DETAILED ACTION
Preliminary Amendment filed on 01/23/2026 is accepted and entered.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 17-20 are rejected under 35 U.S.C. 101 because they are directed to non-statutory subject matter “a computer readable storage medium”. The broadest reasonable interpretation of a claim drawn to a computer readable medium covers forms of non-transitory tangible media and transitory propagating signals per se in view of the ordinary and customary meaning of memory medium storing program. Transitory signal does not fall within a statutory category since it is clearly not a series of steps or acts to constitute a process, not a mechanical device or combination of mechanical devices to constitute a machine, not a tangible physical article or object which is some form of matter to be a product and constitute a manufacture, and not a composition of two or more substances to constitute a composition of matter.
Note that a claim drawn to such a computer readable media that covers both transitory and non-transitory embodiments may be amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 U.S.C. § 101 by adding the limitation "non-transitory" to the claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over 2023/0262160 A1 to TRIVEDI et al. (hereinafter “TRIVEDI”) in view of U.S Pub. No. 2016/0300059 A1 to Abrams et al. (hereinafter “Abrams”)
Regarding claim 1, TRIVEDI teaches an apparatus comprising:
a memory; and a processor coupled to the memory (paragraph [0036]; please see a processor 110A and a memory 112A) and configured to:
implement a trained AI model using a neural network training capability with at least one of call log data of calls determined to have an activity risk, activity risk data, activity context (paragraphs [0023], [0031] and [0048]; status determination and corresponding notification generation may occur in real-time or near-real time as data of the incoming call, including voice data, is received and processed by one or more trained machine learning systems and/or models. These system and methods may assist the user “in the moment” as they are participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged),
capture audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data),
convert the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data),
obtain context of an activity from a computing device (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
execute the trained AI model (paragraph [0023]; determination and corresponding notification generation may occur in real-time or near-real time as data of the incoming call, including voice data, is received and processed by one or more trained machine learning systems and models) to generate an activity risk profile based on the text and the context of the ongoing telephone call, and execute an action during the ongoing telephone call based on the activity risk profile (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not teach model feedback data.
Abrams discloses model feedback data (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of model feedback data as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 2, TRIVEDI does not teach the apparatus of claim 1, wherein the processor is configured to: obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtain at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and execute the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile, and output the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 3, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to instruct an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and execute the trained AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs an action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 4, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to generate a verification question to be asked during the ongoing telephone call and display the verification question on at least one of the computing device and the GUI (paragraphs [0105] and [0108]; notification may also optionally include educative information 1006 (e.g., in the form of tips for future incoming calls) to prevent the user from falling prey to voice phishing. For example, the educative information 1006 may give the user tools for proactively identifying fraudulent activity, such as questions that can be asked to verify the caller).
Regarding claim 5, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to iteratively execute the trained AI model a plurality of times on additional text displayed on the GUI as the ongoing telephone call progresses to generate a plurality of updates to the activity risk profile, and execute an additional action based on an update from among the plurality of updates to the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 6, TRIVEDI teaches the apparatus of claim 1, wherein the processor is configured to obtain a user profile associated with the ongoing telephone call, and execute the trained AI model on the user profile to generate the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 7, TRIVEDI does not teach the apparatus of claim 1, wherein the processor is configured to add a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retrain the trained AI model with the model feedback data including the model feedback record.
Abrams discloses processor is configured to add a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retrain the trained AI model with the model feedback data including the model feedback record (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of processor is configured to add a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retrain the trained AI model with the model feedback data including the model feedback record taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 8, TRIVEDI teaches the apparatus of claim 1, wherein the activity risk profile comprises an activity risk indicator, and the processor is configured to display the activity risk indicator on the GUI during the ongoing telephone call (paragraphs [0023] and [0107]; determining a status for an incoming call to a user's communication device as at least one of fraudulent or confirmed and generating a notification indicating the status for display on the communication device).
Regarding claim 9, TRIVEDI teaches a method comprising:
implementing a trained artificial intelligence (AI) model using a neural network training capability with at least one of call log data of calls determined to have an activity risk, activity risk data, activity context (paragraphs [0023], [0031] and [0048]; status determination and corresponding notification generation may occur in real-time or near-real time as data of the incoming call, including voice data, is received and processed by one or more trained machine learning systems and/or models. These system and methods may assist the user “in the moment” as they are participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged);
capturing audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data);
converting the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data);
obtaining context of an activity from a computing device (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
executing the trained AI model to generate an activity risk profile based on the text and the context of the ongoing telephone call; and executing an action during the ongoing telephone call based on the activity risk profile (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not teach model feedback data.
Abrams discloses model feedback data (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of model feedback data as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 10, TRIVEDI does not teach the method of claim 9, wherein the obtaining the context comprises:
obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 11, TRIVEDI teaches the method of claim 9, wherein the obtaining the context comprises instructing an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and the executing comprises executing the trained AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs an action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 12, TRIVEDI teaches the method of claim 9, wherein the executing the action comprises generating a verification question to be asked during the ongoing telephone call and displaying the verification question on at least one of the computing device and the GUI (paragraphs [0105] and [0108]; notification may also optionally include educative information 1006 (e.g., in the form of tips for future incoming calls) to prevent the user from falling prey to voice phishing. For example, the educative information 1006 may give the user tools for proactively identifying fraudulent activity, such as questions that can be asked to verify the caller).
Regarding claim 13, TRIVEDI teaches the method of claim 9, wherein the executing the trained AI model comprises iteratively executing the trained AI model a plurality of times on additional text displayed on the GUI as the ongoing telephone call progresses to generate a plurality of updates to the activity risk profile, and executing an additional action based on an update from among the plurality of updates to the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 14, TRIVEDI teaches the method of claim 9, comprising obtaining a user profile associated with the ongoing telephone call, wherein the executing the trained AI model comprises executing the trained AI model on the user profile to generate the activity risk profile (paragraphs [0065] and [0068]; given that fraudsters are constantly using new or different phone numbers for voice phishing attacks, the known fraudulent numbers included within the first data set may be pooled and/or periodically updated from one or more internal or external resources).
Regarding claim 15, TRIVEDI does not teach the method of claim 9, comprising adding a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retraining the trained AI model with the model feedback data including the model feedback record.
Abrams discloses adding a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retraining the trained AI model with the model feedback data including the model feedback record (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of adding a model feedback record which includes the activity risk profile generated by the trained AI model, the action executed during the ongoing telephone call, and a feedback with respect to the action, to the model feedback data, and retraining the trained AI model with the model feedback data including the model feedback record as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 16, TRIVEDI teaches the method of claim 9, wherein the activity risk profile comprises an activity risk indicator, and the activity risk indicator is a visual indicator displayed on the GUI during the ongoing telephone call (paragraphs [0023] and [0107]; determining a status for an incoming call to a user's communication device as at least one of fraudulent or confirmed and generating a notification indicating the status for display on the communication device).
Regarding claim 17, TRIVEDI teaches a computer-readable storage medium comprising instructions which when executed by a computer cause a processor to perform (paragraphs [0036] and [0117]; please see a processor 110A and a memory 112A):
implementing a trained artificial intelligence (AI) model using a neural network training capability with at least one of call log data of calls determined to have an activity risk, activity risk data, activity context (paragraphs [0023], [0031] and [0048]; status determination and corresponding notification generation may occur in real-time or near-real time as data of the incoming call, including voice data, is received and processed by one or more trained machine learning systems and/or models. These system and methods may assist the user “in the moment” as they are participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged),
capturing audio from an ongoing telephone call (paragraph [0048]; process 200 may include identifying an entity and an interaction allegedly associated with the incoming call from the voice data);
converting the audio from the ongoing telephone call into text (paragraph [0048]; convert the voice data from speech to text and identify the alleged entity and interaction from the text data);
obtaining context of an activity from a computing device (paragraphs [0048] and [0105]; notification may also optionally include a prompt for the user to verify one or more of the entity or the interaction during the incoming call. The prompt may include questions to verify the caller and the interaction they are allegedly calling about);
executing the trained AI model to generate an activity risk profile based on the text and the context of the ongoing telephone call; and executing an action during the ongoing telephone call based on the activity risk profile (paragraphs [0023], and [0055]; participating in a conversation with a potential fraudster, which allows the user to take more immediate action, e.g., terminate the call as soon as possible, to prevent in its entirety, or at least lower the amount of, sensitive data divulged).
However, TRIVEDI does not teach model feedback data.
Abrams discloses model feedback data (Fig. 3B, paragraphs [0037] and [0039]; risk assessment where user feedback is utilized to modify a risk assessment model).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of model feedback data as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 18, TRIVEDI does not teach the computer-readable storage medium of claim 17, wherein the obtaining the context comprises: obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display.
Abrams discloses obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display (paragraphs [0020] and [0030]; a system 201 for generating a risk assessment model. The historical authentication data 202 in FIG. 2A may comprise various telemetry data indicative of authentication context properties associated with user authentication sessions. For example, the historical authentication data 202 may indicate that user (A) visited a website www.wehack.com, has a user (A) social network profile with a location that did not match an IP address location of a device used to log into a user (A) bank account website, has interacted with a device using non-human keystroke patterns (e.g., keystrokes per minute above a human capability threshold), was unsuccessful at attempting large purchase transactions at various retail websites).
At the time of the effective filing date of the invention, it would have been obvious to a person of ordinary skilled in the art to modify TRIVEDI’s teaching with a feature of obtaining at least one of an Internet Protocol (IP) address of the computing device and a geographic location of the computing device and the executing comprises executing the trained AI model on the at least one of the IP address and the geographic location to generate the activity risk profile; and outputting the activity risk profile via a window displayed on a graphical user interface (GUI) on a display as taught by Abrams in order to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe (Abrams, Abstract).
Regarding claim 19, TRIVEDI teaches the computer-readable storage medium of claim 17, wherein the obtaining the context comprises instructing an audio processor to parse the audio from the ongoing telephone call to determine at least one of a background noise and a tone of voice during the ongoing telephone call, and the executing comprises executing the trained AI model on the at least one of the background noise and the tone of voice to generate the activity risk profile, wherein an AI agent performs an action based on the activity risk profile (paragraphs [0042] and [0083]; labels or scores may indicate known third fraud indicator data associated with content and/or one or more voice characteristics identified from the voice data of the past incoming calls. Training may proceed by feeding voice data of a past incoming call from the training data into the model of the machine learning system, the model having variables set at initialized values, e.g., at random, based on Gaussian noise or a pre-trained model).
Regarding claim 20, TRIVEDI teaches the computer-readable storage medium of claim 17, wherein the executing the action comprises generating a verification question to be asked during the ongoing telephone call and displaying the verification question on at least one of the computing device and the GUI (paragraphs [0105] and [0108]; notification may also optionally include educative information 1006 (e.g., in the form of tips for future incoming calls) to prevent the user from falling prey to voice phishing. For example, the educative information 1006 may give the user tools for proactively identifying fraudulent activity, such as questions that can be asked to verify the caller).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AKELAW A TESHALE whose telephone number is (571)270-5302. The examiner can normally be reached 9 am -6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FAN TSANG can be reached at (571) 272-7547. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
AKELAW TESHALE
Primary Examiner
Art Unit 2694
/AKELAW TESHALE/Primary Examiner, Art Unit 2694