Prosecution Insights
Last updated: July 17, 2026
Application No. 18/968,347

SYSTEM AND METHOD OF FILTERING INTERNET TRAFFIC VIA CLIENT FINGERPRINT

Non-Final OA §103
Filed
Dec 04, 2024
Priority
Dec 28, 2018 — provisional 62/785,703 +3 more
Examiner
SHIN, KYUNG H
Art Unit
2447
Tech Center
2400 — Computer Networks
Assignee
Plaid Inc.
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
1y 4m
Est. Remaining
93%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
796 granted / 970 resolved
+24.1% vs TC avg
Moderate +11% lift
Without
With
+10.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
21 currently pending
Career history
984
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
86.4%
+46.4% vs TC avg
§102
11.6%
-28.4% vs TC avg
§112
0.2%
-39.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 970 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 1. Claims 1 - 20 are pending. Claims 1, 8, 15 are independent. File date on 12-4-2024. Double Patenting 2. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Omum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). 3. Initially it should be noted that the present application is a continuation application of application 18/449896, now patent 12,177,357 having the same inventive entity. The Assignee in both applications is the same. The entire disclosures of the instant application and the patent are identical. Claims 1 - 20 are rejected under the judicially created doctrine of nonstatutory type double patenting as being unpatentable over Claims 1 - 20 of U.S. Patent No. 12,177,357. Although the conflicting claims are not identical, they are not patentably distinct from each other. Claims 1, 8, 15 of the instant application (18/968347) are almost the same as Patent (12,177,357) Claims 1, 8, 15. Claim 1 of the 12,177,357 Patent as shown in the table below contains every element of Claim 1 of the instant application and as such the difference is not enough to distinguish the two claims. Claims 1, 8, 15 of the instant application therefore are not patently distinct from the earlier patent claims and as such are unpatentable over nonstatutory-type double patenting. A later patent/application claim is not patentably distinct from an earlier claim, if the later claim is unpatentable over the earlier claim. Application 18/968347 Claim 1 Patent (12,177,357) Claim 1 “extracting, by a device, a set of packet components from a data packet” “extracting, by a device, a set of packet components from a data packet associated with network traffic” “generating, by the device, a tiered client fingerprint with an overall client fingerprint based on encoding an encoded collection of packet components of the set of packet components” “generating, by the device, a multiple tiered client fingerprint with an overall client fingerprint, wherein generating the multiple tiered client fingerprint with the overall client fingerprint comprises: individually encoding a collection of packet components of the set of packet components extracted from the data packet” “assigning, by the device based on the tiered client fingerprint, a type to network traffic associated with the data packet” “assigning, by the device, a type to the network traffic using the multiple tiered client fingerprint” 4. Initially it should be noted that the present application is a continuation application of application 17/686280, now patent 11,750,606 having the same inventive entity. The Assignee in both applications is the same. The entire disclosures of the instant application and the patent are identical. Claims 1 - 20 are rejected under the judicially created doctrine of nonstatutory obviousness type double patenting as being unpatentable over Claims 1 - 20 of U.S. Patent No. 11,750,606. Although the conflicting claims are not identical, they are not patentably distinct from each other. Claims 1, 8, 15 of the instant application (18/968347) are almost the same as Patent (11,750,606) Claims 1, 17, 19. Claim 1 of the 11,750,606 Patent contains every element of Claim 1 of the instant application and as such the difference is not enough to distinguish the two claims. Claims 1, 8, 15 of the instant application therefore are not patently distinct from the earlier patent claims and as such are unpatentable over nonstatutory obviousness type double patenting. A later patent/application claim is not patentably distinct from an earlier claim, if the later claim is unpatentable over the earlier claim. 5. Initially it should be noted that the present application is a continuation application of application 16/730037, now patent 11,310,053 having the same inventive entity. The Assignee in both applications is the same. The entire disclosures of the instant application and the patent are identical. Claims 1 - 20 are rejected under the judicially created doctrine of nonstatutory obviousness type double patenting as being unpatentable over Claims 1 - 22 of U.S. Patent No. 11,310,053. Although the conflicting claims are not identical, they are not patentably distinct from each other. Claims 1, 8, 15 of the instant application (18/793123) are almost the same as Patent (11,310,053) Claims 1, 15, 21. Claim 1 of the 11,310,053 Patent contains every element of Claim 1 of the instant application and as such the difference is not enough to distinguish the two claims. Claims 1, 8, 15 of the instant application therefore are not patently distinct from the earlier patent claims and as such are unpatentable over nonstatutory obviousness type double patenting. A later patent/application claim is not patentably distinct from an earlier claim, if the later claim is unpatentable over the earlier claim. Claim Rejections - 35 USC § 103 6. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 7. Claims 1 - 20 are rejected under 35 U.S.C. 103 as being unpatentable over Althouse et al. (US PGPUB No. 20180324153) in view of Kuperman et al. (US PGPUB No. 20170223049). Regarding Claims 1, 8, 15, Althouse discloses a method and a device and a non-transitory computer-readable medium comprising: a) extracting, by a device, a set of packet components from a data packet; (Althouse ¶ 051, ll 12-15: extracts selected data from the CHP, processes extracted data to form a client ID string) and c) assigning, by the device based on the tiered client fingerprint, a type to network traffic associated with the data packet. (Althouse ¶ 026, ll 10-19: hierarchical role model used; users at one permission level may have access to applications, data, and database information accessible by a lower permission level user, but may not have access to applications, data, and database information accessible to a user at a higher permission level; different users have different capabilities with regard to accessing and modifying application and database information depending on respective security or permission levels) Althouse does not explicitly disclose for b): generating a tiered client fingerprint with an overall client fingerprint based on encoding a collection of packet components of the set of packet components. However, Kuperman discloses: b) generating, by the device, a tiered client fingerprint with an overall client fingerprint based on encoding an encoded collection of packet components of the set of packet components; (Kuperman ¶ 081, ll 1-15: determine fingerprint of a client based on one or more attributes; combination of these client attributes, which may be represented as Boolean (true/false) values, whole values, or character value make up the fingerprint of the client; the values are hashed (encoded), in which case the fingerprint of the client may be a hash value of the client attributes; (fingerprint generated based on multiple client attributes, combined fingerprint)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Althouse for b): generating a tiered client fingerprint with an overall client fingerprint based on encoding a collection of packet components of the set of packet components as taught by Kuperman. One of ordinary skill in the art would have been motivated to employ the teachings of Kuperman for the benefits achieved from the flexibility of a system that enables the generation of a client fingerprint utilizing multiple attributes. (Kuperman ¶ 081, ll 1-15) Furthermore, for Claim 8, Althouse discloses wherein one or more memories, and one or more processors, coupled to the one or more memories, configured to perform operations. (Althouse ¶ 063, ll 9-15: implemented as software code executed by one or more processors; software code stored as computer or processor executable instructions or commands on a non-transitory computer-readable medium) Furthermore, for Claim 15, Althouse discloses wherein storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to perform operations. (Althouse ¶ 063, ll 9-15: implemented as software code executed by one or more processors; software code stored as computer or processor executable instructions or commands on a non-transitory computer-readable medium) Regarding Claims 2, 9, 16, Althouse discloses the method of claim 1 and the device of claim 8 and the non-transitory computer-readable medium of claim 15. Althouse does not specifically disclose the tiered client fingerprint is a multi-tiered client fingerprint. However, Kuperman discloses wherein the tiered client fingerprint is a multi-tiered client fingerprint. (Kuperman ¶ 081, ll 1-15: determine fingerprint of a client based on one or more attributes; combination of these client attributes, which may be represented as Boolean (true/false) values, whole values, or character value make up the fingerprint of the client; the values are hashed (encoded), in which case the fingerprint of the client may be a hash value of the client attributes; (fingerprint generated based on multiple client attributes, combined fingerprint)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Althouse for the tiered client fingerprint is a multi-tiered client fingerprint as taught by Kuperman. One of ordinary skill in the art would have been motivated to employ the teachings of Kuperman for the benefits achieved from the flexibility of a system that enables the generation of a client fingerprint utilizing multiple attributes. (Kuperman ¶ 081, ll 1-15) Regarding Claims 3, 10, 17, Althouse discloses the method of claim 1 and the device of claim 8 and the non-transitory computer-readable medium of claim 15, wherein the data packet is a hello message received during negotiation associated with a cryptographic protocol. (Althouse ¶ 051, ll 1-8: fingerprint a client based on a TLS (i.e. cryptographic protocol); monitoring packet data traffic over a network; network packet analyzer; detecting a client hello packet (hello message) received from a client seeking to begin a session; (network traffic analogous to sequence of received data packets); ¶ 043, ll 1-4: TLS is a security technology or protocol for establishing an encrypted link (i.e. cryptographic protocol) between web server and client) Regarding Claims 4, 11, 18, Althouse discloses the method of claim 3 and the device of claim 10 and the non-transitory computer-readable medium of claim 17, further comprising: a) extracting identifying data from client point formats from the hello message; (Althouse ¶ 051, ll 12-15: extracts selected data from the CHP, processes extracted data to form a client ID string; ¶ 044, l 4: client hello sends attributes to server; ¶ 048, ll 1-5: includes a list of compression algorithms supported by client; (extract information including identifying information)) b) encoding the client point formats; (Althouse ¶ 051, ll 20-26: apply a hash function (encoding) to client ID (i.e. extracted component) to form the client fingerprint; hash function returns a fingerprint (a string of characters), 32 characters long) and c) including the encoded client point formats in a set of sub-fingerprints. (Althouse ¶ 051, ll 20-26: apply a hash function to client ID (i.e. extracted component) to form the client fingerprint; hash function returns a fingerprint (a string of characters), 32 characters long) Regarding Claims 5, 12, 19, Althouse discloses the method of claim 1 and the device of claim 8 and the non-transitory computer-readable medium of claim 15, further comprising filtering the network traffic based on the type. (Althouse ¶ 026, ll 10-19: hierarchical role model used; users at one permission level may have access to applications, data, and database information accessible by a lower permission level user (network traffic types), but may not have access to applications, data, and database information accessible to a user at a higher permission level; different users have different capabilities with regard to accessing and modifying application and database information depending on respective security or permission levels) Regarding Claims 6, 13, 20, Althouse discloses the method of claim 1 and the device of claim 8 and the non-transitory computer-readable medium of claim 15, wherein assigning the type to the network traffic comprises selecting the type from a database, wherein the database includes a mapping of the tiered client fingerprint to a classification of client type. (Althouse ¶ 026, ll 10-19: hierarchical role model used; users at one permission level may have access to applications, data, and database information accessible by a lower permission level user, but may not have access to applications, data, and database information accessible to a user at a higher permission level; different users have different capabilities with regard to accessing and modifying application and database information depending on respective security or permission levels) Regarding Claims 7, 14, Althouse discloses the method of claim 1, wherein the data packet is a hello message received during negotiation associated with a transport layer security (TLS) protocol. (Althouse ¶ 051, ll 1-8: fingerprint a client based on a TLS (i.e. cryptographic protocol); monitoring packet data traffic over a network; network packet analyzer; detecting a client hello packet received from a client seeking to begin a session; (network traffic analogous to sequence of data packets); ¶ 043, ll 1-4: TLS is a security technology or protocol for establishing an encrypted link (i.e. cryptographic protocol) between web server and client) Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kyung H Shin whose telephone number is (571)272-3920. The examiner can normally be reached M - F: 12pm - 8pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached at 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KYUNG H SHIN/ 6-8-2026Primary Examiner, Art Unit 2447
Read full office action

Prosecution Timeline

Dec 04, 2024
Application Filed
Jun 08, 2026
Examiner Interview (Telephonic)
Jun 11, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683761
CONFIDENTIAL AUTOMATED SPEECH RECOGNITION
1y 10m to grant Granted Jul 14, 2026
Patent 12659320
EDGE-BASED THREAT INTELLIGENCE SHARING
2y 5m to grant Granted Jun 16, 2026
Patent 12657402
Systems and methods for utilizing Large Language Models (LLMs) for improving machine learning models in network and computer security
2y 6m to grant Granted Jun 16, 2026
Patent 12659332
SECURE PLATFORM FOR PROCESSING DATA
2y 2m to grant Granted Jun 16, 2026
Patent 12647357
ATTESTATION LOGIC ON MEMORY FOR MEMORY DIE VERIFICATION
3y 5m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
93%
With Interview (+10.8%)
2y 11m (~1y 4m remaining)
Median Time to Grant
Low
PTA Risk
Based on 970 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month