Prosecution Insights
Last updated: July 17, 2026
Application No. 18/897,062

SYSTEM AND METHOD FOR AUTHORIZING DATA TRANSFERS

Final Rejection §102§103
Filed
Sep 26, 2024
Priority
Jul 20, 2021 — continuation of 12/130,896
Examiner
TURCHEN, JAMES R
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
The Toronto-dominion Bank
OA Round
2 (Final)
82%
Grant Probability
Favorable
3-4
OA Rounds
1y 3m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
535 granted / 650 resolved
+24.3% vs TC avg
Strong +34% interview lift
Without
With
+33.8%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
21 currently pending
Career history
668
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
81.7%
+41.7% vs TC avg
§102
9.7%
-30.3% vs TC avg
§112
1.9%
-38.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 650 resolved cases

Office Action

§102 §103
CTFR 18/897,062 CTFR 82683 Notice of Pre-AIA or AIA Status 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Response to Arguments Applicant’s arguments, filed 4/16/2026, with respect to a rejection under double patenting have been fully considered and are persuasive. The double patenting rejection of claims 1-20 has been withdrawn. Applicant’s arguments regarding the objection of the drawings are persuasive and the objection is withdrawn. Applicant’s amendments and arguments with respect to the rejections under 35 USC 112 are persuasive and the 35 USC 112 rejection is withdrawn. Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument (Amendments to the Claims). Claim Rejections - 35 USC § 102 07-06 AIA 15-10-15 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 07-07-aia AIA 07-07 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – 07-08-aia AIA (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. 07-15-aia AIA Claim(s) 1-6, 8-16, 18-20 is/are rejected under 35 U.S.C. 102 (a)(1) as being anticiapted by Oberheide et al. (US 2018/0255054) hereafter Oberheide 1. Oberheide discloses a system of trust configured for authorizing one or more data transfers, the comprising: a non-transient computer-readable storage medium having executable instructions embodied thereon (para 16) ; and one or more hardware processors configured to execute the instructions (para 16) to: receive, from a data transfer system, a data transfer authorization request, the data transfer authorization request being based on a data transfer initiated by a customer computing device associated with a customer (para 12, The transaction is preferably sent from a requesting entity such as a website, application, or device. The requesting entity is typically a system in communication with the auth platform; see also fig 5 and corresponding text) ; determine that the customer computing device has a defined trust relationship with one or more trustee computing devices (para 11, registering an authority device for an account on an auth platform (trust relationship); para 12-13, the authority device preferably belongs to an authoritative user that is preferably in charge of regulating transactions of a user involved in the transaction) ; when the customer computing device has the defined trust relationship with the one or more trustee computing devices: send a third-party second-factor authentication message to the one or more trustee computing devices without sending any message to the customer computing device associated with one or more trustees (para 13, messaging the authority device with the transaction request, functions to push a notification to a secondary device for authentication or authorization. The authority device is preferably a device only the authentic user or an authorized user would possess. The message is preferably sent through a communication channel between the authority device and the auth platform. The communication channel is preferably a push notification service provided through the authority device; fig 5 and corresponding text) ; and authorize the data transfer system to complete the data transfer request in response to receipt of a third-party authentication confirmation from the one or more trustee computing devices and in the absence of any authentication confirmation from the customer computing device (para 14, receiving an authority agent response from the authority device to the auth platform, functions to process a response from an authentic user or authorized user. The response preferably confirms or denies a transaction. The confirmation and denial of a transaction may additionally be set to indicate any suitable form of response.) . 2. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to, when the customer computing device has no defined trust relationship with any trustee computing devices: send a first-party second-factor authentication message to the customer computing device (fig 1 and corresponding text) ; and authorize the data transfer system to complete the data transfer request in response to receipt of a first-party authentication confirmation from the customer computing device (fig 1 and corresponding text) . 3. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: determine that the customer computing device has the defined trust relationship with the one or more trustee computing devices by: searching a trust relationship database (fig 5 and corresponding text; para 11, 15, a plurality of authority devices registered for authorization and/or authentication. A rule may be setup for which authority devices to message, in what order, and the timing of the messaging.) ; and identifying the customer computing device in the trust relationship database (para 11, 15) . 4. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: define the trust relationship between the customer computing device and the one or more trustee computing devices so as to define the trust relationship between the customer and one or more trustees (para 11, 15) . 5. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to, when the customer computing device has the defined trust relationship with the one or more trustee computing devices: authorize the data transfer system to complete the data transfer request in response to receipt of the third-party authentication confirmation and when the customer device is available to provide authorization (para 12, authentication from authority device belonging to the user and authorization from the authority device of an authoritative user; see further para 11, 15) . 6. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: send the third-party second-factor authentication message to a plurality of trustee computing devices, each of the plurality of trustee computing devices being associated with a unique trustee (para 11, 15) ; and authorize the data transfer request in response to receipt of a separate third-party second-factor authentication confirmation from each of the plurality of trustee computing devices (para 11, 15) . 8. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: prevent authorization of the data transfer request in the absence of receipt of the third-party second-factor authentication confirmation and in response to the determination that the customer computing device has the defined trust relationship with the one or more trustee computing devices (para 15) . 9. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to, when the customer computing device has the defined trust relationship with the one or more trustee computing devices: send the third party second factor authentication message to a plurality of trustee computing devices, each of the plurality of trustee computing devices associated with a unique one of the one or more trustees (para 11, 15) ; and authorize the data transfer system to complete the data transfer request in response to receipt of the third-party second-factor confirmation from any of the plurality of trustee computing devices (para 11, 15) . 10. The system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: receive, from a second data transfer system, a second data transfer authorization request based on a second data transfer initiated by a second customer computing device associated with a second customer (para 12) ; determine whether the second customer computing device has a defined second trust relationship with one or more second trustee computing devices (para 12-13) ; send a second third-party second-factor authentication message to the one or more second trustee computing devices without sending any message to the second customer computing device (para 13) ; and authorize the second data transfer system to complete the second data transfer request in response to receipt of a second third-party authentication confirmation from the one or more second trustee computing devices and in the absence of any authentication confirmation from the second customer computing device (para 14-15) ; and authorize a first data transfer originating from a first data transfer system and a second data transfer originating from the second data transfer system (para 15) . Claims 11-16, 18-20 are similar in scope to claims 1-6, 8-9 and are rejected under similar rationale . Claim Rejections - 35 USC § 103 07-06 AIA 15-10-15 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-22-aia AIA Claim (s) 7 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Oberheide as applied to claim 1, and 11 above, and further in view of Yu et al. (US 11,954,308) hereafter Yu . 7. Oberheide discloses the system of claim 1, wherein the one or more hardware processors are further configured by the instructions to: prior to receiving the data transfer request, receive, from the customer computing device, a trustee initiation request identifying the one or more trustee computing devices to be included in the defined trust relationship with the customer computing device (para 11) ; but does not explicitly disclose prior to receiving the data transfer request, send, from the apparatus, a trustee enrollment confirmation request to the one or more trustee computing devices. However, in an analogous art, Yu discloses methods and user interfaces for account recovery including prior to receiving the data transfer request, send, from the apparatus, a trustee enrollment confirmation request to the one or more trustee computing devices (figs. 6A-6T and corresponding text) . It would have been obvious to a person of ordinary skill in the art before the effective filing date to modify the implementation of Oberheide with the implementation of Yu in order to allow to increase effectiveness, efficiency, and user satisfaction when authentication is unable to be performed (col 8, 52-56) . Claim 17 is similar in scope to claim 7 and is rejected under similar rationale. Conclusion 07-40 AIA Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL . See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES R TURCHEN whose telephone number is (571)270-1378. The examiner can normally be reached Monday-Friday: 7-3. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAMES R TURCHEN/ Primary Examiner, Art Unit 2439 Application/Control Number: 18/897,062 Page 2 Art Unit: 2439 Application/Control Number: 18/897,062 Page 3 Art Unit: 2439 Application/Control Number: 18/897,062 Page 4 Art Unit: 2439 Application/Control Number: 18/897,062 Page 5 Art Unit: 2439 Application/Control Number: 18/897,062 Page 6 Art Unit: 2439
Read full office action

Prosecution Timeline

Sep 26, 2024
Application Filed
Feb 06, 2026
Non-Final Rejection mailed — §102, §103
Apr 16, 2026
Response Filed
Jun 01, 2026
Final Rejection mailed — §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12681829
TECHNIQUES FOR MANAGING ACTIVITY INFORMATION ASSOCIATED WITH USER APPLICATIONS
2y 9m to grant Granted Jul 14, 2026
Patent 12675559
INFORMATION PROCESSING APPARATUS, NON-TRANSITORY COMPUTER READABLE MEDIUM STORING INFORMATION PROCESSING PROGRAM, AND INFORMATION PROCESSING METHOD
3y 3m to grant Granted Jul 07, 2026
Patent 12657339
SYSTEMS AND METHODS FOR CENSORING CONFIDENTIAL INFORMATION
1y 10m to grant Granted Jun 16, 2026
Patent 12651075
SYSTEM FOR DEPLOYABLE SOFTWARE VULNERABILITY TESTING PLATFORM
1y 11m to grant Granted Jun 09, 2026
Patent 12634288
METHOD AND SYSTEM FOR SEAMLESSLY REGISTERING ENTITLEMENTS WITHIN DIFFERENT TYPES OF ACCESS MANAGEMENT SYSTEMS
2y 5m to grant Granted May 19, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
82%
Grant Probability
99%
With Interview (+33.8%)
3y 0m (~1y 3m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 650 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month