Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1.	This action is responsive to:  an original application filed on 28 February 2019 with acknowledgement of a provisional application filed on 20 February 2019
2.	Claims 1-20 are currently pending.  Claims 1, 8, and 14, are independent claims. 
Claim Rejections – 35 USC § 103
3.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


4.	Claims 1-2 and  4-20, are rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. U. S. Patent No. 9,954,893 (hereinafter ‘893) in view of Kay et al. U.S. Patent No. 8,255,280 (hereinafter ‘280).

	As to independent claim 1, “A system, comprising: a processor;  and a memory having stored thereon instructions that are executable to cause the system to perform operations comprising: transmitting a web page to a client device in response to a request from a web browser of the client device for the web page, wherein the web page includes tampering detection code that is configured to execute in response to the web page being received by the 
the following is not explicitly taught in ‘893:  	
	“wherein execution of the tampering detection code includes determining whether a native code function of the web browser has been overridden” however ‘280 teaches determining that a proposed application seeks permission to run native code on a client device which may result in one or more security features of the browser application being bypasses (i.e. overridden) in col. 19, lines 47-53;  
	“subsequent to the transmitting, receiving execution results transmitted by the tampering detection code, wherein the execution results indicate whether the native code function has been overridden;  if the native code function has not been overridden, providing access to an electronic resource via the web page” however ‘280 teaches the proposed application can be flagged for additional review to the execution of the native code would not result in harm to the user or the client device.  Only after the proposed application has been manually vetted and determined to noT contain malicious code designation may the proposed application be distributed, i.e. provided access in col. 19, lines 47-59;
	“and if the native code function has been overridden, preventing access to the electronic resource” however ‘280 teaches only applications determined not to contain malicious code can be listed for distribution (i.e. access) if application cannot obtain a legal agreement from developer, then the application may not be listed (i.e. preventing access) in col. 19, lines 54-67.


 

	As to dependent claim 2, “The system of claim 1, wherein providing access to the electronic resource comprises allowing a user to use particular functionality of a user account” is taught in ‘280 col. 11, lines 47-59.
	As to dependent claim 4, “The system  of claim 1, wherein preventing access to the electronic resource includes not transmitting a particular web page to the client device” is shown in ‘280 col. 11, lines 54-67.
	As to dependent claim 5, “The system  of claim 1, wherein the tampering detection code comprises JavaScript code” is disclosed in ‘893 col. 6, lines 15-17, col. 7, lines 44-55, and col. 7, lines 58 through col. 8, line 21.
	As to dependent claim 6, “The system  of claim 5, wherein the native code function comprises a JavaScript function that returns a value corresponding to a property of the web browser of the client device” is taught in ‘893 col. 9, lines 4-16.
	As to dependent claim 7, “The system  of claim 5, wherein the native code function comprises a JavaScript function that returns a value corresponding to a property of the client device” is shown in ‘893 col. 9, lines 4-25.
	As to independent claim 8, “A non-transitory, computer-readable medium having stored thereon instructions that when executed by a computer system cause the computer system to 
the following is not explicitly taught in ‘893:  
	“wherein execution of the tampering detection code includes determining whether a native code function of the web browser has been overridden” however ‘280 teaches determining that a proposed application seeks permission to run native code on a client device which may result in one or more security features of the browser application being bypasses (i.e. overridden) in col. 19, lines 47-53;  
	“subsequent to the transmitting, receiving execution results transmitted by the tampering detection code, wherein the execution results indicate whether the native code function has been overridden;  if the native code function has not been overridden, providing access to an electronic resource via the web page” however ‘280 teaches the proposed application can be flagged for additional review to the execution of the native code would not result in harm to the user or the client device.  Only after the proposed application has been manually vetted and determined to noT contain malicious code designation may the proposed application be distributed, i.e. provided access in col. 19, lines 47-59;
	“and if the native code function has been overridden, preventing access to the electronic resource” however ‘280 teaches only applications determined not to contain malicious code can be listed for distribution (i.e. access) if application cannot obtain a legal agreement from developer, then the application may not be listed (i.e. preventing access) in col. 19, lines 54-67.
 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of techniques for combating man-in-the-browser attacks taught in ‘893 to include a means to determine tampering by analysis of native code functions of the browser application.  One of ordinary skill in the art would have been motivated to perform such a modification to ensure digital goods conform to certain quality standards see ‘280 col. 1, lines 31-53.
	As to dependent claim 9, “The non-transitory  computer-readable medium of claim 8, wherein preventing access to the electronic resource comprises preventing a user from accessing one or more functionalities of a user account” is taught in ‘280 col. 11, lines 54-67.
	As to dependent claim 10, “The non-transitory  computer-readable medium of claim 9, wherein the operations further comprise transmitting a web page to the web browser of the client device containing contact information via which the user can provide verification details in order to restore access to the one or more functionalities of the user account” is shown in ‘280 col. 4, lines 4-58, col. 11, lines 54-67 and col. 15, line 52 through col. 16, line 23.
	As to dependent claim 11, “The non-transitory  computer-readable medium of claim 8, wherein providing access to the electronic resource via the web page includes updating the web page with additional data not previously displayed on the web page” is disclosed in ‘893 col. 5, lines 26-35, note updating target code to prevent future attacks is additional data not previously displayed.
	As to dependent claim 12, “The non-transitory  computer-readable medium of claim 8, wherein the native code function returns a value corresponding to a property of the web browser” is taught in ‘893 col. 9, lines 4-16.

	As to independent claim 14, “A method, comprising: a computer system transmitting a first web page to a client device in response to a request from a web browser of the client device, wherein the first web page includes tampering detection code that is configured to execute in response to the first web page being received by the web browser” is taught in ‘893 col. 1, lines 31-56, col. 2, lines 28-67, and col. 7,line 59 through col. 8, line 23;
the following is not explicitly taught in ‘893:  
	“wherein execution of the tampering detection code includes determining whether a native code function of the web browser has been overridden” however ‘280 teaches determining that a proposed application seeks permission to run native code on a client device which may result in one or more security features of the browser application being bypasses (i.e. overridden) in col. 19, lines 47-53;  
	“subsequent to the transmitting, the computer system receiving execution results transmitted by the tampering detection code, wherein the execution results indicate whether the native code function has been overridden;  and based on whether the native code function has 
	As to dependent claim 15, “The method  of claim 14, further comprising: based on a determination by the tampering detection code that a plurality of native code functions of the web browser have been overridden, the computer system denying access to the electronic resource” however ‘280 teaches the proposed application can be flagged for additional review to the execution of the native code would not result in harm to the user or the client device.  Only after the proposed application has been manually vetted and determined to not contain malicious code designation may the proposed application be distributed, i.e. provided access and only applications determined not to contain malicious code can be listed for distribution (i.e. access) if application cannot obtain a legal agreement from developer, then the application may not be listed (i.e. preventing access)  in col. 19, lines 47-67.
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of techniques for combating man-in-the-browser attacks taught in ‘893 to include a means to determine tampering by analysis of native code functions of the browser application.  One of ordinary skill in the art would have been motivated to perform such a modification to ensure digital goods conform to certain quality standards see ‘280 col. 1, lines 31-53.
	As to dependent claim 16, “The method  of claim 14, wherein the electronic resource includes a particular functionality associated with a user account corresponding to an entity that transmitted the first web page” is taught in ‘280 col. 5, lines 36-47.
	As to dependent claim 17, “The method  of claim 14, wherein the electronic resource includes specific data accessible via the computer system” is shown in ‘280 col. 5, lines 36-47.

	As to dependent claim 19, “The method  of claim 18, wherein providing the access to the electronic resource comprises transmitting an additional web page to the web browser of the client device based on a user action taken on the first web page” is taught in ‘280 col. 5, lines 3-18, note the user can select via the interface what digital goods (i.e. web pages/apps/hyperlinks) to be presented.
	As to dependent claim 19, “The method  of claim 14, wherein the computer system is a web server configured to provide particular functionality via the web page through communication with a back-end server” is shown in ‘280 col. 22, lines 53-64.
	As to dependent claim 20, “The method  of claim 14, wherein execution of the tampering detection code includes determining whether a plurality of native code functions of the web browser has been overridden” is shown in ‘280 col. 20, line 31 through col. 21, line 13;
	“and wherein the method comprises providing access to the electronic resource based on the execution results of the tampering detection code indicating that none of the plurality of native code functions have been overridden” is disclosed in ‘280 col. 19, lines 49-67.

5.	Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Zhao et al. U. S. Patent No. 9,954,893 (hereinafter ‘893) in view of Kay et al. U.S. Patent No. 8,255,280 (hereinafter ‘280) is rejected in further view of Turgeman U.S. Patent Application Publication No. 2017/0054702 (hereinafter ‘702).
As to dependent claim 3, the following is not explicitly taught in ‘893 and ‘280: “The system  of claim 2, wherein the particular functionality includes electronic transfer of funds from the user account to a destination account” however ‘702 teaches a system that detects an automatic script that attempts to modify data items (i.e. destination account) when user performing a wire transfer to allow user safe funds transfers in paragraphs 59-63.
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of techniques for combating man-in-the-browser attacks taught in ‘893 and ‘280 to include a means to protect electronic funds trans.  One of ordinary skill in the art would have been motivated to perform such a modification because millions of people utilize mobile electronic devices to perform various activities a system is needed to detect fraudulent users and attacks see ‘744 paragraphs 7-10.

6.	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
	Arkhipov 	U.S. Patent Application Publication 2004/0003248
	Wang et al. 	U.S. Patent Application Publication 2014/0189864
	Sehr et al. 	U.S. Patent Application Publication 2012/0042145
	Kuskov et al.	U.S. Patent No. 9,407,658
	Burns et al. 	U.S. Patent No. 8,621,621


Conclusion

7.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELLEN C TRAN whose telephone number is (571) 272-3842.  The examiner can normally be reached from M-F 9 AM to 6PM.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
		If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ELLEN TRAN/Primary Examiner, Art Unit 2433                                                                                                                                                                                                        23 March 2021