Detailed Action
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Acknowledgments
The amendment filed on 03/12/2026 and the IDS filed on 03/10/2026 are acknowledged.
Status of Claims
Claims 22-41 are pending.
In the amendment filed on 03/12/2026, claims 22, 23, 27, 28, 32, 33, 37, 38 and 41 were amended, and no claims were cancelled or added.
Claims 22-41 are rejected.
Response to Arguments
Regarding the rejection under 35 U.S.C. 101
Applicant’s arguments have been fully considered but are not persuasive.
The Office responds to Applicant’s arguments below. In the discussion below, headings and page numbers refer to Applicant’s Response, unless otherwise indicated.
A. Step 1 (p. 10)
The Examiner agrees with Applicant that the claims fall within the statutory categories under 35 U.S.C. 101.
B. Step 2A, Prong 1 (pp. 10-11)
1. Prong One (pp. 11-13)
Applicant cites the generating and retaining steps of claim 22, arguing that they are not directed to organizing human activity and that they improve machine learning (ML). The Office respectfully disagrees. The retaining step is in part a part of the abstract idea (see bolded portions in the rejection in the body of the Office Action hereinbelow). The elements of the retaining step that are not part of the abstract idea, i.e., the ML limitations, are generic computer limitations, recited at a high level of generality, and not described: their relationship to the abstract idea is that they simply apply the abstract idea (e.g., ML is used in its ordinary capacity, not improved), rather than integrate it into a practical application. Tuning hyperparameters of an ML model to maximize performance is a standard ML operation ("(2) … invokes computers or other machinery merely as a tool to perform an existing process," MPEP 2106.05(f)) and does not amount to an improvement in ML. The addition of the additional elements that amount to 'apply it' does not detract from the presence of the abstract idea. (Further, while Applicant asserts that the claim cannot be performed in the mind, the Office notes that the claims were not rejected on this ground.)
2. Prong Two (pp. 13-14)
Applicant again argues that the generating and retaining steps of claim 22 improve ML. This argument has been addressed above.
The generation of the risk indicator and controlling of downstream behavior are part of the abstract idea, which is applied using generic elements used in their ordinary capacity.
The identification of optimal hyperparameter values to maximize performance of the ML model is not analogous to Desjardins' improvement in ML. The instant claim limitations are merely bald, generic optimization of hyperparameters (note description in instant specification at 0071), in contrast to the specific improvement in Desjardins, wherein the ML training included adjusting hyperparameters in a way that is sensitive to/ takes into account how they needed to be adjusted for a previous task, so that the adjustment for the new task does not destroy the ability to successfully perform of the old task, as described in Desjardins' specification ("by training the model on a new task by adjusting values of parameters of the model to optimize an objective function that depends in part on how important the parameters are to previously learned task(s), the model can effectively learn new tasks in succession whilst protecting knowledge about previous tasks."). The instant claims compare unfavorably to Desjardins in light of the criteria expressed in MPEP 2106.05(f): "(1) Whether the claim recites only the idea of a solution or outcome i.e., the claim fails to recite details of how a solution to a problem is accomplished" and "(3) The particularity or generality of the application of the judicial exception").
C. Step 2B (pp. 14-16)
Applicant argues the same claimed subject matter as previously presented. This subject matter has already been addressed above and found to amount to an abstract idea and additional elements merely applying the abstract idea and as such cannot provide significantly more under Step 2B.
Regarding the rejections under 35 U.S.C. 102 and 103
Applicant’s arguments have been fully considered but are moot in view of the new combinations of references being used in the current rejections.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 22-41 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Claims 22-41 are directed to a method, system, or non-transitory computer-readable medium, which are/is one of the statutory categories of invention. (Step 1: YES)
Claims 22, 32 and 41 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims recite a method, system, and non-transitory computer-readable medium for determining a likelihood of fraud and preventing fraud.
For claims 22, 32 and 41 (claim 32 being deemed representative), the limitations (indicated below in bold) of:
at least one processor configured to:
receive, by the at least one processor, from a transaction channel, a processed action of a user;
receive, by the at least one processor, from at least one external database, at least one supplemental input associated with at least one of the transaction channel, the processed action, or the user, wherein the at least one supplemental input includes historical data including a chronological listing of all transactions relating to a current account of the user;
generate, by a machine learning model executed by the at least one processor, a risk indicator based on the processed action and the at least one supplemental input;
responsive to a determination that the risk indicator exceeds a predetermined threshold, generate an alert indicating a probability of an unauthorized action, wherein the alert and the processed action are placed into an ordered list;
retrieve the processed action from the ordered list and selectively stop, flag for analyst review, or allow execution of the processed action based on the risk indicator; and
retain, by the machine learning model executed by the at least one processor, information associated with one or more previously generated risk indicators to tune the risk indicator, wherein the tuning identifies optimal values of one or more hyperparameters to maximize performance of the machine learning model.
as drafted, constitute a process that, under the broadest reasonable interpretation, covers "certain methods of organizing human activity," specifically, "fundamental economic practices or principles" and/or "commercial or legal interactions," but for recitation of generic computer components and generally linking the use of a judicial exception to a particular technological environment or field of use. The Examiner notes that "fundamental economic practices" or "fundamental economic principles" describe concepts relating to the economy and commerce, including hedging, insurance, and mitigating risks, and "commercial interactions" or "legal interactions" include agreements in the form of contracts, legal obligations, advertising, marketing or sales activities or behaviors, and business relations. MPEP 2106.04(a)(2)II.A.,B. If a claim limitation, under its broadest reasonable interpretation, covers "fundamental economic practices or principles" and/or "commercial or legal interactions," but for recitation of generic computer components and generally linking the use of a judicial exception to a particular technological environment or field of use, then it falls within the "certain methods of organizing human activity" grouping of abstract ideas. Accordingly, claims 22, 32 and 41 recite an abstract idea. (Step 2A - Prong 1: YES. The claims recite an abstract idea.)
This judicial exception is not integrated into a practical application. Claims 22, 32 and 41 recite the additional elements of a computing system including at least one processor (the foregoing recited in claim 22), at least one processor configured to: (perform actions) (the foregoing recited in claim 32), one or more instructions that, when executed by the at least one processor of the computing system, cause the computing system to (perform actions) (the foregoing recited in claim 41), the at least one processor, at least one external database, a machine learning model executed by the at least one processor, and wherein the tuning identifies optimal values of one or more hyperparameters to maximize performance of the machine learning model (the foregoing recited in claims 22, 32 and 41), that implement the abstract idea. These additional elements are not described by the applicant and they are recited at a high level of generality (i.e., one or more generic computer elements performing generic computer functions, or generally linking the use of a judicial exception to a particular technological environment or field of use), such that they amount to no more than mere instructions to apply the exception using generic computer elements (namely, all of the additional elements), or such that they amount to no more than generally linking the use of a judicial exception to a particular technological environment or field of use (namely, a machine learning model, and wherein the tuning identifies optimal values of one or more hyperparameters to maximize performance of the machine learning model). Accordingly, even in combination these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. (Step 2A - prong 2: NO. The additional elements do not integrate the abstract idea into a practical application.)
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception itself. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of a computing system including at least one processor (the foregoing recited in claim 22), at least one processor configured to: (perform actions) (the foregoing recited in claim 32), one or more instructions that, when executed by the at least one processor of the computing system, cause the computing system to (perform actions) (the foregoing recited in claim 41), the at least one processor, at least one external database, a machine learning model executed by the at least one processor, and wherein the tuning identifies optimal values of one or more hyperparameters to maximize performance of the machine learning model (the foregoing recited in claims 22, 32 and 41), to perform the noted steps amount to no more than mere instructions to apply the exception using generic computer elements or generally linking the use of a judicial exception to a particular technological environment or field of use. Mere instructions to apply an exception using generic computer elements or generally linking the use of a judicial exception to a particular technological environment or field of use cannot provide an inventive concept ("significantly more"). Accordingly, even in combination, these additional elements do not provide significantly more. As such, claims 22, 32 and 41 are not patent eligible. (Step 2B: NO. The claims do not provide significantly more.)
Dependent claims 23-31 and 33-40 are similarly rejected because they further define/narrow the abstract idea of independent claims 22, 32 and 41 as discussed above, and/or do not integrate the abstract idea into a practical application or provide an inventive concept such as would render the claims eligible, whether each is considered individually or as an ordered combination.
As for further defining/narrowing the abstract idea:
Dependent claims 23 and 33 merely further describe wherein the at least one supplemental input further includes at least one of transactional data or a customer characteristic.
Dependent claims 24 and 34 merely further describe wherein the transactional data includes at least one of an amount, an erasure, a handwriting change, a signature mismatch, a deposit type, a deposit time, or a deposit location.
Dependent claims 25 and 35 merely further describe wherein the customer characteristic comprises alternate account information, wherein the alternate account is associated with the user.
Dependent claims 26 and 36 merely further describe wherein the alternate account information includes at least one of an account type, a name, a current balance, an opening date, or an account number.
Dependent claims 27 and 37 merely further describe wherein the processed action of the user corresponds to the current account of the user, and wherein the historical data further comprises past information relating to the current account of the user.
Dependent claims 28 and 38 merely further describe wherein the past information relating to the current account of the user includes an account age, an account balance history, an account overdraft history, and an account statement.
Dependent claims 29 and 39 merely further describe wherein the predetermined threshold is based on at least one of a deposit type, a deposit amount, a deposit location, and a history of fraud.
Dependent claims 30 and 40 merely further describe wherein the risk indicator is further generated based on a log-norm scaling of a profile of the user against the user’s profile.
As for additional elements:
Dependent claim 31 recites "tuning the machine learning model based on the at least one supplemental input." This recitation is at a high level of generality such that it amounts to no more than mere instructions to apply the exception using a generic computer element or such that it amounts to no more than generally linking the use of a judicial exception to a particular technological environment or field of use. Even in combination these additional elements do not integrate the abstract idea into a practical application and do not amount to significantly more than the abstract idea itself.
Claims 23-30 and 33-40 do not recite any additional elements, and accordingly, for the reasons provided above with respect to the independent claims, are not patent eligible.
Therefore, dependent claims 23-31 and 33-40 are not patent eligible.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Comeaux v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 22-24, 27, 29, 31-34, 37, 39 and 41 are rejected under 35 U.S.C. 103 as being unpatentable over Comeaux et al. (U.S. Patent No. 11,669,844), hereafter Comeaux, in view of Handelman (U.S. Patent Application Publication No. 2021/0326881 A1), further in view of Abifaker et al. (U.S. Patent Application Publication No. 2015/0278817 A1), hereafter Abifaker, and further in view of Shevyrev et al. (U.S. Patent Application Publication No. 2023/0281629 A1), hereafter Shevyrev.
Regarding Claims 22, 32 and 41
Comeaux teaches:
(claim 22) the method being performed by at least one processor (claim 1: steps of the method are performed "by a/the computing system"; claim 11: "one or more processors; and one or more memories storing instructions that, when executed by the one or more processors, cause the computing system to perform a process comprising")
(claim 32) at least one processor configured to: (5:53-57; claim 11)
(claim 41) A non-transitory computer-readable medium storing a set of instructions for identifying an unauthorized action in a computing system including at least one processor, the set of instructions comprising: one or more instructions that, when executed by the at least one processor of the computing system, cause the computing system to: (5:53-57, 20:5-35, claim 6)
receiving, by the at least one processor (5:53-54 processor of alert-generating server 102), from a transaction channel (17:10-13), a processed action of a user; (11:14-16, 11:26-27, 12:6-27; Fig. 2, 204, 16:40-42)
receive, by the at least one processor, from at least one external database, at least one supplemental input associated with at least one of the transaction channel, the processed action, or the user; (9:29-10:20 behavior profile of user, and/or the data it contains, namely, user personal data, user financial data, and user social network data, teaches at least one supplemental input associated with at least one of the transaction channel, the processed action, or the user; regarding from at least one external database: 16:11-19 "To generate the behavior profile of the user, the alert-generating server or any other server of the system may obtain personal data, financial data, and social network data from internal and external databases of the system."; per 9:29-31, 12:59-13:7, 15:5-9, behavior profile of user may be stored in database 104, and per 12:59-13:7 the webserver (12:43-58, i.e., system server 106) may access user data in the behavior profile in the database, which teaches receiving (accessing), from the external database, the supplemental input (behavior profile); in addition further regarding external: 6:39-41, 13:36-39, 14:46-60 database 104 (which stores behavior profile) may be hosted on any server in system 100, and may be separate from alert generating server 102, therefore under broadest reasonable interpretation database 104 may be an "external" database, e.g., relative to alert generating server 102)
wherein the at least one supplemental input includes historical data …; (10:62-11:1 , 11:30-32)
generate, by a machine learning model (4:49-52 teaches that the alert generation model is a machine-learning model) executed by the at least one processor, a risk indicator (alert probability score) based on the processed action and the at least one supplemental input; and (2:43-49, 11:26-32, Fig. 2, 210, 17:60-18:14; regarding based on … the at least one supplemental input: 16:1-3 "The alert-generating server may generate the alert-generation model using one or more inputs from a behavior profile of each user of a system (the at least one supplemental input)." -- since the alert probability score (risk indicator) is generated by the alert generation model, and the alert generation model is generated using behavior profile inputs, it follows that the alert probability score (risk indicator) is generated based on the behavior profile (the at least one supplemental input))
responsive to a determination that the risk indicator exceeds a predetermined threshold, generate an alert indicating a probability of an unauthorized action, (2:49-53, 11:32-35, Fig. 2, 212, 18:21-18:50)
wherein the alert and the processed action are placed into an ordered list; (regarding wherein the alert and the processed action are placed into: 14:46-50, "Database 104 … is capable of storing the fraudulent events [processed action] and alert"; 14:59-63; regarding an ordered list: 4:65-67 "The alert-generating systems and apparatuses may sort the fraudulent events according to a priority [an ordered list], based on the relative fraud probability scores."; 5:8-11 "Analyst computers may query and fetch these alerts from a database … according to a priority level [an ordered list] of the respective alerts."; 14:59-63 "The database 104 may … include a non-transitory machine-readable storage media capable of receiving and storing fraudulent events and alerts. The database 104 may have a logical construct of data files that are stored in non-transitory machine-readable storage media, … for various data queries …." -- the fraudulent events and alerts may be queried from the database according to a priority [an ordered list according to which they were placed in the database])
retrieving the processed action from the ordered list and selectively stopping, … or allowing execution of the processed action based on the risk indicator; and (11:32-35; 18:21-61)
retaining, by the machine learning model executed by the at least one processor, information associated with one or more previously generated risk indicators to tune …, wherein the tuning identifies optimal values of one or more … to maximize performance of the machine learning model. (4:62-64; 8:39-9:28; 19:12-35 note the tuning is of the model/algorithms ("functions")/profiles, and the optimal values identified are values of "weight and bias factors"/profiles)
As indicated above, Comeaux teaches a portion of the following limitation but does not explicitly disclose it in its entirety. However, Handelman teaches:
… wherein the at least one supplemental input includes historical data including a chronological listing of all transactions relating to a current account of the user; (claim 3, 0016, 0045, 0057; for context see abstract, 0002, 0011-0023, 0045-0056, Fig. 3, 0057-0069, Fig. 4)
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified Comeaux's systems and methods for detecting and preventing fraudulent events, by incorporating therein these teachings of Handelman regarding using a chronological listing of all transactions as a factor for fraud detection, because this data of Handelman is known to be a relevant factor in fraud detection and therefore adding it to/including it in the set of input data Comeaux already uses would render Comeaux's input data more comprehensive/ robust, thus tending to yield more accurate outputs, and accordingly to improve Comeaux's performance, see Handelman, e.g., 0002, 0011-0023.
As indicated above, Comeaux teaches a portion of the following limitation but Comeaux in view of Handelman does not explicitly disclose it in its entirety. However, Abifaker teaches:
… selectively stopping (e.g., 0068; Fig. 2, 230; Fig. 3, "Fail"), flagging for analyst review (e.g., 0070 "determine that manual review … is needed"; Fig. 2, 245; Fig. 3, "Human Audit"), or allowing execution of (e.g., 0069; Fig. 2, 250; Fig. 3, "Pass") the processed action based on the risk indicator; and (0067-0070, 0075-0076, Fig. 2, 225, 230, 245, 250, Fig. 3, Fig. 5, 540)
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified the combination of Comeaux's systems and methods for detecting and preventing fraudulent events, as modified by Handelman's teachings regarding using a chronological listing of all transactions as a factor for fraud detection, by incorporating therein these teachings of Abifaker regarding a tripartite scheme (stop/cease, flag for review, allow/proceed) for handling a transaction depending upon a fraud risk score, because it provides a more comprehensive, fine-tuned risk assessment/scoring and consequent responsive actions (as compared to Comeaux's bipartite scheme), so as to more likely treat transactions appropriately according to their actual risk level, thus leading to more effective and satisfactory outcomes (e.g., medium risk transactions would be more likely to receive an intermediate level of responsive action, namely, a review, rather than being approved outright as if they were low risk or rejected outright as if they were high risk), see Comeaux and Abifaker, citations provided for the claim limitation in question.
As indicated above, Comeaux teaches a portion of the following limitation but Comeaux in view of Handelman and Abifaker does not explicitly disclose it in its entirety. However, Shevyrev teaches:
retaining, by the machine learning model (Fig. 4, 308; 0028, 0078) executed by the at least one processor (Fig. 8, 802; 0106), information associated with one or more previously generated risk indicators to tune the risk indicator, wherein the tuning identifies optimal values of one or more hyperparameters to maximize performance of the machine learning model. (0081 "Further, the loss function 408 can return quantifiable data regarding the difference between a given training … prediction from the training … predictions 405 and a corresponding ground truth from the ground truth check data 406 [retaining, by the machine learning model executed by the at least one processor, information associated with one or more previously generated risk indicators]. In particular, the loss function 408 can return losses 410 to the … machine-learning model 308 [retaining, by the machine learning model executed by the at least one processor, information associated with one or more previously generated risk indicators] based upon which the … system 102 adjusts various parameters/hyperparameters [wherein the tuning identifies optimal values of one or more hyperparameters]. In so doing, the … system 102 can improve the quality/accuracy of training … predictions [to tune the risk indicator] in subsequent training iterations—by narrowing the difference between training … predictions and ground truth … data [to tune the risk indicator] in subsequent training iterations [to maximize performance of the machine learning model].")
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified the combination of Comeaux's systems and methods for detecting and preventing fraudulent events, as modified by Handelman's teachings regarding using a chronological listing of all transactions as a factor for fraud detection, and as further modified by Abifaker's teachings regarding a tripartite scheme (stop/cease, flag for review, allow/proceed) for handling a transaction depending upon a fraud risk score, by incorporating therein these teachings of Shevyrev regarding using previous outputs to tune subsequent outputs and adjust hyperparameters of a machine learning model to improve performance, because it would improve performance of Comeaux's machine learning model in a way that goes beyond Comeaux's tuning of the machine learning model, see Comeaux and Shevyrev, citations provided for the claim limitation in question, MPEP 2143.I.C.,D.
Regarding Claims 23 and 33
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 as set forth above. Comeaux further teaches:
wherein the at least one supplemental input further includes at least one of transactional data or a customer characteristic. (9:33-10:20)
Regarding Claims 24 and 34
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 and intervening claims 23 and 33 as set forth above. Comeaux further teaches:
wherein the transactional data includes at least one of an amount, an erasure, a handwriting change, a signature mismatch, a deposit type, a deposit time, or a deposit location. (9:62 account balance teaches amount)
Regarding Claims 27 and 37
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 and intervening claim 23 as set forth above. Comeaux further teaches:
wherein the processed action of the user corresponds to the current account of the user, (Fig. 2, 204, 16:40-42 fraud event (the processed action of the user) pertains to user's current account, as evidenced by the language "account takeover," "account identifiers," etc. (corresponds to a current account of the user))
and wherein the historical data further comprises past information relating to the current account of the user. (2:29-31 "the behavior profile of the user comprises at least a record of events previously undertaken by the user in an account of the user."; 16:19-24 "The alert-generating server … may use a record of events previously undertaken by the user in an account of the user to generate a behavior profile of each user. The events may include, but not limited to, transfer funds, open a new account, withdraw funds, check funds, etc. in his/her account."; 9:57-63 "In some embodiments, the alert-generating server 102 generate [sic] a behavior profile of the user based on at least the personal data and also the financial data of the user that may include, but not limited to, types of accounts, account balance, credit score, any known flag for activity or known fraud.")
Regarding Claims 29 and 39
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 as set forth above. Comeaux further teaches:
wherein the predetermined threshold is based on at least one of a deposit type, a deposit amount, a deposit location, and a history of fraud. (18:27-32 "In some embodiments, a pre-defined threshold score may be based on a profile of a user on whose account the fraud event has been detected. In some embodiments, a pre-defined threshold score may be based on one or more attributes of fraud event such as illegal fund transfer request or probable unauthorized access of the account."; 9:58-62 "In some embodiments, the alert-generating server 102 generate a behavior profile of the user based on at least the personal data and also the financial data of the user that may include, but not limited to, types of accounts, account balance, credit score, any known flag for activity or known fraud." -- threshold is based on profile, which in turn is based on history of fraud, so threshold is based on history of fraud)
Regarding Claim 31
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claim 22 as set forth above. Comeaux further teaches:
tuning the machine learning model based on the at least one supplemental input. (19:12-35 "Upon the updating of the behavior profile of the user (the at least one supplemental input), the alert-generating server may further update (tune) an alert-generating model associated with the user. ¶ As described above, the alert-generating server may train (tune) the alert-generation model using the updated behavior profile (the at least one supplemental input). For example, the alert-generating server may represent mathematical functions describing relationships between multiple nodes where each node represent a user attribute within the user's behavior profile (the at least one supplemental input). Upon detecting fraud, the alert-generating server may transmit the updated behavior profile (the at least one supplemental input) for the user to the alert-generation model. Because the updated behavior profile (the at least one supplemental input) includes new network activity associated with the user, the alert-generation model may reconfigure (tune) itself by revising the mathematical functions using a back-propagating method.")
Claims 25, 26, 35 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Comeaux et al. (U.S. Patent No. 11,669,844), hereafter Comeaux, in view of Handelman (U.S. Patent Application Publication No. 2021/0326881 A1), further in view of Abifaker et al. (U.S. Patent Application Publication No. 2015/0278817 A1), hereafter Abifaker, further in view of Shevyrev et al. (U.S. Patent Application Publication No. 2023/0281629 A1), hereafter Shevyrev, and further in view of legal precedent.
Regarding Claims 25 and 35
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 and intervening claims 23 and 33 as set forth above. Comeaux in view of legal precedent renders obvious:
wherein the customer characteristic comprises alternate account information, wherein the alternate account is associated with the user. (16:19-24 behavior profile data includes event (information) of a user opening a new account; based on MPEP 2144.04.VI.B. (Duplication of Parts) it would be obvious for this data to include multiple such events, hence multiple new accounts, in which case, one of the accounts is an alternate account associated with the user, thereby teaching alternate account information)
Regarding Claims 26 and 36
Comeaux in view of Handelman, Abifaker, Shevyrev, and legal precedent teaches the limitations of base claims 22 and 32 and intervening claims 23, 25, 33 and 35 as set forth above. Comeaux further teaches or renders obvious:
wherein the alternate account information includes at least one of an account type, a name, a current balance, an opening date, or an account number. (16:19-24 an event of opening an account (alternate account information) includes information about the account such as account type, a name, an opening date, or an account number)
Claims 28 and 38 are rejected under 35 U.S.C. 103 as being unpatentable over Comeaux et al. (U.S. Patent No. 11,669,844), hereafter Comeaux, in view of Handelman (U.S. Patent Application Publication No. 2021/0326881 A1), further in view of Abifaker et al. (U.S. Patent Application Publication No. 2015/0278817 A1), hereafter Abifaker, further in view of Shevyrev et al. (U.S. Patent Application Publication No. 2023/0281629 A1), hereafter Shevyrev, and further in view of Carson et al. (U.S. Patent Application Publication No. 2022/0138844 A1), hereafter Carson.
Regarding Claims 28 and 38
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 and intervening claims 23, 27 and 37 as set forth above. Comeaux further teaches:
wherein the past information relating to the current account of the user includes an account age, an account balance history, … and an account statement. (9:57-63 "In some embodiments, the alert-generating server 102 generate [sic] a behavior profile of the user based on at least the personal data and also the financial data of the user that may include, but not limited to, types of accounts, account balance [account balance history], credit score, any known flag for activity or known fraud."; 16:11-24 "The alert-generating server or any other server of the system may use a record of events previously undertaken by the user in an account of the user to generate a behavior profile of each user. The events may include, but not limited to, transfer funds, open a new account, withdraw funds, check funds, etc. in his/her account."; opening an account is also taught by 13:17-18 -- an event in the record of events comprising the opening of a new account indicates the account age; under broadest reasonable interpretation, the "record of events previously undertaken by the user in an account of the user" teaches an account statement)
Comeaux in view of Handelman, Abifaker, and Shevyrev does not explicitly disclose but Carson teaches:
wherein the past information relating to the current account of the user includes an account age (e.g., 0012), an account balance history (e.g., 0012, 0015), an account overdraft history (e.g., 0022), …. (Abstract, 0007, 0012, 0017, 0022, claim 8, performing fraud review/determining legitimacy of transaction includes checking overdraft history (an account overdraft history) as factor for determining likelihood of fraud) (Note Carson's teachings of "an account age" and "an account balance history" are cited as alternative teachings to those of Comeaux cited above.)
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified the combination of Comeaux's systems and methods for detecting and preventing fraudulent events, as modified by Handelman's teachings regarding using a chronological listing of all transactions as a factor for fraud detection, as further modified by Abifaker's teachings regarding a tripartite scheme (stop/cease, flag for review, allow/proceed) for handling a transaction depending upon a fraud risk score, and as further modified by Shevyrev's teachings regarding using previous outputs to tune subsequent outputs and adjust hyperparameters of a machine learning model to improve performance, by incorporating therein these teachings of Carson regarding checking overdraft history as a factor for determining likelihood of fraud / for determining legitimacy of a transaction, because overdraft history is known to be a relevant factor in fraud detection and therefore adding it to/including it in the set of input data Comeaux already uses would render Comeaux's input data more comprehensive/robust, thus tending to yield more accurate outputs, and accordingly to improve Comeaux's performance, see Carson, citations given.
Claims 30 and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Comeaux et al. (U.S. Patent No. 11,669,844), hereafter Comeaux, in view of Handelman (U.S. Patent Application Publication No. 2021/0326881 A1), further in view of Abifaker et al. (U.S. Patent Application Publication No. 2015/0278817 A1), hereafter Abifaker, further in view of Shevyrev et al. (U.S. Patent Application Publication No. 2023/0281629 A1), hereafter Shevyrev, and further in view of Pavlovic ("Log-normal Distribution - A simple explanation”).
Regarding Claims 30 and 40
Comeaux in view of Handelman, Abifaker, and Shevyrev teaches the limitations of base claims 22 and 32 as set forth above. Comeaux further teaches
wherein the risk indicator (alert probability score) is further generated based on … a profile of the user (behavior profile of a user) … the user's profile. (2:26-62 generates alert probability score (2:44) based on alert generation model (2:46) which is based on a behavior profile of a user (2:26-31); 9:29-1020 describes the behavior profile)
Comeaux in view of Handelman, Abifaker, and Shevyrev does not explicitly disclose but Pavlovic teaches:
… a log-norm scaling of … against …. (Note Applicant’s specification (0045) defines “log-norm scaling” thus: “Log-norm scaling may refer to applying a logarithmic transformation to values, which transforms the values onto a scale that approximates the normality”; Pavlovic, p. 3, teaches the same thing: “Let’s say your data [values] fits a log-normal distribution. If you then take the logarithm of [applying a logarithmic transformation to] all your data points [values], the newly transformed [logarithmically transformed] points [values] will now fit a normal distribution [a scale that approximates the normality].”)
It would have been obvious to one of ordinary skill in the art not later than the effective filing date of the claimed invention to have modified the combination of Comeaux's systems and methods for detecting and preventing fraudulent events, as modified by Handelman's teachings regarding using a chronological listing of all transactions as a factor for fraud detection, as further modified by Abifaker's teachings regarding a tripartite scheme (stop/cease, flag for review, allow/proceed) for handling a transaction depending upon a fraud risk score, and as further modified by Shevyrev's teachings regarding using previous outputs to tune subsequent outputs and adjust hyperparameters of a machine learning model to improve performance, by incorporating therein these teachings of Pavlovic regarding log-norm scaling, because these teachings of Pavlovic are a known way to model various natural phenomena, see Pavlovic, p. 1, and they have particular advantages under certain circumstances applicable to Comeaux, e.g., where the data cannot be negative (e.g., data such as a probability of fraud / a risk value), where the data skews positive, with most values clustered near the low end and a long tail extending rightward to occasional high outliers (e.g., transaction data, which comprises mostly non-fraudulent transactions and a relatively small amount of fraudulent transactions), and where the data grows multiplicatively/cumulatively (e.g., a plurality of historical transaction data) -- by transforming such data with a logarithm, it can be normalized, allowing for easier analysis with powerful standard statistical techniques, such as calculating z-scores, performing linear regression, estimating parameters using Maximum Likelihood Estimation (MLE), etc.
Conclusion
The prior art made of record and not relied upon, as set forth in the accompanying Notice of References Cited (PTO-892), is considered pertinent to applicant's disclosure.
Comeaux (10,567,402) and Comeaux (11,722,502) teach fraud detection/prevention similar to Comeaux (11,699,844) but to greater depth in certain aspects;
Phatak (2022/0006899) and Anderson (12,136,096) teach a fraud alert queue that prioritizes fraud alerts based on fraud importance;
Vaswani (2022/0377090) teaches fraud detection/prevention (including risk scores and alerts) similar to Comeaux (11,699,844);
Karpovsky (2022/0191173) teaches determining fraud risk based on VPN and/or proprietary knowledge and periodic monitoring; and
Pavlovic ("Log-normal Distribution - A simple explanation”) teaches content about log-normal distribution similar to that of Applicant's disclosure (specification paragraph 0045)
Vimal (US-2023/0186311-A1) (qualifying as prior art based on Indian priority date) teaches inter alia benchmarking a machine learning model based on precision, recall, F1, and/or F2 scores, see 0097.
Thomas (US-10997596-B1) teaches appending a fraud accuracy tag to a declined transaction, where the fraud accuracy tag is indicative of whether the decline of the transaction is a true positive decline or a false positive decline, whereby the fraud accuracy tag is suitable to provide insight into accuracy of a fraud strategy implemented in connection with the declined transaction.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DOUGLAS W PINSKY whose telephone number is (571)272-4131. The examiner can normally be reached on 8:30 am - 5:30 pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jessica Lemieux can be reached on 571-270-3445. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DOUGLAS W PINSKY/
Examiner, Art Unit 3626
/JESSICA LEMIEUX/Supervisory Patent Examiner, Art Unit 3626