Prosecution Insights
Last updated: July 17, 2026
Application No. 18/596,037

CYBERSECURITY ENFORCEMENT USING SYNTHETIC PHISHING

Final Rejection §103
Filed
Mar 05, 2024
Examiner
NIPA, WASIKA
Art Unit
2433
Tech Center
2400 — Computer Networks
Assignee
Capital One Services LLC
OA Round
4 (Final)
75%
Grant Probability
Favorable
5-6
OA Rounds
6m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 75% — above average
75%
Career Allowance Rate
233 granted / 309 resolved
+17.4% vs TC avg
Strong +29% interview lift
Without
With
+29.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
19 currently pending
Career history
325
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
94.5%
+54.5% vs TC avg
§102
2.2%
-37.8% vs TC avg
§112
1.1%
-38.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 309 resolved cases

Office Action

§103
Detailed Action The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Amendments filed on 04/20/2026 have been acknowledged. Claims 1-20 are currently pending and have been considered below. Claim 1, 7 and 14 are independent claim. Claim 1-2, 7-8, 14-15 and 20 have been amended. Priority No priority is claimed. Response to Arguments Applicant's arguments added in the amendment filed on 04/20/2026 have been fully considered but moot in view of new ground of rejection. The reasons set forth below. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Adams (US Patent Application Publication No 2023/0336588 A1) in view of Morris (US Patent No 12,047,416 B1) and further in view of Kras (US Patent Application Publication No 2022/0377101 A1). Regarding Claim 1, Adams discloses a system for cybersecurity enforcement, the system comprising: one or more memories (Adams, Fig-1); and one or more processors, communicatively coupled to the one or more memories (Adams, Fig-1), configured to: generate a first synthetic phishing attempt that targets a user via a communication mode (Adams, Fig-2A, ¶[0033], the phishing lure generation platform may train a natural language model or algorithm to automatically produce synthetic phishing lures. The phishing lure generation model identifies formats of phishing lures that may be effective for a particular recipient. ¶[0038], in step 204, the phishing lure generation platform may send the simulated synthetic phishing lure to the user device); identify a user response or non-response to the synthetic phishing attempt (Adams, Fig-2B, ¶[0040], the target user may be tested on how well they may identify and avoid a phishing lure amidst their normal course of business. By displaying the simulated synthetic phishing lure alongside legitimate messages, the target user’s ability to distinguish between legitimate and phishing messages may be tested); and update, based at least in part on the communication mode and the user response or non-response, a risk score specific to the user (Adams, ¶[0044], ¶[0051], the inbound message filtering system may train the phish detection model using signals indicative of the automated generation of the synthetic lures which may be used to distinguish between synthetic and manually generated lures. ¶[0056], the inbound message filtering system may quarantine the inbound message, route the inbound message to an isolation environment and secure sandbox, modify one or more traffic filtering rules and execute other security actions). Adams does not explicitly discuss the following limitation that Morris teaches: wherein a second communication mode for a second synthetic phishing attempt is determined using a machine learning model, the determination based on the first synthetic phishing attempt (Morris, col 23, line 55-65, col 24, line 5-15, if the user environment information shows that the user regularly accesses their devices each morning at 8 am, the system may generate a user specific phishing lure that is deployed to the user at or near 8 am. If the user environment information shows that the user is consuming content instead of creating content at particular times of the day or after taking particular actions, the anti-phishing system can deploy a phishing lure at those particular times of the day when the user is more likely to see the incoming digital communication. Thus generating user specific phishing lures from user environment information is mapped to second mode of communication. Col 17, line 5-10, user feedback can indicate when a user identifies as a threat a piece of digital communication that was not flagged as a threat by the system. This user feedback can be used to further refine the system, such as by improving one or more templates or further training one or more machine learning models); and enable a security limitation on user interactions via the first communication mode based on the risk score, wherein the security limitation limits the user interactions via the first communication mode more than other user interactions via the second communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Adams in view of Morris are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris to include the idea of determining that the digital communication is a threat based at least in part on the user specific network behavior information associated with the assets and employing a threat-abatement procedure with respect to the digital communication (Morris, col 2, line 5-10). Adams in view of Morris does not explicitly discuss the following limitation that Kras teaches: wherein the first communication mode comprises a first technology by which the first synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]); wherein the second communication mode comprises a second technology by which the second synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]). Adams in view of Morris and Kras are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris and Kras to include the idea of receiving a selection of the user to be in one of a single user mode or a multi-user mode of the simulated self-phishing system. The multi-user mode of the simulated self-phishing system is configured to display the score of the user with scores of other users in an enumerated list of scores (Kras, ¶[0006]). Regarding claim 2, Adams in view of Morris and Kras discloses the system of claim 1, wherein the first communication mode is email and the second communication mode is text (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]). Regarding claim 3, Adams in view of Morris and Kras discloses the system of claim 1, wherein the one or more processors are further configured to: receive an indication that the user has opted in to synthetic phishing attempts (Adams, ¶[0040], the target user may be tested on how well they may identify and avoid a phishing lure amidst their normal course of business. By displaying the simulated synthetic phishing lure alongside legitimate messages, the target user’s ability to distinguish between the legitimate and phishing messages may be tested). Regarding claim 4, Adams in view of Morris and Kras discloses the system of claim 1, wherein the one or more processors are further configured to: generate the first synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user (Adams, ¶[0044], the phishing lure generation platform may update the phishing lure generation model using the feedback information. ¶[0045], may leverage engagement feedback to dynamically refine models/algorithm). Regarding Claim 5, Adams in view of Morris and Kras discloses the system of claim 1, wherein the risk score is specific to the first communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding Claim 6, Adams in view of Morris and Kras discloses the system of claim 1, wherein the one or more processors are further configured to: perform a cybersecurity action based at least in part on the risk score, wherein the cybersecurity action comprises enablement of the security limitation (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding Claim 7, Adams discloses a method of cybersecurity enforcement, comprising: generating a first synthetic phishing attempt that targets a user via a first communication mode (Adams, Fig-2A, ¶[0033], the phishing lure generation platform may train a natural language model or algorithm to automatically produce synthetic phishing lures. The phishing lure generation model identifies formats of phishing lures that may be effective for a particular recipient. ¶[0038], in step 204, the phishing lure generation platform may send the simulated synthetic phishing lure to the user device); and updating, based at least in part on the first communication mode, a risk profile specific to the user (Adams, ¶[0044], ¶[0051], the inbound message filtering system may train the phish detection model using signals indicative of the automated generation of the synthetic lures which may be used to distinguish between synthetic and manually generated lures. ¶[0056], the inbound message filtering system may quarantine the inbound message, route the inbound message to an isolation environment and secure sandbox, modify one or more traffic filtering rules and execute other security actions). Adams does not explicitly discuss the following limitation that Morris teaches: wherein a second communication mode for a second synthetic phishing attempt is determined using a machine learning model, the determination based on the first synthetic phishing attempt (Morris, col 23, line 55-65, col 24, line 5-15, if the user environment information shows that the user regularly accesses their devices each morning at 8 am, the system may generate a user specific phishing lure that is deployed to the user at or near 8 am. If the user environment information shows that the user is consuming content instead of creating content at particular times of the day or after taking particular actions, the anti-phishing system can deploy a phishing lure at those particular times of the day when the user is more likely to see the incoming digital communication. Thus generating user specific phishing lures from user environment information is mapped to second mode of communication. Col 17, line 5-10, user feedback can indicate when a user identifies as a threat a piece of digital communication that was not flagged as a threat by the system. This user feedback can be used to further refine the system, such as by improving one or more templates or further training one or more machine learning models); and enable a security limitation on user interactions via the first communication mode based on the risk score, wherein the security limitation limits the user interactions via the first communication mode more than other user interactions via second communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Adams in view of Morris are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris to include the idea of determining that the digital communication is a threat based at least in part on the user specific network behavior information associated with the assets and employing a threat-abatement procedure with respect to the digital communication (Morris, col 2, line 5-10). Adams in view of Morris does not explicitly discuss the following limitation that Kras teaches: wherein the first communication mode comprises a first technology by which the first synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]); wherein the second communication mode comprises a second technology by which the second synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]). Adams in view of Morris and Kras are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris and Kras to include the idea of receiving a selection of the user to be in one of a single user mode or a multi-user mode of the simulated self-phishing system. The multi-user mode of the simulated self-phishing system is configured to display the score of the user with scores of other users in an enumerated list of scores (Kras, ¶[0006]). Regarding Claim 8, Adams in view of Morris and Kras discloses the method of claim 7, wherein the first communication mode is email and the second communication mode is phone (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078])). Regarding Claim 9, Adams in view of Morris and Kras discloses the method of claim 7, further comprising: receiving an indication that the user has opted in to synthetic phishing attempts (Adams, ¶[0040], the target user may be tested on how well they may identify and avoid a phishing lure amidst their normal course of business. By displaying the simulated synthetic phishing lure alongside legitimate messages, the target user’s ability to distinguish between the legitimate and phishing messages may be tested). Regarding Claim 10, Adams in view of Morris and Kras discloses the method of claim 7, further comprising: generating the first synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user (Adams, ¶[0044], the phishing lure generation platform may update the phishing lure generation model using the feedback information. ¶[0045], may leverage engagement feedback to dynamically refine models/algorithm). Regarding Claim 11, Adams in view of Morris and Kras discloses the method of claim 7, wherein updating the risk profile includes updating the risk profile based at least in part on a user response or non-response to the first synthetic phishing attempt (Adams, ¶[0044], ¶[0051], the inbound message filtering system may train the phish detection model using signals indicative of the automated generation of the synthetic lures which may be used to distinguish between synthetic and manually generated lures. ¶[0056], the inbound message filtering system may quarantine the inbound message, route the inbound message to an isolation environment and secure sandbox, modify one or more traffic filtering rules and execute other security actions). Regarding Claim 12, Adams in view of Morris and Kras discloses the method of claim 7, wherein the risk profile includes a risk score that is specific to the first communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding Claim 13, Adams in view of Morris and Kras discloses the method of claim 7, further comprising: performing a cybersecurity action based at least in part on the risk profile, wherein the cybersecurity action comprises enabling the security limitation (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding Claim 14, Adams discloses a non-transitory computer-readable medium storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a cybersecurity enforcement system, cause the cybersecurity enforcement system to (Adams, Fig-1): generate a first synthetic phishing attempt that targets a user via a first communication mode (Adams, Fig-2A, ¶[0033], the phishing lure generation platform may train a natural language model or algorithm to automatically produce synthetic phishing lures. The phishing lure generation model identifies formats of phishing lures that may be effective for a particular recipient. ¶[0038], in step 204, the phishing lure generation platform may send the simulated synthetic phishing lure to the user device); and update, based at least in part on the first communication mode, a risk score specific to the user (Adams, ¶[0044], ¶[0051], the inbound message filtering system may train the phish detection model using signals indicative of the automated generation of the synthetic lures which may be used to distinguish between synthetic and manually generated lures. ¶[0056], the inbound message filtering system may quarantine the inbound message, route the inbound message to an isolation environment and secure sandbox, modify one or more traffic filtering rules and execute other security actions). Adams does not explicitly discuss the following limitation that Morris teaches: wherein a second communication mode for a second synthetic phishing attempt is determined using a machine learning model, the determination based on the first synthetic fishing attempt (Morris, col 23, line 55-65, col 24, line 5-15, if the user environment information shows that the user regularly accesses their devices each morning at 8 am, the system may generate a user specific phishing lure that is deployed to the user at or near 8 am. If the user environment information shows that the user is consuming content instead of creating content at particular times of the day or after taking particular actions, the anti-phishing system can deploy a phishing lure at those particular times of the day when the user is more likely to see the incoming digital communication. Thus generating user specific phishing lures from user environment information is mapped to second mode of communication. Col 17, line 5-10, user feedback can indicate when a user identifies as a threat a piece of digital communication that was not flagged as a threat by the system. This user feedback can be used to further refine the system, such as by improving one or more templates or further training one or more machine learning models); and enable a security limitation on user interactions via the first communication mode based on the risk score, wherein the security limitation limits the user interactions via the first communication mode more than other user interactions via the second communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Adams in view of Morris are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris to include the idea of determining that the digital communication is a threat based at least in part on the user specific network behavior information associated with the assets and employing a threat-abatement procedure with respect to the digital communication (Morris, col 2, line 5-10). Adams in view of Morris does not explicitly discuss the following limitation that Kras teaches: wherein the first communication mode comprises a first technology by which the first synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]); wherein the second communication mode comprises a second technology by which the second synthetic phishing attempt targets the user (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]). Adams in view of Morris and Kras are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “anti-phishing security and monitoring content to protect against phishing attack”. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Adams in view of Morris and Kras to include the idea of receiving a selection of the user to be in one of a single user mode or a multi-user mode of the simulated self-phishing system. The multi-user mode of the simulated self-phishing system is configured to display the score of the user with scores of other users in an enumerated list of scores (Kras, ¶[0006]). Regarding Claim 15, Adams in view of Morris and Kras discloses the non-transitory computer-readable medium of claim 14, wherein the first communication mode includes one or more of email, phone, or text (Kras, ¶[0070], a messaging application may be an instance of an application that allows viewing of a desired message type, such as any web browser, a Gmail application, Microsoft Outlook, WhatsApp , a text messaging application. User device may receive simulated phishing messages via messaging application. ¶[0076], simulated phishing message may be email, SMS message, IM message, voice message. ¶[0078]). Regarding claim 16, Adams in view of Morris and Kras discloses the non-transitory computer-readable medium of claim 14, wherein the one or more instructions further cause the cybersecurity enforcement system to: receive an indication that the user has opted in to synthetic phishing attempts (Adams, ¶[0040], the target user may be tested on how well they may identify and avoid a phishing lure amidst their normal course of business. By displaying the simulated synthetic phishing lure alongside legitimate messages, the target user’s ability to distinguish between the legitimate and phishing messages may be tested). Regarding claim 17, Adams in view of Morris and Kras discloses the non-transitory computer-readable medium of claim 14, wherein the one or more instructions further cause the cybersecurity enforcement system to: generate the first synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user (Adams, ¶[0044], the phishing lure generation platform may update the phishing lure generation model using the feedback information. ¶[0045], may leverage engagement feedback to dynamically refine models/algorithm). Regarding claim 18, Adams in view of Morris and Kras discloses the non-transitory computer-readable medium of claim 14, wherein the one or more instructions, that cause the cybersecurity enforcement system to update the risk score, cause the cybersecurity enforcement system to update the risk score based at least in part on a user response or non-response to the first synthetic phishing attempt (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding claim 19, Adams in view of Morris and Kras discloses the non-transitory computer-readable medium of claim 14, wherein the risk score is specific to the first communication mode (Morris, col 13, line 50-55, the user asset risk score can be a score indicative of the level of risk of the user being susceptible to a threat. Col 14, Fig-2, line 45-60, deploying the threat abatement procedure can include generating and presenting an alert to a user. Col 21, line 45-60. Col 23, line 5-10). Regarding claim 20, Adams in view of Morris and Kras discloses the system of claim 1, wherein the risk score is included in a matrix of risk scores and wherein the matrix of risk scores is based on the first communication mode and the user response or non-response (Kras, ¶[0005], generating score based on user interaction data. ¶[0079]- ¶[0080], risk score calculator 238 may store the risk scores and scores from the simulated self-phishing systems of the users in user score storage). Conclusion THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to WASIKA NIPA whose telephone number is (571)272-8923. The examiner can normally be reached on M-F (7:30 - 5:00). If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JEFFRY PWU can be reached on 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /WASIKA NIPA/ Primary Examiner, Art Unit 2433
Read full office action

Prosecution Timeline

Show 10 earlier events
Jan 12, 2026
Response after Non-Final Action
Jan 21, 2026
Request for Continued Examination
Jan 28, 2026
Response after Non-Final Action
Feb 19, 2026
Non-Final Rejection mailed — §103
Mar 24, 2026
Examiner Interview Summary
Mar 24, 2026
Applicant Interview (Telephonic)
Apr 20, 2026
Response Filed
Jun 26, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12677154
ZERO-TOUCH SECURE DNS DEVICE PROVISIONING
3y 0m to grant Granted Jul 07, 2026
Patent 12647408
CONTRIBUTOR VERIFICATION IN A DECENTRALIZED NETWORK
2y 9m to grant Granted Jun 02, 2026
Patent 12647456
PREVENTION OF MAN-IN-THE-MIDDLE PHISHING
2y 1m to grant Granted Jun 02, 2026
Patent 12641119
Systems and Methods for Detection of Phishing Webpages Through Autoencoder Techniques
2y 0m to grant Granted May 26, 2026
Patent 12625953
ADAPTIVE META-ATTACK SYSTEM AND METHOD FOR TARGET TRACKER UNDER AUTONOMOUS DRIVING SCENARIOS
1y 8m to grant Granted May 12, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

5-6
Expected OA Rounds
75%
Grant Probability
99%
With Interview (+29.1%)
2y 10m (~6m remaining)
Median Time to Grant
High
PTA Risk
Based on 309 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month