Prosecution Insights
Last updated: July 17, 2026
Application No. 19/066,094

TAGGING AND AUDITING SENSITIVE INFORMATION IN A DATABASE ENVIRONMENT

Non-Final OA §102§112
Filed
Feb 27, 2025
Priority
Mar 15, 2019 — continuation of 10/521,605 +4 more
Examiner
LWIN, MAUNG T
Art Unit
Tech Center
Assignee
Gusto Inc.
OA Round
1 (Non-Final)
89%
Grant Probability
Favorable
1-2
OA Rounds
10m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 89% — above average
89%
Career Allowance Rate
549 granted / 618 resolved
+28.8% vs TC avg
Strong +22% interview lift
Without
With
+21.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 2m
Avg Prosecution
17 currently pending
Career history
628
Total Applications
across all art units

Statute-Specific Performance

§101
3.3%
-36.7% vs TC avg
§103
61.4%
+21.4% vs TC avg
§102
19.5%
-20.5% vs TC avg
§112
9.3%
-30.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 618 resolved cases

Office Action

§102 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is response to the application filed on 02/27/2025. This application is a continuation (CON) of the patent US 12,314,438 B2. Claims 1-20 are currently pending in this application. Information Disclosure Statement The information disclosure statement (IDS) was filed on 05/20/2026. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Examiner’s Note Applicants are suggested to include information from figs. 6 and 7 with related text in the claims to improve claim limitations regarding the allowability of the application. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (B) CONCLUSION. — The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention. Claim 1 (and claim 11 includes similar limitations) recites: “… after an interface that includes a set of fields for showing sensitive information and a corresponding set of interface elements obscuring the set of fields …”, however, it is not clear (1) whether the set of fields are obscured or not (e.g., if they are obscured, how they can be showing sensitive information); (2) how to define “the corresponding set of interface elements (e.g., corresponds to which one) – or it is not clear to define a boundary of the claim limitations/elements; “… is displayed on a client device that … receiving … a request from a requesting entity of view sensitive information within a field obscured by a corresponding interface element …”, however, it is not clear (1) whether the requesting entity is the same as the client device or a different/second device; (2) whether “sensitive information” has any relationship with the “sensitive information” included before or not; (3) whether the sensitive information is showing on “a set of fields” or “a first field”; (4) whether “a field” has any relationship with “a set of fields” included before or not; (5) whether “a corresponding interface element” has any relationship with “a corresponding set of interface elements” included before or not; “… displayed on a client device … a corresponding set of interface elements … accessing … the requested sensitive information from a database and removing the corresponding interface element such that the accessed …”, however, it is not clear (1) whether the requested sensitive information is accessed from the database and the corresponding interface element displayed on the client device is removed or not; (2) whether the information followed by the term, “such that” is actually limiting or not (e.g., the intended use or the purpose, etc.); “… accessing … additional sensitive information that the requesting entity is authorized to view and removing corresponding interface elements such that …”, however, it is not clear (1) whether the additional sensitive information is accessed from which storage (e.g., a cloud, a third-party storage, a local memory of the client device, etc.) – or omitting necessary step/component which causes the limitations unclear; (2) whether the corresponding interface elements displayed on the client device are removed or not; (2) whether the information followed by the term, “such that” is actually limiting or not (e.g., the intended use or the purpose, etc.). Claims 2-10 and 12-20 depend from the claim 1 or 11, and are analyzed and rejected accordingly. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-20 of the Patent US 12,314,438 B2 contain every element of claims 1-20 of the instant application and as such anticipates claims 1-20 of the instant application. A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001). Current Application No. 19/066094 Reference Patent No.: US 12,314,438 B2 Claim 1: A method of restricting a display of data comprising: after an interface is displayed on a client device that includes a set of fields for showing sensitive information and a corresponding set of interface elements obscuring the set of fields, receiving, by a security engine, a request from a requesting entity to view sensitive information within a first field obscured by a corresponding interface element; and in response to determining that the requesting entity is authorized to view the requested sensitive information, 1) accessing, by the security engine, the requested sensitive information from a database and removing the corresponding interface element such that the accessed sensitive information is displayed within the first field without the field being obscured, and 2) accessing, by the security engine, additional sensitive information that the requesting entity is authorized to view and removing corresponding interface elements such that the accessed additional sensitive information is displayed within additional fields of the set of fields without the additional fields being obscured. Claim 1: A method of restricting a display of data comprising: displaying, by a security engine, an interface on a client device of a requesting entity for displaying (or showing) sensitive information in a set of fields of the interface, the interface including a corresponding interface element that obscures each field (of the set of fields), wherein the client device accesses information for display within the interface from a database that includes sensitive flags indicating columns of sensitive information; after displaying the interface on the client device, receiving, by the security engine, a request from the requesting entity to view the sensitive information within a first field obscured by a corresponding interface element; and in response to determining that the requesting entity is authorized to view the requested sensitive information, 1) accessing, by the security engine, the requested sensitive information from the database and removing the corresponding interface element such that the accessed sensitive information is displayed within the first field without the field being obscured, and 2) accessing, by the security engine, additional sensitive information that the requesting entity is authorized to view and removing corresponding interface elements such that the accessed additional sensitive information is displayed within additional fields of the set of fields without the additional fields being obscured. Claim 2: The method of claim 1, further comprising: accessing, by the security engine, non-sensitive information from the database; and displaying in the interface, by the security engine, the non-sensitive information within a corresponding non-sensitive data field of the interface. Claim 2: The method of claim 1, further comprising: accessing, by the security engine, non-sensitive information from the database; and displaying in the interface, by the security engine, the non-sensitive information within a corresponding non-sensitive data field of the interface. Claim 3: The method of claim 1, further comprising modifying, by the security engine, a data access log to identify the request to view the sensitive information, the modified data access log identifying the requesting entity, the sensitive information, and a time associated with the request to view the sensitive information. Claim 3: The method of claim 1, further comprising modifying, by the security engine, a data access log to identify the request to view the sensitive information, the modified data access log identifying the requesting entity, the sensitive information, and a time associated with the request to view the sensitive information. Claim 4: The method of claim 3, further comprising in response to determining that the requesting entity is not authorized to view the sensitive information, initiating by the security engine, an audit of the modified data access log. Claim 4: The method of claim 3, further comprising in response to determining that the requesting entity is not authorized to view the sensitive information, initiating by the security engine, an audit of the modified data access log. Claim 5: The method of claim 3, wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity, a hardware device used by the requesting entity to access the sensitive information in the database, a software application used by the requesting entity to access the sensitive information in the database, and an indication of whether a request to view the sensitive information was granted. Claim 5: The method of claim 1, wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity, a hardware device used by the requesting entity to access sensitive information in the database, a software application used by the requesting entity to access sensitive information in the database, and an indication of whether a request to view a set of sensitive information was granted. Claim 6: The method of claim 3, wherein the modified data access log includes information identifying the interface. Claim 6: The method of claim 3, wherein the modified data access log includes information identifying the interface. Claim 7: The method of claim 3, wherein the modified data access log further includes information identifying sensitive data fields located within the interface. Claim 7: The method of claim 3, wherein the modified data access log further includes information identifying sensitive data fields located within the interface. Claim 8: The method of claim 1, further comprising: in response to determining that the requesting entity is not authorized to view the sensitive information, displaying a message in the interface indicating that the requesting entity is not authorized to view the sensitive information. Claim 8: The method of claim 1, further comprising: in response to determining that the requesting entity is not authorized to view the sensitive information, displaying a message in the interface indicating that the requesting entity is not authorized to view the sensitive information. Claim 9: The method of claim 8, wherein the sensitive information is not accessed from the database in response to determining that the requesting entity is not authorized to view the sensitive information. Claim 9: The method of claim 8, wherein the sensitive information is not accessed from the database in response to determining that the requesting entity is not authorized to view the sensitive information. Claim 10: The method of claim 1, wherein the interface element comprises an opaque or semi-opaque box obscuring the field corresponding to the sensitive information. Claim 10: The method of claim 1, wherein the interface element comprises an opaque or semi-opaque box obscuring the field corresponding to the sensitive information. Claims 11-20 of the Patent US 12,314,438 B2 contain every element of claims 11-20 of the instant application and as such anticipates claims 11-20 of the instant application – see the above table for similar matching of the non-transitory computer readable storage medium claims 11-20. Claims 1 and 6-19 of the Patent US 10,521,605 B1 contain every element of claims 1-20 of the instant application and as such anticipates claims 1-20 of the instant application. Current Application No. 19/066094 Reference Patent No.: US 10,521,605 B1 Claim 1: A method of restricting a display of data comprising: after an interface is displayed on a client device that includes a set of fields for showing sensitive information and a corresponding set of interface elements obscuring the set of fields, receiving, by a security engine, a request from a requesting entity to view sensitive information within a first field obscured by a corresponding interface element; and in response to determining that the requesting entity is authorized to view the requested sensitive information, 1) accessing, by the security engine, the requested sensitive information from a database and removing the corresponding interface element such that the accessed sensitive information is displayed within the first field without the field being obscured, and 2) accessing, by the security engine, additional sensitive information that the requesting entity is authorized to view and removing corresponding interface elements such that the accessed additional sensitive information is displayed within additional fields of the set of fields without the additional fields being obscured. Claim 1: A method of restricting a display of data comprising: displaying, by a security engine, an interface on a client device for displaying … one or more sets of sensitive information from a database, each of the one or more sets of non-sensitive information to be displayed in a corresponding non-sensitive data field (equivalent to the interface elements), and each of the one or more sets of sensitive information to be displayed in a corresponding sensitive data field, …; for each of the one or more sets of sensitive information: displaying, by the security engine, a selectable graphical interface element within the interface to at least partially obscure the corresponding sensitive data field; and in response to receiving a request to view the set of sensitive information, the request comprising a selection of the selectable graphical interface element, and in response to determining that a requesting entity is authorized to view the set of sensitive information: accessing, by the security engine, the set of sensitive information from the database and displaying the set of sensitive information within the corresponding sensitive data field, modifying, by the security engine, the interface by removing the selectable graphical interface element from the interface, wherein the corresponding sensitive data field is no longer obscured and … Claim 2: The method of claim 1, further comprising: accessing, by the security engine, non-sensitive information from the database; and displaying in the interface, by the security engine, the non-sensitive information within a corresponding non-sensitive data field of the interface. Claim 1: A method of restricting a display of data comprising: … for each of the one or more sets of non-sensitive information, accessing, by the security engine, the set of non-sensitive information from the database and displaying the set of non-sensitive information within the corresponding non-sensitive data field; … Claim 3: The method of claim 1, further comprising modifying, by the security engine, a data access log to identify the request to view the sensitive information, the modified data access log identifying the requesting entity, the sensitive information, and a time associated with the request to view the sensitive information. Claim 1: A method of restricting a display of data comprising: … modifying, by the security engine, a data access log to identify the request to view the set of sensitive information, the modified data access log identifying the requesting entity, the set of sensitive information, and a time associated with the request to view the set of sensitive information. Claim 4: The method of claim 3, further comprising in response to determining that the requesting entity is not authorized to view the sensitive information, initiating by the security engine, an audit of the modified data access log. Claim 8: The method of claim 1, further comprising: … in response to determining that the requesting entity is not authorized to view the set of sensitive information, initiating, by the security engine, an audit of the modified data access log. Claim 5: The method of claim 3, wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity, a hardware device used by the requesting entity to access the sensitive information in the database, a software application used by the requesting entity to access the sensitive information in the database, and an indication of whether a request to view the sensitive information was granted. Claim 9: The method of claim 1, wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity, a hardware device used by the requesting entity to access sensitive information in the database, a software application used by the requesting entity to access sensitive information in the database, and an indication of whether a request to view a set of sensitive information was granted. Claim 6: The method of claim 3, wherein the modified data access log includes information identifying the interface. Claim 10: The method of claim 1, wherein the modified data access log includes information representative of the interface associated with a request to view the set of sensitive information. Claim 7: The method of claim 3, wherein the modified data access log further includes information identifying sensitive data fields located within the interface. Claim 11: The method of claim 10, wherein the modified data access log further includes information representative of sensitive data fields located within the interface, ... Claim 8: The method of claim 1, further comprising: in response to determining that the requesting entity is not authorized to view the sensitive information, displaying a message in the interface indicating that the requesting entity is not authorized to view the sensitive information. Claim 6: The method of claim 1, further comprising: … in response to determining that the requesting entity is not authorized to view the set of sensitive information, displaying a message in the interface indicating that the requesting entity is not authorized to view the set of sensitive information. Claim 9: The method of claim 8, wherein the sensitive information is not accessed from the database in response to determining that the requesting entity is not authorized to view the sensitive information. Claim 7: The method of claim 6, wherein for each one of the one or more sets of sensitive information, the set of sensitive information is not accessed from the database in response to determining that the requesting entity is not authorized to view the set of sensitive information. Claim 10: The method of claim 1, wherein the interface element comprises an opaque or semi-opaque box obscuring the field corresponding to the sensitive information. Claim 12: The method of claim 1, wherein the selectable graphical interface element comprises an opaque or semi-opaque box obscuring the data field corresponding to the set of sensitive information. Claims 13-19 of the Patent US 10,521,605 B1 contain every element of claims 11-20 of the instant application and as such anticipates claims 11-20 of the instant application – see the above table for similar matching of the non-transitory computer readable storage medium claims 11-20. Claims 1-7, 12-17 and 20 of the Patent US 10,943,026 B2 contain every element of claims 1-13 and 20 of the instant application and as such anticipates claims 1-13 and 20 of the instant application. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Eschbach et al. (US 2015/0200922 A1). As per claim 1, Eschbach teaches a method of restricting a display of data [see the abstract of Eschbach] comprising: after an interface is displayed on a client device that includes a set of fields for showing sensitive information and a corresponding set of interface elements obscuring the set of fields, receiving, by a security engine, a request from a requesting entity to view sensitive information within a first field obscured by a corresponding interface element [figs. 1-5; par. 0003, lines 1-7; par. 0023, lines 8-11; par. 0027, lines 9-14; par. 0030, lines 1-7; par. 0035, lines 1-6 of Eschbach teaches after an interface is displayed on a client device that includes a set of fields for showing sensitive information (e.g., a part of DOB, SS#, etc.) and a corresponding set of interface elements obscuring the set of fields (e.g., the graphics or AR marker shown in figs. 1-3), receiving, by a security engine, a request from a requesting entity to view sensitive information (e.g., when the AR marker is selected) within a first field obscured by a corresponding interface element]; and in response to determining that the requesting entity is authorized to view the requested sensitive information, 1) accessing, by the security engine, the requested sensitive information from a database and removing the corresponding interface element such that the accessed sensitive information is displayed within the first field without the field being obscured, and 2) accessing, by the security engine, additional sensitive information that the requesting entity is authorized to view and removing corresponding interface elements such that the accessed additional sensitive information is displayed within additional fields of the set of fields without the additional fields being obscured [figs. 3-5; par. 0026, lines 1-18; par. 0027, lines 11-14; par. 0030, lines 1-24; par. 0035, lines 1-12; par. 0037, lines 1-11; par. 0040, lines 10-11 of Eschbach teaches in response to determining that the requesting entity is authorized to view the requested sensitive information (e.g., permission or authorization level to user access is determined), 1) accessing, by the security engine, the requested sensitive information from a database and removing the corresponding interface element such that the accessed sensitive information is displayed within the first field without the field being obscured, and 2) accessing, by the security engine, additional sensitive information (e.g., the additional content field that is hidden until activated) that the requesting entity is authorized to view and removing corresponding interface elements such that the accessed additional sensitive information is displayed (see fig. 4) within additional fields of the set of fields without the additional fields being obscured]. As per claim 2, Eschbach teaches the method of claim 1. Eschbach further teaches for accessing, by the security engine, non-sensitive information from the database; and displaying in the interface, by the security engine, the non-sensitive information within a corresponding non-sensitive data field of the interface [figs. 1, 4; par. 0023, lines 8-11; par. 0031, lines 1-3 of Eschbach teaches accessing, by the security engine, non-sensitive information (e.g., types of information, such as “Name”, “DOB”, or the information that does not require any special level of security) from the database; and displaying in the interface, by the security engine, the non-sensitive information within a corresponding non-sensitive data field of the interface (e.g., the non-sensitive information displayed in figs. 1-4]. As per claim 3, Eschbach teaches the method of claim 1. Eschbach further teaches modifying, by the security engine, a data access log to identify the request to view the sensitive information, the modified data access log identifying the requesting entity, the sensitive information, and a time associated with the request to view the sensitive information [par. 0024, lines 1-12; par. 0033, lines 1-14; par. 0036, lines 5-15 of Eschbach teaches modifying, by the security engine, a data access log to identify the request to view the sensitive information (e.g., document with the AR markers, authorization levels, etc.), the modified data access log identifying the requesting entity, the sensitive information, and a time (e.g., document with the AR markers, authorization levels when the user requests the data access, etc.) associated with the request to view the sensitive information]. As per claim 4, Eschbach teaches the method of claim 3. Eschbach further teaches in response to determining that the requesting entity is not authorized to view the sensitive information, initiating by the security engine, an audit of the modified data access log [par. 0026, lines 1-9; par. 0033, lines 1-14; par. 0036, lines 5-15 of Eschbach teaches in response to determining that the requesting entity is not authorized (e.g., the user having the authentication rank on the scale of 1) to view the sensitive information, initiating by the security engine, an audit (e.g., fully redacting the field) of the modified data access log]. As per claim 5, Eschbach teaches the method of claim 3. Eschbach further teaches wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity, a hardware device used by the requesting entity to access the sensitive information in the database, a software application used by the requesting entity to access the sensitive information in the database, and an indication of whether a request to view the sensitive information was granted [par. 0021, lines 1-4; par. 0033, lines 1-7; par. 0037, lines 1-11 of Eschbach teaches wherein the modified data access log further includes information representative of at least one of: a user account associated with the requesting entity (e.g., the credentials to identify the user authentication level), a hardware device used by the requesting entity to access the sensitive information in the database, a software application used by the requesting entity to access the sensitive information in the database, and an indication of whether a request to view the sensitive information was granted – see also rejections to the claim 3]. As per claim 6, Eschbach teaches the method of claim 3. Eschbach further teaches wherein the modified data access log includes information identifying the interface [par. 0021, lines 1-4; par. 0030, lines 1-18; par. 0033, lines 1-7; par. 0037, lines 1-11 of Eschbach teaches wherein the modified data access log includes information identifying the interface (e.g., identifying information of the sensitive information corresponding to the AR marker, user’s authorization level, etc.) – see also rejections to the claim 3]. As per claim 7, Eschbach teaches the method of claim 3. Eschbach further teaches wherein the modified data access log further includes information identifying sensitive data fields located within the interface [par. 0021, lines 1-4; par. 0030, lines 1-18; par. 0033, lines 1-7; par. 0037, lines 1-11 of Eschbach teaches wherein the modified data access log further includes information identifying sensitive data fields (e.g., identifying information of the sensitive information corresponding to the AR marker, user’s authorization level, etc.) located within the interface – see also rejections to the claim 3]. As per claim 8, Eschbach teaches the method of claim 1. Eschbach further teaches in response to determining that the requesting entity is not authorized to view the sensitive information, displaying a message in the interface indicating that the requesting entity is not authorized to view the sensitive information [par. 0026, lines 1-9; par. 0033, lines 1-14; par. 0036, lines 5-15 of Eschbach teaches in response to determining that the requesting entity is not authorized (e.g., the user having the authentication rank on the scale of 1) to view the sensitive information, displaying a message in the interface (e.g., fully redacting the field of the sensitive information) indicating that the requesting entity is not authorized to view the sensitive information]. As per claim 9, Eschbach teaches the method of claim 8. Eschbach further teaches wherein the sensitive information is not accessed from the database in response to determining that the requesting entity is not authorized to view the sensitive information [par. 0026, lines 1-9; par. 0033, lines 1-14; par. 0036, lines 5-15 of Eschbach teaches wherein the sensitive information is not accessed (e.g., accessing fully redacting the field of the sensitive information or not accessing the sensitive information) from the database in response to determining that the requesting entity is not authorized (e.g., the user having the authentication rank on the scale of 1) to view the sensitive information]. As per claim 10, Eschbach teaches the method of claim 1. Eschbach further teaches wherein the interface element comprises an opaque or semi-opaque box obscuring the field corresponding to the sensitive information [fig. 1; par. 0023, lines 1-11 of Eschbach teaches wherein the interface element comprises an opaque or semi-opaque box obscuring the field corresponding to the sensitive information (see opaque box of 14B of fig.1) – see also rejections to the claim 1]. Claims 11-20 are storage medium claims correspond to the method claims 1-10, and are analyzed and rejected accordingly. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845. The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MAUNG T LWIN/Primary Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Feb 27, 2025
Application Filed
Jun 17, 2026
Non-Final Rejection mailed — §102, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682103
USER-SPECIFIC ACCESS CONTROL FOR METADATA TABLES
2y 8m to grant Granted Jul 14, 2026
Patent 12682104
EFFICIENT ALLOW LISTING OF SQL INSIDE A DATABASE
2y 4m to grant Granted Jul 14, 2026
Patent 12682120
APPARATUS AND METHOD FOR OBFUSCATION
1y 10m to grant Granted Jul 14, 2026
Patent 12675606
INTEGRATION BETWEEN MESSAGING SYSTEMS AND COLLABORATIVE APPLICATIONS
3y 1m to grant Granted Jul 07, 2026
Patent 12675580
CERTIFICATION OF DEVICE CALIBRATIONS
2y 2m to grant Granted Jul 07, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
89%
Grant Probability
99%
With Interview (+21.8%)
2y 2m (~10m remaining)
Median Time to Grant
Low
PTA Risk
Based on 618 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month