DETAILED ACTION
Status of Application
This action is a Non-Final Rejection. This action is in response to the application filed on December 17, 2024.
Claims 1-20 have been canceled.
Claims 21-40 have been added.
Claims 21-40 are pending and rejected.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 120 as follows:
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994).
The disclosure of the prior-filed applications, Application Nos. 18/477.883 and 18/631,998 fail to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. For example, although Applicant may have intended for the instant claims to be based on Figure 6, they are not supported by Figure 6 or any other part of the prior-filed applications. For example, the Specification does not refer to a risk assessment validation request, temporary authentication token, an authentication key, demographic fields, or demographic information. These are not exhaustive examples of claim limitations that are not disclosed in the Specification/priority applications. Additionally, while certain claim features are disclosed in the prior-filed applications, the claimed embodiment as a whole is not supported by the prior-filed applications.
Information Disclosure Statement
The information disclosure statements (IDS) submitted on November 6, 2025 and January 20, 2026 have been considered by the examiner.
Claim Rejections - 35 USC § 101
35 U.S.C. § 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 21-40 are rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter because the claimed invention is directed to an abstract idea without significantly more.
Step 1: Does the Claim Fall within a Statutory Category? (see MPEP 2106.03)
Yes, with respect to claims 21-27, which recite a system and, therefore, are directed to the statutory class of machine or manufacture.
Yes, with respect to claims 28-34, which recite a non-transitory computer readable medium and, therefore, are directed to the statutory class of manufacture.
Yes, with respect to claims 35-40, which recite a method and, therefore, are directed to the statutory class of process.
Step 2A, Prong One: Is a Judicial Exception Recited? (see MPEP 2106.04(a))
The following claims (Claims 21-27 are representative) identify the limitations that recite the abstract idea in regular text and that recite additional elements in bold:
21. A system comprising:
a memory storing a set of instructions; and
a processor configured to execute the set of instructions to perform operations including:
receiving an authentication request associated with a risk assessment validation request from a user device;
responsive to receiving the authentication request, sending a temporary authentication token to the user device through a network, the temporary authentication token being associated with a single login session;
receiving a responsive string associated with the authentication request from the user device;
validating the responsive string against the temporary authentication token;
responsive to validating the responsive string against the temporary authentication token, sending a temporary web link to the user device through the network, the temporary web link being associated with the single login session and being configured to:
request one or more customer account information elements;
request an authentication key associated with the one or more customer account information elements;
request one or more customer identity information elements;
request one or more stored user information elements from a database;
validate the one or more customer account information elements, the authentication key, and the customer identity information elements against the one or more stored user information elements;
responsive to the validation, obtain one or more user demographic fields from the database;
display the one or more user demographic fields on a graphical user interface;
receive a request to update at least one of the one or more user demographic fields with updated user demographic information; and
send the updated user demographic information to the database to be stored;
determining a risk rating based on the updated user demographic information; and
resolving the risk assessment validation request based on the risk rating.
22. The system of claim 21, wherein the instructions further include:
validating the one or more user demographic fields and the updated user demographic information using a master data management system.
23. The system of claim 22, wherein
the master data management system is configured to: flag the updated user demographic information as requiring an additional identity verification information element based on a conflict between the updated user demographic information and the one or more user demographic fields; and
the temporary web link is further configured to request the additional identity verification information element through the graphical user interface.
24. The system of claim 22,
wherein the master data management system is configured to: flag the updated user demographic information as requiring a corrected user demographic information element based on a conflict between the updated user demographic information and the one or more user demographic fields; and
the temporary web link is further configured to request the corrected user demographic information element through the graphical user interface.
25. The system of claim 21, wherein the risk rating is a high risk rating and the instructions further include: denying the risk assessment validation request based on the high risk rating.
26. The system of claim 21, wherein the operations further include:
comparing the updated user demographic information to a high-risk information dataset.
27. The system of claim 26, wherein the operations further include:
denying the risk assessment validation request based on the comparison between the updated user demographic information to the high-risk information dataset resulting in a determination that the updated user demographic information is listed in the high-risk information dataset.
Yes. But for the recited additional elements as shown above in bold, the remaining limitations of the claims recite certain methods of organizing human activity. The claims are directed to determining a risk rating. This type of method of organizing human activity is a fundamental economic practice because it includes mitigating risk and a commercial interaction such as agreements in the form of contracts, legal obligations, sales activities or behaviors, and business relations. Thus, the claims recite an abstract idea.
Step 2A, Prong Two: Is the Abstract Idea Integrated into a Practical Application? (see MPEP 2106.04(d))
No. The claims as a whole merely use a computer as a tool to perform the abstract idea. The computing components (i.e., additional elements that are in bold above) are recited at a high level of generality and are merely invoked as a tool to implement the steps. For example, only a programmed general purpose computing device (i.e., claimed processor) is needed to implement the claimed process. Simply implementing the abstract idea on a generic computer is not a practical application of the abstract idea. Additionally, there is no improvement to the functioning of a computer or technology. Therefore, the abstract idea is not integrated into a practical application.
Step 2B: Does the Claim Provide an Inventive Concept? (see MPEP 2106.05)
No. As discussed with respect to Step 2A, Prong 2, the additional elements in the claims, both individually and in combination, amount to no more than tools to perform the abstract idea. Merely performing the abstract idea using a computer cannot provide an inventive concept. Therefore, the claims do not provide an inventive concept.
As such, the claims are not patent eligible.
35 USC §§102 and 103
The claims are not rejected under 35 U.S.C. 102 or 103. Although the independent claims recite known individual features such as sending a temporary authentication token, receiving and validating a responsive string, sending a temporary web link, requesting customer account information, requesting an authentication key, requesting customer identity information, requesting stored user information, validating the received data, obtaining and displaying demographic fields, receiving a request to update demographic fields, storing the updated demographic information, determining a risk rating, and resolving the risk assessment validation request, the particular combination of claim features was not found to be disclosed in or obvious in light of the prior art.
Relevant Prior Art
The following references are relevant to Applicant’s invention:
Huber et al., U.S. Patent Application Publication Number 2023/0196455 A1. Huber teaches risk assessment validation operations.
Rafferty et al., U.S. Patent Application Publication Number 2021/0081923 A1. This reference teaches authentication and authorization. Figure 3, for example, discloses an authentication word string.
Frollini, U.S. Patent Application Publication Number 2019/0325427 A1. This reference teaches a unique temporary code.
Email Communications
Per MPEP 502.03, Applicant may authorize email communications by filing Form PTO/SB/439, available at https://www.uspto.gov/sites/default/files/documents/sb0439.pdf, via the USPTO patent electronic filing system.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELIZABETH H ROSEN whose telephone number is (571) 270-1850 and email address is elizabeth.rosen@uspto.gov. The examiner can normally be reached Monday - Friday, 10 AM ET - 7 PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Anderson, can be reached at 571-270-0508. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ELIZABETH H ROSEN/Primary Examiner, 3693