Prosecution Insights
Last updated: July 17, 2026
Application No. 18/944,078

Relying Party Risk-Adjusted Indicator System and Method

Non-Final OA §103
Filed
Nov 12, 2024
Priority
Nov 04, 2019 — continuation of 11/526,888 +2 more
Examiner
LE, CHAU D
Art Unit
2408
Tech Center
2400 — Computer Networks
Assignee
Visa International Service Association
OA Round
1 (Non-Final)
85%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 85% — above average
85%
Career Allowance Rate
461 granted / 540 resolved
+27.4% vs TC avg
Strong +17% interview lift
Without
With
+16.6%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
6 currently pending
Career history
551
Total Applications
across all art units

Statute-Specific Performance

§101
4.0%
-36.0% vs TC avg
§103
69.8%
+29.8% vs TC avg
§102
11.1%
-28.9% vs TC avg
§112
0.5%
-39.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 540 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION The claims 1-20 are pending. Information Disclosure Statement The information disclosure statement (IDS) submitted on 1/16/2025 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over unpatentable over Fisher (US Pub No 2015/0120560) in view of Filter et al. (US Pub No 2019/0356638). With respect to claim 1, Fisher further teaches: A method comprising: [providing, to a user device,] a token (e.g., “The secure data element may be created by the user in an enrollment process. In other embodiments, the secure data element may be created by a computer on behalf of the user. The secure data element may be alphanumeric, or composed of only numbers or only letters. Secure data element are not limited to strings of characters. In some embodiments, a secure data element may be a password, a token, or biometric data (e.g., fingerprint, voiceprint).” ¶ 0036); in response to a request to initiate a transaction by a user of the user device with another party, transmitting, to the user device, a request for a proof-of-identity, wherein the user is registered with an identity service (e.g., “In step 202, the server computer receives an authentication request message generated by a merchant computer 104 for a payment device used in a transaction between a user and a merchant. The authentication request message may include user data, user computing device data, and transaction data.” ¶ 0099 and “ In step 218, the server computer sends the challenge request message to the user computing device 102. The challenge request message may be sent to the user computing device 102 by a direct connection between the user computing device 102 and the server computer.” ¶ 0107); receiving, by the identity service from the user device, the proof-of-identity based on the token and at least one of the following: a biometric, a secret code, an assertion profile, at least one know-your-customer datum, or any combination thereof (e.g., “In step 220, the server computer receives a challenge response message from the user computing device 102. The challenge response message may include the secure data element provided by a user associated with the user computing device 102.” ¶ 0108 and “Examples of secure data elements include a password, a token, and/or biometric data.” ¶ 0106); authenticating, by the identity service, the user based on the proof-of-identity received from the user device (e.g., “ In step 222, the server computer evaluates the received secure data element against a stored secure data element. The server computer may evaluate the received secure data element to determine whether the received secure data element matches or is within a range of a stored secure data element.” ¶ 0109 and “In step 224, the server computer determines whether the received secure data element matches or is within a range of a stored secure data element.” ¶ 0110); and initiating a transaction in response to authenticating the user (e.g., “ In step 226, when the received secure data element matches a stored secure data element, the transaction is authenticated by the server computer.” ¶ 0111). Fisher discloses the claimed subject matter as discussed above with regards to a “secure data elements include a password, a token, and/or biometric data” (¶ 0106) and the creating of the secure data element during enrollment process by the user or a computer on behalf of the user (¶ 0036), but does not explicitly discloses “providing, to a user device, a token”. However, analogous art from the same field of endeavor, Filter teaches the user device receiving a one-time code to use in subsequent transaction (e.g., ¶ 0093-0094). Therefore, based on Fisher in view of Filter, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teaching of Filter to the system of Fisher in order to increase data exchange security by reducing fraud and identity theft (¶ 0011). Hence, it would have been obvious to combine the references to obtain the invention as specified in the instant claim(s). The prior arts above further teach claim: 2. The method of claim 1, wherein the proof-of-identity comprises a device identifier (e.g., verifying user computing device data @ Fisher ¶ 0077-0078 and ID @ Filter ¶ 0056). The prior arts above further teach claim: 3. The method of claim 2, wherein the device identifier comprises a device fingerprint or a phone number (e.g., unique device identifiers to uniquely identifies a subscription in a mobile network @ Fisher ¶ 0029 and unique number @ Filter ¶ 0049). The prior arts above further teach claim: 4. The method of claim 1, wherein the token comprises an encrypted token (e.g., encrypted token @ Fisher ¶ 0019 and encrypted object @ Filter ¶0090). The prior arts above further teach claim: 5. The method of claim 1, wherein the token is provided to the user device by the identity service (e.g., “the target computing entity 16 approves the request to initiate conveyance when the target computing entity 16 is affiliated with trusted data securing device 18” @ Filter ¶ 0093). The prior arts above further teach claim: 6. The method of claim 1, further comprising: receiving a request for a one-time transaction identifier from the user device; and providing the one-time transaction identifier to the user device, wherein the transaction is initiated based on the one-time transaction identifier (e.g., “At step (b), user computing device 12 sends target computing entity 16 a request to initiate conveyance of at least a portion of a certified data object (hereinafter for FIGS. 8A and 8B referred to as the certified data object) to the target computing entity 16 via the direct communication link. When the request to initiate conveyance is approved by the target computing entity 16, target computing entity 16 sends the user computing device 12 a one-time use code (e.g., a transaction ID) regarding conveyance of the certified data object at step (c).” @ Filter ¶ 0093). The prior arts above further teach claim: 7. The method of claim 6, further comprising: generating a risk signifier based on the transaction; and combining the risk signifier with the one-time transaction identifier, resulting in a relying party risk-adjusted indicator (e.g., risk analysis and risk score @ Fisher ¶ 0023-0024 and “ perform a risk analysis using user data, user computing device data and/or transaction data received in the authentication request message for a transaction from the user computing device 102. In such embodiments, the directory server computer 106 may determine a risk score for the transaction and send the risk score to the access control server computer 108 for additional authentication processing.” @ Fisher ¶ 0064-0067). The prior arts above further teach claim: 8. The method of claim 7, further comprising: hashing or encrypting the relying party risk-adjusted indicator; and communicating the relying party risk-adjusted indicator to the another party (e.g., “ In some embodiments, when the risk score associated with the payment device or account is on one side of a pre-defined or user-defined risk threshold (e.g., below a threshold), the access control server computer 108 may provide an indication in the authentication response message that the account or payment device has been authenticated and that the transaction may proceed. For example, given a risk analysis where the risk score is within a range from 0-10, with 10 being the highest likelihood of fraud and 0 being the lowest likelihood of fraud, a risk score of 5 may be established as a risk threshold. In such an example, transactions with risk scores of 0-4 may be considered low risk, while transactions with risk scores of 5-10 may be considered higher risk and subject to additional authentication processes.” @ Fisher ¶ 0066 and using encryption @ Fisher ¶ 0019 and encrypted object @ Filter ¶0090). The prior arts above further teach claim: 9. The method of claim 8, further comprising determining to authorize or reject the transaction based on the relying party risk-adjusted indicator (e.g., “when the risk score associated with the payment device or account is on another side of the pre-defined or user-defined risk threshold (e.g., above the threshold), the access control server computer 108 may provide an indication in the authentication response message that the account or payment device has not been authenticated and that the transaction may not proceed.” @ Fisher ¶0067). The “system” Claims 10-19 recites substantially similar limitations to the “method” Claims 1-9, accordingly, Claims 10-19 are likewise rejected. The “computer program product” Claim 20 recites substantially similar limitations to the “method” Claim 1, accordingly, Claim 20 is likewise rejected. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAU LE whose telephone number is (571)270-7217. The examiner can normally be reached M-F 8:00-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LINGLAN EDWARDS can be reached at (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHAU LE/Primary Examiner, Art Unit 2408
Read full office action

Prosecution Timeline

Nov 12, 2024
Application Filed
May 28, 2026
Non-Final Rejection mailed — §103
Jul 07, 2026
Applicant Interview (Telephonic)
Jul 07, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12681835
ARTIFICIAL INTELLIGENCE (AI)-BASED SYSTEM AND METHOD FOR GENERATING SYSTEM ARCHITECTURE REPRESENTATIONS
2y 2m to grant Granted Jul 14, 2026
Patent 12659295
SECURE ANALYSIS APPLICATION FOR ACCESSING WEB RESOURCES
1y 8m to grant Granted Jun 16, 2026
Patent 12647466
SSH ENGINE(S) FOR GENERATING USER SPECIFIC SSH CONFIGURATION FILES
2y 1m to grant Granted Jun 02, 2026
Patent 12634689
ANONYMOUS NETWORK ACCESS IN A NETWORK ENVIRONMENT
2y 11m to grant Granted May 19, 2026
Patent 12619702
SECURE USER AUTHENTICATION FOR MEDICAL DEVICE CONSOLES
2y 0m to grant Granted May 05, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
85%
Grant Probability
99%
With Interview (+16.6%)
2y 9m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 540 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month