DETAILED ACTION
Status of Claims
This Office Action is in response to claim filed on 01/14/2025.
Claim 1 is pending and is examined hereon.
Notice of Pre-AIA or AIA Status
The present application is being examined under the pre-AIA first to invent provisions.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Analysis
In the instant case, claim 1 is directed to a “Method” (Process). Therefore, the claim fall within the four statutory categories of invention.
The claim recite an abstract idea of transaction authorization, which is an abstract idea. Specifically, but for the additional elements, the claim under its broadest reasonable interpretation recites limitations grouped within the “Certain Methods of Organizing Human Activity,” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test since the steps include commercial interactions, and managing relationships (See MPEP 2106.04 & 2106.04(a)). The use of a physical aid to help perform Organized Human Activity and Mathematical Concept steps does not negate the Organized Human Activity and Mathematical Concept nature of the limitations, but simply accounts for variations in memory capacity from one person to another. Further, claim can recite a Methods of Organized Human Activity even if they are claimed as being performed on a computer. See MPEP § 2106.04(a)(2), subsection III. The claim limitations reciting the abstract idea are grouped within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas as they relate to authenticating users based on managed users data relationships during transaction authorization between users and transaction service providers in commercial interactions between users and transaction service providers. More specifically, the following non-underlined claim elements recite the abstract idea while the underlined, bolded claim elements recite additional elements according to MPEP 2106.04(a).
Claim 1, A method for operating a user computing device, the method comprising:
communicating with one or more components of the user computing device;
determining, by communicating with the one or more components of the user computing device, multiple identifiable characteristics of the user, the multiple identifiable characteristics including a location of the user computing device, and a biometric data set obtained on the user computing device;
maintaining a database of values that are based on the identifiable characteristics; and
responding to a user of the user computing device initiating a transaction by
(i) making an authentication determination based at least in part on the values of the database, and
(ii) communicating the authentication determination to a computing device of another entity for authorization of the transaction.
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106.04(d)), the additional elements are merely used as circuitry and tools to perform an abstract idea and generally link the use of a judicial exception to a particular technological environment. Specifically, these additional elements perform the steps or functions of the abstract idea. Viewed as a whole, the use of the additional elements as a tools to implement the abstract idea and generally linking the use of the abstract idea to a particular technological environment does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), and the claim do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claim do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claim are directed to an abstract idea.
The claim do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106.05), using the additional elements to perform the steps amounts to no more than using a computer or processor to automate and implement the abstract idea. As discussed above, taking the claim elements separately, these additional elements perform the steps or functions of the abstract idea. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claim merely recite the concept of transaction authorization. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and implement the abstract idea. The use of a computer or processor to merely automate and implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05 (f) & (h)). Therefore, the claim is not patent eligible.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over Sampas (US 2013/0081119 A1) in view of Patterson (US 2012/0079581 A1).
With respect to claim 1, Sampas discloses A method for operating a user computing device, the method comprising:
communicating with one or more components of the user computing device (“a wireless network connectivity module 16”); (Fig. 1; Par. [0038] “As indicated above, the mobile device 14 is also connected to the Internet 23 at least via the service provider 20. Other modalities by which a data communications link between the mobile device 14 and the Internet 23 can be established are also contemplated.”)
determining, by communicating with the one or more components of the user computing device, multiple identifiable characteristics of the user, the multiple identifiable characteristics including
a location of the user computing device, (Figs. 1-2; Pars. [0038], [0047] “One exemplary implementation may employ an identifier of the specific antenna tower 22 appended to the transmission of the first set of biometric data, as each antenna tower 22 has limited geographic coverage. Another implementation may involve the retrieval of Global Positioning Satellite (GPS) coordinates from the mobile device 14, and correlating it to the known geographic location of the site resource 40. This location data may be provided to the authentication server 68 upon installation of the site resource 40, or may be transmitted together with the second set of biometric data while in use. It is understood that any transmission modality may be utilized, including hard wired and wireless connections.”) and
a biometric data set obtained on the user computing device; (Fig. 2; Par. [0031]-[0032] “the biometric reader 48 is a fingerprint sensor, and so the aforementioned first biometric input from the user 12 is the finger, or more specifically, the fingerprint.” [0042] “the first set… of biometric data as provided to the mobile device 14… per step 214, the user 12 is authenticated for access to the site resource 40. More particularly, the first set… of biometric data is validated against a pre-enrolled set of biometric data for the user 12.”)
Sampas does not explicitly disclose:
maintaining a database of values that are based on the identifiable characteristics;
responding to a user of the user computing device initiating a transaction by
(i) making an authentication determination based at least in part on the values of the database, and
(ii) communicating the authentication determination to a computing device of another entity for authorization of the transaction.
Patterson disclose:
maintaining a database of values (“predetermined correlation/threshold”) that are based on the identifiable characteristics; (Fig. 2B; Par. [0031] “A “predetermined correlation,” as described herein, can be a relationship between received input data and stored data. In the context of the present invention, the received input data can be a… biometric data from a user… the stored data can be a previously stored… biometric data of the user. The predetermined correlation can be a previously set threshold that identifies or quantifies how much the received input data and the previously stored input data should match… One example of a predetermined correlation can be a requirement for a particular number of matching features between two fingerprints. As an illustration, if more than 70% of the features of a stored fingerprint image and a received finger print image match, then the received fingerprint and the stored fingerprint may satisfy a predetermined correlation.”)
responding to a user of the user computing device initiating a transaction by
(i) making an authentication determination based at least in part on the values of the database, (Figs. 2A-B; Pars [0044] “The method further includes determining whether the second identifier and second set of biometric data matches the first identifier and the first set of biometric data according to a predetermined threshold and generates an authentication response message indicating whether the first and second set of biometric data match according to the predetermined threshold.”) and
(ii) communicating the authentication determination to a computing device of another entity (“payment processing network”) for authorization of the transaction. (Figs. 1, 2A-B; Pars. [0016] “If the data correlates, the user is authenticated and the identification system sends the result to the payment processing network. Once the user is authenticated, the payment processing network sends the transaction request to an issuer (i.e., the bank that issued the user payment device) to process the authorization request.” [0019])
Therefore, the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains to substitute one equivalent technique for another to accomplish the same. That is, simply substituting permitting customers to access to point of sale (POS) terminals at merchants for completing payment transactions only after completing multifactor (biometric and geolocation) authentication of the customers (Fig. 2; Par. [0042] “Now, with both the first set and the second set of biometric data as provided to the mobile device 14 and the site resource 40, respectively, per step 214, the user 12 is authenticated for access to the site resource 40. More particularly, the first set and second set of biometric data is validated against a pre-enrolled set of biometric data for the user 12.” [0047]) of Sampas in view of a Patterson in order to prevent fraudulent access to payment transaction systems during payments for transactions (Sampas, Par. [0030] “In each of these examples, the site resource 40 is protected from unauthorized access, and the disclosed method for authenticating the user 12 may be utilized to permit access.”) and to provide greater security to cardholders and payment issuers by reducing fraud (Patterson, Par. [0041] “One advantage of using an independent entity (e.g., governmental entity) to verify a user's identity is to provide greater security to both the user and issuer 160 thereby reducing instances of fraud.”). ("Express suggestion to substitute one equivalent technique for another need not be present to render such substitution obvious"; In re Fout, 213 USPQ 532 (CCPA 1982), In re Siebentritt, 152 USPQ 618 (CCPA 1967); Ex Parte Smith, 83 USPQ2d 1509 (Bd. Pat. App. & Int. 2007); KSR International Co. v. Teleflex Inc., 82 USPQ2d 1385 (U.S. 2007)).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Patent to Rangaraj et al. (US 10,074,089 B1) discloses A method for operating a user computing device, the method comprising:
communicating with one or more components of the user computing device (“user interface”); (Figs. 1-2; Col. 5; Lines 54-64 “In one embodiment, system 100 may be configured to provide an auto-prompt to register a voiceprint in association with a user interface. The auto-prompt may include a link, which, upon activation, is configured to cause system 100 to initiate the voiceprint registration process.”)
determining, by communicating with the one or more components of the user computing device, multiple identifiable characteristics of the user, the multiple identifiable characteristics including
a location of the user computing device, (Col. 8; Lines 35-40 “System 100 may also update an account's transaction history to indicate together with a timestamp and location indicator that the son had made the withdrawal of the specified amount so that there no confusion as to whether the father or the son conducted that transaction.”) and
a biometric data set obtained on the user computing device; (Figs. 3; Col. 10; Lines 8-15 “At 308, system 100 is configured to determine if the quality of the captured voiceprint is acceptable. The quality of the voiceprint refers to the purity of the voiceprint. In this regard, for example, system 100 may determine that a voiceprint, taken from voice data that is sharp and has very little disturbance, is deemed acceptable, whereas system 100 may determine that a voiceprint, taken from voice data ridden with noise, is deemed unacceptable.”)
maintaining a database of values that are based on the identifiable characteristics; (Col. 10; Lines 59-66 “To illustrate, system 100 may have a lower threshold value for bank employees in a customer service department than that of a bank customer because the bank employees may work in an environment, which may receive significant background noise in any given instant. In this non-limiting example, the threshold value for the bank employees may be set to 70, whereas the threshold value of the bank customer may be set to 90.” Col. 10; Lines 28-51 “system 100 may implement a mathematical algorithm to generate a correlation value within a predetermined range to indicate a level of correlation between the captured voiceprint and the registered voiceprint.”) and
responding to a user of the user computing device initiating a transaction by (i) making an authentication determination based at least in part on the values of the database, (Figs. 3-4; Col. 10; Lines 45-51 “As discussed above, system 100 may use the correlation value, which was generated at 310, to determine if the captured voiceprint matches, substantially matches, or has a great likelihood of being the registered voiceprint. In making this determination, system 100 may also utilize a threshold value in the evaluation process.”)
(ii) communicating the authentication determination for authorization of the transaction. (“In one example, system 100 may provide the operator with an indication that the voiceprint has been authenticated and may further enable the operator to finalize and/or execute the transaction.”)
PGPub Grigg et al. (US 2012/0221475 A1) discloses A method for operating a user computing device, the method comprising:
communicating with one or more components of the user computing device; (Figs. 3-4; Pars. [0032] “For example, when a request for identification is made the system 100 may activate the microphone and camera on the mobile device in order to capture voice commands or facial scans.” [0053] “Requesting authentication of the user's identity 304 can occur in a variety of ways. In an embodiment, the user's mobile device prompts the user to authenticate his identity. The request can be visual or audible… the user may be able to authenticate his identity using a username and password, a facial scan, or a voice scan.” [0054], [0056])
determining, by communicating with the one or more components of the user computing device, multiple identifiable characteristics of the user, the multiple identifiable characteristics including
a location of the user computing device, (Pars. [0039] “In some embodiments, the system determines the user's location when the user is conducting a transaction by means of a positioning system, such as a GPS or software that determines the user's location based on proximity to cell towers…” [0049]) and
a biometric data set obtained on the user computing device; (Figs. 3; Par. [0057] “the system could compare the facial scan with the saved image of the user's face, the voice sample with the saved voice recording… the iris scan with the previously stored image of the user's iris, the fingerprint scan with the previously stored image of the user's fingerprint, or any other security feature capable of authenticating the user's identity.”)
maintaining a database of values that are based on the identifiable characteristics; (Par. [0058] “The user and/or the financial institution can set a predetermined number of times that the user is able to attempt authentication of his identity, such as three times. If the user exceeds that predetermined number of times then the system can end and not allow the transaction 314.”) and
responding to a user of the user computing device initiating a transaction by
(i) making an authentication determination based at least in part on the values of the database, (Par. [0058] “If the user has not exceeded the predetermined number of times then the system can again request authentication of the user's identity, as depicted in block 304. In another embodiment, the system requests authentication of the user's identity using a different method than previously attempted by the user. For example, if the user unsuccessfully attempted to authenticate his identity using a facial scan the first time, the system may next prompt the user to authenticate his identity using a voice scan.”)
(ii) communicating to a computing device of another entity for the transaction. (Par. [0059] “If the user has successfully authenticated his identity, in some embodiments the system transfers the user's financial account information 316. In an embodiment, the system wirelessly transfers the user's financial account information to the point-of-sale device so that the merchant may complete the transaction through standard means. In other embodiments, the system wirelessly transfers the user's financial account information to another user, an ATM, or to an online retailer to complete a transaction.”)
PGPub ABE (US 2014/0294261 A1) discloses:
determining, by communicating with the one or more components of the user computing device, identifiable characteristics of the user, the identifiable characteristics including a biometric data set obtained on the user computing device; (Figs. 3A-B, 4; Pars. [0080]-[0081] “When the degree of similarity is larger than or equal to the authentication judging threshold value (Yes in step S110), the authentication judging unit 18 authenticates the user as the registered user (step S111).”)
maintaining a database of values that are based on the identifiable characteristics; (Par. [0071] “It is preferable to set the authentication judging threshold value to such a value that the authentication judging unit 18 succeeds to authenticate the user only when the user is the registered user. It is also preferable to set the authentication judging threshold value to such a value that the authentication judging unit 18 fails to authenticate the user when the user is a person other than the registered user.”)
responding to a user of the user computing device initiating a transaction by
(i) making an authentication determination based at least in part on the values of the database, (Par. [0069] “The authentication judging unit 18 determines whether the user is authenticated as the registered user or not by comparing the degree of similarity with an authentication judging threshold value. For example, when the degree of similarity is larger than or equal to the authentication judging value, the authentication judging unit 18 determines that the biometric information of the user captured in the biometric image and the biometric information of the registered user match. Then, the authentication judging unit 18 authenticates the user as the registered user.”) and
(ii) communicating the authentication determination to a computing device of another entity for authorization of the transaction. (Fig. 1; Par. [0027] “the biometric authentication apparatus 1 transmits, to a different apparatus (not depicted) a signal indicating that the user is authenticated, and permits the user to use the different apparatus.”)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WODAJO GETACHEW whose telephone number is (469)295-9069. The examiner can normally be reached M-F 8:00-6:00 CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached at (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WODAJO GETACHEW/Examiner, Art Unit 3697