DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This action is in reply to the communication(s) filed on 02 October 2025.
Claims 1, 12, 16 and 19 are amended.
Claim(s) 1-20 is/are currently pending and have been examined.
Response to Arguments
Applicant's arguments filed 02 October 2025 have been fully considered but they are not persuasive.
Claim Rejections – 35 U.S.C. §112(a)
The claims have been amended to address the objection(s)/rejection(s) presented in the prior Office Action. Accordingly, Examiner withdraws the corresponding objection(s)/rejection(s).
New Rejections
Examiner notes the addition of new rejections based on the entered amendments. Examiner recommends incorporation of paragraphs [0051]-[0052] to help address the 101 rejection. Examiner recommends an interview for further discussion of said incorporation.
Claim Interpretation
Examiner notes that according to the specification a spoofing metric is a kind of verification unit score which in turn is a type of verification score. See at least paragraph [0033].
Examiner notes that machine learning models inherently are trained to determine patterns based on their underlying data.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Step 1 of the 101 Analysis:
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims recites a system, method, and non-transitory computer-readable storage medium for crowd-sourced fraud detections for remote transactions. These are a machine, process and article of manufacture which are within the four categories of statutory subject matter.
Step 2A Prong 1 of the 101 Analysis:
The following limitations and/or similar versions are found in claim(s) 1, 12 and 19:
Claim 1:
“send,…, a raw data stream indicative of a transaction initiated via one or more user operation entered via the user device;”
“generate a device fingerprint and a set of transaction characteristics associated with the transformed data in the transaction lake, wherein the set of transaction characteristics comprises one or more of the plurality of transaction characteristics;”
“execute a verification process that calls the transaction lake to acquire data for assessing a transaction characteristic from the set of transaction characteristics, wherein the verification process comprises:”
“generating a set of verification scores, each verification score being indicative of a spoofing metric associated with the transaction characteristic, wherein a first verification score is determined using a first…model determining location anomalies based on the Wi-Fi Access Point Signal information and the transaction information;”
“apply a second…model trained to analyze the set of verification scores, to generate a transaction score indicative of a fraudulent transaction prediction, wherein the first…model is trained on crowd-sourced historical location data associated with prior transactions, and wherein the second … model is trained on transaction scores and associated fraud determinations;”
“in real time, cross-checking the transaction characteristic against a set of historical transactions originating within a defined proximity of the location associated with the transaction information, and …”
“provide,…, real-time notifications of suspicious activity, performance monitoring, and issue identification, …display, in real time, the results of the verification process and the transaction score for operator review and intervention,”
Claim 12:
“sending,…, a raw data stream indicative of a transaction initiated via one or more user operation entered via the user device;”
“generating a device fingerprint and a set of transaction characteristics associated with the transformed data in the transaction lake, wherein the set of transaction characteristics comprises one or more of the plurality of transaction characteristics;”
“execute a verification process that calls the transaction lake to acquire data for assessing a transaction characteristic from the set of transaction characteristics, wherein the verification process comprises:”
“generating a set of verification scores, each verification score being indicative of a spoofing metric associated with the transaction characteristic, wherein a first verification score is determined using a first…model determining location anomalies based on the Wi-Fi Access Point Signal information and the transaction information;”
“applying a second…model trained to analyze the set of verification scores, to generate a transaction score indicative of a fraudulent transaction prediction, wherein the first…model is trained on crowd-sourced historical location data associated with prior transactions, and wherein the second…model is trained on transaction scores and associated fraud determinations;”
“in real time, cross-checking the transaction characteristic against a set of historical transactions originating within a defined proximity of the location associated with the transaction information, and…”
“providing,…,real-time notifications of suspicious activity, performance monitoring, and issue identification,…display, in real time, the results of the verification process and the transaction score for operator review and intervention,
Claim 19:
“send,…, a raw data stream indicative of a transaction initiated via one or more user operation entered via the user device;”
“generate a device fingerprint and a set of transaction characteristics associated with the transformed data in the transaction lake, wherein the set of transaction characteristics comprises one or more of the plurality of transaction characteristics;”
“execute a verification process that calls the transaction lake to acquire data for assessing a transaction characteristic from the set of transaction characteristics, wherein the verification process comprises:”
“generate a set of verification scores, each verification score being indicative of a spoofing metric associated with the transaction characteristic, wherein a first verification score is determined using a first…model determining location anomalies based on the Wi-Fi Access Point Signal information and the transaction information;”
“apply a second…model trained to analyze the set of verification scores, to generate a transaction score indicative of a fraudulent transaction prediction;”
“…generate a transaction score based on the spoofing metric,… wherein the transaction score is indicative of a fraudulent transaction prediction, wherein the first…model is trained on crowd-sourced historical location data associated with prior transactions, and wherein the second…model is trained on transaction scores and associated fraud determinations;”
“in real time, cross-checking the transaction characteristic against a set of historical transactions originating within a defined proximity of the location associated with the transaction information, and…”
“provide,…, real-time notifications of suspicious activity, performance monitoring, and issue identification,…display, in real time, the results of the verification process and the transaction score for operator review and intervention,”
These limitations, as drafted, are a process that, under its broadest reasonable interpretation, describes Fundamental Economic Principles or Practices but for the recitation of generic computer components. That is, other than reciting “a database”, “at least one processor and a memory comprising instructions”, or “A non-transitory computer readable storage medium” nothing in the claims’ elements precludes the steps from practically describing Fundamental Economic Principles or Practices. For example, but for the recited computer language, the limitations in the context of this claim describes Mitigating Risk. Mitigating Risk is described when analyzing transaction data for fraudulent activities. If a claim limitations, under their broadest reasonable interpretation, describes Fundamental Economic Principles or Practices but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Activity” grouping of abstract ideas.
Dependent claim(s) 4, 11 and 13-14 are directed to the following:
Claim(s) 4:
“generate a second verification score indicative of a second spoofing metric, wherein the second spoofing metric is based on a second transaction characteristic of the historical location data.”
Claim(s) 11:
“…wherein the first…model generates the spoofing metric by at least: generating a set of numerical features from the historical location data, wherein the set of numerical features is associated with the characteristic; applying a classification model to sort the numerical features; and comparing respective attributes of the transaction information to generate the spoofing metric.”
Claim(s) 13:
“…wherein the spoofing metric is further based on a cross-check of historical transactions originating within a range of a location associated with the transaction information.”
Claim(s) 14:
“verifying, in real time, a consistency of the location data.”
Claim(s) 16:
“…wherein the behavioral information is determined by a third…model trained to analyze transaction scores and the transaction information.”
These processes are similar to the abstract idea noted in the independent claims because they further the limitations of the independent claim which are directed to a judicial exception. Accordingly, these claim elements do not serve to confer subject matter eligibility to the claims since they are directed to abstract ideas.
Dependent claim(s) 2-3, 6, 9, 17-18 and 20 include the following limitations which are not directed to any additional abstract ideas and are also not directed to any additional non-abstract claim elements:
Claim(s) 2, 18 and 20:
“…wherein the transaction characteristic is at least one of IP data, Wi-Fi data, Wi-Fi Access Point Signal data, application data, sensor data, atmospheric pressure data, altitude data, satellite data, fingerprinting data, and fraudulent transaction data.”
Claim(s) 3:
“…wherein the spoofing metric is indicative of at least one of: an anomaly detection, a Wi-Fi score, a suspicion measurement, and a detection score.”
Claim(s) 6:
“…wherein the historical location data comprises crowd-sourced transaction data from a plurality of users.
Claim(s) 9:
“…wherein the historical location data corresponds to a collection of prior transactions associated with the user.”
Claim(s) 17:
“…wherein the historical location data comprises transactions within a distance of a location associated with the transaction information.”
Rather, these claims offer further descriptive limitations of elements found in the independent claims and addressed above – such as by describing the nature and content of the data that is received/sent. While these descriptive elements may provide further helpful context for the claimed invention these elements do not serve to confer subject matter eligibility to the invention since they merely represent a narrowing of the recited judicial exception. Step 2A prong 2 and Step 2B for these limitations therefore are the same as for the independent claims.
Accordingly, the claims recite an abstract idea.
Step 2A Prong 2 of the 101 Analysis:
This judicial exception is not integrated into a practical application. In particular, the independent claim(s) recite the following additional elements:
Claim 1:
“a database comprising historical location data associated with one or more transactions , the database receiving dynamic updates from at least one external source, the dynamic updates comprising information associated with a transaction characteristic associated with the one or more transactions;”
“at least one processor and a memory comprising instructions, which when executed by the processor, cause the system to:”
“establish a remote connection with an application program interface operating on a user device;”
“transform the raw data stream to a format for storage in a transaction lake, wherein the format enables accessibility by at least one verification process calling the transaction lake;”
“in response to generating the device fingerprint, establish a remote connection with the database to acquire and store, in the transaction lake, at least Wi-Fi Access Point Signal information for the user device associated with the transaction information;”
“…machine learning…”
“…machine learning…”
“…machine learning…”
“…updating the machine learning models in real time based on the transaction score and newly received transaction information;”
“…via a dashboard on a display… wherein the dashboard is configured to…”
“wherein the fraud detection system is configured to operate in a distributed cloud computing environment, with at least a portion of the verification process and machine learning model training performed on a cloud platform, and wherein the fraud detection system is further configured to share computing resources for real-time fraud detection and model retraining.”
Claim 12:
“storing, at a database, historical location data associated with one or more transactions;”
“dynamically updating the database with Wi-Fi Access Point Signal information and information from at least one external source, wherein the information is associated with a plurality of transaction characteristic associated with the one or more transactions;”
“establishing a remote connection with an application program interface operating on a user device;”
“transform the raw data stream to a format for storage in a transaction lake, wherein the format enables accessibility by at least one verification process calling the transaction lake;”
“in response to generating the device fingerprint, establishing a remote connection with the database to acquire Wi-Fi Access Point Signal information for the user device associated with the transaction information;”
“…machine learning…”
“…machine learning…”
“…machine learning…”
“…updating the machine learning models in real time based on the transaction score and newly received transaction information;”
“…via a dashboard on a display…wherein the dashboard is configured to…”
“wherein at least a portion of the verification process and machine learning model training is performed on a cloud platform operating in a distributed cloud environment, wherein computing resources for real-time fraud detection and model retraining are shared.”
Claim 19:
“A non-transitory computer-readable storage medium comprising instructions stored thereon, which when executed by a processor, cause a computing system to at least:”
“store, at a database, historical location data associated with one or more transactions;”
“dynamically update the database with information from at least one external source, wherein the information is associated with a transaction characteristic associated with the one or more transactions;”
“establish a remote connection with an application program interface operating on a user device;”
“transform the raw data stream to a format for storage in a transaction lake, wherein the format enables accessibility by at least one verification process calling the transaction lake;”
“in response to generating the device fingerprint, establish a remote connection with the database to acquire and store, in the transaction lake, at least Wi-Fi Access Point Signal information for the user device associated with the transaction information;”
“…machine learning…”
“…machine learning…”
“…updating the machine learning models in real time based on the transaction score and newly received transaction information;”
“…via a dashboard on a display…wherein the dashboard is configured to…”
“wherein at least a portion of the verification process and machine learning model training is performed on a cloud platform operating in a distributed cloud environment, wherein computing resources for real-time fraud detection and model retraining are shared.”
The computer components or other machinery (a database, a processor, a memory, display, and a non-transitory computer-readable medium) are recited at a high level of generality (i.e. as a generic database, generic processor, generic storage, and generic display) such that it amounts to no more than mere instructions to implement the judicial exception on a computer or by using a computer or other machinery merely as a tool to perform an existing process. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Simply implementing an abstract idea on a computer or using machinery as a tool to perform an existing process is not indicative of integration into a practical application (See MPEP § 2106.05(f).)
The receiving, acquiring, storing and updating step(s) are recited at a high level of generality (i.e., as simply receiving, simply acquiring, simply storing and simply updating) such that they amount to no more than mere data gathering which is adding insignificant extra solution activity. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Simply adding insignificant extra-solution activity is not indicative of integration into a practical application (See MPEP § 2106.05(g).)
The use of API, a data lake, machine learning, machine learning re-training, and a shared cloud computing resource pool is implemented at a high level of generality (i.e. as simply using the technologies) such that it amounts to no more than generally linking the use of the judicial exception to a particular technological environment or field of use. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Generally linking the use of the judicial exception to a particular technological environment or field of use is not indicative of integration into a practical application (See MPEP § 2106.05(h).)
Dependent claim(s) 5, 7-8, 10-11 and 14-16 contain the following additional elements:
Claim(s) 5:
“a dashboard provided on a display,…”
“…wherein the dashboard provides information relating to at least one of: performance monitoring, issue identification, and suspicious activity notification.”
Claim(s) 7:
“…training the second machine learning model on the historical location data associated with one or more prior transactions and associated fraud determinations.”
Claim(s) 8:
“…updating the second machine learning model, in real time, based on the transaction information and the transaction score.”
Claim(s) 10:
“…wherein the database is updated with new historical location data, in real time.”
Claim(s) 11:
“…machine learning…”
Claim(s) 14:
“storing location data from the user device in the database comprising historical location data associated with one or more transactions;”
Claim(s) 15:
“…wherein the second machine learning model is trained on crowd-sourced historical location data associated with prior transactions.”
Claim(s) 16:
“…dynamically updating the database with behavioral information associated with the one or more transactions,…”
“…machine learning…”
The computer components or other machinery (a display) are recited at a high level of generality (i.e. as a generic display) such that it amounts to no more than mere instructions to implement the judicial exception on a computer or by using a computer or other machinery merely as a tool to perform an existing process. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Simply implementing an abstract idea on a computer or using machinery as a tool to perform an existing process is not indicative of integration into a practical application (See MPEP § 2106.05(f).)
The use of machine learning and machine learning re-training is implemented at a high level of generality (i.e. as simply using the technology) such that it amounts to no more than generally linking the use of the judicial exception to a particular technological environment or field of use. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Generally linking the use of the judicial exception to a particular technological environment or field of use is not indicative of integration into a practical application (See MPEP § 2106.05(h).)
The providing, updating, and storing step(s) are recited at a high level of generality (i.e., as simply providing, simply updating, and simply storing) such that they amount to no more than mere data gathering which is adding insignificant extra solution activity. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Simply adding insignificant extra-solution activity is not indicative of integration into a practical application (See MPEP § 2106.05(g).)
Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
The claims are directed to an abstract idea.
Step 2B of the 101 Analysis:
The database mentioned above is/are not described in further detail within the applicant’s specification beyond potentially being a MAC database. Therefore examiner must interpret these elements as generic computer components.
The processor mentioned above is/are disclosed in applicant’s specification (See at least paragraph [0096] of the specification). The component is described as:
“The CPU(s) 1204 may be standard programmable processors that perform arithmetic and logical operations necessary for the operation of the computing device 1200.”
The memory and non-transitory computer-readable medium mentioned above is/are disclosed in applicant’s specification (See at least paragraph [0092] of the specification). The component is described as:
“Computing device 1100 may include a variety of computer system readable media. Such media may be any available media that is accessible by computing device 1100, and it includes both volatile and non-volatile media, and removable and non-removable media. Computing device 1100 may include system memory 1128, which may include computer-system-readable media in the form of volatile memory, such as random-access memory (“RAM”) 1130 and/or cache memory 1132. Computing device 1100 may further include other removable/non-removable, volatile/non-volatile computer system storage media. By way of example only, a storage system 1134 may be provided for reading from and writing to a non-removable, non-volatile magnetic media (not shown and typically called a “hard drive”). Although not shown, a magnetic disk drive for reading from and writing to a removable, non-volatile magnetic disk, e.g., a “floppy disk,” and an optical disk drive for reading from or writing to a removable, non-volatile optical disk such as a CD-ROM, DVD-ROM, or other optical media may be provided. In such instances, each may be connected to bus 1118 by one or more data media interfaces. As will be further depicted and described below, memory 1128 may include at least one program product having a set, i.e., at least one, of program modules that are configured to carry out the functions of embodiments of the invention.”
The display medium mentioned above is/are disclosed in applicant’s specification (See at least paragraph [00108] of the specification). The component is described as:
“Similarly, an input/output controller 1232 may provide output to a display, such as a computer monitor, a flat-panel display, a digital projector, a printer, a plotter, or other type of output device. It will be appreciated that the computing device 1200 may not include all of the components shown in Fig. 12, may include other components that are not explicitly shown in Fig. 12, or may utilize an architecture completely different than that shown in Fig. 12.”
Therefore applicant’s own specification supports these components as generic computer components.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements identified in Step 2A Prong 2 amount to no more than mere instructions to implement the judicial exception on a computer or no more than mere data gathering or data outputting which only adds insignificant extra solution activity to the judicial exception. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Adding insignificant extra-solution activity cannot provide an inventive concept when the activities are well-understood routine and conventional. The courts have recognized the following computer functions as well-understood, routine, and conventional functions when they are claimed in a merely generic manner:
(for storing/updating various data) Storing and retrieving information in memory, (See MPEP § 2106.05(d)(II)).
(for providing/receiving/acquiring various data) Receiving or transmitting data over a network, (See MPEP § 2106.05(d)(II)).
The claims are not patent eligible.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Atkin et al. (US 2023/0100394 A1) as the closest prior art of record discloses generation of transaction characteristic based on geological data.
Cella et al. (US 2023/0206261 A1) discloses storage in a data lake and usage of API.
Zarakas et al. (US 2021/0383394 A1) discloses that a machine learning model may be retrained based on collected information (i.e. dynamic updates and transaction information) and final information (i.e. output of the model).
Magruder et al. (WO 2023/230456 A1) discloses collecting Wi-Fi access point information and using said information for location information.
Weber (US 11,626,990 B1) discloses that machine learning algorithms can be continuously trained/retrained using real-time user data as it is received.
Lim et al. (US 2019/0205885 A1) discloses updating data in real-time and performing real-time fraud assessment.
Abrahamian et al. (US 2021/0383393 A1) discloses observing fraud based on transactions occurring at locations within a distance from the first transactions.
Hearty et al. (US 2022/0172215 A1) discloses feature generation may be classified using machine learning.
Brazao et al. (US 2022/0337611 A1) discloses detection of spoofing attacks.
Vora et al. (US 2022/0164787 A1) discloses anti-spoofing wherein a user device may identify likely targets for a transactions retrieving a list of nearby targets.
Phatak et al. (US 2022/0006899 A1) discloses detecting spoofing conditions using machine learning utilizing location information.
Burke et al. (US 2016/0132886 A1) discloses fraud detection referencing other bank customer's transaction behavior to determine whether other bank's customers who live geographically nearby to the first bank customer have used the same or similar purchase terminals before.
Drapeau et al. (WO 2022/005913 A1) discloses detecting spoofed cards using ensemble learning methods.
Schmidt et al. (“A GPS spoofing detection and classification correlator-based technique using the LASSO”) discloses detection of hazardous spoofing attacks seen in financial transactions.
Stella et al. (“Detection of Hotspot Spoofing by Monitoring Network Traffic”) discloses detection of wi-fi access point spoofing.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADAM J HILMANTEL whose telephone number is (571)272-8984. The examiner can normally be reached M-F 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Abhishek Vyas can be reached at (571) 270-1836. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ADAM HILMANTEL/Examiner, Art Unit 3691
/ABHISHEK VYAS/Supervisory Patent Examiner, Art Unit 3691