Prosecution Insights
Last updated: July 17, 2026
Application No. 18/761,204

MACHINE-LEARNING BASED SECURITY EVENT DETECTION

Final Rejection §101§103§112
Filed
Jul 01, 2024
Priority
Jun 25, 2024 — GR 20240100462
Examiner
LOZA, JANICE JOMARIE
Art Unit
3698
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Stripe, Inc.
OA Round
2 (Final)
8%
Grant Probability
At Risk
3-4
OA Rounds
7m
Est. Remaining
42%
With Interview

Examiner Intelligence

Grants only 8% of cases
8%
Career Allowance Rate
1 granted / 12 resolved
-43.7% vs TC avg
Strong +33% interview lift
Without
With
+33.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 7m
Avg Prosecution
21 currently pending
Career history
46
Total Applications
across all art units

Statute-Specific Performance

§101
24.3%
-15.7% vs TC avg
§103
68.2%
+28.2% vs TC avg
§102
5.4%
-34.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 12 resolved cases

Office Action

§101 §103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of the Claims This is a FINAL Office Action rejection prepared in response to Applicant’s amendments filed on 08/05/2025. Claims 1-3, 6-12 and 15-24 are amended. Claims 4-5 and 13-14 are cancelled. Claims 21-24 are new. Claims 1-3, 6-12 and 15-24 are pending. Claim Objections Claims 1, 10, 17, 21 and 23 are objected to because of the following informalities: Claims 1, 10, 17, 21 and 23 recite the limitation "the classification". There is insufficient antecedent basis for this limitation in the claim. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 21 and 23 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 21 and 23, recite “the second ML model generates the classification for each event data item by analyzing the encoding corresponding to the event data item together with encodings corresponding to a pre-specified number of prior event data items that are associated with earlier timestamps and that occur within a defined time window.”. It is unclear whether this limitation recites an additional classification generation step distinct from the generation step recited on claims 1 and 10, or whether the limitation merely further describes the previously recited step in claims 1 and 10. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Step 1: Claims 1-9 are directed to computer-implemented method (i.e., process). Claims 10-16 are directed to a system (i.e., machine, and manufacture). Claims 17-20 are directed to a computer-storage media (i.e., manufacture). Therefore, these claims fall within the four statutory categories of invention, and thus must be further analyzed at Step 2A to determine if the claims are directed to a judicial exception (See MPEP 2106.03, subsection II). Step 2A Prong One: Claim 1, recites (i.e., sets forth or describes) an abstract idea. More specifically, the following bolded claim elements recite abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). A computer-implemented method for detecting and mitigating a security event, comprising: obtaining a plurality of event data items corresponding to a plurality of events associated with a merchant; processing each event data item of the plurality of event data items using a first machine learning (ML) model to generate an encoding for each corresponding event data item; detecting the security event based at least in part on the generated encodings, wherein the detecting comprises: processing each encoding for each event data item using a second ML model to generate a corresponding classification of whether the event is fraudulent, wherein the second ML model analyzes each encoding together with encodings of one or more prior events in sequential order; and determining the security event is detected based on a proportion of the classifications exceeding a threshold that indicates a coordinated card-testing attack across a sequence of events and corresponding classifications of the sequence of events; and in response to detecting the security event, adjusting an event processing rate associated with the merchant by reducing a transaction processing rate for ongoing events associated with the merchant to reduce or eliminate an attack associated with the security event. Claim 1, recites (i.e., sets forth or describes) a method for adjusting an event processing rate in response to detecting the security event. The claim achieves this by obtaining different event data, processing the event data using mathematical models, detecting a security event based on the results of the processing. Claim 10 and 17 are significantly similar to claim 1. As such claim 10 and 17 also recite an abstract idea. Specifically, but for the additional elements, the claim under its broadest reasonable interpretation recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts”. Step 2A Prong Two: Because the claim recites abstract ideas, the analysis proceeds to determine whether the claim recites additional elements that recite a practical application of the abstract ideas. Here, the additional elements of one or more processors, a memory, a non-transitory computer-readable storage medium, a first machine learning (ML) model and a second ML model merely serve as tools to perform the abstract idea (MPEP § 2106.05(f)). Therefore, the claim as a whole fail to recite a practical application of the abstract ideas. Step 2B: Determines whether the claim as a whole amount to significantly more than the exception itself. Evaluating additional elements to determine whether they amount to an inventive concept requires considering them both individually and in combination to ensure that they amount to significantly more than the judicial exception itself. Here, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. As discussed previously with respect to Step 2A, the additional elements merely serve as a tool to perform an abstract idea. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Dependent Claims: Claims 2-9, 11-16 and 18-20 have also been analyzed for subject matter eligibility. However, claims 2-9, 11-16 and 18-20 also fail to recite patent eligible subject matter for the following reasons: Claims 2 and 11 recite the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). each event data item comprises a first set of features including at least a transaction amount, timestamp, bank identification number (BIN), merchant category, and an IP address of a user device.. The claim further recites an abstract idea. In other words, it recites limitations grouped within the “certain methods of organizing human activity” and “mental processes” grouping of abstract ideas. Claims 3 and 12 recite the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). processing each event data item using the first ML model comprises: processing the first set of features using the first ML model to generate a second set of predicted features, wherein the first set of features and the second set of predicted features are mutually exclusive; the second set of predicted features comprising refined contextual features including transaction velocity, spending patterns, prior-transaction location, or a timestamp of a prior transaction; and processing the first set of features and the second set of predicted features using the first ML model to generate the encoding. The claim further recites an abstract idea. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts” grouping of abstract ideas. The non-bolded additional elements of a first ML model fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea (MPEP §2106.05(f)). Further, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Claim 6 recites the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). the coordinated card-testing attack comprises a rapid sequence of low-value or failed transactions that causes a percentage of classifications in the sequence of events to exceed the preset threshold. The claim further recites an abstract idea. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts” grouping of abstract ideas. Claims 7, 15 and 19 recite the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). the first ML model is a generative model and wherein the method further comprises training the first ML model by preparing an event dataset comprising a plurality of training samples, each training sample comprising a first set of training features, a second set of training features, a training timestamp and a training label indicating whether the training sample corresponds to a fraudulent event; processing the first set of training features using the first ML model to generate a second set of predicted training features; processing the first set of training features and the second set of predicted training features using the first ML model to generate a first encoding; processing the first set of training features and the second set of training features using the first ML model to generate a second encoding; and adjusting a plurality of parameters of the first ML model based on a loss computed between the first encoding and the second encoding The non-bolded additional elements of a first ML model fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea (MPEP §2106.05(f)). Further, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Claims 8 and 20 recite the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). the second ML model is a classification model and wherein the method further comprises training the second ML model by processing the first set of training features and the second set of predicted training features using the first ML model to generate a third encoding; processing the third encoding using a second ML model to generate a predicted classification indicating whether the training sample corresponds to a fraudulent event; and adjusting a plurality of parameters of the second ML model based on a loss computed between the predicted classification and the training label associated with the training sample The non-bolded additional elements of a first ML model fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea (MPEP §2106.05(f)). Further, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Claims 9 and 16 recite the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). detecting the security event further comprises: processing each encoding using the second ML model to generate a respective vector representation; selecting a latent vector for each vector representation based on a distance between the respective vector representation and a codebook of vectors to produce a set of selected latent vectors; determining an entropy value for each latent vector of the set of selected latent vectors; and determining the security event based at least in part on whether the entropy value for at least latent vector of the selected latent vectors satisfies a predetermined threshold condition. The claim further recites an abstract idea. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts” grouping of abstract ideas. The non-bolded additional elements of a second ML model fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea (MPEP §2106.05(f)). Further, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Claim 18 recites the following bolded claim elements as abstract ideas while the non-bolded claim elements recite additional elements according to MPEP 2106.04(a). each event is associated with a timestamp, and wherein the second ML model classifies a subsequent event based at least in part on one or more prior encodings ordered by their associated timestamps, enabling temporal dependency modeling of fraudulent sequences. The claim further recites an abstract idea. In other words, it recites limitations grouped within the “certain methods of organizing human activity” grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts” grouping of abstract ideas. The non-bolded additional elements of a second ML model fails to recite a practical application or significantly more than the abstract idea because it merely serves as a tool to perform the abstract idea (MPEP §2106.05(f)). Further, the additional elements, taken individually and in combination, do not result in the claim as a whole, amounting to significantly more than the judicial exception. Thus, there is no inventive concept in the claim and thus the claim is not eligible, warranting a rejection for lack of subject matter eligibility and concluding the eligibility analysis. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-2, 9-11, 16-18, 21 and 23 are rejected under 35 U.S.C. 103 as being unpatentable over Khatri (US 20250378310 A1) in view of Kao (US 20210288990 A1), in further view of Murphy (US 20250350628 A1). Regarding claims 1, 10 and 17, Khatri discloses: obtaining a plurality of event data items corresponding to a plurality of events associated with a merchant; (abstract, obtaining a dataset of input samples, one of said input samples comprising a number of input data features. ¶0102, According to one or more example embodiments, the apparatus 100 is configured to obtain a training dataset of input samples, one of said input samples comprising a number of input data features… ) processing each event data item of the plurality of event data items using a first machine learning (ML) model to generate an encoding for each corresponding event data item; (abstract, applying said input samples to a machine learning system comprising a first machine learning model, or encoder, configured to output encoded samples… ¶0102,… apply input samples from a training data set, said input samples comprising a number of input data features to get encoded samples from a first machine learning model or encoder as output…) processing each encoding for each event data item using a second ML model to generate a corresponding classification of whether the event is fraudulent; wherein the second ML model analyzes each encoding together with encodings of one or more prior events in sequential order and (abstract, applying said output encoded samples to a second machine learning model, or decoder, of said machine learning system. ¶0102,…applying said output encoded samples to a second machine learning model, or decoder, of said machine learning system, configured to produce reconstructed input samples from said encoded samples…) Khatri further discloses: one or more processors; and memory storing one or more programs configured to be executed by the one or more processors to perform operations (¶0044, According to a fourth aspect, an apparatus comprises: [0045] at least one processor; [0046] at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus to perform the method) A non-transitory computer-readable storage medium storing one or more programs configured to be executed by one or more processors of a computer system, the one or more programs including instructions (¶0073, According to a ninth aspect, a non-transitory computer-readable medium comprises program instructions stored thereon for causing a computer to perform the method according to the first aspect or the method…) Khatri does not disclose, however Kao teaches: detecting a security event based at least in part on the generated encodings, wherein the detecting comprises: … determining the security event is detected based at least in part on a proportion of the classifications exceeding a threshold that indicates a coordinated card-testing attack across a sequence of events and corresponding classifications of the sequence of events; and (¶0090, Over time, the threat detection platform can establish the percentage of digital activities that (i) involve the given IOC and (ii) are determined to represent threats. If the percentage exceeds a threshold, then the threat detection platform may classify the given IOC as a “bad” value and then export that insight as threat intelligence.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify Khatri’s teaching with Kao’s teaching. One of ordinary skills in the art would have been motivated in order to improve threat detection within the system. The combination of Khatri and Kao not disclose, however Murphy teaches: in response to detecting the security event, adjusting an event processing rate associated with the merchant by reducing a transaction processing rate for ongoing events associated with the merchant to reduce or eliminate an attack associated with the security event. (¶0073, When a potential threat is detected, AI/ML process 56 may generate an alert for cybersecurity analysts to investigate further or, in more advanced setups, trigger automated responses. These could include isolating compromised devices, blocking suspicious IP addresses, or throttling data transfers to prevent data loss. ¶0074, As discussed above, threat mitigation process 10 may include AI/ML process 56 (e.g., an artificial intelligence/machine learning process) that may be configured to process information (e.g., information 58), wherein examples of information 58 may include but are not limited to platform information (e.g., structured or unstructured content) that may be scanned to detect security events (e.g., access auditing; anomalies; authentication; denial of services; exploitation; malware; phishing; spamming; reconnaissance; and/or web attack) within a monitored computing platform (e.g., computing platform 60). ¶0464, Threat mitigation process 10 may train 2016 the agent (e.g., agent 300) to proactively monitor activity within a computing platform (e.g., computing platform 60) and generate an initial notification (e.g., initial notification 298) if a security event is detected based, at least in part, upon best practices defined via artificial intelligence (e.g., AI/ML, process 56).) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri and Kao with Murphy’s teaching. One of ordinary skills in the art would have been motivated in order to reduce processing of fraudulent events and protect the system. Further, the claimed limitation “to…” in “processing each event data item of the plurality of event data items using a first machine learning (ML) model to generate an encoding for each corresponding event data item”, in “processing each encoding for each event data item using a second ML model to generate a classification of whether the event is fraudulent” and in “adjusting an event processing rate associated with the merchant by reducing a transaction processing rate for ongoing events associated with the merchant to reduce or eliminate an attack associated with the security event.” consist of language disclosing an intended use, so it is considered but given no patentable weight. (see MPEP 2111.05, MPEP 2114 and authorities cited therein). The reference is provided for the purpose of compact prosecution. Furthermore, the claimed limitation “wherein the second ML model analyzes each encoding together with encodings of one or more prior events in sequential order” does not move to distinguish over prior art as it does not affect the positively recited steps in the claim. Finally, the claimed limitation “…associated with the merchant to reduce or eliminate an attack associated with the security event.” is non-functional material that does not move to distinguish over prior art. Regarding claims 2 and 11, the combination of Khatri, Kao and Murphy further disclose: each event data item comprises a first set of features including at least a transaction amount, timestamp, bank identification number (BIN), merchant category, and an IP address of a user device. (Khatri ¶0075, obtaining encoded samples by applying input samples from a data set, said input samples comprising a number of input data features as input to a first machine learning model, or encoder, of a machine learning system… ¶0207, An illustrative and non-limitative list of flow-based features is given below: [0208] IP Addresses. [0209] Ports [0210] Protocol [0211] Packet Count: The number of packets exchanged in the flow. [0212] Byte Count: The total number of bytes exchanged in the flow. [0213] Start Time: The timestamp indicating when the flow started. [0214] End Time: The timestamp indicating when the flow ended. [0215] Duration: The time duration of the flow (End Time-Start Time).) Further, the claimed limitation recites “… including at least a transaction amount, timestamp, bank identification number (BIN), merchant category, and an IP address of a user device” is non-functional material that does not move to distinguish over prior art. Regarding claims 9 and 16, the combination of Khatri, Kao and Murphy further disclose: detecting the security event further comprises: processing each encoding using the second ML model to generate a respective vector representation; selecting a latent vector for each vector representation based on a distance between the respective vector representation and a codebook of vectors to produce a set of selected latent vectors; determining an entropy value for each latent vector of the set of selected latent vectors; and determining the security event based at least in part on whether the entropy value for at least one latent vector of the set of selected latent vectors satisfies a predetermined threshold condition. (Khatri abstract, applying said output encoded samples to a second machine learning model, or decoder, of said machine learning system. ¶0035, determining a reconstruction loss based on a difference between the input samples and the reconstructed samples. ¶0105, Back to FIG. 1, the computing device, CD further comprises an apparatus 200 configured to use the trained machine learning system MLS, AE to output a latent representation of the input data and the clustering module CLS to produce a plurality of separate and homogeneous clusters as output. ¶0110, The decoder DEC is configured to take the latent representation Z provided by the encoder ENC for a given input sample X and to output reconstructed input data x. Similar to the encoder ENC, the decoder DEC typically consists of hidden layers that transform the latent representation back into the original data space. ¶0111, Common loss functions used for autoencoders include mean squared error (MSE) or binary cross-entropy, depending on the nature of the input data. ¶0133, In a step 34, a Clustering Loss CLL is determined. ¶0145, In Equation (3) and as defined above, ai is the mean intra-cluster distance between the latent features of the encoded sample zi corresponding to each data point xi of the input dataset belonging to the cluster kl and the latent features of the rest of the data points within the same cluster kl.) Further, the claimed limitation “to…” in “processing each encoding for each event data item using a second ML model to generate a respective vector representation” consist of language disclosing an intended use, so it is considered but given no patentable weight. (see MPEP 2111.05, MPEP 2114 and authorities cited therein). The reference is provided for the purpose of compact prosecution. Regarding claim 18, the combination of Khatri, Kao and Murphy further disclose: each event is associated with a timestamp, and wherein the second ML model classifies a subsequent event based at least in part on one or more prior encodings ordered by their associated timestamps, enabling temporal dependency modeling of fraudulent sequences. (Khatri ¶0213, Start Time: The timestamp indicating when the flow started. ¶0214, End Time: The timestamp indicating when the flow ended. ¶0215, Duration: The time duration of the flow (End Time-Start Time).) Further, the claimed limitation “each event is associated with a timestamp” and “the second ML model classifies a subsequent event based at least in part on one or more prior encodings ordered by their associated timestamps, enabling temporal dependency modeling of fraudulent sequences” only describe characteristics of each event and the second ML model which are non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Regarding claims 21 and 23, the combination of Khatri, Kao and Murphy do not further disclose: the second ML model generates the classification for each event data item by analyzing the encoding corresponding to the event data item together with encodings corresponding to a pre-specified number of prior event data items that are associated with earlier timestamps and that occur within a defined time window. However, the claimed limitation only describe characteristics of the second ML model which is non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Claims 3 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Khatri, Kao and Murphy as applied to claims 2 and 11 above, in further view of Baker (US 11,887,367 B1). Regarding claims 3 and 12, the combination of Khatri, Kao and Murphy do not disclose, however Baker discloses: processing each event data item using the first ML model comprises: processing the first set of features using the first ML model to generate a second set of predicted features, wherein the first set of features and the second set of predicted features are mutually exclusive, the second set of predicted features comprising refined contextual features including transaction velocity, spending patterns, prior-transaction location, or a timestamp of a prior transaction; and (Col 5 lines 47-48, Method 100 may include a step 110 of receiving unlabeled digital data. Col 6 lines 15-26, In some embodiments, method 100 may include a step 120 of generating pseudo-labels for the unlabeled digital video data. A pseudo-label, as used herein, may refer to a digital marking, metadata, a tag, or other data provided in electronic form that indicates an attribute of digital video data (e.g., one or more digital video frames). In some embodiments, generating pseudo-labels for the unlabeled digital video data may include receiving labeled digital video data, training a machine learning model using the labeled digital video data, and/or generating at least one pseudo-label for the unlabeled digital data, for example as described below with respect to FIG. 2.) processing the first set of features and the second set of predicted features using the first ML model to generate the encoding. (Col 6 lines 25-27, In some embodiments, method 100 may include a step 130 of adding the at least one pseudo-label to the unlabeled digital data, thereby converting the unlabeled digital data into pseudo-labeled digital data. Col 6 lines 62-65, In some embodiments, method 100 may include a step 140 of further training the machine learning model or another machine learning model using the pseudo-labeled digital video data.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao and Murphy with Baker’s teaching. One of ordinary skills in the art would have been motivated in order to improve robustness and handle and increase accuracy. Further, the claimed limitation “to…” in “processing the first set of features using the first ML model to generate a second set of predicted features…” and “processing the first set of features and the second set of predicted features using the first ML model to generate the encoding” consist of language disclosing an intended use, so it is considered but given no patentable weight. (see MPEP 2111.05, MPEP 2114 and authorities cited therein). The reference is provided for the purpose of compact prosecution. Furthermore, the claimed limitation “the second set of predicted features comprising refined contextual features including transaction velocity, spending patterns, prior-transaction location, or a timestamp of a prior transaction” only describe characteristics of the second set of predicted features which are non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Khatri, Kao and Murphy as applied to claim 1 above, in further view of Williams (US 20250342472 A1). Regarding claims 6, the combination of Khatri, Kao and Murphy do not disclose, however Williams teaches: the coordinated card-testing attack comprises a rapid sequence of low-value or failed transactions that causes a percentage of classifications in the sequence of events to exceed the preset threshold. (¶0004, Card testing is a form of brute-force attack that may be carried out over the networked computer platforms. Generally, in card testing attacks, cybercriminals may use automated tools to transmit high volumes of malicious authorization attempts over the networked computer platforms. For example, cybercriminals may iteratively cycle through combinations of primary account numbers, expiration dates, and/or card verification values and transmit each combination over the networked computer platforms in an attempt to find valid combinations.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao and Murphy with Williams’s teaching. One of ordinary skills in the art would have been motivated in order to improve fraud identification and risk assessment. Further, the claimed limitation “the coordinated card-testing attack comprises a rapid sequence of low-value or failed transaction that causes a percentage of classifications in the sequence of events to exceed the preset threshold” only describe characteristics of the coordinated card-testing attack which are non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Claims 7-8, 15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Khatri, Kao and Murphy as applied to claims 1, 10 and 17 above, in further view of Baker (US 11,887,367 B1) in further view of Krishnan (US 20220131975 A1). Regarding claims 7, 15 and 19, the combination of Khatri, Kao and Murphy further disclose: the first ML model is a generative model and wherein… (Khatri ¶0095, In the following, an unsupervised approach is proposed based on a neural network architecture called autoencoder, to solve a co-optimization problem which simultaneously involves minimizing the input data reconstruction loss while encouraging the creation of homogeneous and separate clusters. ¶0100, The computing device CD comprises a machine learning system MLS, for instance an auto-encoder AE. Indeed, an auto-encoder is a type of artificial neural network architecture that is well suited to unsupervised learning, particularly to dimensionality reduction, feature learning, and data compression. ¶0109, The encoder ENC implements a first machine learning model and the decoder DEC a second machine learning model, that are both neural networks. adjusting a plurality of parameters of the first ML model based on a loss computed between the first encoding and the second encoding. (Khatri ¶0116, MLPs are trained using techniques like backpropagation, where the neural network adjusts the weights of the connections in order to minimize a difference between its predictions and a target output, here between the reconstructed data and the original input data. They are commonly used for tasks such as classification and regression in machine learning where the input features are typically represented as vectors. ¶0121, Parameters of the model, such as neural weights; are adjusted based on a loss function at the end of each epoch.) training the first ML model by preparing an event dataset comprising a plurality of training samples, each training sample comprising a first set of training features, a second set of training features, a training timestamp and a training label indicating whether the training sample corresponds to a fraudulent event; (Murphy ¶0070, Such an AI/ML process (e.g., AI/ML process 56) may begin with the collection of vast amounts of data from multiple sources within the computer network. This may include logs from firewalls, intrusion detection and prevention systems (IDS/IPS), endpoints, applications, servers, and user activity. This raw data may then be preprocessed to clean and normalize it, followed by feature extraction, wherein relevant characteristics may be identified (e.g., access times, login frequencies, the volume and destination of data transfers, protocol usage, and command sequences). ¶0071, Machine learning models may be trained using this structured data. In supervised learning, the system is fed labeled data that indicates which actions are benign and which are malicious, allowing AI/ML process 56 to learn how to distinguish between them. ¶0468, below is an example of such a JSON portion: [0469] { [0470] “timestamp”: 1676573073400, [0471] “formatVersion”: 1, [0472] “webaclld”:…”) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao and Murphy with Murphy’s additional teaching. One of ordinary skills in the art would have been motivated in order to enable the model to patterns over time and different trends. The combination of Khatri, Kao and Murphy do not disclose, however Baker teaches: processing the first set of training features using the first ML model to generate a second set of predicted training features; (Col 5 lines 47-48, Method 100 may include a step 110 of receiving unlabeled digital data. Col 6 lines 15-26, In some embodiments, method 100 may include a step 120 of generating pseudo-labels for the unlabeled digital video data. A pseudo-label, as used herein, may refer to a digital marking, metadata, a tag, or other data provided in electronic form that indicates an attribute of digital video data (e.g., one or more digital video frames). In some embodiments, generating pseudo-labels for the unlabeled digital video data may include receiving labeled digital video data, training a machine learning model using the labeled digital video data, and/or generating at least one pseudo-label for the unlabeled digital data, for example as described below with respect to FIG. 2.) processing the first set of training features and the second set of predicted training features using the first ML model to generate a first encoding; (Col 6 lines 25-27, In some embodiments, method 100 may include a step 130 of adding the at least one pseudo-label to the unlabeled digital data, thereby converting the unlabeled digital data into pseudo-labeled digital data. Col 6 lines 62-65, In some embodiments, method 100 may include a step 140 of further training the machine learning model or another machine learning model using the pseudo-labeled digital video data.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao and Murphy with Baker’s teaching. One of ordinary skills in the art would have been motivated in order to improve robustness and handle and increase accuracy. The combination of Khatri, Kao, Murphy and Baker do not disclose, however Krishnan teaches: processing the first set of training features and the second set of training features using the first ML model to generate a second encoding; and (¶0011, The call features and metadata features are combined and input into a trained machine learning (ML) model, which is trained to receive such combined features, and based on such combined features, the ML model is trained to generate an output… ¶0036, The method 200 proceeds to step 212, at which the method 200 inputs the combined features from step 210 to trained ML model(s). In some embodiments, the FEM 128 inputs the combined features to the ML engine 132, and at step 214, the method generates, using the ML model(s) of the ML engine 132, an output indicating customer satisfaction.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao, Murphy and Baker with Krishnan’s teaching. One of ordinary skills in the art would have been motivated in order to improve the performance and accuracy of the ML model. Further, the claimed limitation “…is a generative model” is non-functional material that does not move to distinguish over prior art. Also the claimed limitation “…comprising a plurality of training samples, each training sample comprising a first set of training features, a second set of training features, a training timestamp and a training label indicating whether the training sample corresponds to a fraudulent event” only describe characteristics of the SMS message which is non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Regarding claims 8 and 20, the combination of Khatri, Kao, Murphy, Baker and Krishnan further disclose: the second ML model is a classification model and wherein the method further comprises training the second ML model by: (Khatri ¶0008, applying said encoded samples to a second machine learning model, or decoder, of said machine learning system… ¶0109, The encoder ENC implements a first machine learning model and the decoder DEC a second machine learning. ¶0115, In the following examples, a fully-connected autoencoder is used whose encoder and decoder are Multilayer Perceptrons, MLP, is a type of artificial neural network composed of multiple layers of nodes (neurons) arranged in a feedforward manner.) processing the third encoding using a second ML model to generate a predicted classification indicating whether the training sample corresponds to a fraudulent event; and (Khatri abstract, applying said output encoded samples to a second machine learning model, or decoder, of said machine learning system) adjusting a plurality of parameters of the second ML model based on a loss computed between the predicted classification and the training label associated with the training sample. (Khatri ¶0116, MLPs are trained using techniques like backpropagation, where the neural network adjusts the weights of the connections in order to minimize a difference between its predictions and a target output, here between the reconstructed data and the original input data. They are commonly used for tasks such as classification and regression in machine learning where the input features are typically represented as vectors. ¶0121, Parameters of the model, such as neural weights; are adjusted based on a loss function at the end of each epoch.) Baker further teaches: processing the first set of training features and the second set of predicted training features using the first ML model to generate a third encoding; (col 6 lines 25-27, In some embodiments, method 100 may include a step 130 of adding the at least one pseudo-label to the unlabeled digital data, thereby converting the unlabeled digital data into pseudo-labeled digital data. Col 6 lines 62-65, In some embodiments, method 100 may include a step 140 of further training the machine learning model or another machine learning model using the pseudo-labeled digital video data.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao, Murphy, Baker and Krishnan with Baker’s additional teaching. One of ordinary skills in the art would have been motivated in order to improve robustness and handle and increase accuracy. Further, the claimed limitation “…is a classification model” is non-functional material that does not move to distinguish over prior art. Claims 22 and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Khatri, Kao and Murphy as applied to claims 1 and 10 above, in further view of Kang (US 20220210435 A1). Regarding claims 22 and 24, the combination of Khatri, Kao and Murphy further disclose: at least one of the first ML model or the second ML model comprises a transformer-based neural network, wherein each event data item comprises a first set of features associated with the corresponding event, wherein processing each event data item using the first ML model comprises predicting missing or refined features and generating the encoding based on the first set of features and the predicted missing or refined features, wherein each encoding comprises a vector representation that compresses a multi-dimensional representation of the corresponding event data item. (¶0063, The VCM decoder generates a predicted feature map from the reconstructed reference feature map, and then adds the predicted feature map to the residual feature map to generate a reconstructed feature map. ¶0068, The feature predictor 240 generates a predicted feature map from the reconstructed reference feature map, and then adds the predicted feature map to the reconstructed residual feature map to generate a reconstructed feature map.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modify the combination of Khatri, Kao and Murphy with Kang’s teaching. One of ordinary skills in the art would have been motivated in order to improve the quality of the resulting encoding and thereby improve the accuracy of further analysis such as classification or fraud detection. Further, the claimed limitations “wherein at least one of the first ML model or the second ML model comprises a transformer-based neural network”, “wherein each event data item comprises a first set of features associated with the corresponding event” and “wherein each encoding comprises a vector representation that compresses a multi-dimensional representation of the corresponding event data item” only describe characteristics of the first ML model or the second ML model, each event data item and the encodings which are non-functional descriptive material and these characteristics are not processed or used to carry out any functionality that specifically relies on these particular characteristics. Response to Arguments Claim Rejections – 35 U.S.C. § 112 Claim rejections 35 U.S.C. § 112 in the previous non-final action dated 01/23/2026 are withdrawn in light of the claim amendments. Claim Rejections – 35 U.S.C. § 101 The applicant presents assertions regarding claim rejection 101 on the previous office actions dated 01/23/2026. The basis of these assertions are based on the applicant’s argument on pages 10-12. First, applicant’s assertions in regard to the claim eligibility under Alice, step 2A prong one are not persuasive and the examiner respectfully disagrees. The claim analysis under 101 focuses on what the claims are directed to rather than the environment or tools used to execute the claimed operations. The present claims recite obtaining different event data, processing the event data using mathematical models and detecting a security event (i.e. coordinated card testing attack) based on the results of the processing. These steps constitute collecting information, analyzing it utilizing different mathematical concepts and making a determination which falls under the grouping of abstract ideas (i.e., commercial or legal interactions), “mental processes” and “mathematical concepts”. The fact that human mind cannot perform the analysis at the same speed or scale as a computer does not remove the claim from the “mental processes” group of abstracts ideas. The claimed encodings, latent vector, entropy and sequential analysis are mathematical processing of data, therefore such operations remain within the “mathematical concepts” group of abstract idea. Further, the claim does not recite an improvement upon the underlying computer technology or machine learning models but instead utilizes generic computer components to implement the abstract idea. Second, applicant’s assertions “that the claims are eligible under Alice, step 2A prong two” are not persuasive and the examiner respectfully disagrees. The present claims do not improve on the operation of the computer or network as recited in the USPTO example 37. Example 37 improves the computer network security functionality to dynamically detect and block suspicions network activity. The present claims merely analyze transaction data to detect an attack and adjust the processing rate based on the determination. Further, the use of two different machine learning models does not reflect a technological improvement because they are used as tools to encode and classify the data rather than used to improve the computer technology. Finally, applicant’s assertions “that the claims are eligible under Alice, step 2B” are not persuasive and the examiner respectfully disagrees. The alleged improvement in processing efficiency and reduction of memory and power usage are not recited in the rejected claims. Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 118 1, 26 USPQ2d 1057 (Fed. Cir. 1993). Further, the rejection under 35 U.S.C. 101 was not based on the determination that the recited steps are routine or conventional. Rather, the claims are directed to an abstract idea and do not recite additional elements that integrate the abstract idea into a practical application. Therefore, whether the claimed steps are routine or unconventional does not overcome the rejection. Even assuming, arguendo, that the steps are not routine or conventional, the claim still recites the abstract idea implemented using generic computer components and do not amount to significantly more than the underlining abstract idea. As such the claims remain within an abstract idea and rejection is maintained based on the newly amended claims. Claim Rejections – 35 U.S.C. § 103 Applicant submits remarks and arguments geared toward the amendments. Examiner has carefully reviewed and considered Applicant’s remarks, however they are moot in light of the fact that they are geared towards the newly added claimed expression in the amendments. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. The following prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 20240203604 A1 to Singh discloses: In implementations of systems for estimating effects with latent representations, a computing device implements an estimation system to receive input data via a network describing interactions of client devices included in a group of client devices. The estimation system generates a first latent vector representation of a first segment of the client devices and a second latent vector representation of a second segment of the client devices using an encoder of a machine learning model. A change vector is computed based on a difference between the first latent vector representation and the second latent vector representation in a latent space of the machine learning model. The estimation system generates an indication of an effect of a treatment on a third segment of the client devices based on the change vector using a decoder of the machine learning model. US 11797999 B1 to Mantin discloses: The transaction data or the historical transaction data comprises associated merchant identifiers, payment identifiers, timestamps of the transactions, statuses of the transactions and error codes associated with the transactions. The features comprise number of transactions, number of distinct payment identifier, deltas between timestamps of consecutive transactions, number of transactions associated with a particular error code or number of distinct payment identifiers whose associated transactions are associated with the particular error code. The classification model comprises a rule-based decision tree, a random forest, a logistic regression model, a support vector machine, a neural network, a gradient-boosted tree classifier or a Gaussian Naive Bayes classifier. US 20250165864 A1 to Ghosh discloses: Methods and systems for re-training a Machine Learning (ML) model using predicted features from a training dataset are disclosed. A method performed by a server system includes accessing a training feature set and a testing feature set from a database. In response to identifying an inclusion of at least one new feature in the testing feature set, the method includes training a surrogate ML model to predict a value for the new feature based on the testing feature set and determining, by the surrogate ML model, a predicted value for the new feature for each training data sample in a training dataset based on the training feature set. The method further includes generating a new training feature set for each training data sample based on the predicted value and the training feature set. The method includes re-training the ML model based on the new training feature for each data sample. US 10929923 B1 to Nguyen discloses: Session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. The security score may be used to affect business decisions made by an institution or financial entity. US 20250272553 A1 to Bahrami discloses: Operations may include identifying features corresponding to a dataset. An embedding for each feature may be obtained using a pretrained generative artificial intelligence model. Pair comparisons of the embeddings may be generated. An encoded dataset may be generated by applying, to the pair comparisons, weights computed using the pretrained generative artificial intelligence model. The weights may indicate correlation between features in the pair comparisons. US 20240420010 A1 to Cirulis discloses: An example operation may include one or more of querying data of a merchant read from a point of sale (POS) system of the merchant and converting the data into an encoding, executing a machine learning model on the input encoding to generate a vector that comprises vectorized values corresponding to latent features of the merchant embedded within slots of the vector, respectively, generating an entry comprising an identifier of the merchant, context of the merchant, and the generated vector, and storing the entry in the feature store. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JANICE LOZA whose telephone number is (571)270-3979. The examiner can normally be reached Monday - Friday 7:30am - 5:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patrick McAtee can be reached at (571) 272-7575. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /J.L./Examiner, Art Unit 3698 /EDUARDO CASTILHO/Primary Examiner, Art Unit 3698
Read full office action

Prosecution Timeline

Jul 01, 2024
Application Filed
Oct 16, 2024
Response after Non-Final Action
Jan 23, 2026
Non-Final Rejection mailed — §101, §103, §112
Apr 21, 2026
Applicant Interview (Telephonic)
Apr 21, 2026
Examiner Interview Summary
Apr 23, 2026
Response Filed
Jul 01, 2026
Final Rejection mailed — §101, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12651258
USING SELF-REGULATING FUNCTIONS TO IMPLEMENT BLOCKCHAIN-BASED TOKEN ATTRIBUTION WITH REDUCED COMPUTATIONAL COMPLEXITY
2y 8m to grant Granted Jun 09, 2026
Patent 12387262
LOCALIZATION CONTROL FOR NON-FUNGIBLE TOKENS (NFTS) VIA TRANSFER BY CONTAINERIZED DATA STRUCTURES
2y 6m to grant Granted Aug 12, 2025
Study what changed to get past this examiner. Based on 2 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
8%
Grant Probability
42%
With Interview (+33.3%)
2y 7m (~7m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 12 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month