DETAILED ACTION
Response to Amendment
This action is response to communication filed on 04/17/2026.
Claims 1-19 and 21 are pending in this action.
Claim 21 has been added as a new claim.
Claim 20 has been cancelled.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-19 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over 2023/0262160 A1 to TRIVEDI et al. (hereinafter “TRIVEDI”) in view of U.S Pub. No. 2016/0300059 A1 to Abrams et al. (hereinafter “Abrams”)
Regarding claim 1, TRIVEDI teaches an apparatus comprising:
a memory; and a processor coupled to the memory (paragraph [0036]; please see a processor 110A and a memory 112A) and configured to:
capture audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data),
convert the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data),
obtain context of an activity from a computing device that participates in the ongoing telephone call (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
determining a communication channel of the ongoing telephone call and activity risk profile to obtain an action (Abstract, paragraphs [0022], [0059], [0081] and [0087]; trained machine learning system 706 may be trained at step 704 to process both text data (e.g., converted from speech of voice data 708 using natural language processing or other similar techniques) to evaluate for fraud based on content and voice data 708 to evaluate for fraud based on voice characteristics. For example, when the trained machine learning system 706 is applied to voice data 708, the converted text data (e.g., representing content of the voice data) may be processed to identify words and/or phrases that correspond to known patterns used by fraudsters when engaging in voice phishing. Based on the processing of the text data, a first value indicating a likelihood of the incoming call being fraudulent based on the content of the voice data of the incoming call may be output as part of the third fraud indicator data 710… Accordingly, improvements in technology relating to real-time monitoring, detection, and/or mitigation of voice phishing are needed that account for the evolutionary nature of fraudster patterns); and
execute an artificial intelligence (AI) model (paragraph [0023]; determination and corresponding notification generation may occur in real-time or near-real time as data of the incoming call, including voice data, is received and processed by one or more trained machine learning systems and models) to generate an activity risk profile based on the text and the context of the ongoing telephone call (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged);
determining a communication channel of the ongoing telephone call and activity risk profile to obtain an action (Abstract, paragraphs [0022], [0059], [0081] and [0087]; trained machine learning system 706 may be trained at step 704 to process both text data (e.g., converted from speech of voice data 708 using natural language processing or other similar techniques) to evaluate for fraud based on content and voice data 708 to evaluate for fraud based on voice characteristics. For example, when the trained machine learning system 706 is applied to voice data 708, the converted text data (e.g., representing content of the voice data) may be processed to identify words and/or phrases that correspond to known patterns used by fraudsters when engaging in voice phishing. Based on the processing of the text data, a first value indicating a likelihood of the incoming call being fraudulent based on the content of the voice data of the incoming call may be output as part of the third fraud indicator data 710… Accordingly, improvements in technology relating to real-time monitoring, detection, and/or mitigation of voice phishing are needed that account for the evolutionary nature of fraudster patterns); and
execute the action at the computing device while the participates in the ongoing telephone call (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not explicitly teach query a threat matrix.
Abrams discloses query a threat matrix (Abstract, paragraphs [0025], [0027], [0037]- [0039]; more than one risk assessment model may be used to evaluate the current user account event, and various actions may be taken based upon results from respective risk assessment models. For example, results from multiple risk assessment models may be aggregated (e.g., based upon weightings of models/results, etc.) to determine a particular action (e.g., authentication challenge). A first result from a first risk assessment model may be selected from among other results from other risk assent models, such as based upon a relevance of the first risk assessment model to a user characteristic).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of query a threat matrix as taught by Abrams in order to benefit an appropriate protective action during the call.
Regarding claim 2, TRIVEDI does not teach the apparatus of claim 1, wherein the processor is configured to: obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 3, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to instruct an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and execute the AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs the action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 4, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to generate a verification question and display the verification question on a display device of the computing device and the GUI (paragraphs [0105] and [0108]; notification may also optionally include educative information 1006 (e.g., in the form of tips for future incoming calls) to prevent the user from falling prey to voice phishing. For example, the educative information 1006 may give the user tools for proactively identifying fraudulent activity, such as questions that can be asked to verify the caller).
Regarding claim 5, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to iteratively execute the AI model a plurality of times on additional call content as the ongoing telephone call progresses to generate a plurality of updates to the activity risk profile, and execute an additional action based on an update from among the plurality of updates to the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 6, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to obtain a profile associated with the ongoing telephone call, and execute the AI model on the user profile to generate the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 7, TRIVEDI does not teach the apparatus of claim 1, wherein the processor is further configured to generate a model feedback record which includes the activity risk profile, the action, and a feedback with respect to the action, and retrain the AI model with the model feedback record.
Abrams discloses wherein the processor is further configured to generate a model feedback record which includes the activity risk profile, the action, and a feedback with respect to the action, and retrain the AI model with the model feedback record (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of wherein the processor is further configured to generate a model feedback record which includes the activity risk profile, the action, and a feedback with respect to the action, and retrain the AI model with the model feedback record as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 8, TRIVEDI teaches the apparatus of claim 1, wherein the activity risk profile comprises an activity risk indicator, visually displayed on a user interference of the computing device (paragraphs [0023] and [0107]; determining a status for an incoming call to a user's communication device as at least one of fraudulent or confirmed and generating a notification indicating the status for display on the communication device).
Regarding claim 9, TRIVEDI teaches a method comprising:
capturing audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data);
converting the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data);
obtaining context of an activity from a computing device that participates in the ongoing telephone call (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
executing an artificial intelligence (AI) model to generate an activity risk profile based on the text and the context of the ongoing telephone call (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged);
determining a communication channel of the ongoing telephone call and activity risk profile to obtain an action (Abstract, paragraphs [0022], [0059], [0081] and [0087]; trained machine learning system 706 may be trained at step 704 to process both text data (e.g., converted from speech of voice data 708 using natural language processing or other similar techniques) to evaluate for fraud based on content and voice data 708 to evaluate for fraud based on voice characteristics. For example, when the trained machine learning system 706 is applied to voice data 708, the converted text data (e.g., representing content of the voice data) may be processed to identify words and/or phrases that correspond to known patterns used by fraudsters when engaging in voice phishing. Based on the processing of the text data, a first value indicating a likelihood of the incoming call being fraudulent based on the content of the voice data of the incoming call may be output as part of the third fraud indicator data 710… Accordingly, improvements in technology relating to real-time monitoring, detection, and/or mitigation of voice phishing are needed that account for the evolutionary nature of fraudster patterns); and
executing the action at the computing device while it participate in the ongoing telephone call (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not explicitly teach query a threat matrix.
Abrams discloses query a threat matrix (Abstract, paragraphs [0025], [0027], [0037]- [0039]; more than one risk assessment model may be used to evaluate the current user account event, and various actions may be taken based upon results from respective risk assessment models. For example, results from multiple risk assessment models may be aggregated (e.g., based upon weightings of models/results, etc.) to determine a particular action (e.g., authentication challenge). A first result from a first risk assessment model may be selected from among other results from other risk assent models, such as based upon a relevance of the first risk assessment model to a user characteristic).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of query a threat matrix as taught by Abrams in order to benefit an appropriate protective action during the call.
Regarding claim 10, TRIVEDI does not teach the method of claim 9, wherein the obtaining the context comprises:
obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 11, TRIVEDI teaches the method of claim 9, wherein the obtaining the context comprises instructing an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and the executing comprises executing the AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs the action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 12, TRIVEDI teaches the method of claim 9, wherein the executing the action comprises generating a verification question and displaying the verification question on a device display of the computing device (paragraphs [0105] and [0108]; notification may also optionally include educative information 1006 (e.g., in the form of tips for future incoming calls) to prevent the user from falling prey to voice phishing. For example, the educative information 1006 may give the user tools for proactively identifying fraudulent activity, such as questions that can be asked to verify the caller).
Regarding claim 13, TRIVEDI teaches the method of claim 9, wherein the executing the AI model comprises iteratively executing the AI model a plurality of times on additional call content as the ongoing telephone call progresses to generate a plurality of updates to the activity risk profile, and executing an additional action based on an update from among the plurality of updates to the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 14, TRIVEDI teaches the method of claim 9, further comprising obtaining a profile associated with the ongoing telephone call, wherein the executing the AI model comprises executing the AI model on the user profile to generate the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 15, TRIVEDI does not teach the method of claim 9, further comprising generating a model feedback record which includes the activity risk profile, the action executed during the ongoing telephone call, and a feedback with respect to the action, and retraining the AI model with the model feedback record.
Abrams discloses generating a model feedback record which includes the activity risk profile, the action executed during the ongoing telephone call, and a feedback with respect to the action, and retraining the AI model with the model feedback record (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of generating a model feedback record which includes the activity risk profile, the action executed during the ongoing telephone call, and a feedback with respect to the action, and retraining the AI model with the model feedback record as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 16, TRIVEDI teaches the method of claim 9, wherein the activity risk profile comprises an activity risk indicator visually displayed on a user interface of the communication device (paragraphs [0023] and [0107]; determining a status for an incoming call to a user's communication device as at least one of fraudulent or confirmed and generating a notification indicating the status for display on the communication device).
Regarding claim 17, TRIVEDI teaches a non-transitory computer-readable storage medium comprising instructions which when executed by a computer cause a processor to perform (paragraphs [0036] and [0117]; please see a processor 110A and a memory 112A):
capturing audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data);
converting the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data);
obtaining context of an activity from a computing device that participate in the ongoing telephone call (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
executing an artificial intelligence (AI) model to generate an activity risk profile based on the text and the context of the ongoing telephone call;
determining a communication channel of the ongoing telephone call and activity risk profile to obtain an action (Abstract, paragraphs [0022], [0059], [0081] and [0087]; trained machine learning system 706 may be trained at step 704 to process both text data (e.g., converted from speech of voice data 708 using natural language processing or other similar techniques) to evaluate for fraud based on content and voice data 708 to evaluate for fraud based on voice characteristics. For example, when the trained machine learning system 706 is applied to voice data 708, the converted text data (e.g., representing content of the voice data) may be processed to identify words and/or phrases that correspond to known patterns used by fraudsters when engaging in voice phishing. Based on the processing of the text data, a first value indicating a likelihood of the incoming call being fraudulent based on the content of the voice data of the incoming call may be output as part of the third fraud indicator data 710… Accordingly, improvements in technology relating to real-time monitoring, detection, and/or mitigation of voice phishing are needed that account for the evolutionary nature of fraudster patterns); and
executing the action at the computing device while it participate in the ongoing telephone call (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not explicitly teach query a threat matrix.
Abrams discloses query a threat matrix (Abstract, paragraphs [0025], [0027], [0037]- [0039]; more than one risk assessment model may be used to evaluate the current user account event, and various actions may be taken based upon results from respective risk assessment models. For example, results from multiple risk assessment models may be aggregated (e.g., based upon weightings of models/results, etc.) to determine a particular action (e.g., authentication challenge). A first result from a first risk assessment model may be selected from among other results from other risk assent models, such as based upon a relevance of the first risk assessment model to a user characteristic).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of query a threat matrix as taught by Abrams in order to benefit an appropriate protective action during the call.
Regarding claim 18, TRIVEDI does not teach the non-transitory computer-readable storage medium of claim 17, wherein the obtaining the context comprises: obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses wherein the obtaining the context comprises: obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 19, TRIVEDI non-transitory teaches the computer-readable storage medium of claim 17, wherein the obtaining the context comprises instructing an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and the executing comprises executing the AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs the action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 21, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to execute the activity risk profile to identify the action (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not explicitly teach a second AI model on the threat matrix.
Abrams discloses a second AI model on the threat matrix (Abstract, paragraphs [0025], [0027], [0037]- [0039]; more than one risk assessment model may be used to evaluate the current user account event, and various actions may be taken based upon results from respective risk assessment models. For example, results from multiple risk assessment models may be aggregated (e.g., based upon weightings of models/results, etc.) to determine a particular action (e.g., authentication challenge). A first result from a first risk assessment model may be selected from among other results from other risk assent models, such as based upon a relevance of the first risk assessment model to a user characteristic).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of a second AI model on the threat matrix as taught by Abrams in order to benefit an appropriate protective action during the call.
Response to Arguments
Applicant's arguments filed 04/17/2026 have been fully considered but they are not persuasive. Applicant argues on pages 8-9 in regarding a ground of rejection of independent claims 1, 9 and 17, Trivedi (US 2023/0262160) in view of Abrams (US 2016/0300059) fail to disclose, "query a threat matrix based on a communication channel of the ongoing telephone call and the activity risk profile to obtain an action."
Examiner respectfully disagrees with applicant’s argument.
Under BRI, Trivedi teaches determining the communication channel (ongoing communication) and generating an AI based activity risk profile (Abstract, paragraphs [0022], [0059], [0081] and [0087]; trained machine learning system 706 may be trained at step 704 to process both text data (e.g., converted from speech of voice data 708 using natural language processing or other similar techniques) to evaluate for fraud based on content and voice data 708 to evaluate for fraud based on voice characteristics. For example, when the trained machine learning system 706 is applied to voice data 708, the converted text data (e.g., representing content of the voice data) may be processed to identify words and/or phrases that correspond to known patterns used by fraudsters when engaging in voice phishing. Based on the processing of the text data, a first value indicating a likelihood of the incoming call being fraudulent based on the content of the voice data of the incoming call may be output as part of the third fraud indicator data 710… Accordingly, improvements in technology relating to real-time monitoring, detection, and/or mitigation of voice phishing are needed that account for the evolutionary nature of fraudster patterns).
On the other hand, Abrams teaches querying a risk decision matrix or policy engine to select an action based on the assessed risk (Abstract, paragraphs [0025], [0027], [0037]- [0039]; more than one risk assessment model may be used to evaluate the current user account event, and various actions may be taken based upon results from respective risk assessment models. For example, results from multiple risk assessment models may be aggregated (e.g., based upon weightings of models/results, etc.) to determine a particular action (e.g., authentication challenge). A first result from a first risk assessment model may be selected from among other results from other risk assent models, such as based upon a relevance of the first risk assessment model to a user characteristic).
At the time of the effective filing date of the invention, it would have been obvious to use Trivedi’s communication channel and risk profile as inputs to Abram’s decision matrix in order to benefit an appropriate protective action during the call.
Based on the above clarification, the examiner maintained the rejections of independent claims 1, 9 and 17.
Dependent claims rejections are maintained at least for similar reasons and rejections above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S Patent No. 12,432,294 B1 to Holland discloses AI-based Real-time Fraud Detection Based On Call Data (Abstract).
U.S Patent No. 12,126,761 B2 to DelloStritto et al. discloses an architecture for assessing and identifying fraudulent contact with client contact systems, such as IVR, includes threshold and machine learning scoring and filtering of calls based on these criteria. The criteria may include behavioral, situational and reputational scoring (Abstract).
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AKELAW A TESHALE whose telephone number is (571)270-5302. The examiner can normally be reached 9 am -6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FAN TSANG can be reached at (571) 272-7547. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
AKELAW TESHALE
Primary Examiner
Art Unit 2694
/AKELAW TESHALE/Primary Examiner, Art Unit 2694