DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. § 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-4, 7-8, 10-12, 14-15, 17, 19-21, 23, 25, 32-34 rejected under 35 U.S.C. § 101 are directed to an abstract idea without significantly more.
The claims do not provide significantly more than the judicial exception under the subject matter eligibility two-part statutory analysis, as provided below.
Regarding Step 1,
Step 1 addresses whether the claims are directed to one of the four statutory categories of invention, i.e., process, machine, manufacture, or composition of matter according to MPEP §2106.03. Claims 1-4, 7-8, 10-12, 14-15, 17, 19-21, 23, 25, 32-34 which all fall within one of the four statutory categories.
Regarding Step 2A [prong 1],
The claimed invention recites an abstract idea according to MPEP §2106.04. Independent claim 1, also representative of the other independent claims for the same abstract features, is underlined below which recite the following claim limitations, as an abstract idea.
Claims 1, 10, 19, and 32-34 : …user identification:
[claim 1] determining, based on first information of a first user, a strategy for the first user, wherein first information of a different user corresponds to a respective different strategy, the first information of the first user is associated with a network access duration of the first user, and at least two [data source] in each strategy jointly predict whether the user is a fraudulent user; predicting whether the first user is the fraudulent user.
[claim 10] receiving second information, wherein the second information is at least used to indicate/trigger/initiate to predict whether a first user is a fraudulent user; using the second information, in conjunction with at least one second [data source] associated with the first [data source], to predict whether the first user is the fraudulent user; sending third information, wherein the third information represents a prediction result for the first user.
[claim 19] A user identification method, characterized by being applied to a second [data source], comprising: receiving second information, wherein the second information is at least used to indicate/trigger/initiate to predict whether a first user is a fraudulent user; using the second information to predict whether the first user is the fraudulent user, to jointly predict with the first [data source] whether the first user is the fraudulent user.
The underlined claim limitations, under its broadest reasonable interpretation, fall under “Certain Methods of Organizing Human Activities” grouping of abstract ideas, and includes at least managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions). See MPEP §2106.04(a)(2)(II).
But for the recitation of generic implementation of computer system components, the claimed invention merely recites a process for managing personal behavior/relationships or interactions between people because the claimed steps recite predicting whether the user is the fraudulent user. Accordingly, since the claimed invention describes a process that falls under “Certain Methods of Organizing Human Activities” grouping, the claimed invention recites an abstract idea.
Regarding Step 2A [prong 2],
The judicial exception is not integrated into a practical application according to MPEP §2106.04(d). The claimed invention includes the following additional elements:
A first, second and third processors and memories;
A computer program executable by the processor(s);
Information received/sent by a platform;
Network access;
A first/second node comprising an first/second processor;
In particular, the additional elements cited above beyond the abstract idea are recited at a high-level of generality and simply equivalent to a generic recitation and basic functionality that amount to no more than mere instructions to apply the judicial exception using generic computer technology components.
The claimed invention merely provides an abstract-idea-based-solution implemented with generic computer processes and components recited at a high-level of generality (receiving, storing, determining, and comparing data) using computer instructions to implement the abstract idea on a computer, and merely “apply it” without any meaningful technological limits or any improvement to technology, technical field or improvement to the functioning of the computer itself.
Additionally, receiving information sent by a node/platform, A first/second node comprising a first/second processor and memory for storing a computer program, amounts to data gathering and selecting a particular data source or type of data to be manipulated, thus does not add any meaningful limitations, and since receiving, storing and transmitting data is considered one of the most basic functions of a computer, these additional elements are deemed as insignificant extra-solution activity to the judicial exception. The legal precedent in Electric Power Group and Ultramercial cited in MPEP 2106.05(g) indicate that selecting information, based on types of information and availability of information for collection, analysis and display, and requiring a request from a user to view an advertisement and restricting public access, are all insignificant extra-solution activity.
Therefore, the additional elements fail to integrate the recited abstract idea into any practical application since they do not impose any non-generic meaningful limits on practicing the abstract idea. Thus, the claimed invention is directed to an abstract idea.
Regarding Step 2B, The claimed invention does not include additional elements that are sufficient to amount to significantly more than the judicial exception. See MPEP §2106.05.
As discussed above, the claimed additional elements recited above amounts to no more than mere instructions to implement the abstract idea by adding the words “apply it” using generic computer components and functionality. See MPEP §2106.05(h). Mere instructions to apply the judicial exception using generic computer components are insufficient to provide an inventive concept. Furthermore, the claimed additional elements merely limit the abstract idea to be executed in a computer environment, thus do nothing more than generally linking the use of a judicial exception to a particular technological environment or field of use. See MPEP §2106.05(h).
Additionally, re-evaluating the insignificant extra-solution activities listed above, it is determined that they are also well-understood, routine, and conventional, as well. See MPEP 2106.05(d). The legal precedent in Ultramercial, Versata, Symantec, TLI, and OIP Techs court decisions cited in MPEP 2106.05(d)(II) indicate that storing and retrieving information in memory, as well as receipt and transmission of information over a computer network, and updating an activity log are a well-understood, routine, and conventional functions claimed in a generic manner, as is the case here. See also Trading Techs. Int’l, Inc. v. IBG LLC, 921 F.3d 1084, 1093 (Fed. Cir. 2019) (data gathering and displaying are well-understood, routine, and conventional activities) and also buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355 (Fed. Cir. 2014) (“That a computer receives and sends the information over a network—with no further specification—is not even arguably inventive”).
Considered as an ordered combination, the additional elements are claimed at a high-level of generality and add nothing that is not already present when the steps are considered separately. The sequence of the claimed limitations is equally generic and otherwise held to be abstract since the combination of these additional elements is no more than mere instructions to apply the judicial exception using generic computer components operating in their ordinary and generic capacities of what is typically expected of computers storing and updating data, and receiving and transmitting data between generic computer devices. The claimed invention is not patent eligible because the additional elements are merely invoked as tools to execute the abstract idea and thus are insufficient to amount to an inventive concept significantly more than the judicial exception.
As for dependent claims, they merely further narrow and reiterate the same abstract ideas for storing and updating data, and receiving and transmitting data using generic data storage and transmittal techniques with the same additional elements as recited above which provide nothing more than applying the abstract idea using generic computer technology components. Furthermore dependent claims comprise the following additional elements: local database. These additional elements do not provide any improvement to technology, technical field or improvement to the functioning of the computer itself, and at best simply applying the abstract idea executed in a general-purpose computer environment. Therefore the dependent claims are also directed to ineligible subject matter since they do not provide significantly more than the abstract idea itself.
Thus, after considering all claim elements both individually and as an ordered combination, it has been determined that the claimed invention as a whole, is not enough to transform the abstract idea into a patent-eligible invention since nothing in the claim limitations provide significantly more than the abstract idea under 35 U.S.C. § 101.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of pre-AIA 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on sale in this country, more than one year prior to the date of application for patent in the United States.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-4, 7-8, 10-12, 14-15, 19-21, 23, 25, 32-34 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by GOLDMAN (US20180033009).
Regarding Claim 1,
Goldman discloses:
A user identification method, characterized by being applied to a platform (Abstract, Figs. 1-5B, Summary) comprising:
determining, based on first information of a first user, a strategy for the first user ([0050] receives system access data for a user account, generates one or more risk scores based on the system access data, and performs one or more risk reduction actions based on the likelihood of potential fraud that is represented by the one or more risk scores, according to one embodiment. In other words, when a user accesses a financial system, the financial system creates and stores data that represents the activities of the user during the user's interactions with the financial system) wherein first information of a different user corresponds to a respective different strategy ([0012] The fraud investigation module identifies additional user accounts that are potentially affected by fraudulent activity based on one or more user accounts that have been flagged for fraudulent activity and additional user accounts that have one or more characteristics in common with the flagged user account are sent to an investigation team and/or are analyzed by the security system to determine the likelihood of potential fraudulent activity associated with the additional user accounts, and [0138])
the first information of the first user is associated with a network access duration of the first user ([0133-0134] receiving flagged user account data representing a flagged user account of the financial system that has been flagged for being associated with potential fraudulent activity, receiving one or more user system characteristics data, access data, and user characteristics data)
at least two nodes in each strategy jointly predict whether the user is a fraudulent user ([0135-0138] identifying additional user accounts in the financial system having at least some of one or more of the user system characteristics data, the system access data, and user characteristics data in common with the flagged user account, applying one or more of user system characteristics data, access data, and the user characteristics data for the additional user accounts to the predictive model data to transform one or more of the user system characteristics data, the system access data, and the user characteristics data for the additional user accounts into risk score data, the risk score data representing risk scores for one or more risk categories for the additional user accounts, the risk scores representing a likelihood of potential fraudulent activity for the additional user accounts);
predicting whether the first user is the fraudulent user ([0051-0052] identification and/or reduction of potentially fraudulent activity, the security system uses features of a claim manager, a fraud investigation module, a risk score threshold manager, and/or an authentication module, according to one embodiment. These features increase the automation of risk determination, increase the likelihood of discovering potential fraudulent activity, and improve the performance/accuracy of fraud risk analysis, and detect stolen identity fraud using multiple predictive models to determine the likelihood of potentially fraudulent activity in a user account).
(Original) The method according to claim 1, characterized in that the predicting whether the first user is the fraudulent user comprises: sending second information to a first node, wherein the second information is at least used to indicate/trigger/initiate to predict whether the first user is the fraudulent user, and the first node and at least one associated second node jointly predict whether the first user is the fraudulent user; receiving third information sent by the first node, wherein the third information represents a prediction result for the first user; predicting whether the first user is the fraudulent user by using the third information ([0081] he security system 112 uses the fraud investigation module 152 to identify additional user accounts that have potentially been affected by fraudulent activity, according to one embodiment. Fraud claims data acquired by the claim manager 151 and/or received from customer support representatives is analyzed by the fraud investigation module 152, according to one embodiment. The fraud investigation module 152 analyzes characteristics of the flagged/reported user account, analyzes characteristics of other user accounts 117, and identifies additional user accounts that may be associated with fraudulent activity based on the similarity between characteristics of the flagged user account and the additional user accounts, according to one embodiment. In one embodiment, the additional user accounts have 2 or more characteristics that are similar to the flagged user account, fraud investigation module 152 applies each of the additional user accounts to the predictive models 122 to obtain risk score data 121 for each of the additional user accounts, according to one embodiment. By applying the additional user accounts to the predictive models 122, the fraud investigation module 152 can verify or dismiss whether or not the additional user accounts have been subjected to fraudulent activity, according to one embodiment. The fraud investigation module 152 provides the additional user accounts (or identifiers associated with the additional user accounts) to a fraud investigation team for verification of potentially fraudulent activity).
(Original) The method according to claim 1, characterized in that the method further comprises: determining the first information of the first user ([0080] the claim manager 151 acquires user system characteristics data about the user computing system that is used to submit the claim, which can be used to identify, deemphasize, and remove fraud claims submitted by fraudsters, according to one embodiment. The fraud claims data is then used by the security system 112 to execute risk reduction actions to reduce further potential fraudulent activity on the user account).
4. (Currently Amended) The method according to claim 1, characterized in that, in response to the first information of the first user comprising that the network access duration of the first user is less than or equal to a first duration, the strategy for the first user comprises determining whether the user is the fraudulent user by querying a list; wherein second information comprises query-related information of the first user; or the querying is performed by using plaintext; or the querying is performed by using privacy-preserving computation. ([0074] security system determines user account characteristics, user entered data, text data, [0085-0091] predictive models 122 are applied to existing sessions 116 that represent a low likelihood for fraudulent activity as well as to existing sessions 116 that represent a high likelihood for fraudulent activity, to define risk score thresholds to apply to the risk score data 121, according to one embodiment. In one embodiment, the risk score data 121 is compared to one or more predefined risk score thresholds to determine if one or more of the risk categories 123 has a high enough likelihood of potential fraudulent characteristics to warrant performing risk reduction actions. Examples of risk score thresholds include 0.8 for user system characteristics, 0.95 for an IP address, and 0.65 for a user account)
7. (Currently Amended) The method according to claim any one of claims 1 to 3, characterized in that, in response to the first information of the first user comprising that the network access duration of the first user is greater than a first duration, the strategy for the first user comprises determining whether the user is the fraudulent user through a model prediction ([0085] predictive models 122 are applied to existing sessions 116 that represent a low likelihood for fraudulent activity as well as to existing sessions 116 that represent a high likelihood for fraudulent activity, to define risk score thresholds to apply to the risk score data 121, according to one embodiment. In one embodiment, the risk score data 121 is compared to one or more predefined risk score thresholds to determine if one or more of the risk categories 123 has a high enough likelihood of potential fraudulent characteristics to warrant performing risk reduction actions. Examples of risk score thresholds include 0.8 for user system characteristics, 0.95 for an IP address, and 0.65 for a user account).
8. (Currently Amended) The method according to claim 7, characterized in that the second information comprises identity-related information of the first user or the prediction is performed by using plaintext; or the prediction is performed by using privacy-preserving computation ([0074] security system 112 is particularly sensitive to age of account, user account characteristics, user entered data, event level data, and interaction behavior, and determine likelihoods of potentially fraudulent activity by using multifactor analysis, some characteristics may be more dominant indicators of potential stolen identity refund fraud activity for an account, [0088-0091] predicting user fraud with privacy process for authentication).
10. (Original) A user identification method, characterized by being applied to a first node, comprising: receiving second information sent by a platform, wherein the second information is at least used to indicate/trigger/initiate to predict whether a first user is a fraudulent user; using the second information, in conjunction with at least one second node associated with the first node, to predict whether the first user is the fraudulent user; sending third information to the platform, wherein the third information represents a prediction result for the first user (Abstract, Figs. 1-5B, Summary and [0050] receives system access data for a user account, generates one or more risk scores based on the system access data, and performs one or more risk reduction actions based on the likelihood of potential fraud that is represented by the one or more risk scores, according to one embodiment. In other words, when a user accesses a financial system, the financial system creates and stores data that represents the activities of the user during the user's interactions with the financial system, [0012] The fraud investigation module identifies additional user accounts that are potentially affected by fraudulent activity based on one or more user accounts that have been flagged for fraudulent activity and additional user accounts that have one or more characteristics in common with the flagged user account are sent to an investigation team and/or are analyzed by the security system to determine the likelihood of potential fraudulent activity associated with the additional user accounts, and [0138], [0133-0138] receiving flagged user account data representing a flagged user account of the financial system that has been flagged for being associated with potential fraudulent activity, receiving one or more user system characteristics data, access data, and user characteristics data, identifying additional user accounts in the financial system having at least some of one or more of the user system characteristics data, the system access data, and user characteristics data in common with the flagged user account, applying one or more of user system characteristics data, access data, and the user characteristics data for the additional user accounts to the predictive model data to transform one or more of the user system characteristics data, the system access data, and the user characteristics data for the additional user accounts into risk score data, the risk score data representing risk scores for one or more risk categories for the additional user accounts, the risk scores representing a likelihood of potential fraudulent activity for the additional user accounts, [0051-0052] identification and/or reduction of potentially fraudulent activity, the security system uses features of a claim manager, a fraud investigation module, a risk score threshold manager, and/or an authentication module, according to one embodiment. These features increase the automation of risk determination, increase the likelihood of discovering potential fraudulent activity, and improve the performance/accuracy of fraud risk analysis, and detect stolen identity fraud using multiple predictive models to determine the likelihood of potentially fraudulent activity in a user account, [0082] fraud investigation module 152 applies each of the additional user accounts to the predictive models 122 to obtain risk score data 121 for each of the additional user accounts, according to one embodiment. By applying the additional user accounts to the predictive models 122, the fraud investigation module 152 can verify or dismiss whether or not the additional user accounts have been subjected to fraudulent activity, according to one embodiment. The fraud investigation module 152 provides the additional user accounts (or identifiers associated with the additional user accounts) to a fraud investigation team for verification of potentially fraudulent activity).
11. (Original) The method according to claim 10, characterized in that the second information comprises query-related information of the first user ([0102] The security system 212 requests and/or acquires information from the tax return preparation system 211 and determines the likelihood of potential stolen identity refund fraud activity for the interactions of one or more client systems with the tax return preparation system).
12. (Currently Amended) The method according to claim 11, characterized in that querying is performed by using plaintext; or querying is performed by using privacy-preserving computation; or in response to finding, in a local database, fraud-related information that matches the query-related information, sending the third information to the platform ([0102] identify and address potential stolen identity refund fraud activity in the tax return preparation system 211, according to one embodiment. The security system 212 is an implementation of the security system 112 (shown in FIG. 1), according to one embodiment. The security system 212 requests and/or acquires information from the tax return preparation system 211 and determines the likelihood of potential stolen identity refund fraud activity for the interactions of one or more client systems with the tax return preparation system 211, according to one embodiment. The security system 212 is part of the same service provider computing environment as the tax return preparation system 211, and therefore obtains access to the user characteristics data 216, the financial data 220, and system access data 221, by generating one or more data requests (e.g., database queries) in the service provider computing environment 210).
14. (Original) The method according to claim 11, characterized in that in response to not finding, in a local database, fraud-related information that matches the query-related information, sending the query-related information to the at least one second node and obtaining fourth information, wherein the fourth information represents a prediction result of the first node for the first user; receiving at least one fifth information sent by the at least one second node, wherein the fifth information represents a prediction result of the second node for the first user ([0064] The user characteristics data 115 is stored in a table, database, or some other data structure, according to one embodiment. The user characteristics data 115 is sorted, filtered, and/or organized based on one or more of the user accounts 117, in the data structure, represent the performance of the predictive model based on the inputs provided to the predictive model and based on the output generated by the predictive model, [0093] system access data to the one or more predictive models 122 to generate risk score data 121 for users as they access or attempt to access the financial system 111. [0114] model characteristics include receiver operating characteristics of the predictive model, according to one embodiment. The receiver operating characteristics represent the performance of the predictive model based on the inputs provided to the predictive model and based on the output generated by the predictive model).
15. (Currently Amended) The method according to claim 10, characterized in that the second information comprises identity-related information of the first user wherein the prediction is performed by using plaintext; or the prediction is performed by using privacy-preserving computation([0009] an authentication module 154 to challenge the authentication of the user and/or to verify that a user is authorized to use the identification information and/or the user account that the user is using to access the financial system 111, according to one embodiment. The authentication module 154 is configured to use system access data 113, financial data 114, and/or user characteristics data 115 to generate questions for a user to respond to in order to verify that the user has sufficient knowledge of the identification information to likely be the authorized user of a user account, [0093] system access data to the one or more predictive models 122 to generate risk score data 121 for users as they access or attempt to access the financial system 111. [0114] model characteristics include receiver operating characteristics of the predictive model, according to one embodiment. The receiver operating characteristics).
19. (Original) A user identification method, characterized by being applied to a second node, comprising: receiving second information sent by a first node, wherein the second information is at least used to indicate/trigger/initiate to predict whether a first user is a fraudulent user; using the second information to predict whether the first user is the fraudulent user, to jointly predict with the first node whether the first user is the fraudulent user ([0089-0091] Security system 112 uses the alert module 120 to execute one or more risk reduction actions 124, upon determining that all or part of the risk score data 121 indicates a likelihood of potentially fraudulent activity occurring in the financial system 111 for at least one of the user accounts 117,The risk reduction actions 124 include, but are not limited to, challenging the authentication of the user, removing multi-factor authentication options (e.g., removing email as a multi-factor authentication option), increasing the difficulty of multi-factor authentication options, sending a text message to an owner of identity information, logging a user out of a session with the financial system 111, ending a session, blocking access to the financial system 111, suspending credentials (at least temporarily) of an authorized user, preventing a user from making one or more changes to one or more user accounts 117, preventing (at least temporarily) a user from executing one or more operations within the financial system 111 (e.g., preventing the user from filing a tax return or from altering which financial institution account is set up to receive a tax refund), suspending a tax return filing, suspending a tax refund, and the like, according to various embodiments).
20. (Original) The method according to claim 19, characterized in that the second information comprises query-related information of the first user ([0091] searching and authenticating user information of additional user accounts).
21. (Currently Amended) The method according to claim 20, characterized in that the using the second information to predict whether the first user is the fraudulent user comprises: searching a local database for fraud-related information that matches the query-related information to obtain a matching result; sending fifth information to the first node, wherein the fifth information represents a prediction result of the second node for the first user - wherein the prediction is performed by using plaintext; or the prediction is performed by using privacy-preserving computation ([0091] The authentication module 154 also has the capacity to search through prior tax return filings to generate questions that an authorized user would be likely to know but that would take a long time for an unauthorized user to research in order to respond correctly to, according to one embodiment. The service provider computing environment 110 also includes financial data 114 in user characteristics data 115 that can be obtained from other services that the service provider is providing to users. In one embodiment, the authentication module 154 uses user data that is obtained from other service provider services in order to verify/authenticate that a user is authorized to access a particular user account).
23. (Currently Amended) The method according to claim 19, characterized in that the second information comprises identity-related information of the first user - wherein the using the second information to predict whether the first user is the fraudulent user comprises: using the identity-related information and a second model to predict whether the first user is the fraudulent user; sending seventh information to the first node, wherein the seventh information represents a prediction result of the second node for the first user ([0052] To detect stolen identity refund fraud, the security system analyzes the data that represents the behavior of the user of a client system (e.g., user system) that accesses the financial system, according to one embodiment. Year-to-year changes in tax refund amount, income, age of a user account, other user account characteristics, and/or browsing behavior can be strong indicators of potential fraud activity, according to one embodiment. In one embodiment, the software system analyzes several factors, using multiple predictive models, to determine the likelihood of potentially fraudulent activity in a user account of the financial system).
25. (Original) The method according to claim 24, characterized in that the prediction is performed by using plaintext; or the prediction is performed by using privacy-preserving computation ([0072] analytics module 119 and/or the security system 112 applies the system access data 113 to one or more predictive models 122, to generate the risk score data 121 that represents one or more risk scores, [0052] To detect stolen identity refund fraud, the security system analyzes the data that represents the behavior of the user of a client system (e.g., user system) that accesses the financial system, according to one embodiment. Year-to-year changes in tax refund amount, income, age of a user account, other user account characteristics, and/or browsing behavior can be strong indicators of potential fraud activity, according to one embodiment. In one embodiment, the software system analyzes several factors, using multiple predictive models, to determine the likelihood of potentially fraudulent activity in a user account of the financial system).
32. (Currently Amended) A platform, characterized by comprising: a first processor and a first memory for storing a computer program executable by the processor, wherein the first processor is configured to execute the computer program to implement the steps of the method according claim 1 ([0094] service provider computing environment 110 and/or the financial system 111 and/or the security system 112 includes memory 127 and processors 128 to support operations of the financial system 111 and/or of the security system 112 in facilitating the identification and intervention of potentially fraudulent activities in the financial system 111, according to one embodiment. In one embodiment, the security system 112 includes instructions that are represented as data that are stored in the memory 127 and that are executed by one or more of the processors 128 to perform a method of identifying and addressing potentially fraudulent activities in the financial system).
33. (Currently Amended) A first node, characterized by comprising: a second processor and a second memory for storing a computer program executable by the processor, wherein the second processor is configured to execute the computer program to implement the steps of the method according claim 10 ([0094] service provider computing environment 110 and/or the financial system 111 and/or the security system 112 includes memory 127 and processors 128 to support operations of the financial system 111 and/or of the security system 112 in facilitating the identification and intervention of potentially fraudulent activities in the financial system 111, according to one embodiment. In one embodiment, the security system 112 includes instructions that are represented as data that are stored in the memory 127 and that are executed by one or more of the processors 128 to perform a method of identifying and addressing potentially fraudulent activities in the financial system).
34. (Currently Amended) A second node, characterized by comprising: a third processor and a third memory for storing a computer program executable by the processor, wherein the third processor is configured to execute the computer program to implement the steps of the method according to claim 19 ([0094] service provider computing environment 110 and/or the financial system 111 and/or the security system 112 includes memory 127 and processors 128 to support operations of the financial system 111 and/or of the security system 112 in facilitating the identification and intervention of potentially fraudulent activities in the financial system 111, according to one embodiment. In one embodiment, the security system 112 includes instructions that are represented as data that are stored in the memory 127 and that are executed by one or more of the processors 128 to perform a method of identifying and addressing potentially fraudulent activities in the financial system).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Note: In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim 17 rejected under 35 U.S.C. 103 as being unpatentable over GOLDMAN in view of XU (US20240039692)
Regarding Claim 17,
Goldman discloses the claim 15 including using the second information, in conjunction with the at least one second node associated with the first node, to predict whether the first user is the fraudulent user as recited above.
However Gildan does not explicitly specify, yet XU discloses:
using the identity-related information and a first model to obtain sixth information, wherein the sixth information represents a prediction result of the first node for the first user; and sending the identity-related information to the at least one second node; receiving at least one seventh information sent by the at least one second node, wherein the seventh information represents a prediction result of the second node for the first user; predicting whether the first user is the fraudulent user based on the sixth information and the at least one seventh information wherein the method further comprises: determining, based on a Private Set Intersection (PSI), intersection data between a first dataset of the first node and at least one second dataset of the at least one second node; training a federated model by using the intersection data, wherein the federated model comprises the first model ([0003-0010] Federated learning refers to collaborative training of a machine learning model, training a model to predict content a user might be interested in based on correlations between grocery purchase data and past viewers' movie viewing. Set intersection is a multi-party protocol that allows at least two parties, each holding datasets with a common feature, to compute the intersection of the datasets. the data usable in federated model training by the first data owner, the rearranging resulting in a first training dataset, the first training dataset comprising a set of labels. An embodiment computes, at the first data owner using the intersection set of data identifiers, the first training dataset, and a previous iteration of an aggregated set of model weights, a first partial set of model weights. An embodiment receives, from an aggregator, an updated aggregated set of model weights, the updated aggregated set of model weights comprising the first partial set of model weights and a second partial set of model weights received at the aggregator from the second data owner. Private set intersection is the performance of set intersection using a cryptographic protocol that allows parties to compute the intersection of the datasets by comparing encrypted versions of these sets).
Thus, it would have been obvious to one of ordinary skill in the art, before the effective
filing date of the invention, to modify Goldman to incorporate the features above as taught by Xu. One of ordinary skill in the art would have been motivated to include the features of Xu for the benefit of “training a model to predict content a user might be interested in based on correlation” (Xu; [0004]).
Conclusion
The relevant prior art made of record not relied upon but considered pertinent to applicant's disclosure can be found in the current and/or previous PTO-892 Notice of References Cited.
Goldman II -US20180033089 Method and system for identifying and addressing potential account takeover activity in a financial system.
Any inquiry concerning this communication or earlier communications from the Examiner should be directed to LAURA YESILDAG whose direct telephone number is (571) 270-5066 and work schedule is generally Monday-Friday, from 9:00 AM - 5:00 PM ET.
In order to receive any email communication from the Examiner, filing for official authorization for Internet Communication is required. The authorization form can be accessed at https://www.uspto.gov/sites/default/files/documents/sb0439.pdf.
Examiner interviews can be requested by telephone or are available using the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the Examiner are unsuccessful, the Examiner’s Supervisor, LYNDA JASMIN, can be reached at (571) 272-6782 for any urgent matter that needs immediate attention. Additional information regarding the status of an application may be obtained from the USPTO Patent Center. For more information about the USPTO Patent Center, please access https://patentcenter.uspto.gov/ The Patent Center is available to all users for electronic filing and management of patent applications and can be contacted for questions at 1-866-217-9197 or 571-272-4100.
/LAURA YESILDAG/Primary Examiner, Art Unit 3629