DETAILED ACTION
Acknowledgements
The claims filed 10/23/2024 are acknowledged.
Claims 1-20 are pending.
Claims 1-20 have been examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-2, 4-12, 14-18, and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
In the instant case, claims 1-2 and 4-10 are directed to a method, claims 11-12 and 14-17 are directed to a system comprising one or more processors of a computing system and at least one non-transitory computer readable medium, and claims 18 and 20 are directed to a non-transitory computer-readable medium. Therefore, these claims fall within the four statutory categories of invention.
The claims recite initiating a payment transaction, receiving authentication information from a user, and authenticating the identity of the user by comparing the received authentication information to known authentication information to determine a match, which is an abstract idea. Specifically, the claims recite “initiating [a] . . . transaction between a [merchant] and a . . . user,” “triggering a movement-based authentication process,” “receiving contextual data representative of . . . movement patterns by the [merchant] from . . . the user.” comparing the . . . movement patterns with a stored . . . movement signature by an authentication [entity] . . .,” and “authenticating the electronic transaction upon determining the . . . movement patterns match the stored . . . movement signature,” which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (MPEP 2106.04 & 2106.04(a)) because the claims describe a process of authenticating a user while performing a payment transaction at a merchant, which involves initiating the transaction at the merchant, receiving authentication data from the user, comparing that data to stored authentication data for the user, and authenticating the transaction when there is a match, which is a commercial or legal interaction. Accordingly, the claims recite an abstract idea (See MPEP 2106.04(a)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106.04(d)), the additional elements of the claims such as the use of an electronic transaction, a point-of-sale terminal, a device associated with the user, device movement patterns from one or more sensors of the device, an authentication server, a machine learning model, one or more processors of a computing system, and at least one non-transitory computer readable medium, merely use a computer as a tool to perform an abstract idea. Specifically, these additional elements perform the steps or functions of “initiating [a] . . . transaction between a [merchant] and a . . . user,” “triggering a movement-based authentication process,” “receiving contextual data representative of . . . movement patterns by the [merchant] from . . . the user.” comparing the . . . movement patterns with a stored . . . movement signature by an authentication [entity] . . .,” and “authenticating the electronic transaction upon determining the . . . movement patterns match the stored . . . movement signature.” Viewed as a whole, the use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claim do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106.05), the additional elements of using an electronic transaction, a point-of-sale terminal, a device associated with the user, device movement patterns from one or more sensors of the device, an authentication server, a machine learning model, one or more processors of a computing system, and at least one non-transitory computer readable medium to perform the steps amounts to no more than using a computer or processor to automate and/or implement the abstract idea of initiating a payment transaction, receiving authentication information from a user, and authenticating the identity of the user by comparing the received authentication information to known authentication information to determine a match. As discussed above, taking the claim elements separately, these additional elements perform the steps or functions of “initiating [a] . . . transaction between a [merchant] and a . . . user,” “triggering a movement-based authentication process,” “receiving contextual data representative of . . . movement patterns by the [merchant] from . . . the user.” comparing the . . . movement patterns with a stored . . . movement signature by an authentication [entity] . . .,” and “authenticating the electronic transaction upon determining the . . . movement patterns match the stored . . . movement signature.” These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of initiating a payment transaction, receiving authentication information from a user, and authenticating the identity of the user by comparing the received authentication information to known authentication information to determine a match. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05 (f) & (h)). Therefore, the claim is not patent eligible.
Dependent claims 2, 4-10, 12, 14-17, and 20 further describe the abstract idea of initiating a payment transaction, receiving authentication information from a user, and authenticating the identity of the user by comparing the received authentication information to known authentication information to determine a match. Specifically, claims 2 and 12 describe the device as being a wearable device, but do not require any steps or functions to be performed beyond those recited in the independent claims. Claims 4, 14, and 20 further describes the authentication as it describes manner in which the authentication server identifies device movement patterns that match the device movement signature associated with the user. Although these claims recite training the machine learning model at a high level, they do not provide any technical details regarding training the machine learning model such that it would provide an improvement to a technology. Therefore, the use of the machine learning model only involves using a computer as a tool to automate and/or implement the abstract idea. Claims 5 and 15 describe the data used to train the machine learning model, but do not require any additional steps or functions to be performed. Claims 6-9 and 16-17 further describe the data used to detect the device movement patterns. This further describes the abstract idea as it describes the data used as input for authentication. The use of sensors to collect motion signals representing the data does not provide a practical application or significantly more than the abstract idea because it only involves using a computer as a tool to automate and/or implement the abstract idea. Claim 10 describes the types of sensors, but does not require any additional steps or functions to be performed. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 11-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 11 is directed to a system comprising one or more processors of a computing system and at least one non-transitory computer readable medium storing instructions that are executed to perform the operations of the claim, and claim 18 is directed to a non-transitory computer readable medium. Claim 11 further recites “receiving contextual data representative of the device movement patterns by the POS terminal from one or more sensors of the device associated with the user” and claim 18 recites a similar limitation. This recites an operation performed by the POS terminal, which is distinct from the claimed system or computer readable medium. Similarly, claims 11 and 18 also recite “comparing the device movement patterns . . . by an authentication server . . . .” Additionally, claim 16 recites further operations performed as part of comparing the device movement patterns, which is performed the authentication server. These limitations recite operations performed by an authentication server, which is also distinct from the claimed system or computer readable medium. All of these cited limitations render the claims indefinite, because these operations cannot be performed by the claimed system or computer readable medium, as they are performed by separate systems, such as the POS terminal and authentication server.
Claims 12-17 and 19-20 are also rejected as each depends on either claim 11, 16, or 18.
Claims 13 and 19 recite “generating a display of an electronic payment interface in the device associated with the user, prompting the user to provide a device movement-based signature; and determining a starting check point to initiate a capture of the device movement patterns, activating the one or more sensors of the device.” These limitations recite operations performed by the device associated with the user. However, claims 13 and 19 are directed to a system comprising one or more processors of a computing system and at least one non-transitory computer readable medium storing instructions that are executed to perform the operations of the claim. Therefore, these limitations render the claim indefinite, because these operations cannot be performed by the claimed system or computer readable medium, as they are performed by a separate device, i.e. the device associated with the user.
Claims 14 and 20 recite “training the machine learning model by the authentication server based on the contextual data to identify the device movement patterns that match the device movement signature associated with the user.” This limitation recites operations performed by the authentication server. Claim 15 further describes training of the machine learning model. However, claims 14-15 and 20 are directed to a system comprising one or more processors of a computing system and at least one non-transitory computer readable medium storing instructions that are executed to perform the operations of the claim. Therefore, this limitation renders the claim indefinite, because this operations cannot be performed by the claimed system or computer readable medium, as it is performed by a separate device, i.e. the authentication server.
Claim 15 is also rejected as it depends on claim 14
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 4-7, 11-12, 14-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ma, et al. (US 2016/0140539) (“Ma”) in view of MacLaurin, et al. (US 2016/0189149) (“MacLaurin”) and Nassi, et al. (US 2019/0121951) (“Nassi”).
Regarding claims 1, 11, and 18, Ma discloses a computer-implemented method for authenticating a user based on device movement patterns, a system for authenticating a user based on device movement patters, comprising one or more processors of a computing system and at least one non-transitory computer readable medium storing instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising the method, and a non-transitory computer readable medium for authenticating a user based on device movement patterns, the non-transitory computer readable medium storing instructions which, when executed by one or more processors of a computing system, cause the one or more processors to perform operations comprising the method, the method comprising:
initiating an electronic transaction between a point-of-sale (POS) terminal and a device associated with the user, triggering a movement-based authentication process (Ma ¶¶ 54);
receiving contextual data representative of the device movement patterns by the POS terminal from one or more sensors of the device associated with the user (Ma ¶¶ 55, 59, 65);
comparing the device movement patterns with a stored device movement signature (Ma ¶¶ 58, 68); and
authenticating the electronic transaction upon determining the device movement patterns match the stored device movement signature (Ma ¶¶ 60, 69-71).
Ma does not specifically disclose that the comparison of the device movement patterns with a stored device movement signature is performed by an authentication server utilizing a machine learning model.
MacLaurin discloses an authentication server comparing the device movement patters with a stored device movement signature (MacLaurin ¶¶ 17-18, 23, 60-62, 73, 75-77, 81-83, 85, 92).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma to include an authentication server comparing the device movement patters with a stored device movement signature, as disclosed in MacLaurin, in order to allow for building biometric profiles of users based on their activities (MacLaurin ¶¶ 4, 15, 27, 76).
Ma in view of MacLaurin does not specifically disclose utilizing a machine learning model to compare the device movement patterns with a stored device movement signature.
Nassi discloses utilizing a machine learning model to compare the device movement patterns with a stored device movement signature (Nassi ¶¶ 71, 88).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma in view of MacLaurin to include utilizing a machine learning model to compare the device movement patterns with a stored device movement signature, as disclosed in Nassi, in order to more accurately distinguish between genuine and fraudulent user behavior (Nassi ¶¶ 4-17, 71).
Regarding claims 2 and 12, Ma discloses that the device associated with the user is a wearable device (Ma ¶ 28).
Regarding claims 4, 14, and 20 Ma does not specifically disclose that receiving the contextual data representative of the device movement patterns comprises: transmitting the contextual data to the authentication server; and training the machine learning model by the authentication server based on the contextual data to identify the device movement patterns that match the device movement signature associated with the user.
MacLaurin discloses that receiving the contextual data representative of the device movement patterns comprises transmitting the contextual data to the authentication server (MacLaurin ¶¶ 17-18, 23, 60-62, 73, 75-77, 81-83, 85, 92).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma to include transmitting the contextual data to the authentication server, as disclosed in MacLaurin, in order to allow for building biometric profiles of users based on their activities (MacLaurin ¶¶ 4, 15, 27, 76).
Ma in view of MacLaurin does not specifically disclose training the machine learning model by the authentication server based on the contextual data to identify the device movement patterns that match the device movement signature associated with the user.
Nassi discloses training the machine learning model by the authentication server based on the contextual data to identify the device movement patterns that match the device movement signature associated with the user (Nassi ¶¶ 20-30, 71-86).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma in view of MacLaurin to include training the machine learning model by the authentication server based on the contextual data to identify the device movement patterns that match the device movement signature associated with the user, as disclosed in Nassi, in order to more accurately distinguish between genuine and fraudulent user behavior (Nassi ¶¶ 4-17, 71).
Regarding claims 5 and 15, Ma in view of MacLaurin does not specifically disclose that the machine learning model is trained using the contextual data associated with known genuine device movement-based signatures and forged device movement-based signatures to distinguish between genuine and forged device movement patterns.
Nassi discloses that that the machine learning model is trained using the contextual data associated with known genuine device movement-based signatures and forged device movement-based signatures to distinguish between genuine and forged device movement patterns (Nassi ¶¶ 22-31, 39-44, 71-72).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma in view of MacLaurin to include training the machine learning model using the contextual data associated with known genuine device movement-based signatures and forged device movement-based signatures to distinguish between genuine and forged device movement patterns, as disclosed in Nassi, in order to more accurately distinguish between genuine and fraudulent user behavior (Nassi ¶¶ 4-17, 71).
Regarding claims 6 and 16, Ma discloses that comparing the device movement patterns with the stored device movement signature comprises: detecting the device movement patterns by tracking one or more of a position, an acceleration, and an orientation of the device associated with the user in a three-dimensional space during one or more signature moves (Ma ¶¶ 30-31, 59).
Regarding claims 7 and 17, Ma discloses that the device movement pattern is determined by collecting motion signals from the one or more sensors, and wherein the motion signals indicate a time sequences of values captured during the one or more signature moves (Ma ¶¶ 30-31, 59).
Claims 3, 8, 13, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ma in view of MacLaurin and Nass as applied to claims 1, 7, 11, and 18 above, and further in view of Chen, et al. (US 2016/0226865) (“Chen”).
Regarding claims 3, 13, and 19, Ma discloses that triggering the movement-based authentication process comprises generating a display of an electronic payment interface in the device associated with the user, prompting the user to provide a device movement-based signature (Ma ¶ 54).
Ma in view of MacLaurin and Nassi does not specifically disclose determining a starting check point to initiate a capture of the device movement patterns, activating the one or more sensors of the device.
Chen discloses determining a starting check point to initiate a capture of the device movement patterns, activating the one or more sensors of the device (Chen ¶¶ 40-41, 45, 84-85, 94, 100, 172, 187).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma in view of MacLaurin and Nass to include determining a starting check point to initiate a capture of the device movement patterns, activating the one or more sensors of the device, as disclosed in Chen, in order to increase accuracy by distinguishing movement that is part of the device movement pattern from extraneous movement of the device (Chen ¶¶ 10, 40-41, 45, 84-85, 94, 100, 172, 187).
Regarding claim 8, Ma in view of MacLaurin and Nass does not specifically disclose that collection of the motion signals include a required minimum number of device movements or a minimum time threshold.
Chen discloses that collection of the motion signals include a required minimum number of device movements or a minimum time threshold (Chen ¶¶ 10, 51, 56, 59, 62-63, 66-70, 90-91 101).
Therefore, it would have been obvious to one of ordinary skill in the art the effective filing date of the present application to modify the method of Ma in view of MacLaurin and Nass to include the collection of the motion signals including a required minimum number of device movements or a minimum time threshold, as disclosed in Chen, in order to increase accuracy and ensure the movement is sufficiently complex to provide sufficient security (Chen ¶¶ 10, 59, 63).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Faith, et al. (US 2014/0304055) (“Faith”) discloses providing biometric information including accelerometer data to an access device or point-of-sale terminal during authorization of a payment (Faith ¶¶ 43-45).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Mohammad A. Nilforoush whose telephone number is (571)270-5298. The examiner can normally be reached Monday-Friday 12pm-7pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W. Hayes can be reached at 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Mohammad A. Nilforoush/Primary Examiner, Art Unit 3697