Prosecution Insights
Last updated: July 17, 2026
Application No. 19/055,764

SEPARATELY AND SECURELY PROCESSING DATA ASSOCIATED WITH DIFFERENT DATA PROVIDERS

Non-Final OA §101§103
Filed
Feb 18, 2025
Priority
Mar 28, 2024 — EU 24315110.7
Examiner
LITTLE, VANCE M
Art Unit
Tech Center
Assignee
Amadeus S.A.S.
OA Round
1 (Non-Final)
84%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 84% — above average
84%
Career Allowance Rate
338 granted / 404 resolved
+23.7% vs TC avg
Strong +25% interview lift
Without
With
+24.7%
Interview Lift
resolved cases with interview
Typical timeline
2y 6m
Avg Prosecution
27 currently pending
Career history
432
Total Applications
across all art units

Statute-Specific Performance

§101
4.2%
-35.8% vs TC avg
§103
84.7%
+44.7% vs TC avg
§102
3.6%
-36.4% vs TC avg
§112
3.7%
-36.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 404 resolved cases

Office Action

§101 §103
DETAILED ACTION This Office action is in response to a non-provisional utility patent application filed by Applicant on 2/18/2025. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement PTO-1449 The Information Disclosure Statement submitted by applicant on 2/18/2025 has been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto. Double Patenting No conflicting application or issued patent was identified that would require a rejection under double patenting. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1–13 rejected under 35 U.S.C. 101 because the claims cover material not found in any of the four statutory categories and is therefore outside the scope of 35 U.S.C. 101. The claims recite a computer platform with data vaults. While the claims can be interpreted as hardware, which would be within the scope of the statute, the claims are also able to be interpreted as being wholly software, which would be outside the scope of the statute. Therefore, the claims are rejected as being software per se. Applicant may be able to overcome this rejection by amending the claims to recite terms, which preclude interpretation of the invention in a manner that is wholly software. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1–11, 14 rejected under 35 U.S.C. 103 as being unpatentable over Parker (US 2024/0037163 A1, published Feb. 1, 2024) in view of Borzycki (US 9,189,645 B2, issued Nov. 17, 2015, acknowledged by Applicant in the Background section of Applicant’s Specification). Regarding claims 1 and 14, Parker discloses: a computer platform for separately and securely processing data associated with different data providers, wherein the computer platform comprises: a first data vault, and a plurality of applications comprising at least a first application and a second application (a trusted platform module (TPM) used for secure storage of data including keys, credentials, and sensitive or private data. Parker ¶ 56.), the computer platform being arranged to: store one or more first encryption keys associated with the first data provider (storing cryptographic keys in a trusted platform module (TPM) security device. Parker ¶ 56.), receive first encrypted data associated with a first data provider (storing received downloaded data and other sensitive data in a secure or encrypted way. Parker ¶ 56. Receiving downloaded (financial) data associated with a user account. Parker ¶ 60.), wherein the first encrypted data is encrypted using the one or more first encryption keys (using dedicated security hardware for processing secure downloaded data using a secure cryptoprocessor, which does not output decrypted data to unsecure storage. Parker ¶¶ 55–56.), store the first encrypted data on the first data vault (storing sensitive decrypted data in the security hardware module. Parker ¶ 56.), decrypt the first encrypted data stored on the first data vault using the respective one or more first encryption keys to obtain respective first decrypted data (communication with other devices using a secure encrypted protocol using stored credentials and processing secure downloaded data using a secure cryptoprocessor, which does not output decrypted data to unsecure storage. Parker ¶¶ 55–56.), decide to provide the first decrypted data from the first data vault and/or the second decrypted data from the second data vault to the first and/or second application on the computer platform, depending on permissions of the first data provider and/or the second data provider (downloading data associated with a user from both the first party service provider and from one or more third-party service providers, aggregating the data together so that the user may access the data in a single interface application. Parker ¶ 66.). Parker does not disclose a computer platform with a second data vault, one or more second encryption keys associated with a second data provider, receiving a second encrypted data associated with a second data provider, the second encrypted data is encrypted using the one or more second encryption keys, store the second encrypted data on the second data vault, and decrypt the second data stored on the second data vault using the one or more second encryption keys to obtain second decrypted data, However, Borzycki does disclose: a computer platform with a second data vault, one or more second encryption keys associated with a second data provider, receiving a second encrypted data associated with a second data provider, the second encrypted data is encrypted using the one or more second encryption keys, store the second encrypted data on the second data vault, and decrypt the second data stored on the second data vault using the one or more second encryption keys to obtain second decrypted data (multiple “application private data vaults” managing and storing private keys for use with respective applications on a common computing platform. Borzycki Figures 5-6 and 23:15–63 and 23:64–24:29. See also Borzycki 54:2–7 and 60:52–62.). Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the handling of encrypted sensitive data from diverse data providers to aggregate the information for use by a user of Parker with the user of multiple key management and encryption handling vaults on a single computing platform based upon the teachings of Borzucki. The motivation being to separately secure sensitive cryptographic information to protect data from being mishandled. Regarding claim 2, Parker in view of Borzucki discloses the limitations of claim 1, wherein the first application is to display decrypted data from the first data vault on the computer platform and the second application is to display decrypted data from the second data vault on the computer platform (display data from various applications and sources across devices in a collaborative environment. Borzucki 30:65–31:19.). Regarding claim 3, Parker in view of Borzucki discloses the limitations of claim 1, wherein the first data vault and/or the second data vault are hosted by the respective first and second applications (third-party data on the application of the third-party service provider. Parker ¶¶ 65–66.). Regarding claim 4, Parker in view of Borzucki discloses the limitations of claim 1, wherein the encryption keys are symmetric keys associated with a symmetric encryption system (the platform can support public-key cryptography standards. Borzycki 72:54–73:8.). Regarding claim 5, Parker in view of Borzucki discloses the limitations of claim 4, wherein the computer platform is equipped with a client key pair including a public client key and a private client key, and is arranged to store a symmetric server key, the symmetric server key being encrypted with the client public key, decrypt the symmetric server key using the private client key (the platform can support public-key cryptography standards. Borzycki 72:54–73:8.). Regarding claim 6, Parker in view of Borzucki discloses the limitations of claim 1, wherein the encryption keys are received by the applications and passed to a vault engine through the applications, wherein the encryption is performed application specific (Parker ¶ 56.). Regarding claim 7, Parker in view of Borzucki discloses the limitations of claim 6, wherein the encryption is performed specific to the secure data vault version used at the computer platform and/or where one or more first and second encryption keys have a predetermined expiration date (Borzucki 58:52–59:8.). Regarding claim 8, Parker in view of Borzucki discloses the limitations of claim 2, wherein the computer platform comprises an offer generator, wherein the computer platform is to receive executable code from the encryption server to enable the application software to present the decrypted provider data in a customized format associated with the first or the second provider (the direct access module receives data from multiple service providers and can customize the associated data from a variety of providers into a single social networking application, financial services application, or photo application. Parker ¶ 66.). Regarding claim 9, Parker in view of Borzucki discloses the limitations of claim 8, wherein the executable code is encrypted with the respective key associated with the first or second data provider (using dedicated security hardware for processing secure downloaded data using a secure cryptoprocessor and stored keys. Parker ¶¶ 55–56.). Regarding claim 10, Parker in view of Borzucki discloses the limitations of claim 1, wherein the computer platform is to receive the encrypted data and/or the encryption keys via a content delivery network (communication with other devices using a secure encrypted protocol using stored credentials and processing secure downloaded data using a secure cryptoprocessor, which does not output decrypted data to unsecure storage. Parker ¶¶ 55–56.). Regarding claim 11, Parker in view of Borzucki discloses the limitations of claim 2, wherein data associated with the first and second data providers is aggregated before being provided to the applications for display (the direct access module receives data from multiple service providers and can customize the associated data from a variety of providers into a single social networking application, financial services application, or photo application. Parker ¶ 66.). Regarding claim 15, Parker in view of Borzucki discloses the limitations of claim 14, when said program is executed on a computer platform (Parker Figure 1 and ¶ 33.). Allowable Subject Matter Claims 12–13 are subject to the above rejection under 35 U.S.C. 101 as being software per se. However, claims 12–13 are objected to as being dependent upon a rejected base claim, but would be allowable if the subject matter eligibility rejection (35 U.S.C. 101) is overcome and the claims are rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Mullins (US 2018/0198610 A1, published Jul. 12, 2018), using multiple key vaults to store cryptographic keys; Ness (US 2018/0123781 A1, published May 3, 2018), computing architecture including multiple key vaults; and Keum (US 2023/0180007 A1, published Jun. 8, 2023), issuing a separate key to store in a separate key vault in a mobile device. Any inquiry concerning this communication or earlier communications from the examiner should be directed to VANCE M LITTLE whose telephone number is (571) 270-0408. The examiner can normally be reached on Monday - Friday 9:30am - 5:30pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /VANCE M LITTLE/Primary Examiner, Art Unit 2493
Read full office action

Prosecution Timeline

Feb 18, 2025
Application Filed
Jun 26, 2026
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12664293
SYSTEM AND METHOD FOR COMMENT PERMISSIONS
2y 7m to grant Granted Jun 23, 2026
Patent 12657319
ADJUSTING SUBSYSTEM DATA EXPIRATION DURATION
2y 3m to grant Granted Jun 16, 2026
Patent 12651251
SYSTEMS AND METHODS FOR BLOCKCHAIN-BASED SECURE MULTIPARTY COMPUTATION
2y 0m to grant Granted Jun 09, 2026
Patent 12652305
RISK INFORMATION OUTPUT DEVICE, INFORMATION OUTPUT SYSTEM, RISK INFORMATION OUTPUT METHOD, AND RECORDING MEDIUM
2y 2m to grant Granted Jun 09, 2026
Patent 12639458
IMAGE FORMING SYSTEM, IMAGE FORMING APPARATUS, IMAGE FORMING METHOD, AND NON-TRANSITORY STORAGE MEDIUM
3y 1m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
84%
Grant Probability
99%
With Interview (+24.7%)
2y 6m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 404 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month