Prosecution Insights
Last updated: July 17, 2026
Application No. 18/505,003

PRIVACY-PRESERVING FUZZY TOKENIZATION AND ACROSS DISPARATE DATASETS

Final Rejection §103
Filed
Nov 08, 2023
Priority
Nov 08, 2022 — provisional 63/382,778
Examiner
SIDDIQI, MOHAMMAD A
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
TripleBlind, Inc.
OA Round
2 (Final)
85%
Grant Probability
Favorable
3-4
OA Rounds
3m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 85% — above average
85%
Career Allowance Rate
654 granted / 768 resolved
+27.2% vs TC avg
Strong +16% interview lift
Without
With
+15.6%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
15 currently pending
Career history
785
Total Applications
across all art units

Statute-Specific Performance

§101
2.7%
-37.3% vs TC avg
§103
80.5%
+40.5% vs TC avg
§102
10.6%
-29.4% vs TC avg
§112
0.4%
-39.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 768 resolved cases

Office Action

§103
DETAILED ACTION Claims 1-23 are presented for examination. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims1-2, 5, 8-23 are rejected under 35 U.S.C. 103 as being unpatentable over Jan et al. (US Patent Application No. US 20140351176 A1) (Hereinafter Jan) in view of Sankaran et al. (US Patent No. 11816116) (Hereinafter Sankaran). As per claim 1, Jan discloses a method of privatizing private data, the method comprising: receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset (fig 8, ticket data source, ticket data) and second sensitive identifiers from a second dataset (fig 8, Asset data source, asset data) ; determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique)); generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset (fig 8, ticket data source, ticket data) and the second dataset (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers); and linking records across the first dataset and the second dataset based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database). Jan does not explicitly disclose receiving sensitive data and associating identifier with sensitive data, first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset, in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state. However, Sankaran disclose receiving sensitive data and associating identifier with sensitive data (fig 2-3, col 2, lines 37-50, data items can include sensitive data describing one or more attributes of an entity), first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset (fig 2-3, col 1, lines 54-67, col 2, lines 34-49, tokenized or encrypted sensitive data maintained securely and queried without exposing the sensitive data in the clear) , in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state (col 2, lines 34-49, performing searches/queries on encrypted or tokenized data without exposing the data in cleartext). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Jan and Sankaran. The motivation would have been to have a secure data repository that can be created within a secure data processing system for storing tokenized versions of PII or other entity data objects. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims. As per claim 2, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the first sensitive identifiers from the first dataset and the second sensitive identifiers from the second dataset comprise one or more of a name, an address, a phone number, a physical characteristic of a person, an email address, a social media handle, an age (fig 2, col 2, lines 37-50, PII data items can include sensitive data describing one or more attributes of an entity). As per claim 5, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein records first dataset and the second dataset with sensitive identifiers that fuzzily match in the fuzzy match determination are augmented with a same unique identifier (fig 2, col 2, lines 37-50, PII .. fuzzy matching). As per claim 8, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses the first dataset is associated with a first device, the second dataset is associated with a second device, and the privacy-preserving engine operates on a third-party independent computing device (col 8, lines 35-38, third party). As per claim 9, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the privacy-preserving engine further brokers an agreement between the first device and the second device to perform computations (fig 2, col 3, lines 37-50;applying different encryption schemes to different data elements in the data object). As per claim 10, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the privacy-preserving engine operates using one of secure multi-party computation or homomorphic encryption (fig 2, col 3, lines 37-50;applying different encryption schemes to different data elements in the data object). As per claim 11, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein the fuzzy match algorithm performs according to a distance metric comprising one or more of a Jaro-Winkler metric, a step-wise algorithm, a neural network, a machine learning algorithm or other distance metric algorithm (para 6, machine learning technique). As per claim 12, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein the fuzzy match algorithm performs fuzzy matching for pairs or records according to the first sensitive identifiers and the second sensitive identifiers (fig 8, ticket data source, ticket data). As per claim 13, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein after determining, via the fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield the fuzzy match determination, the method comprises: determining whether the fuzzy match determination is transitive (para 71-72, false positive and false negative). As per claim 14, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein, while the fuzzy match determination is not transitive, reducing a fuzziness of a matching operation until a non-transitivity state is eliminated (para 71-72, false positive and false negative). As per claim 15, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses further comprising: distributively generating a respective random identifier, as part of the set of unique identifiers, for each transitive equivalence class of records of the fuzzy match determination (para 32, the tokens are matched against the dictionary using fuzzy matching algorithms). As per claim 16, claim is rejected for the same reasons and motivations as claim 1, above. As per claim 17, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset of a set of primary datasets (fig 8, ticket data source, ticket data); determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and a second sensitive identifiers (fig 8, Asset data source, asset data) associated with auxiliary information to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique)); generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset is augmented by a respective unique identifier from the set of unique identifiers (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers); and linking records across the first dataset and the auxiliary information based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database). As per claim 18, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses wherein the fuzzy match algorithm operates one at a time on respective datasets from the set of primary datasets using the auxiliary information (fig 8, Asset data source, asset data; ticket data source, ticket data; identifiers ). As per claim 19, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses wherein the auxiliary information comprises a master person index and other data comprising one or more of consumer data and social media data (col 4, lines 38-67, such consumer identification data include a street address or other geographical location). As per claim 20, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses Jan discloses wherein the auxiliary information is held by a tokenization entity (para 32, the tokens are matched against the dictionary using fuzzy matching algorithms). As per claim 21, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Sankaran discloses wherein the tokenization entity is distributed cryptographically across several distributed computing devices (col 4, lines 38-67, such consumer identification data include a street address or other geographical location). As per claim 22, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Sankaran discloses wherein the tokenization entity is distributed cryptographically across several distributed computing devices via use of secure multi-party computation (col 4, lines 38-67, encrypting sensitive data). As per claim 23, claim is rejected for the same reasons and motivations as claim 17, above. Claims 3-4 and 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Jan et al. (US Patent Application No. US 20140351176 A1) (Hereinafter Jan) in view of Sankaran et al. (US Patent No. 11816116) (Hereinafter Sankaran) in further view of Borden et al. (US Patent Application No. 20240005231) (Hereinafter Borden). As per claim 3, Jan in view of Sankaran does not explicitly disclose wherein the fuzzy match determination is computed using an edit distance metric. However, Borden discloses wherein the fuzzy match determination is computed using an edit distance metric (para 57, Hamming distance, Jaro -Winkler distance). As per claim 4, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the edit distance metric comprises a Jaro-Winkler similarity string metric (para 57, Hamming distance, Jaro-Winkler distance). As per claim 6, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the set of unique identifiers comprises a set of pseudorandom strings (para 23, textual data may be parsed into tokens). As per claim 7, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the respective unique identifier comprises a respective pseudorandom string of the set of pseudorandom strings (para 23, textual data may be parsed into tokens). .Response to Arguments Applicant's arguments filed 03/10/2026 have been fully considered but they are not persuasive, therefore rejections to claims 1-23 is maintained. In the remarks applicants argued that: In response to Applicant’s arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references. In this case Jan discloses receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset (fig 8, ticket data source, ticket data) and second sensitive identifiers from a second dataset (fig 8, Asset data source, asset data) ; determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique)); generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset (fig 8, ticket data source, ticket data) and the second dataset (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers); and linking records across the first dataset and the second dataset based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database). Sankaran disclose receiving sensitive data and associating identifier with sensitive data (fig 2-3, col 2, lines 37-50, data items can include sensitive data describing one or more attributes of an entity), first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset (fig 2-3, col 1, lines 54-67, col 2, lines 34-49, tokenized or encrypted sensitive data maintained securely and queried without exposing the sensitive data in the clear) , in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state (col 2, lines 34-49, performing searches/queries on encrypted or tokenized data without exposing the data in cleartext). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Jan and Sankaran. The motivation would have been to have a secure data repository that can be created within a secure data processing system for storing tokenized versions of PII or other entity data objects. Conclusion Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493
Read full office action

Prosecution Timeline

Nov 08, 2023
Application Filed
Sep 10, 2025
Non-Final Rejection mailed — §103
Mar 10, 2026
Response Filed
Jun 02, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12684065
TELEPHONE SERVICE DELAY AND CONNECTION SYSTEM
1y 11m to grant Granted Jul 14, 2026
Patent 12671578
TECHNIQUES FOR ON-DEMAND SECRET KEY REQUESTING AND SHARING
2y 4m to grant Granted Jun 30, 2026
Patent 12671594
SYSTEMS, METHODS, AND APPARATUSES FOR NETWORK MANAGEMENT
1y 11m to grant Granted Jun 30, 2026
Patent 12664309
OBFUSCATION OF CONTENT BASED UPON CONTEXT OF AND PATTERN OF DATA WITHIN THE CONTENT
2y 8m to grant Granted Jun 23, 2026
Patent 12665741
PROTECTION OF SECRET DATA USING UNPROTECTED DATA PATH
2y 1m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
85%
Grant Probability
99%
With Interview (+15.6%)
2y 11m (~3m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 768 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month