DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This action is in reply to the communication(s) filed on 31 March 2024.
Claim(s) 1-20 is/are currently pending and have been examined.
Claim Objections
Claims 1 and 19 are objected to because of the following informalities:
In Claim 1, “operably” should be “operable”.
Claim 19 is missing a period at the end of the claim. “Each claim begins with a capital letter and ends with a period.” See at least MPEP 608.01(m).
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
The term “associated with a potential account testing attack” in claim 1 is a relative term which renders the claim indefinite. The term “associated with a potential account testing attack” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. Examiner will ignore the term for purposes of Examination.
Claim 4 recites the terms “at least one other user account” and “is also likely comprised”. Given that Claim 4 depends from Claim 2, there is no initial user account or “likely compromised” indication which would makes the recited terms unclear as to what the “other” or “also” is referring to. Examiner will interpret Claim 4 to depend from Claim 3 for purposes of examination.
The term “likely-to-be compromised” in claims 9 and 10 is a relative term which renders the claim indefinite. The term “likely-to-be compromised” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. Examiner will ignore this term for purposes of examination.
Any remaining claims not expounded upon are rejected based on their dependency to a rejected claim.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Step 1 of the 101 Analysis:
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims recites a platform for fraud detection and prevention. These are a machine which is within the four categories of statutory subject matter.
Step 2A Prong 1 of the 101 Analysis:
The following limitations and/or similar versions are recited in claim(s) 1:
Claim 1:
“…receiving…authorization attempt data… from one or more transaction authorization networks, the authorization attempt data comprising one or more authorization attempts associated with attempted transactions involving use of a payment card at a given merchant, the data collection and sanitation engine configured to process and normalize the authorization attempt data to be stored in a database;”
“…processing the normalized authorization attempt data to identify fraudulent activities at a merchant level, including identifying compromised merchants, the data analysis engine operably to generate a plurality of database queries configured to retrieve one or more authorization attempts corresponding to a given merchant,”
“wherein: 1) a first query and a second query of the plurality of database queries are generated, respectively, based on first criteria of a first notification rule and a second criteria of a second notification rule of a plurality of notification rules; and 2) the first criteria of the first notification rule comprises a threshold number of authorization attempts and is based on a value of each of the authorization attempts and is configured to detect a pattern of authorization attempts at a given merchant and associated with a potential account testing attack;”
“determine whether a first plurality of authorization attempts and a second plurality of authorization attempts, retrieved from the database and based on the first and second queries, satisfy the first and second criteria, respectively;”
“receive first and second signals based on determinations that the first plurality and second plurality of authorization attempts satisfies the first and second criteria and determine, based on the first signal and the second signal, an aggregate score by applying a first weighting value of the first notification rule to a second weighting value of the second notification rule;”
“automatically approve or deny, based on the aggregate score exceeding or falling below a threshold value, respectively, the first plurality of authorization attempts, the second plurality of authorization attempts, and/or any future authorization attempts associated with the given merchant.”
These limitations, as drafted, are a process that, under its broadest reasonable interpretation, describes Fundamental Economic Principles or Practices but for the recitation of generic computer components. That is, other than reciting various engines, a “computing platform”, or “a database” nothing in the claims’ elements precludes the steps from practically describing Fundamental Economic Principles or Practices. For example, but for the recited computer language, the limitations in the context of this claim describes Mitigating Risk. Mitigating Risk is described when collecting and analyzing data for financial fraud detection and subsequent alerts regarding said financial fraud detection. If a claim limitations, under their broadest reasonable interpretation, describes Fundamental Economic Principles or Practices but for the recitation of generic computer components, then it falls within the “Certain Methods of Organizing Activity” grouping of abstract ideas.
Accordingly, the independent claims recite an abstract idea.
Step 2A Prong 2 of the 101 Analysis:
This judicial exception is not integrated into a practical application. In particular, the independent claim(s) recite the following (or similar) additional elements:
Claim 1:
“a data collection and sanitation engine for…, in real-time or near real-time,…in an extensible markup language (XML)…”
“a data analysis engine for…”
“wherein the data analysis engine is configured to:”
The computer components (various computer engines) are recited at a high level of generality (i.e. as generic computer engines) such that it amounts to no more than mere instructions to implement the judicial exception on a computer or by using a computer merely as a tool to perform an existing process. These element(s) in combination do not add anything that is not already present when the steps are considered separately. Simply implementing an abstract idea on a computer as a tool to perform an existing process is not indicative of integration into a practical application (See MPEP § 2106.05(f).)
The use of XML is implemented at a high level of generality (i.e. as simply using the technology) such that it amounts to no more than generally linking the use of the judicial exception to a particular technological environment or field of use. These element(s) in combination do not add anything that is not already pre-sent when the steps are considered separately. Generally linking the use of the judicial exception to a particular technological environment or field of use is not indicative of integration into a practical application (See MPEP § 2106.05(h).)
Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
The independent claims are directed to an abstract idea.
Step 2B of the 101 Analysis:
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements identified in Step 2A Prong 2 (if any) amount to no more than mere instructions to implement the judicial exception on a computer or no more than mere data gathering or data outputting which only adds insignificant extra solution activity to the judicial exception. Accordingly, the Examiner:
• Carries over their identification of the additional element(s) in the claim from Step 2A Prong Two;
• Carries over their conclusions from Step 2A Prong Two on the considerations discussed in MPEP §§ 2106.05(a) - (c), (e) (f) and (h):
• Re-evaluates any additional element or combination of elements that was considered to be insignificant extra-solution activity per MPEP § 2106.05(g), because if such re-evaluation finds that the element is unconventional or otherwise more than what is well-understood, routine, conventional activity in the field, this finding may indicate that the additional element is no longer considered to be insignificant.
These element(s) in combination do not add anything that is not already present when the steps are considered separately. Adding insignificant extra-solution activity cannot provide an inventive concept when the activities are well-understood routine and conventional. The independent claims contain no elements which the Examiner has identified as insignificant extra-solution activity.
The independent claims are not patent eligible.
Dependent Claim(s) 2-20 recite limitations that are similar to the abstract idea noted in the independent claims because they further narrow the independent claim(s) which recite one or more judicial exceptions. Accordingly, these claim elements do not serve to confer subject matter eligibility to the claims since they recite abstract ideas.
The claims are not patent eligible.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-9, 11-14 and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thomson et al. (US 2022/0108331 A1 hereinafter Thomson) in view of Malhotra et al. (US 2017/0364918 A1 hereinafter Malhotra) further in view of Fang et al. (US 2022/0067738 A1 hereinafter Fang).
Claim 1
A fraud detection and prevention computing platform configured to communicate and exchange data with one or more merchants, payment cardholders, payment card issuers, and/or transaction authorization networks over one or more communication networks to facilitate automated approval or denial of an authorization attempt at a merchant level, the computing platform comprising:
a data collection and sanitation engine for receiving, in real-time or near real-time, authorization attempt data in an extensible markup language (XML) from one or more transaction authorization networks, the authorization attempt data comprising one or more authorization attempts associated with attempted transactions involving use of a payment card at a given merchant, the data collection and sanitation engine configured to process and normalize the authorization attempt data to be stored in a database; and (Thomson discloses receiving in real time a plurality of payment card authorization attempts from a merchant across a plurality of networks. See at least paragraphs [0004], [0023], [0040] and [0057]-[0058]. Thomson discloses the database may be relational databases (i.e. the data must be normalized). See at least paragraph [0046].
Although Thomson does disclose collecting data, they might not explicitly disclose said data in an XML. Malhotra teaches that communications among parties may typically be conducted using XML. See at least paragraphs [0035] and [0046].
It would be obvious to one of ordinary skill in the art before the effective filing date to use XML in communications as taught by Malhotra for the communications in Thomson because Malhotra additionally teaches the motivation that helps comply with the ISO 20022 standard. See at least paragraphs [0035] and [0046].
Also, using XML in communications as taught by Malhotra for the communications in Thomson is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.)
a data analysis engine for processing the normalized authorization attempt data to identify fraudulent activities at a merchant level, including identifying compromised merchants, the data analysis engine operably to generate a plurality of database queries configured to retrieve one or more authorization attempts corresponding to a given merchant, (Thomson discloses storing the attempts’ information in a database. See at least paragraph [0058]. Thomson discloses attempt information may include an identified merchant. See at least paragraph [0030]. Thomson discloses monitoring for BIN-merchant pairs which examiner notes is functionally equivalent to querying for said information. See at least paragraphs [0026] and [0060]. Thomson discloses generating database queries to collect potential BIN attack data. See at least paragraph [0071]. Thomson discloses identifying an attacked merchant (i.e. equivalent to marked as compromised). See at least paragraph [0030].)
wherein: 1) a first query and a second query of the plurality of database queries are generated, respectively, based on first criteria of a first notification rule and a second criteria of a second notification rule of a plurality of notification rules; and 2) the first criteria of the first notification rule comprises a threshold number of authorization attempts and is based on a value of each of the authorization attempts and is configured to detect a pattern of authorization attempts at a given merchant and associated with a potential account testing attack; (Thomson discloses notification rules based on criteria. See at least paragraph [0026]. Thomson discloses detecting patterns of BIN range attacks at a given merchant. See at least paragraph [0026]. Thomson discloses analyzing a BIN attack and determining transactions initiated using PPANS sharing a same BIN. See at least paragraphs [0024] and [0027]. Thomson discloses detecting anomalously high BIN velocities (i.e. threshold number of attempts in a given time) that exceed a pre-defined threshold level. See at least paragraph [0025].
Although Thomson does disclose detecting velocities over a threshold, they might not explicitly disclose said attempts based on a value of each of the authorization attempts. Fang teaches feature analysis of transactions including measuring a percentage of transactions that have the same dollar amount within each rolling time window. See at least paragraph [0099]. Fang discloses comparing their feature values using weights and an aggregate score to thresholds. See at least paragraph [0156].
It would be obvious to one of ordinary skill in the art before the effective filing date to use the velocity of transactions that have the same dollar amount as taught by Fang in the system of Thomson because Fang additionally teaches the motivation that these sequential features describe behavior characteristics of bad actors. See at least paragraphs [0093] and [0049].
Also, using the particular velocity measurement as taught by Fang within the system of Thomson is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.)
wherein the data analysis engine is configured to:
determine whether a first plurality of authorization attempts and a second plurality of authorization attempts, retrieved from the database and based on the first and second queries, satisfy the first and second criteria, respectively; (Thomson discloses detecting if the attempts satisfy a threshold level. See at least paragraph [0026].)
receive first and second signals based on determinations that the first plurality and second plurality of authorization attempts satisfies the first and second criteria and determine, based on the first signal and the second signal, an aggregate score by applying a first weighting value of the first notification rule to a second weighting value of the second notification rule; (Thomson discloses detecting if the attempts satisfy a threshold level. See at least paragraph [0026]. Fang discloses comparing feature values using weights and an aggregate score to thresholds as shown in the combination above.)
automatically approve or deny, based on the aggregate score exceeding or falling below a threshold value, respectively, the first plurality of authorization attempts, the second plurality of authorization attempts, and/or any future authorization attempts associated with the given merchant. (Thomson discloses causing all transactions with the identified merchant(s) to be declined for a period of time (i.e. a plurality of attempts and future attempts) based on the fraud alerts (which examiner notes may be based on a threshold as shown above). See at least paragraph [0030]. Fang discloses feature values using weights and an aggregate score to thresholds as shown in the combination above. Examiner notes that being above a threshold for approving and below a threshold for denying vs. being below a threshold for approving and above a threshold for denying is a non-functional design choice that does not differentiate the claim from the prior art.)
Claim 2
The system of claim 1, wherein, in the event that aggregate score exceeds the threshold value, the data analysis engine is configured to generate a notification indicating a suspicious status for the given merchant. (Thomson discloses sending notifications based on the detected attack. See at least paragraph [0030]. Thomson discloses identifying an attacked merchant (i.e. equivalent to marked as suspicious. See at least paragraph [0030]. Fang discloses feature values using weights and an aggregate score to thresholds as shown in the combination above.)
Claim 3
The system of claim 2, wherein the data analysis engine is configured to determine, based on the suspicious status for the given merchant, that at least a first user account associated the first plurality of authorization attempts is likely compromised. (Thomson discloses monitoring BIN-merchant pairs to detect BIN attacks and compromised accounts. See at least paragraph [0026] and [0036].)
Claim 4
The system of claim 2, wherein the data analysis engine is configured to determine, based on the suspicious status for the given merchant, at least one other user account that is also likely compromised. (Thomson discloses analyzing a BIN attack and determining transactions initiated using PANS sharing a same BIN. See at least paragraphs [0024] and [0027].)
Claim 5
The system of claim 4, wherein the at least one other user account and one of the first plurality of user accounts share same partial payment card information. (Thomson discloses analyzing a BIN attack and determining transactions initiated using PANS sharing a same BIN. See at least paragraphs [0024] and [0027].)
Claim 6
The system of claim 4, wherein the at least one other user account is associated with an authorization attempt at the given merchant during a first time period different from a second time period in which the first plurality of authorization attempts was received. (Thomson discloses analyzing a BIN attack and determining transactions initiated using PANS sharing a same BIN. See at least paragraphs [0024] and [0027]. Thomson discloses determining multiple BIN attacks at different times at the merchant involved. See at least paragraph [0031].)
Claim 7
The system of claim 2, wherein the data analysis engine is configured to add the given merchant to a block list that comprises a list of merchants with the suspicious status. (Thomson discloses identifying multiple merchants (i.e. a list of merchants) that have been targeted by an attack and implementing additional authentication procedures at these merchants (i.e. adding them to a list of merchants with a suspicious status). See at least paragraph [0038]. Thomson discloses they may cause all transactions at the merchant(s) to be declined for a period of time (i.e. functionally equivalent to a block list. See at least paragraph [0030].)
Claim 8
The system of claim 2, wherein the data analysis engine is configured to communicate an alert indicating the suspicious status of the given merchant to at least a user associated with the user account. (Thomson discloses sending a fraud attack alert that identifies the merchant at which the attack was implemented. See at least paragraph [0038]. Thomson discloses transmitting the fraud attack alert or an alternative alert message, to cardholders or accountholders associated with the compromised PANs. See at least paragraph [0039].)
Claim 9
The system of claim 2, wherein the data analysis engine is configured to determine, based on the first plurality of user accounts and the suspicious status for the given merchant, not-yet-issued user accounts that are already compromised or likely-to-be compromised. (Thomson discloses monitoring BIN-merchant pairs to detect BIN attacks and compromised accounts. See at least paragraph [0026] and [0036]. Thomson discloses monitoring transactions that are declined because the numbers do not exist (i.e. they are not yet issued). See at least paragraph [0015].)
Claim 11
The system of claim 1, wherein the first criteria of the first notification rule comprises a second threshold number of authorization attempts on a merchant during a time interval. (Thomson discloses monitoring transactions for threshold BIN velocities (i.e. number of transactions is a given time). See at least paragraph [0025].)
Claim 12
The system of claim 11, wherein the data analysis engine is configured to determine whether a total number of authorization attempts, of the first plurality of authorization attempts, satisfies the second threshold number. (Thomson discloses monitoring transactions for threshold BIN velocities (i.e. number of transactions is a given time). See at least paragraph [0025].)
Claim 13
The system of claim 1, wherein the first criteria of the first notification rule comprises a second threshold number of authorization declines from a merchant during a time interval. (Thomson discloses monitoring for an anomalous number of declines in a high velocity attack (i.e. number of declines during a time interval). See at least paragraph [0028]. Thomson discloses monitoring BIN-merchant pairs to detect BIN attacks and compromised accounts. See at least paragraph [0026] and [0036].)
Claim 14
The system of claim 13, wherein the data analysis engine is configured to determine whether a total number of authorization attempts that are declined, of the first plurality of authorization attempts, satisfies the second threshold number. (Thomson discloses monitoring for an anomalous number of declines in a high velocity attack (i.e. number of declines during a time interval). See at least paragraph [0028].)
Claim 19
The system of claim 1, wherein the first criteria of the first notification rule comprises whether a merchant is associated with prior authorization attempts stored in the database and a second threshold number of authorization attempts on a merchant during a time interval (Thomson discloses implementing additional authentication procedures for any future transaction initiated at attacked merchants. See at least paragraph [0038]. Thomson discloses monitoring velocities for BIN-merchant pairs for anomalously high BIN-merchant velocities. See at least paragraph [0026].)
Claim 20
The system of claim 19, wherein the data analysis engine is configured to determine whether the first merchant is associated with prior authorization attempts stored in the database and whether a total number of authorization attempts, of the first plurality of authorization attempts, satisfies the second threshold number. (Thomson discloses implementing additional authentication procedures for any future transaction initiated at attacked merchants. See at least paragraph [0038]. Thomson discloses monitoring velocities for BIN-merchant pairs for anomalously high BIN-merchant velocities. See at least paragraph [0026].)
Claim(s) 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thomson et al. (US 2022/0108331 A1 hereinafter Thomson) in view of Malhotra et al. (US 2017/0364918 A1 hereinafter Malhotra) further in view of Fang et al. (US 2022/0067738 A1 hereinafter Fang) further in view of Song et al. (US 2015/0278819 A1 hereinafter Song).
Claim 10
The system of claim 9, wherein the data analysis engine is configured to generate an indication that the not-yet-issued user accounts are already compromised or likely-to-be compromised. (Thomson discloses the fraud attack alert causing noted PANs from authorized transactions to be recorded as compromised . See at least paragraph [0004]. Although Thomson does disclose determining not-yet-issued accounts that satisfy fraud rules and does disclose generating indications of compromised accounts for transactions that are successful, they might not explicitly generate an indication that the not-yet-issued and declined account is compromised. Song teaches generating a fraud alert regarding a declined account because the account has been issued yet (i.e. an indication that a not-yet-issued account fulfills a fraud rule). See at least paragraphs [0094], [0097] and [0110].
It would be obvious to one of ordinary skill in the art before the effective filing date to generate an indication of a not-yet-issued account fulfilling a fraud rule because Song additionally teaches the motivation that this indicates a possible counterfeit check and might be a result of fraudsters guessing check numbers. See at least paragraph [0094].
Also, generating an alert for a fraudulent account that has not-yet-been issued as taught by Song for the attempts on accounts that do not exist that are detected in Thomson is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.)
Claim(s) 15-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thomson et al. (US 2022/0108331 A1 hereinafter Thomson) in view of Malhotra et al. (US 2017/0364918 A1 hereinafter Malhotra) further in view of Fang et al. (US 2022/0067738 A1 hereinafter Fang) further in view of Liu et al. (US 2022/0020027 A1 hereinafter Liu).
Claim 15
The system of claim 1, wherein the first criteria of the first notification rule comprises a second threshold number of authorization declines, based on a first decline reason, from a merchant during a time interval. (Although Thomson does disclose detecting velocities of transactions and comparing said velocities to thresholds, they might not explicitly disclose detecting velocities of transactions that are declined based on a first decline reason. Liu teaches filtering event data having one or more decline codes and/or adverse signal data normally indicative of card testing and additionally assigning learnable variables including a number of failed transactions per BIN over a period of time (i.e. velocity of failed transactions having one or more decline reasons) See at least paragraphs [0060] and [0063]-[0064].
It would be obvious to one of ordinary skill in the art before the effective filing date to detect a velocity of failed transactions having one or more decline codes as taught by Liu in Thomson’s system because Liu additionally teaches the motivation that these variables may be higher correlated to a positive prediction of card testing. See at least paragraph [0060].
Also, combining detecting a velocity of failed transactions having one or more decline codes as taught by Liu with Thomson’s system is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.)
Claim 16
The system of claim 15, wherein the data analysis engine is configured to determine whether a total number of authorization attempts that are declined based on the first decline reason, of the first plurality of authorization attempts, satisfies the second threshold number. (Liu teaches this claim in the combination as shown above which Examiner incorporates herein.)
Claim(s) 17-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thomson et al. (US 2022/0108331 A1 hereinafter Thomson) in view of Malhotra et al. (US 2017/0364918 A1 hereinafter Malhotra) further in view of Fang et al. (US 2022/0067738 A1 hereinafter Fang) further in view of Kledaras et al. (US 2020/0302446 A1 hereinafter Kledaras).
Claim 17
The system of claim 1, wherein the first criteria of the first notification rule is based on the value of each of the authorization attempts being a zero amount on a merchant. (Although the combination of Thomson/Fang does disclose detecting transaction velocity for a merchant based on a given amount and based on comparing against a threshold, they might not explicitly disclose the amount being a zero amount. Kledaras teaches detecting transactions that have a transaction amount of zero and determining fraud based on said detection. See at least paragraph [0068].
It would be obvious to one of ordinary skill in the art before the effective filing date to detect zero amount transactions as taught by Kledaras in the system of Thomson because Kledaras additionally teaches the motivation that this may let the transaction authorization channel send a transaction as a notification of fraud. See at least paragraphs [0032] and [0067]-[0072].
Also detecting zero amount transactions as taught by Kledaras in the system of Thomson is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.)
Claim 18
The system of claim 17, wherein the data analysis engine is configured to determine whether a total number of authorization attempts for a zero amount, of the first plurality of authorization attempts, satisfies the threshold number. (Determining a threshold amount of zero dollar transaction is taught by the combination with Kledaras as shown above. Examiner further notes that at least 1 zero dollar transaction (i.e. to indicate fraud via the transaction channel as taught in the combination) qualifies as a threshold number.)
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Tomasofsky et al. (US 2016/0078443 A1) discloses risk based analysis of a payment card transaction using XML.
Rolf et al. (US 2010/0274678 A1) discloses that an issuer may perform their own fraud analysis using transactions sent by way of multiple card payment processor networks.
Groarke et al. (WP 3,657,420 A1) discloses various velocity rule types wherein velocity of transactions can be counted for a particular account identification attribute, merchant type, or transaction type.
Feinstein et al. (“Statistical approaches to DDoS attack detection and response”) discloses analysis of packet attributes to identify a DDoS attack.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADAM J HILMANTEL whose telephone number is (571)272-8984. The examiner can normally be reached M-F 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Abhishek Vyas can be reached at (571) 270-1836. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ADAM HILMANTEL/Examiner, Art Unit 3691