Prosecution Insights
Last updated: July 17, 2026
Application No. 18/968,939

SELECTIVE ENCRYPTION SERVICE INTERFACE FOR USE WITH THIRD-PARTY NETWORK SERVICES

Non-Final OA §101§103§112
Filed
Dec 04, 2024
Priority
Nov 09, 2016 — provisional 62/419,960 +4 more
Examiner
REZA, MOHAMMAD W
Art Unit
2407
Tech Center
2400 — Computer Networks
Assignee
Stratokey Pty Ltd.
OA Round
1 (Non-Final)
88%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
98%
With Interview

Examiner Intelligence

Grants 88% — above average
88%
Career Allowance Rate
834 granted / 952 resolved
+29.6% vs TC avg
Moderate +11% lift
Without
With
+10.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
19 currently pending
Career history
966
Total Applications
across all art units

Statute-Specific Performance

§101
2.9%
-37.1% vs TC avg
§103
83.9%
+43.9% vs TC avg
§102
9.4%
-30.6% vs TC avg
§112
1.1%
-38.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 952 resolved cases

Office Action

§101 §103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Claims 1-20 are presented for examination. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,594,721. Although the claims at issue are not identical, they are not patentably distinct from each other because they recite substantially the same limitations and are anticipated by the parent application. Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of U.S. Patent No. 10,798,064. Although the claims at issue are not identical, they are not patentably distinct from each other because they recite substantially the same limitations and are anticipated by the parent application. Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-15 of U.S. Patent No. 11,838,115. Although the claims at issue are not identical, they are not patentably distinct from each other because they recite substantially the same limitations and are anticipated by the parent application. “A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001). Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 4. Claims 20 is rejected under 35 U.S.C. 101 because the claim invention is directed to non-statutory subject matter. The broadest reasonable interpretation of a claim drawn to “A computer-readable medium” typically can be interpreted transitory propagating signals per se in view of the ordinary and customary meaning of computer readable storage media. See MPEP §2111.01. When the broadest reasonable interpretation of a claim covers a signal per se, the claim must be rejected under 35 U.S.C. § 101 as covering non-statutory subject matter. See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007) (transitory embodiments are not directed to statutory subject matter); Interim Examination Instructions for Evaluating Subject Matter Eligibility Under 35 U.S.C. § 101, Aug. 24, 2009; p. 2 and see Official Gazette Notice: Hence, claims 16-22 are rejected under 35 U.S.C. 101 because the claim invention is directed to non-statutory subject matter. “A computer-readable medium” is reasonably interpreted by one of ordinary skill as just software or carrier signal. "A computer-readable medium " could be transitory propagating signals per se. So, the function of the “A computer-readable medium” to any ordinary skill in the art is not any non-transitory tangible medium. Therefore any ordinary skill in the art could interpret the medium is a transitory or carrier signal medium. So, the function of the “computer readable medium” could be transitory. Hence, it does not appear that a claim reciting transitory with functional descriptive material falls within any of the categories of patentable subject matter set forth in § 101. Examiner suggestions to add the word “non-transitory” in front of “computer-readable medium” to the claim to overcome the non-statutory rejection. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 5. Claims 1, 12, and 20 are recites the limitation "the server" in line 16. There is insufficient antecedent basis for this limitation in the claim. Necessary correction is required. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 6. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Merritt (US Pat. App. Pub. 20170104723) and in view of Kahol et al hereafter Kahol (US Pat. App. Pub. 20160234209). 7. As per claims 1, 12, and 20, Merritt discloses a network computer system, a method, and a computer-readable medium comprising: one or more processors; one or more memory resources storing a set of instructions, that, when executed by the one or more processors, cause the network computer system to provide a proxy service for a plurality of users associated with an enterprise to utilize when accessing a third-party network service, wherein in providing the proxy service (paragraphs: 39-43), the one or more processors: receive a content submission from the client computer intended for the third-party network service; analyze the content submission to identify one or more sensitive data elements within the content submission, wherein a remainder of the content submission is not recognized as being sensitive; perform an encryption operation on the one or more sensitive data elements (paragraphs: 7, 16, 54-57, wherein it emphasizes that proxy server receives the content submission from user device to access the resources from data center. Identifying the sensitive portion of the content submission and encrypting that portion and leave the remaining portion as clear text), store a decryption key associated with the sensitive data elements with the server system; transmit the content submission to the third-party network service to store the content submission with the sensitive data elements in an encrypted form (paragraphs: 40, and 68, wherein it elaborates storing the decryption key in the proxy server for future use for decrypting the encrypted portion of the data. Then, transfer the encrypted portion and clear text portion of the content submission to the data center for acing the resources); receive a request, independent of the client computer, identifying the sensitive data elements in the encrypted form; provide a response to the request using the decryption key, the response enabling the sensitive data elements to be used in a decrypted form; and provide a service interface comprising a program entity interface for a programmatic entity associated with the enterprise to access the sensitive data elements stored in the encrypted form with the third-party network service by the proxy service (paragraphs: 41-43, 73-74, and 82, wherein it deliberates that receiving a request which is not dependent on any specific client computer for resources the datacenter identifying the sensitive portion in the encrypted form and provide the decryption key. In response of the request the decryption key is going to decrypt the sensitive portion and provide it to data center. An interface allows to access resources of the data center based on the matching of the decrypted form of the sensitive portion of the content access). Although, Merritt discusses about storing a decryption key associated with the sensitive data elements at the proxy server system which should be interpreted by any ordinary skill in the art as store a decryption key associated with the sensitive data elements with the server system. Moreover, in the same field of endeavor, Kahol specifically discloses store a decryption key associated with the sensitive data elements with the server system (paragraphs: 78). Accordingly, it would been obvious to one of ordinary skill in the network security art before the effective filing date of the claimed invention to have incorporated Kahol’s teachings of store a decryption key associated with the sensitive data elements with the server system with the teachings of Merritt, for the purpose of effectively protecting the decryption key from any unauthorized intruders. 8. As per claim 2, Merritt and in view of Kahol discloses the network computer system, wherein, in providing the service interface, the one or more processors: receive an encryption request via the service interface from the programmatic entity, the encryption request including one or more data elements in the unencrypted form; generate the encrypted form of the one or more data elements using one or more stored decryption keys; and provide a response to the encryption request to the programmatic entity (Merritt, paragraphs: 22-24). 9. As per claim 3, Merritt and in view of Kahol discloses the network computer system, wherein, in providing the service interface, the one or more processors: receive a decryption request via the service interface from the programmatic entity, the decryption request specifying an encrypted form of one or more data elements stored with the third-party network service; decrypt the encrypted form of the one or more data elements to generate a decrypted form of the one or more data elements using one or more stored decryption keys; and provide a response to the decryption request to the programmatic entity, the response including the decrypted form of the one or more data elements (Merritt, paragraphs: 69, 73, 75). 10. As per claim 4, Merritt and in view of Kahol discloses the network computer system, wherein the service interface includes a Representation State Transfer (REST) interface (Merritt, paragraphs: 59, 61, and 65). 11. As per claim 5, Merritt and in view of Kahol discloses the network computer system, wherein the decryption request comprises a web service call to the service interface (Merritt, paragraphs: 44-46). 12. As per claim 6, Merritt and in view of Kahol discloses the network computer system, wherein the service interface conforms to Simple Object Access Protocol (SOAP) (Merritt, paragraphs: 21, 25, 39). 13. As per claim 7, Merritt and in view of Kahol discloses the network computer system, wherein a decryption key of the one or more stored decryption keys is associated a corresponding data element based on one or more of: a data element type of the corresponding data element, and a client computer associated with the corresponding data element (Merritt, paragraphs: 7, 43, 50). 14. As per claim 8, Merritt and in view of Kahol discloses the network computer system, wherein the programmatic entity is implemented by the third-party network service as a workflow on behalf of the enterprise (Merritt, paragraphs: 71-72, 76). 15. As per claim 9, Merritt and in view of Kahol discloses the network computer system, wherein, in providing the proxy service, the one or more processors: store decryption logic comprising a set of interoperability parameters that enable the third-party network service to utilize the decrypted form of the data element (Merritt, paragraphs: 16-17, and 20). 16. As per claim 10, Merritt and in view of Kahol discloses the network computer system, wherein the programmatic entity comprises a first script that executes in a backend scripting engine of the third-party network service, the first script configured to execute in response to a request, from a client computer to the third-party network service, for a web page that displays the data element (Merritt, paragraphs: 5, and 40-41). 17. As per claim 11, Merritt and in view of Kahol discloses the network computer system, wherein the programmatic entity comprises a second script that executes in a backend scripting engine of the third-party network service, the second script configured to execute in response to submission of a web form to the third-party network service by a client computer (Merritt, paragraphs: 6, and 77-78). 18. Claims 13-19 are listed all the same elements of claims 2-11. Therefore, the supporting rationales of the rejection to claims 2-11 apply equally as well to claims 13-19. Citation of References 19. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action: Rangsikitpho et al (US pat. app. Pub. 20140365772): discusses a site to facilitate privacy protected interactions between users of a site and a third party utility. For example, a computer may receiving from a user selected from the users of the site, a request to interact with the third party utility. The computer may also encrypt an identification of the user to generate an encrypted user identification associated with the third party utility; and provide the encrypted user identification and the request to the third party utility. Francis et al (US pat. App. Pub. 20110055552): elaborates that a client receives a notification of a user interaction with an information item and creates a record describing this interaction. The client encrypts the record using an encryption key associated with a server. The encrypted record is then communicated to at least one proxy, which in turn forwards the encrypted record to a server. Upon receiving the encrypted record from the proxy, a server decrypts the record using a decryption key and analyzes the decrypted record to identify the information item and the type of user interaction. This information may be used individually or in aggregate for tracking user interests, billing advertisers or information item providers, and/or collecting anonymous information from users. Conclusion 20. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD W REZA whose telephone number is (571)272-6590. The examiner can normally be reached on Monday-Friday 8:30-5:30 ET. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Cathy Thiaw can be reached on 571-270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /MOHAMMAD W REZA/Primary Examiner, Art Unit 2407
Read full office action

Prosecution Timeline

Dec 04, 2024
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §101, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683766
LICENSE CONTROL USING A MEMORY DEVICE HAVING A CRYPTOGRAPHIC KEY
4y 5m to grant Granted Jul 14, 2026
Patent 12664245
SYSTEM AND METHOD FOR SECURE BIOMETRIC ENROLLMENT
2y 3m to grant Granted Jun 23, 2026
Patent 12664314
ENHANCING USER IDENTIFICATION WITH PRIVACY PROTECTION ACROSS WEB SERVERS
1y 10m to grant Granted Jun 23, 2026
Patent 12659161
Providing Authentication in a Network
2y 3m to grant Granted Jun 16, 2026
Patent 12659314
METHOD AND SYSTEM FOR PERMISSION MANAGEMENT
2y 0m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
88%
Grant Probability
98%
With Interview (+10.9%)
2y 8m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 952 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month