HAND ACTION TRACKING FOR CARD SLOT TAMPERING

§103 §112 §DP

DETAILED ACTION Examiner’s Remarks Regarding the amendment filed 12/3/2025: The amendments to claims 2, 14 and 20 are acknowledged and accepted. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/3/2025 has been entered. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 2-21 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 2, 14 and 20 recite “wherein card slot tampering is detected and halted”. It is unclear how card slot tampering is halted. The claim language does not indicate how tampering would be halted. For example, does merely detecting and identifying card slot tampering halt the tampering itself? Or does sending the alert somehow halt the tampering, e.g. halt the person tampering the card slot? Or does the applicant intend that causing the transaction terminal to be non-operational is how the card slot tampering is halted. Please clarify. Claims not specifically addressed are indefinite due to their dependency. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 2, 3, 7-9, 12, 14, 15, 18, 20 and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Krebs et al. (US 11,631,068) in view of Rodriguez Bravo et al. (US 2023/0129964) and Kishi (US 2019/0279468). With respect to claim 2, 7 and 8, Krebs et al. discloses a method comprising: obtaining images depicting an area adjacent to a transaction terminal and a card reader (106) of the terminal (col. 2, lines 43-61; Fig. 1, 3A, 3B); determining from the images, actions taken by an operator of the terminal and objects associated with one or more hands of the operator (col. 3, lines 3-16; col. 3, line 51 – col. 5, line 46); sending an alert when one or more of the actions and objects indicate a card slot tampering event is taking place on the card reader of the terminal (card slot tampering is inherent to person is trying to install an unauthorized device on a card reader) (col. 5, lines 47-58). Krebs et al. fails to expressly disclose obtaining the images in real time; determining whether the objects are known objects or unknown objects based on visual features extracted from portions of the images; and the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. Krebs additionally fails to expressly disclose determining if a particular object is a particular known object or a particular unknown object. Krebs additionally fails to expressly disclose the card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. Rodriguez Bravo et al. teaches it is well known in the art to determine if an object is a known object or an unknown object based on visual features extracted from portions of the images and to determine whether one or more hands are holding the object (determine that a person is trying to install an unauthorized device on a card reader by determining if an object in a person’s hand is a card (e.g. particular known object) or something else (e.g. particular unknown object which is the object in the hand is not a card) using visual features extracted from an image) ([0038], [0039], [0047]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to determine whether objects are known objects or unknown objects based on visual features extracted from portions of the images, and to determine if a particular object is a particular known object or a particular unknown object and determining whether the one or more hands are holding the particular object, in order to determine whether the person is holding something is not a card near the card reader. The combined teachings of Krebs and Rodriguez Bravo et al. disclose the invention set forth above, however they fail to expressly disclose obtaining the images in real time; and the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. The combined teachings additionally fail to expressly disclose card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. Rodriguez Bravo et al. teaches a system using a machine-learning model with real time data from a camera to capture video data of the area near a card insertion portion, such that the video data can be analyzed using techniques such as image segmentation (thus the video is comprised of images) to determine whether a person at the machine is holding a card or something other than a card, thus allowing the system to determine that a person is holding something that is not a card near the card insertion portion ([0047], [0056]). Kishi et al. teaches it is well known in the art to for card slot tampering to be detected in real time (actual target action data is extracted in real time from video images (actual scene data) being imaged of an anomalous actin of a user in an actual operation) and halted (makes the automated transaction device unusable), and wherein image processing for the detecting is processed exclusively on the transaction terminal (when the surveillance device, which is a computer, is built into a transaction terminal) by a security agent (software, hardware or combination thereof of surveillance device), or exclusively on a cloud or server (when the surveillance device, which is a computer, is remote to the transaction terminal) by a card tampering detection manager (software, hardware or combination thereof of surveillance device) ([0010], [0045], [0055], [0084], [0088], [0139], [0140], Figs. 1 and 15). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to obtain the images in real time and to detect the card slot tampering in real time and to be halted, wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing, in order to detect, in real-time, that a user’s hand(s) is/are engaging in an abnormal activity at the card slot (e.g. detect if the user is tampering with the card slot of the transaction terminal in real time). The combined teachings of Krebs, Rodriguez Bravo et al. and Kishi et al. disclose the invention set forth above, however they fail to expressly disclose the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. Krebs discloses the images recorded are moving images (functionally equivalent to a video) depicting gestures and actions of the hands of a person that perform actions in front of the transaction terminal, including card slot tampering (a person trying to install an unauthorized device (e.g. shimmer or skimmer) on a card reader) (col. 2, lines 64 – col. 3, line 1; col. 3, lines 54-56). Krebs additionally discloses sending an alert (e.g. message) when one of more of the actions and the objects indicate a card slot tampering event (col. 5, lines 47-58; col. 6 lines 50-57). Although Krebs fails to teach the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified, Kishi et al. teaches it is well known in the art to record a video of an operator at a card slot and in the event of a card slot tampering event, transmit the video image data to a surveillance center, security agent, or bank employee ([0041], [0045]-[0047], [0054], [0081], [0085], [0087], [0134]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the alert to include a video clip from the images depicting gestures and when the card slot tampering event is identified, in order to retain a video image log of the anomalous actions of the user, e.g. attaching a skimming device, and/or to allow a surveillance agent, security agent, bank employee, etc. to check the video in which the tampering has been detected. With respect to claim 3, the modified Krebs et al. discloses obtaining the images from a single camera (102) (Krebs: Fig. 1). With respect to claim 9, the modified Krebs et al. addresses all the limitations of claim 8. However, the modified Krebs et al. fails to expressly disclose obtaining a transaction state from the terminal. Kishi et al. teaches it is well known in the art to obtain a transaction state from at terminal ([0036], [0139]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to obtain a transaction state from at terminal in order to identify action items of the user, as taught by Kishi et al. ([0139]). With respect to claim 12, the modified Krebs et al. addresses all the limitations of claim 2. However, the modified Krebs et al. fails to expressly disclose capturing an account number on a card detected in images when the card slot tampering event is identified. Kishi et al. teaches it is well known in the art to capture an account number on a card detected in images when an anomalous action is identified, and the anomalous action can be a card slot tampering event ([0045], [0085]) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to capture an account number on a card detected in images when an anomalous action is identified, and the anomalous action can be a card slot tampering event, in order to keep a log and additional information regarding the anomalous action. With respect to claims 14 and 20, Krebs discloses a system comprising: a processor (col. 10, lines 50-65); a memory coupled to the processor (col. 10, lines 50-65); and the processor configured to perform operations comprising (col. 10, lines 60-65): analyzing images of an operator present at a terminal captured in real time for identifying a card slot tampering event (card slot tampering is inherent to person is trying to install an unauthorized device on a card reader) (col. 3, lines 3-16; col. 5, lines 32-46); and raising an alert when the analyzing indicates one or more hands of the operator are adjacent to a card reader of the terminal with a foreign object being held by the operator and indicating that the card slot tampering event has been identified (col. 3, lines 54-56; col. 5, lines 47-58), wherein the alert causes the terminal to be non-operational for transactions processed on the terminal (col. 5, lines 52-58; col. 9, lines 22-25); Krebs fails to expressly disclose the images are captured in real time; and the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. Krebs additionally fails to expressly disclose the foreign object is determined to be an unknown object based on visual features extracted from portions of the images. Krebs additionally fails to expressly disclose card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. Rodriguez Bravo et al. teaches it is well known in the art to determine if a foreign object being held by a person is an unknown object (foreign object) based on visual features extracted from portions of the images and to determine whether one or more hands are holding the object (determine that a person is trying to install an unauthorized device on a card reader by determining if an object in a person’s hand is a card or something else using visual features extracted from an image) ([0038], [0039], [0047]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to determine that the foreign object is an unknown object based on visual features extracted from portions of the images, in order to determine whether the person is holding something is not a card near the card reader. The combined teachings of Krebs and Rodriguez Bravo et al. disclose the invention set forth above, however they fail to expressly disclose the images are captured in real time; and the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. The combined teachings additionally fail to expressly disclose card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. Rodriguez Bravo et al. teaches a system using a machine-learning model with real time data from a camera to capture video data of the area near a card insertion portion, such that the video data can be analyzed using techniques such as image segmentation (thus the video is comprised of images) to determine whether a person at the machine is holding a card or something other than a card, thus allowing the system to determine that a person is holding something that is not a card near the card insertion portion ([0047], [0056]). Kishi et al. teaches it is well known in the art to for card slot tampering to be detected in real time (actual target action data is extracted in real time from video images (actual scene data) being imaged of an anomalous actin of a user in an actual operation) and halted (makes the automated transaction device unusable), and wherein image processing for the detecting is processed exclusively on the transaction terminal (surveillance device when within a transaction terminal) by a security agent (software, hardware or combination thereof of surveillance device), or exclusively on a cloud or server (surveillance device which is a computer when remote to the transaction terminal) by a card tampering detection manager (software, hardware or combination thereof of surveillance device) ([0010], [0045], [0055], [0084], [0088], [0139], [0140], Figs. 1 and 15). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to capture the images in real time and to detect the card slot tampering in real time and to be halted, wherein image processing for the detecting is processed exclusively on the terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing, in order to detect, in real-time, that a user’s hand(s) is/are engaging in an abnormal activity at the card slot (e.g. detect if the user is tampering with the card slot of the terminal in real time). The combined teachings of Krebs, Rodriguez Bravo et al. and Farivar et al. disclose the invention set forth above, however they fail to expressly disclose the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified. Krebs discloses the images recorded are moving images (functionally equivalent to a video) depicting gestures and actions of the hands of a person that perform actions in front of the transaction terminal, including card slot tampering (a person trying to install an unauthorized device (e.g. shimmer or skimmer) on a card reader) (col. 2, lines 64 – col. 3, line 1; col. 3, lines 54-56). Krebs additionally discloses sending an alert (e.g. message) when one of more of the actions and the objects indicate a card slot tampering event (col. 5, lines 47-58; col. 6 lines 50-57). Although Krebs fails to teach the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified, Kishi et al. teaches it is well known in the art to record a video of an operator at a card slot and in the event of a card slot tampering event, transmit the video image data to a surveillance center, security agent, or bank employee ([0041], [0045]-[0047], [0054], [0081], [0085], [0087], [0134]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the alert to include a video clip from the images depicting gestures and when the card slot tampering event is identified, in order to retain a video image log of the anomalous actions of the user, e.g. attaching a skimming device, and/or to allow a surveillance agent, security agent, bank employee, etc. to check the video in which the tampering has been detected. The method is inherent to the system. With respect to claim 15, the modified Krebs addresses all the limitations of claim 14. However, the modified Krebs fails to expressly disclose capturing a video clip of the images when the card slot tampering event is identified. Kishi et al. teaches it is well known in the art to record a video of an operator at a card slot and in the event of a card slot tampering event, the system retains a video clip from the images depicting gestures and actions of the hands of the user ([0041], [0045]-[0047], [0054], [0085], [0134]) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to capture a video clip of the images when the card slot tampering event is identified, in order to retain a video image log of the anomalous actions of the user, e.g. attaching a skimming device. With respect to claim 18, the modified Krebs discloses analyzing further includes obtaining the images from an overhead camera of the terminal (Krebs: col. 2, line 62 - col. 3, line 14; Fig. 1). With respect to claim 21, the modified Krebs discloses the terminal is an automated teller machine (Krebs: col. 2, lines 40-42). Claim(s) 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Krebs et al. modified by Rodriguez Bravo et al. and Kishi et al. as applied to claim 2 above, and further in view of O’Doherty et al. (US 2009/0201372) With respect to claim 4, the modified Krebs et al. addresses all the limitations of claim 2. However, the modified Krebs et al. fails to expressly disclose obtaining includes obtaining the images from multiple cameras. O’Doherty et al. teaches it is well known in the art to obtain images from multiple cameras to determine a card slot tampering event (addition of a skimming device) ([0059]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to try to obtain the images from multiple cameras in order to monitor the card-slot from both a left and right side to detect addition of a skimming device. Claim(s) 13 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Krebs et al. modified by Rodriguez Bravo et al. and Kishi et al. as applied to claims 12 and 15 above, and further in view of Green (US 8,094,026). With respect to claims 13 and 16, the modified Krebs et al. addresses all the limitations of claims 12 and 15. However, the modified Krebs et al. fails to expressly disclose providing a link to the video clip when the alert is sent / providing a link to access the video clip. Green teaches it is well known in the art to alert security and send a link to access the video clip (col. 9, lines 18-21; abstract). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide a link to the video clip when the alert is sent, in order to allow security or law enforcement to view the video clip if desired (see abstract). Claim(s) 17 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Krebs et al. modified by Rodriguez Bravo et al. and Kishi et al. as applied to claim 14 above, and further in view of Priesterjahn et al. (US 2012/0038773). With respect to claims 17 and 19, the modified Krebs et al. addresses all the limitations of claim 14, and further discloses obtaining the images from a camera (102) that is situated overhead of the terminal (Krebs: Fig. 1). However, the modified Krebs et al. fails to expressly disclose also obtaining the images from a first camera located adjacent to the card reader. Priesterjahn et al. teaches is well known in the art for a terminal to obtain images from a camera located adjacent to a card reader ([0033], [0037], [0038], [0061]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include a camera located adjacent to the card reader, in order to detect actual manipulation in the area of a card reader. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 2-21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,881,088 in view of Rodriguez Bravo et al. and Kishi et al. INSTANT CLAIM(S) PATENTED CLAIM(S) 2. (Currently Amended) A method, comprising: obtaining images in real time depicting an area adjacent to a transaction terminal and a card reader of the transaction terminal; determining, from the images, actions taken by an operator of the transaction terminal and objects associated with one or more hands of the operator; wherein determining further includes: determining whether the objects are known objects or unknown objects based on visual features extracted from portions of the images; and sending an alert when one or more of the actions and the objects indicate a card slot tampering event is taking place in real time on the card reader of the transaction terminal, wherein the alert causes the transaction terminal to be non-operational for transaction processed on the transaction terminal, wherein the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified; wherein card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. 7. (Previously Presented) The method of claim 2, wherein determining further includes determining if a particular object is a particular known object or a particular unknown object. 8. (Previously Presented) The method of claim 7, wherein determining further includes determining whether the one or more hands are holding the particular object. 12. (Previously Presented) The method of claim 2 further comprising, capturing an account number on a card detected in the images when the card slot tampering event is identified. 13. (Previously Presented) The method of claim 12 further comprising, providing a link to the video clip when the alert is sent. 1. A method, comprising: obtaining images captured from at least one camera situated at one or more locations associated with being: overhead of a transaction terminal, adjacent to a card reader module of the transaction terminal, and on the card reader module; analyzing the images for actions and objects associated with hands of an operator at the terminal relative to a card slot for the card reader module; and sending an alert or a notification when the analyzing identifies a card slot tampering event wherein sending further includes capturing an account number on a card detected in images when the card slot tampering event is identified by the analyzing, wherein capturing further includes generating a video clip from the images and sending the alert or notification with the account number and a link to access the video clip. 7. The method of claim 6, wherein calculating further includes determining from the images whether a given hand or both hands are holding a known object, or an unknown object based on visual features extracted from portions of the images associated with the corresponding bounding boxes and based on known visual features for common objects. 14. (Currently Amended) A method, comprising: analyzing images depicting an operator present at a terminal for a card slot tampering event, wherein the images are captured and analyzed in real time; and raising an alert when the analyzing indicates one or more hands of the operator are adjacent to a card reader of the terminal with a foreign object being held by the operator and indicating that the card slot tampering event has been identified; wherein the alert causes the terminal to be non-operational for transactions processed on the terminal; wherein the foreign object is determined to be an unknown object based on visual features extracted from portions of the images; wherein the alert includes a video clip from the images depicting gestures and actions of the one or more hands when the card slot tampering event is identified; wherein card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. 15. (Previously Presented) The method of claim 14 further comprising, capturing the video clip from the images when the card slot tampering event is identified. 12. A method, comprising: obtaining images captured adjacent to or overhead of a card reader slot for a card reader module associated with a transaction terminal; determining whether a card slot tampering event is to be raised for a user present at the transaction terminal based on analysis of hands of the user in the images relative to the card reader slot; providing an alert when the card slot tampering event is raised causing the transaction terminal to be non-operational for transactions processed on the transaction terminal; and retaining a video clip from the images depicting gestures and actions of the hands when the card slot tampering event is raised, wherein retaining further includes identifying any card used by the hands from the video clip, identifying an account number on the card when used by the hands, and notifying a financial institution associated with the account number to suspend the account number for suspected card slot tampering activity. The patented claims fail to recite images are obtained/captured in real time, and card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing. Rodriguez Bravo et al. teaches a system using a machine-learning model with real time data from a camera to capture video data of the area near a card insertion portion, such that the video data can be analyzed using techniques such as image segmentation (thus the video is comprised of images) to determine whether a person at the machine is holding a card or something other than a card, thus allowing the system to determine that a person is holding something that is not a card near the card insertion portion ([0047], [0056]). Kishi et al. teaches it is well known in the art to for card slot tampering to be detected in real time (actual target action data is extracted in real time from video images (actual scene data) being imaged of an anomalous actin of a user in an actual operation) and halted (makes the automated transaction device unusable), and wherein image processing for the detecting is processed exclusively on the transaction terminal (surveillance device when within a transaction terminal) by a security agent (software, hardware or combination thereof of surveillance device), or exclusively on a cloud or server (surveillance device which is a computer when remote to the transaction terminal) by a card tampering detection manager (software, hardware or combination thereof of surveillance device) ([0010], [0045], [0055], [0084], [0088], [0139], [0140], Figs. 1 and 15). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to obtain the images in real time and to detect the card slot tampering in real time and to be halted, wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing, in order to detect, in real-time, that a user’s hand(s) is/are engaging in an abnormal activity at the card slot (e.g. detect if the user is tampering with the card slot of the transaction terminal in real time). Claim 20 is the system to perform the method(s). Examiner’s Remarks With respect to claim(s) 5, 6, 10 and 11, the examiner makes no prior art rejection. However, these claims are not allowable pursuant to the pending Double Patenting rejection. With respect to claim 5, prior art fails to teach or reasonably suggest, either singly or in combination, determining from the images a distance between the one or more hands and the card reader, in addition to the other limitations of the claims from which claim 5 depends from. With respect to claim 10, prior art fails to teach or reasonably suggest, either singly or in combination, calculating a risk score based on whether the object is known or unknown, whether the object is being held in the one or more hands, and the transaction state, in addition to the other limitations of the claims from which claim 10 depends from. Claims not specifically addressed are dependent from claims 5 and 10. Response to Arguments Applicant’s arguments with respect to claim(s) 2-21 have been considered but are moot in view of new grounds of rejection in view of the amendments to claims 2, 14 and 20 (e.g. card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing). Applicant's arguments have been fully considered but they are not persuasive. Regarding the newly added limitation “card slot tampering is detected in real time and halted, and wherein image processing for the detecting is processed exclusively on the transaction terminal by a security agent, exclusively on a cloud or server by a card tampering detection manager, or by the security agent and the card tampering detection manager cooperating with one another to perform the image processing” in claims 2, 14 and 20, Kishi et al. is considered to teach this limitation (see rejection above). The examiner notes that the claim fails to define a security agent and a card tampering detection manager. Kishi et al. teaches a surveillance device (11) which is a computer having an anomaly detection section which can be implemented using software, hardware or combination of software and hardware ([0055]). Kishi et al. teaches that the surveillance device can be remote to an ATM (Fig. 1) (thus can be considered server), or within an ATM (Fig. 15) ([0139], [0140]). The claim fails to define a security agent and a card tampering detection manager and specification does not specifically define these elements (no special definition provided). As such, applicant’s argument that a mere generic computer cannot be read on a specific “security agent”, and “cart tempering detection manager” components because these components are distinct architectural components with distinct functions and deployment, is not persuasive. Additionally, para. [0080] of the applicant’s specification recites “It should be appreciated that where software is described in a particular form (such as a component or module) this is merely to aid understanding and is not intended to limit how software that implements those functions may be architected or structured. For example, modules are illustrated as separate modules, but may be implemented as homogenous code, as individual components, some, but not all of these modules may be combined, or the functions may be implemented in software structured in any other convenient manner.” As such, hardware, software, or combination thereof, can be considered a security agent or a card tampering detection manager. As such, Kishi et al. is considered to teach a security agent and/or a card tampering detection manager. Regarding the applicant’s argument about the references not teaching the specific architecture or framework, as explained above, the claim fails to define a security agent and a card tampering detection manager and specification does not specifically define these elements (no special definition provided). As such, applicant’s argument that a mere generic computer cannot be read on a specific “security agent”, and “cart tempering detection manager” components because these components are distinct architectural components with distinct functions and deployment, is not persuasive. Additionally, para. [0080] of the applicant’s specification recites “It should be appreciated that where software is described in a particular form (such as a component or module) this is merely to aid understanding and is not intended to limit how software that implements those functions may be architected or structured. For example, modules are illustrated as separate modules, but may be implemented as homogenous code, as individual components, some, but not all of these modules may be combined, or the functions may be implemented in software structured in any other convenient manner.” As such, hardware, software, or combination thereof, of a generic computer can be considered a security agent or a card tampering detection manager. Therefore, this argument is not persuasive. Regarding applicant’s argument that there is no teaching of security agent component, no teaching a card tampering detecting manager component, not teaching of exclusive vs cooperative processing relationships and no teaching of the specific three-alternative framework, the examiner notes that the claim language is recited in an alternative phrasing. As such, only one of the alternatives is required, not all three. Kishi et al. is considered to teach at least one of the alternatives (for example, Kishi et al. teaches the surveillance device can be built into the ATM, thus would exclusively be done in the ATM (Fig. 15, [0055], [0140])). Therefore, this argument is not persuasive. In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). See the rejection above for the motivation, in addition to the examiner’s remarks in the paragraph(s) above. In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning. But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper. See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). In response to applicant's argument that there is unexpected benefits of increased flexibility, scalability, redundancy and cost optimization, the fact that the inventor has recognized another advantage which would flow naturally from following the suggestion of the prior art cannot be the basis for patentability when the differences would otherwise be obvious. See Ex parte Obiaya, 227 USPQ 58, 60 (Bd. Pat. App. & Inter. 1985). The examiner notes that even though the independent claims were amended, the Double Patenting rejection is maintained. See above. Telephone/Fax Information Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUEZU ELLIS whose telephone number is (571)272-2868. The examiner can normally be reached Monday - Friday, 11:00 am - 7:00 pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Lee can be reached at (571)272-2398. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SUEZU ELLIS/Primary Examiner, Art Unit 2876