, APPARATUS, AND SYSTEM FOR BLOCKCHAIN NETWORK, DEVICE, AND MEDIUM
2y 5m to grant Granted Mar 10, 2026
Patent 12561477
AUTOMATED SPARSITY FEATURE SELECTION
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

5-6
Expected OA Rounds
72%
Grant Probability
66%
With Interview (-6.0%)
2y 10m
Median Time to Grant
High
PTA Risk
Based on 245 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month