DETAILED ACTION
This Final Office Action is in response to the application filed on 07/11/2024 and the Remark filed on 02/05/2026.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
An original claim may lack written description support when (1) the claim defines the invention in functional language specifying a desired result but the disclosure fails to sufficiently identify how the function is performed or the result is achieved or (2) a broad genus claim is presented but the disclosure only describes a narrow species with no evidence that the genus is contemplated. See Ariad Pharms., Inc. v. Eli Lilly & Co., 598 F.3d 1336, 1349-50 (Fed. Cir. 2010) (en banc).
While the Applicant specifies in claims 1, 13 and 20 that “predicting, via a hack attempt model of the policy monitoring tool, a prediction that a hack attempt of an NFT asset of a user of the policy monitoring tool has occurred”, there is no written content as to how or what specific process of determination are performed (i.e. formulas, algorithms, sequence of mathematical steps, process of determination, for example) in order to predict a hack attempt of an NFT has occurred. The Examiner noted that a “hack attempt model” is nominally recited to perform the prediction. However, no description can be found regarding what specific model it is if the model is available to one skilled in the art or how the model is created and operated if the model is invented by the applicant. As such, the disclosure does not objectively demonstrate that the applicant actually invented—was in possession of—the claimed subject matter.
While the Applicant specifies in claims 1, 13 and 20 that “validating, via a claim validation model of the policy monitoring tool, the insurance claim”, there is no written content as to how or what specific process of determination are performed (i.e. formulas, algorithms, sequence of mathematical steps, process of determination, for example) in order to validate the insurance claim. The Examiner noted that a “claim validation model” is nominally recited to perform the validation. However, no description can be found regarding what specific model it is if the model is available to one skilled in the art or how the model is created and operated if the model is invented by the applicant. As such, the disclosure does not objectively demonstrate that the applicant actually invented—was in possession of—the claimed subject matter.
While the Applicant specifies in claims 1, 13 and 20 that “determining, via a market price setting model of the policy monitoring tool, a market price for the NFT asset in real-time based on one or more monitored NFT marketplaces”, there is no written content as to how or what specific process of determination are performed (i.e. formulas, algorithms, sequence of mathematical steps, process of determination, for example) in order to determine the market price for the NFT. The Examiner noted that a “market price setting model” is nominally recited to perform the validation. However, no description can be found regarding what specific model it is if the model is available to one skilled in the art or how the model is created and operated if the model is invented by the applicant. As such, the disclosure does not objectively demonstrate that the applicant actually invented—was in possession of—the claimed subject matter.
While the Applicant specifies in claims 11 and 18 that “train the hack attempt model to predict that the hack attempt has occurred based on one or more patterns and risk factors associated with one or more historical hack attempts of one or more NFT assets, wherein the NFT asset of the user may be one of the one or more NFT assets.”, there is no written content as to how or what specific training operations are performed (i.e. formulas, algorithms, sequence of mathematical steps, process of determination, for example) in order to train a model to predict hack attempt for any given NFT asset, any given digital footprint and any given historical hack attempts pattern. As such, the disclosure does not objectively demonstrate that the applicant actually invented—was in possession of—the claimed subject matter.
While the Applicant specifies in claims 12 and 19 that “predict, via the hack attempt model, a likelihood of hack attempt occurring with respect to the NFT asset of the user based on the patterns and risk factors associated with the one or more historical hack attempts of the one or more NFT assets and a digital footprint of the user of the NFT asset”, there is no written content as to how or what specific process of determination are performed (i.e. formulas, algorithms, sequence of mathematical steps, process of determination, for example) in order to predict the likelihood of hack attempt for any given NFT asset, any given digital footprint and any given historical hack attempts pattern. As such, the disclosure does not objectively demonstrate that the applicant actually invented—was in possession of—the claimed subject matter.
The written description requirement can be satisfied if the particular steps, i.e., algorithm, necessary to perform the claimed function were “described in the specification.” In re Hayes Microcomputer Prods, Inc. Patent Litigation, 982 F.2d 1527, 1533-34, 25 USPQ2d 1241, (Fed. Cir. 1992).
As such, claims 1-20 are rejected as failing the written description requirement.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
As an initial matter, the claims as a whole are to a plurality of apparatus and a process, which falls within one or more statutory categories. (Step 1: YES) The recitation of the claimed invention is then further analyzed as follow, in which the abstract elements are boldfaced.
Claim 1 recites:
A system for non-fungible token (NFT) asset protection, the system comprising:
a policy monitoring tool comprising a hack attempt model, a claim validation model, and a market price setting model;
one or more processors;
one or more memory components communicatively coupled to the one or more processors and the policy monitoring tool; and
machine readable instructions stored in the one or more memory components that cause the system to perform at least the following when executed by the one or more processors:
predict, via the hack attempt model, a prediction that a hack attempt of an NFT asset of a user of the policy monitoring tool has occurred;
upon receiving the prediction that the hack attempt has occurred, receive an insurance claim for processing;
validate, via a claim validation model, the insurance claim;
determine, via the market price setting model, a market price for the NFT asset in real-time based on one or more monitored NFT marketplaces;
set an insurance rate for the NFT asset based on the market price; and
transmit, via the policy monitoring tool, the insurance rate to a graphical user interface (GUI) of a computing device of the user.
Claim 13 recites:
A system for non-fungible token (NFT) asset protection, the system comprising:
a policy monitoring tool comprising a hack attempt model, a claim validation model, and a market price setting model;
one or more processors;
one or more memory components communicatively coupled to the one or more processors and the policy monitoring tool; and
machine readable instructions stored in the one or more memory components that cause the system to perform at least the following when executed by the one or more processors:
monitor an NFT asset of the user of the policy monitoring tool, wherein the user has registered the asset with the policy monitoring tool, and the policy monitoring tool has stored a digital footprint of the user, wherein user credentials associated with the NFT asset are received upon registration of the asset by the user;
predict, via the hack attempt model, a prediction that a hack attempt of the NFT asset of the user of the policy monitoring tool has occurred;
upon receiving the prediction that the hack attempt has occurred, receive an insurance claim for processing;
validate, via a claim validation model, the insurance claim;
determine, via the market price setting model, a market price for the NFT asset in real-time based on one or more monitored NFT marketplaces;
set an insurance rate for the NFT asset based on the market price and the digital footprint of the user;
transmit, via the policy monitoring tool, the insurance rate to a graphical user interface (GUI) of a computing device of the user; and
process a payout of the insurance claim based on the insurance rate to the user.
Claim 20 recites:
A method for non-fungible token (NFT) asset protection utilizing a policy monitoring tool, the method comprising:
predicting, via a hack attempt model of the policy monitoring tool, a prediction that a hack attempt of an NFT asset of a user of the policy monitoring tool has occurred;
upon receiving the prediction that the hack attempt has occurred, receiving an insurance claim for processing;
validating, via a claim validation model of the policy monitoring tool, the insurance claim;
determining, via a market price setting model of the policy monitoring tool, a market price for the NFT asset in real-time based on one or more monitored NFT marketplaces;
setting an insurance rate for the NFT asset based on the market price; and
transmitting, via the policy monitoring tool, the insurance rate to a graphical user interface (GUI) of a computing device of the user.
Claim 2 recites:
monitor the NFT asset of the user of the policy monitoring tool, wherein the user has registered the NFT asset with the policy monitoring tool, and the policy monitoring tool has stored a digital footprint of the user.
Claim 3 recites:
set the insurance rate for the NFT asset based on the market price and the digital footprint of the user.
Claims 4 and 14 recite:
wherein the digital footprint of the user comprises usage data associated with the user based on user activities and a risk score based on the usage data, wherein when the risk score is below an acceptable risk threshold, the insurance rate is increased.
Claims 5 and 15 recite:
determine, based on the usage data, that the user has conducted a risk activity comprising visiting one or more blacklisted websites, opening a malicious link, or combinations thereof; and increase the risk score based on the risk activity.
Claim 6 recites:
receive user credentials associated with the NFT asset of the user upon registration of the asset by the user.
Claims 7 and 16 recite:
store the user credentials associated with the NFT asset in a private cloud storage, the private cloud storage communicatively coupled with the policy monitoring tool.
Claim 8 and 17 recite:
access, via the policy monitoring tool and based on the user credentials, the NFT asset when the NFT asset is stored in a public cloud storage based on receipt of input of at least one of access to the NFT asset being lost by the user or stolen.
Claim 9 recites:
process a payout of the insurance claim based on the insurance rate to the user.
Claim 10 recites:
receive a download notification that the user has downloaded the policy monitoring tool as an application on the computing device of the user;
receive a registration notification that the user has registered the NFT asset with the policy monitoring tool; and
issue an insurance policy for the NFT asset of the user based on the download notification and the registration notification.
Claims 11 and 18 recite:
train the hack attempt model to predict that the hack attempt has occurred based on one or more patterns and risk factors associated with one or more historical hack attempts of one or more NFT assets, wherein the NFT asset of the user may be one of the one or more NFT assets.
Claims 12 and 19 recite:
predict, via the hack attempt model, a likelihood of hack attempt occurring with respect to the NFT asset of the user based on the patterns and risk factors associated with the one or more historical hack attempts of the one or more NFT assets and a digital footprint of the user of the NFT asset, wherein the digital footprint of the user comprises usage data associated with the user based on user activities.
Based on the limitations above, the claims describe a process that covers administrating insurance for NFT asset. Administrating insurance is considered to be a fundamental economic practice, which falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. As such, the claim(s) recite(s) a Judicial Exception. (Step 2A prong one: Yes)
This analysis then evaluates whether the claims as a whole integrates the recited Judicial Exception into a practical application of the exception. In particular, the claims recite the additional element(s) of “… tool” and “one or more processors” as a mere tool to perform the … steps of the Judicial Exception, which encompasses no more than Mere Instruction to Apply.
For example, the limitation “predict, via the hack attempt model, a prediction that a hack attempt of an NFT asset of a user of the policy monitoring tool has occurred” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of predicting that a hack attempt of an NFT asset has occurred;
the limitation “upon receiving the prediction that the hack attempt has occurred, receive an insurance claim for processing” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of receiving an insurance claim for processing upon receiving the prediction;
the limitation “validate, via a claim validation model, the insurance claim” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of validating the insurance claim;
the limitation “determine, via the market price setting model, a market price for the NFT asset in real-time based on one or more monitored NFT marketplaces” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of determining a market price of the NFT asset;
the limitation “set an insurance rate for the NFT asset based on the market price” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of setting an insurance rate for the NFT asset;
the limitation “transmit, via the policy monitoring tool, the insurance rate to a graphical user interface (GUI) of a computing device of the user” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of transmitting the insurance rate to the user;
the limitation “monitor an NFT asset of the user of the policy monitoring tool, wherein the user has registered the asset with the policy monitoring tool, and the policy monitoring tool has stored a digital footprint of the user, wherein user credentials associated with the NFT asset are received upon registration of the asset by the user” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of monitoring the NFT asset and storing the digital footprint and credentials of the user;
the limitation “process a payout of the insurance claim based on the insurance rate to the user” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of processing payout;
the limitation “set the insurance rate for the NFT asset based on the market price and the digital footprint of the user” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of setting the insurance rate based on the market price of the NFT and digital footprint of the user;
the limitation “wherein the digital footprint of the user comprises usage data associated with the user based on user activities and a risk score based on the usage data, wherein when the risk score is below an acceptable risk threshold, the insurance rate is increased” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of calculating a risk score based on usage data based on user activities;
the limitation “determine, based on the usage data, that the user has conducted a risk activity comprising visiting one or more blacklisted websites, opening a malicious link, or combinations thereof; and increase the risk score based on the risk activity” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of determining that the user has conducted a risk activity;
the limitation “receive user credentials associated with the NFT asset of the user upon registration of the asset by the user” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of receiving user credential associated with the NFT asset upon user registration;
the limitation “store the user credentials associated with the NFT asset in a private cloud storage, the private cloud storage communicatively coupled with the policy monitoring tool” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of storing the user credentials associated with the NFT asset with the NFT asset;
the limitation “access, via the policy monitoring tool and based on the user credentials, the NFT asset when the NFT asset is stored in a public cloud storage based on receipt of input of at least one of access to the NFT asset being lost by the user or stolen” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of accessing the stored NFT asset based on the user credential;
the limitation “receive a download notification that the user has downloaded the policy monitoring tool as an application on the computing device of the user; receive a registration notification that the user has registered the NFT asset with the policy monitoring tool; and issue an insurance policy for the NFT asset of the user based on the download notification and the registration notification” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of receiving notifications and issuing insurance policy based on the notifications;
the limitation “train the hack attempt model to predict that the hack attempt has occurred based on one or more patterns and risk factors associated with one or more historical hack attempts of one or more NFT assets, wherein the NFT asset of the user may be one of the one or more NFT assets” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of training the hack attempt model based on one or more patterns and risk factors;
the limitation “predict, via the hack attempt model, a likelihood of hack attempt occurring with respect to the NFT asset of the user based on the patterns and risk factors associated with the one or more historical hack attempts of the one or more NFT assets and a digital footprint of the user of the NFT asset, wherein the digital footprint of the user comprises usage data associated with the user based on user activities” encompasses no more than generically invoking a generic processor to apply the Judicial Exception step of predicting likelihood of hack attempt based on the patterns and risk factors being associated historical pattern and user activities.
Other than being generally linked to the steps of the Judicial Exception, the additional elements in the above step(s) is/are recited at a high-level of generality, without technological detail of how the particular steps are performed technologically.
The additional element(s) of “memory” and/or “cloud storage” are generically recited to store data and/or instructions of the Judicial Exception.
The additional element(s) of “… components communicatively coupled to the one or more processors and the … tool” are generically recited to perform communication steps such as receiving and transmitting.
The additional element(s) of “graphical user interface (GUI) of a computing device of” are generically recited to perform input/output steps described only by a result-oriented solution with insufficient detail for how the interface accomplish it.
The examiner further noted generic computer affixes such as “digital” is appended to abstract elements such as “footprint” (user activity), but found that to be mere instructions to implement the Judicial Exception idea on a computer.
Indeed, the instant claims (1) attempted to cover a solution to an identified problem with no restriction on how the result is accomplished and no description of the mechanism for accomplishing the result; (2) used of a computer or other machinery in its ordinary capacity for economic or other tasks or simply added a general purpose computer or computer components after the fact to the Judicial Exception and (3) generally applied the Judicial Exception to a generic computing environment without limitation indicative of practical application (See MPEP 2106.04(d)I). Thus, the claims are no more than Mere Instruction to Apply the Judicial Exception (See MPEP 2106.05(f)) or adding insignificant extra-solution activity to the judicial exception (See MPEP 2106.05(g)), which do not integrate the cited Judicial Exception into practical application (Step 2A prong two: No) The claims are directed to a Judicial Exception.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to administer insurance amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. No additional element currently recited in the claims amount the claims to be significantly more than the cited abstract idea. (Step 2B: No)
Therefore, claims 1-20 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.
Response to Arguments
Applicant's arguments filed 02/05/2026 have been fully considered but they are not persuasive.
Regarding the applicant’s argument that paragraphs of the Specification provide adequate written description to the claims rejected under 35 USC 112(a), the examiner respectfully disagrees. The paragraphs cited in the Remark discloses nominally a prediction model or a machine learning model “trained to predict the risk of a hacker gaining unauthorized access…” or “trained to predict that the hack attempt has occurred” but is silent on what particular model that is and what training methodology would result in the model desirably predict or determining the hack attempt. It should be noted that the predicting or determining of a hack attempt is a specific function, while nominally disclosing training a generic machine learning model to perform that specific function does not objectively demonstrate the possession of the subject matter. The disclosure includes no discussion as how the desired functions are technologically performed. Nominally appointing a generic model to be trained to perform a certain function without the technological discussion of the “how” is similar to claiming a magical black box that that is “made to” tell next lottery winning number, neither of which would satisfy the requirement under 35 USC 112(a). The same logic applies to other claim limitations reciting a generic algorithm or model performing a specific function. As to the assertion that the disclosure “would be sufficient to one of ordinary skill to under that the inventor had possession of the claimed invention without having to describe the specific structure details of the build of the models themselves …”, it should be noted that such assertion completely contradicts “ … claim may lack written description support when (1) the claim defines the invention in functional language specifying a desired result but the disclosure fails to sufficiently identify how the function is performed or the result is achieved”. Unlike the adhesion in Amgen, Inc. v. Chugai Pharm.Co., the predicting or determining of hack attempt is the crux of the claimed invention, not an unimportant aspect, and is nowhere to be considered “those of ordinary skill in the art would understand the concept”. As such, the argument is not persuasive.
Regarding the applicant’s argument that the claims do not recite a Judicial Exception, the examiner respectfully disagrees. The claims recite the assessment of a risk of an asset (NFT asset), determining the market price of the asset, sets an insurance rate for the asset and output the insurance rates. The claims’ disclosure is self-evidentiary that the claims recite the Judicial Exception of administrating insurance. The argument is not persuasive.
Regarding the applicant’s argument that the claims are eligible for “not practically performed in the human mind and patent eligible in a streamlined analysis as being non-abstract and directed to an enhanced display of the transmitted insurance rate determined by the artificially intelligence policy monitoring tool”, the examiner respectfully disagrees. The “not practically performed in human mind” applies mental task Judicial Exception, not “certain method of organizing human activity”. It should be noted that “adding one abstract idea (math) to another abstract idea (encoding and decoding) does not render the claim non-abstract” (Genetic Techs. Ltd. v. Merial LLC). The mere invoking of generic model (ineligible mathematical concept) in performing the risk assessment step of the insurance administration Judicial Exception does not impart eligibility to the Judicial Exception. Furthermore, the rejection does not “simply asserting that the claims encompass no mere than mere instructions to apply and that the features encompass no more than generically invoking a generic processor to apply the recited steps” as the rejection clearly articulated that “the additional elements in the above step(s) is/are recited at a high-level of generality, without technological detail of how the particular steps are performed technologically”. The absence of technological detail of how the steps are performed technologically is a significantly support to finding that the claims includes no more than Mere Instruction to Apply. As such, the argument is not persuasive.
Regarding the applicant’s argument that the claims include “something more” than the abstract idea and thus are arguably patent-eligible, the examiner respectfully disagrees. The mere usage of a technology to administrate insurance would at best improve the Judicial Exception of administrating insurance, not any technology involved. Not to mention the entire disclosure is devoid of technological detail of how the particular steps are performed. As to the lack of novelty and obviousness rejection, it should be noted that “even newly discovered judicial exceptions are still exceptions, despite their novelty. For example, the mathematical formula in Flook, the laws of nature in Mayo, and the isolated DNA in Myriad were all novel, but nonetheless were considered by the Supreme Court to be judicial exceptions because they were “‘basic tools of scientific and technological work’ that lie beyond the domain of patent protection.” (See July 2015 Update of IGPSME Page 3). As such, the argument is not persuasive.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHO KWONG whose telephone number is (571)270-7955. The examiner can normally be reached 9am - 5pm EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, MICHAEL W ANDERSON can be reached at 571-270-0508. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHO YIU KWONG/Primary Examiner, Art Unit 3693