Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of the Application
	Claims 1, 3-8, 10-13, and 15-20 have been examined in this application.
The filling date of this application number recited above is 22 January, 2019. Foreign priority has been claimed for foreign application number CN201610587509.X in the Application Data Sheet, therefore the examination will be undertaken in consideration of 22 July, 2016, as the priority date, for applicable claims.
No additional information disclosure statement (IDS) has been filed to date.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1, 3-8, 10-13, and 15-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. The Claims are directed to an abstract idea, Methods of Organizing Human Activity. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional computer elements, which are recited at a high level 
As per Claims 1, 13, and 20, the claim recites “a method, comprising:
monitoring, a service operation for invoking offline service information to complete an offline service, the offline service comprising a transaction initiated by a user in an offline environment;
retrieving, recorded historical operation data associated with the user from a log file that is stored locally;
determining, whether the service operation is a risky operation based on recorded historical operation data locally retrieved and at least one of a predetermined risk evaluation rule or a risk evaluation model, wherein determining whether the service operation is a risky operation comprises:
receiving a first identity verification operation corresponding to a first identity verification process, 
determining that the first identity verification operation enables the user to pass the first identity verification process, 
determining, based on the at least one of a predetermined risk evaluation rule or a risk evaluation model, a first risk degree of the first identity verification operation that enables the user to pass the first identity verification process, 
in response to determining that the first risk degree exceeds a first risk threshold, determining that the user is an unauthorized user and that the service operation is a risky operation, and  

wherein the predetermined risk evaluation rule and the risk evaluation model are pre-stored locally and are dynamically adjusted based on at least one of a time of using and a number of times of starting and stopping;
in response to determining that the service operation is a risky operation, refusing to invoke the offline service information;
and in response to determining that the service operation is not a risky operation, invoking, the offline service information.”
The limitation of the claims recited above, under its broadest reasonable interpretation, is directed to an organized human activity by performing fundamental economic principles or practices. The method recited above is in regards to authenticating a user transaction in an offline environment, and either approve or deny the transaction based on the determined risk. As the applicant stated in Specifications Paragraphs [0007-0013] “the implementations of the present application provides a method for controlling service operation risks”, and the claims recited above is performing risk assessment of the user to approve or deny the transaction, wherein risk mitigation is a fundamental economic practice. Therefore, the claims are directed to an abstract idea.
This judicial exception is not integrated into practical application. In particular, the claims recite an additional element of “application program” and “end-user device” to perform the method recited above by instructing the abstract idea to be performed This general computer component is recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer system. As disclosed in Specifications [0030] the end-user device may be “a smartphone, a smartwatch, a tablet computer, a notebook computer, and a desktop computer” and [0116] mentions “the present application can use … implementations with a combination of software and hardware” meaning the application program may be a software running on the end-user device, wherein these components are performing mere instructions such as monitoring signals, retrieving data, and comparing data. See also MPEP 2106.05(f) “Requiring the use of software to tailor information and provide it to the user on a generic computer, Intellectual Ventures I LLC v. Capital One Bank (USA), 792 F.3d 1363, 1370-71, 115 USPQ2d 1636, 1642 (Fed. Cir. 2015)”. Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.
The claims also recite an additional element “wherein the offline service information is one of: a near field communication (NFC) signal, a unique digital object identifier (DOI) including a two-dimensional code or a bar code for scanning, or a sound wave signal; retrieving, by the application program running locally on the end-user device, recorded historical operation data associated with the end-user device from a log file that is stored locally on the end-user device; and determining, by the application program running locally on the end-user device, whether the service operation is a risky operation based on recorded historical operation data locally retrieved from the end-user device.” The additional elements do not provide an improvement to the technology, 
Claim 13 recites an additional element of “non-transitory, computer-readable medium” and Claim 20 recites an additional element of “computers and computer memory devices”. Similar to the discussion above, these additional elements are general computer components recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer system. Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a computer based system is recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer system. Mere instructions to apply an exception using a generic computer system and adding insignificant extra-solution activity to the judicial exception cannot provide an inventive concept. The claims are not patent eligible.
Regarding dependent claims, they are still directed to an abstract idea without significantly more.
Claims 3, 5, and 15 recite “wherein the first identity verification operation comprises an identity verification operation performed by the user after a previous time the user passes identity verification of the application program and before the user performs the service operation.”
Claims 4 and 16 recite “wherein determining whether the service operation is a risky operation further comprises: in response to determining that the first risk degree of the first identity verification operation exceeds a predetermined risk threshold: initiating backup identity verification to the user; receiving a second identity verification operation performed by the user based on the backup identity verification; determining a risk characterization value of the second identity verification operation based on a second verification method corresponding to the second identity verification operation, the historical operation data, and at least one of the predetermined risk evaluation rule and the risk evaluation model; determining whether the risk characterization value of the second identity verification operation exceeds the predetermined risk threshold; in response to determining that the risk characterization value of the second identity verification operation exceeds the predetermined risk threshold, determining that the service operation is a risky operation; and in response to determining that the risk characterization value of the second identity verification operation does not exceed the predetermined risk threshold, determining that the service operation is a non-risky operation.”
Claims 6 and 17 recite “wherein initiating backup identity verification to the user comprises: selecting a second identity verification method from a predetermined 
Claims 7 and 18 recite “wherein recording historical operation data comprises:
monitoring an operation performed by the user on the application program; and determining operation data corresponding to the operation after the operation is monitored, and recording the operation data as the historical operation data; and wherein the historical operation data comprises at least one of a total number of times of identity verification success or failure in a historical time, a number of times of identity verification success or failure within a predetermined time period, behavior data of using an online service by the user, behavior data of using an offline service by the user, and service environment data.”
Claims 8 and 19 recite “wherein the offline service information comprises information needed for performing an offline service wherein the information needed for performing an offline services includes user account information and a service verification identifier.”
Claim 10 recites “wherein the predetermined risk evaluation rule and the risk evaluation model are dynamically adjusted based on a use environment of the application program.”
Claim 11 recites “wherein prior to invoking the offline service information, the method comprises obtaining historical operation data of previous operations performed by the user.”
Claim 12 recites “wherein the application program on the end-user device comprises client software and wherein the service operation initiated by the user comprises an offline payment operation; and wherein refusing to invoke the offline service information comprises rejecting the offline payment operation; and invoking the offline service information comprises performing the offline payment operation.”
	These additional steps of each claims fail to remedy the deficiencies of their parent claim above because they are merely further limiting the rules used to conduct the previously recited abstract idea, and are therefore rejected for at least the same rationale as applied to their parent claim above.
	Claims 3-8, 10-12, and 15-19, when analyzed as a whole, considering the additional elements individually and/or as an ordered combination, are held to be patent ineligible under 35 U.S.C. 101 because the additional recited limitations fail to establish that the claims are sufficient to integrate into a practical application and do not amount to significantly more than the judicial exception. Similarly to the independent claims, each claim recites using a generic computer component and adding insignificant extra-solution activity to perform the abstract idea as mentioned above. Therefore, prong 2 and step 2B analysis are similar to above and these claims are not eligible.
Therefore, Claims 1, 3-8, 10-13, and 15-20 are not drawn to eligible subject matter as they are directed to an abstract idea without significantly more.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 3, 7, 10-13, 15, 18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jajara et al. (U.S. 10,311,439) in view of Faith et al. (U.S. 2013/0144888), in view of Deo (U.S. 5,594,227), and in view of Varghese et al. (U.S. 2006/0282660).

As per Claims 1, 13, and 20, Jajara discloses a computer-implemented method (see (Col 2 Lines 53-58) and (Col 8 Lines 10-14) regarding non-transitory computer-readable medium to perform the method as per Claim 13 and see Figure 1 disclosing a user device 110 and Figure 6 as disclosed (Col 1 Lines 48-50) “FIG. 6 is a block diagram of an illustrative computer system suitable for implementing one or more components in FIG. 1 according to an embodiment” regarding computers with memory devices to perform the method as per Claim 20), comprising:
monitoring, by an application program installed locally on an end-user device, a service operation for invoking offline service information to complete an offline service (See Figure 2 which the USER DEVICE 110 contains OFFLINE PAYMENT MODULES 106 to perform offline transactions and authentications as disclosed in Figure 4 which (Col 8 Lines 55-56) “FIG. 4 is a flowchart showing illustrative operations in a process for offline payments according to one embodiment”), 
the offline service comprising a transaction initiated by a user of the end-user device in an offline environment (See Figure 4 step 400 “RECEIVE A REQUEST FROM A USER TO MAKE A PAYMENT TO A MERCHANT” and step 402 “DETERMINE THAT NO NETWORK CONNECTION IS AVAILABLE” which means the transaction is initiated in an offline environment), 
wherein the offline service information is one of: a near field communication (NFC) signal, a unique digital object identifier (DOI) including a two-dimensional code or Figure 4 step 400 as disclosed (Col 8 Lines 58-62) “For example, the user may scan one or more bar codes for products to purchase using, for example, user device 110 of FIG. 1, the user device may receive a payment request via near field or other communication with a merchant device or a recipient device”);
retrieving, by the application program running locally on the end-user device, recorded historical operation data associated with the end-user device from a [data] that is stored locally on the end-user device ((Col 9 Lines 17-20) “Offline payment verification operations may include various comparisons of transaction information associated with the requested transaction with stored, encrypted verification data stored on the user device” wherein (Col 9 Lines 39-51) “Risk assessment data may be captured continuously throughout the life of the user device (e.g., during any or all purchase, payment, or other financial transactions, during any movement of the device from location to location, or when email or other electronic receipts or other communications associated with products, locations, transactions, or other user behavior are received and/or transmitted). Risk assessment data captured before a particular offline transaction is performed may be encrypted and stored on the user device so that the risk assessment data is available for analysis of user behavior, location, spending, and/or other patterns on the user device during processing of offline transactions”);
determining, by the application program running locally on the end-user device, whether the service operation is a risky operation based on recorded historical Figure 4 step 404 “PERFORM OFFLINE PAYMENT VERIFICATION OPERATIONS” as disclosed (Col 9 Lines 16-38) “Offline payment verification operations may include various comparisons of transaction information associated with the requested transaction with stored, encrypted verification data stored on the user device … For example, offline payment verification operations may include risk assessment operations such as a user behavior analysis, a user location history analysis, and/or a user spending pattern analysis” which the risk assessment is disclosed in more detail in Figure 5A, such as step 522 “CUSTOMER SPENDING PATTERN ANALYSIS” as disclosed (Col 11 Lines 55-61) “At block 522 customer spending pattern analysis operations may be performed to determine whether the offline payment is consistent with the user's previous spending patterns for risk analysis for the offline payment. For example, a user's purchase history may be used to determine whether an attempted offline payment is consistent with previous purchases of the user”), 
in response to determining that the service operation is a risky operation, refusing to invoke the offline service information ((Col 12 Lines 10-13) “If risk assessment operations performed at blocks 516, 518, 520, and 522 determine that the offline payment is not acceptable, payment may be denied by the user device at any of blocks 516, 518, 520, and/or 522”);
and in response to determining that the service operation is not a risky operation, invoking, by the application program, the offline service information ((Col 12 Lines 27-30) “If risk assessment operations performed at blocks 516, 518, 520, and 522 determine that the offline payment is acceptable (authorized), the user device may proceed to block 524 …” which the transaction is enabled to be processed after the risk assessment determines that the payment is authorized).

Jajara may not explicitly disclose, but Faith discloses the following:
retrieving, by the application program running locally on the end-user device, recorded historical operation data associated with the end-user device from a log file that is stored locally on the end-user device ([0120] “the dynamic network analytics system 104 retrieves past interaction data and similar users data to the user. The data analyzer module 104c may access a log file 104b in order to retrieve stored past interaction data of the user and similar users data, which may include past interactions be similar users and risk levels for the interaction based on similar users” see Figure 1 which the dynamic network analytics system 104 includes a log file module 104b, as disclosed [0073] “The dynamic network analytics system 104 may include … a log file module 104b ... The various modules may be embodied by computer code, residing on computer readable media” wherein the log file is stored locally on the system, as additionally disclosed in [0042] “In some embodiments, consumer data may also include consumer preferences, notification methods, and prior transaction history. In some embodiments, consumer data may be stored in a log file in the dynamic network analytics system. The stored consumer data may be used as part of the risk analysis”);
Faith in the system executing the method of Jajara, as the system in Jajara already includes the method of retrieving locally stored data, which the data contains historical operations, with the motivation of offering [0005] “to more efficiently utilize and conserve financial resources and network resources, while providing a dynamic and reliable risk assessment “ as taught by Faith over that of Jajara.

Jajara may not explicitly disclose, but Deo discloses the following:
wherein determining whether the service operation is a risky operation comprises:
receiving a first identity verification operation corresponding to a first identity verification process (See Figure 7 – blocks 102 and 104 which receives the password), 
determining that the first identity verification operation enables the user to pass the first identity verification process (See Figure 7 – decision block 108 following the decision “YES” – meaning the password matched), 
determining, based on the at least one of a predetermined risk evaluation rule or a risk evaluation model, a first risk degree of the first identity verification operation that enables the user to pass the first identity verification process (See Figure 7 – decision block 120 which is a predetermined risk evaluation rule to determine the fail count of the password attempt), 
Figure 7 – decision block 120 following decision “NO”, meaning the first risk degree (fail count) exceeds a first risk threshold (more than the value of 0), the user is an unauthorized user and the service operation is determined as a risky operation, as disclosed [Col 9 Lines 49-56] “With reference to step 108, if the entered and stored passwords match (i.e., the "yes" branch), it is then determined whether the fail count is equal to its reference value of zero (step 120). If it is not (i.e., the "no" branch from step 120), the delay count is incremented (step 122), access is denied (step 124), the delay is imposed (step 126), the delay count is decremented (step 128) and finally, a FAIL message is returned (step 130)”)
in response to determining that the first risk degree does not exceed the first risk threshold, determining that the user is an authorized user and that the service operation is not a risky operation (See Figure 7 – decision block 120 following decision “YES”, meaning the first risk degree (fail count) does not exceed the first risk threshold (equals to the value of 0), the user is an authorized user and the service operation is determined as not risky operation, as disclosed [Col 9 Lines 63-67] “With reference again to step 120, if the fail count is equal to zero (i.e., the "yes" branch from step 120), access is permitted (step 132) and the delay count is reset (step 134). At step 136, a SUCCESS message is returned to the terminal and the password verification process is completed”). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize risk assessment by threshold comparison after successful attempt as Deo in the system executing the method of Jajara with the motivation of offering to [Col 2 Lines 3-38] “greatly reduce the chance of unauthorized access through electronic or manual means” as taught by Deo over that of Jajara.

Jajara may not explicitly disclose, but Varghese discloses the following:
wherein the predetermined risk evaluation rule and the risk evaluation model are pre-stored locally in the application program running on the end-user device and are dynamically adjusted based on at least one of a time of using the application program and a number of times of starting and stopping the application program (The rules are pre-stored locally in the application program, as disclosed [0088] “This information is provided to service-provider applications and systems ("users" of the invention) for use in their internal authentication processes. The methods of this invention can also recommend or initiate actions according to service-provider guidelines or rules”, by which the models can be dynamically adjusted based on a time of using the application program, such as the business policy disclosed in [0109] and Table 10 disclosing various restrictions, such as “Transaction from an un-registered device/location or frequently used fraud device/location”, and the workflow policy disclosed in [0111] "Workflow policy contains models that evaluate groups or sequences of related transactions, e.g., transaction requested by a particular user, that indicate expected behavior patterns. These rules are preferably based either of expectations for a typical user of a given class or upon historical describing a particular user … if a user routinely requests account transfers in a certain range, then a transfer far out of this range can indicate risk. Alternately, if a user routinely makes money transfers of amounts greater than an expected average, future transfers in the part range do not necessarily indicate risk, and appropriate rules can be advantageously relaxed for the user" and other restrictions disclosed in Table 11).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize risk evaluation adjustment as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

As per claims 3 and 15, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1 and the non-transitory, computer-readable medium of claim 13, wherein the first identity verification operation comprises an identity verification operation performed by the user after a previous time the user passes identity verification of the application program and before the user performs the service operation ([0144 line 2] "Fraud Analyzer and Alert System (FAAS) processing is invoked when it receives device identification data, e.g., a Device ID, captured from user device by the fingerprinting process" and [0147 line 4] "if, based on the ID information, the user device is identified as posing a major risk of fraud, the system and method of the present invention enables the service provider to require via a rule that a fraud alert be sent to the service provider. The service provider may then respond by terminating the user's connection to the server before enabling entry of the user's authentication information via a user interface").
Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

As per claims 7 and 18, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1 and the non-transitory, computer-readable medium of claim 13, wherein recording historical operation data comprises:
monitoring an operation performed by the user on the application program; and determining operation data corresponding to the operation after the operation is monitored, and recording the operation data as the historical operation data ([0081 line 1] "The DCR process gathers the results of the current request-authentication processing and stores them in DCR database in association with the identifying information (for example, the Device ID) for the originating user device");
	and wherein the historical operation data comprises at least one of a total number of times of identity verification success or failure in a historical time, a number of times of identity verification success or failure within a predetermined time period, behavior data of using an online service by the user, behavior data of using an offline service by the user, and service environment data ([0124 lines 9-15] "Another exemplary method is known as "deviation from normal". This method, instead of comparing current actions to fixed thresholds, employs uses historical data to establish normal for specific days, times, users, devices, workflows, and the like. It then assesses whether the current behavior is deviating from what is normally in similar circumstances" and [0111 lines 4-10] "These rules are preferably based either of expectations for a typical user of a given class or upon historical describing a particular user. Conversely, rules in workflow policies can indicate unexpected behavior that may indicate malicious intent. For example, if a user routinely requests account transfers in a certain range, then a transfer far out of this range can indicate risk" which discloses using historical data of the user, which contains the user’s normal behavior data of using the service).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize monitoring and recording historical operation data as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

As per claim 10, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1, wherein the predetermined risk evaluation rule and the risk evaluation model are dynamically adjusted based on a use environment of the application program (the models can be dynamically adjusted based on a time of using the application program, such as the business policy disclosed in [0109] and Table 10 disclosing various restrictions, such as “Transaction from an un-registered device/location or frequently used fraud device/location”, and the workflow policy disclosed in [0111] "Workflow policy contains models that evaluate groups or sequences of related transactions, e.g., transaction requested by a particular user, that indicate expected behavior patterns. These rules are preferably based either of expectations for a typical user of a given class or upon historical describing a particular user … if a user routinely requests account transfers in a certain range, then a transfer far out of this range can indicate risk. Alternately, if a user routinely makes money transfers of amounts greater than an expected average, future transfers in the part range do not necessarily indicate risk, and appropriate rules can be advantageously relaxed for the user" and other restrictions disclosed in Table 11).
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize risk evaluation adjustment as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

	As per claim 11, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1, wherein prior to invoking the offline service information, the method comprises obtaining historical operation data of previous operations performed by the user ([0081 line 8] "Thereby, the Device Central Repository (DCR) database can provide an historical record of the results of previous request-authentication processing to guide the FAAS in current authentication-request processing").
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize obtaining previous operations as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

As per claim 12, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1, wherein the application program on the end-user device comprises client software and wherein the service operation initiated by the user comprises an offline payment operation ([0099 line 1] "Policies can be enforced during pre-authentication, for example when a user is being authenticated, or during post-authentication, for example when a user is making transaction requests");
	and wherein refusing to invoke the offline service information comprises rejecting the offline payment operation ([0038 line 9] "if a transaction has a high risk score and is thus potentially fraudulent, … Another action is to reject the transaction" and also [0146 line 7] "If the user is not valid, the user is directed to an error message page. Typically, the service provider then blocks user access to the web server and terminates the session connection");
	and invoking the offline service information comprises performing the offline payment operation ([0146 line 5] "If the user is valid, processing continues with the service provider application at the service provider web server").
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize offline payment operation as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara.

Claims 4-6 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Jajara in view of Faith, in view of Deo, in view of Varghese, and in further view of Li Shaw et al. (WO 2013/082190).

As per claims 4 and 16, Jajara, Faith and Deo may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 1 and the non-transitory, computer-readable medium of claim 13, wherein determining whether the service operation is a risky operation further comprises:
in response to determining that the first risk degree of the first identity verification operation exceeds a predetermined risk threshold ([0107 line 13] "If no data item is present or if all data items do not match, a score of "10" (a score indicated a high likelihood of fraud) is returned. In case where some data items are present and match while other data items are absent or do not match, this table invokes further checks" wherein a risk score (risk characterization value) is determined to indicate fraud):
determining a risk characterization value of the second identity verification operation based on a second verification method corresponding to the second identity verification operation, the historical operation data, and at least one of the predetermined risk evaluation rule and the risk evaluation model ([0108 line 1] "The secondary check examines the particulars of the how the data contained in a retrieved data token does not match the criteria associated with a current user request");
[0108 line 11] "If a secondary check is called for, e.g., as a result of a secure cookie mismatch, the indicated data items are gathered and a score determined from the table and returned to primary decision table invoking the particular secondary checks");
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize second identity verification based on the risk score threshold as in Varghese in the system executing the method of Jajara, Faith in further view of Deo, by which the system in Deo provides the additional steps if exceeding the first threshold, with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara, Faith and Deo.

Jajara, Faith and Deo in view of Varghese may not explicitly disclose, but Li Shaw discloses the following:
in response to determining that the first risk degree of the first identity verification operation exceeds a predetermined risk threshold ([00126 line 1] "when the risk score is greater than the TSGS threshold, …" wherein if the risk score (risk characterization value) exceeds the TSGS threshold (predetermined risk threshold), initiates the steps below):
initiating backup identity verification to the user ([00126 line 2] "… the TSGS may invoke a step-up authentication procedure 280");
receiving a second identity verification operation performed by the user based on the backup identity verification ([00126 line 4] "The TSGS may determine additional authentication is required during these events … user can address the step-up during the event, e.g., challenge question appears and user answers it, screen appears within lightbox, etc.");
in response to determining that the risk characterization value of the second identity verification operation exceeds the predetermined risk threshold, determining that the service operation is a risky operation ([00161 line 9] " If the risk score has not been lowered below the threshold, option "No," then the TSGS may determine whether the number of security data requests, security protocol processing time, transaction authorization attempts, etc. have exceeded a predetermined value. If the timeout has occurred, the TSGS may generate a transaction denial notification");
and in response to determining that the risk characterization value of the second identity verification operation does not exceed the predetermined risk threshold, determining that the service operation is a non-risky operation ([00161 line 5] "The TSGS may compare the updated risk score to the predetermined maximum acceptable threshold risk value for the risk type in the current transaction, and determine whether the risk score has been lowered below the threshold. If the risk has been lowered enough, option "Yes," the TSGS may move on to the next transaction risk to mitigate").
It would have been obvious to one of ordinary skill in the art at the time of the invention to include threshold comparison for second identity verification as in Li Shaw in the system executing the method of Jajara, Faith and Deo, by which the system in Deo provides the additional steps if exceeding the first threshold, with the motivation to [0031 line 5] "shift  as taught by Li Shaw over that of Jajara, Faith, Deo, and Varghese.

	As per claim 5, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 4, wherein the first identity verification operation comprises an identity verification operation performed by the user after a previous time the user passes identity verification of the application program and before the user performs the service operation ([0144 line 2] "Fraud Analyzer and Alert System (FAAS) processing is invoked when it receives device identification data, e.g., a Device ID, captured from user device by the fingerprinting process" and [0147 line 4] "if, based on the ID information, the user device is identified as posing a major risk of fraud, the system and method of the present invention enables the service provider to require via a rule that a fraud alert be sent to the service provider. The service provider may then respond by terminating the user's connection to the server before enabling entry of the user's authentication information via a user interface").
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize the identity verification operation as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara, Faith and Deo.

	As per claims 6 and 17, Jajara may not explicitly disclose, but Varghese teaches the computer-implemented method of claim 4 and the non-transitory, computer-readable medium of claim 16, wherein initiating backup identity verification to the user comprises:
	selecting a second identity verification method from a predetermined identity verification method based on the first identity verification operation in a first verification method and at least one of the predetermined risk evaluation rule and the risk evaluation model ([0038 line 9] "if a transaction has a high risk score and is thus potentially fraudulent, one preferred action is to hold the transaction and to then seek secondary authentication or secondary challenge");
	and initiating backup identity verification to the user by using the selected second identity verification method ([0038 line 12] "The user is, e.g., asked to call service provider personnel to confirm the validity of the held transaction").
It would have been obvious to one of ordinary skill in the art at the time of the invention to utilize second and backup identity verification as in Varghese in the system executing the method of Jajara with the motivation of offering to [0024] “provide improved authentication services” as taught by Varghese over that of Jajara, Faith and Deo.

Claims 8 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Jajara in view of Faith, in view of Deo, in view of Varghese, and in further view of Wong et al. (U.S. 2015/0339664).

As per claims 8 and 19, Jajara may not explicitly disclose, but Wong teaches the computer-implemented method of claim 1 and the non-transitory, computer-readable medium of claim 13, wherein the offline service information comprises information needed for performing an offline service wherein the information needed for performing an offline services includes user account information and a service verification identifier ([0033 line 9] "The authorization request message may include information that can be used to identify an account. An authorization request message may also comprise additional data elements such as one or more of a service code, an expiration date, etc. An authorization request message may also comprise transaction information, such as any information associated with a current transaction, such as the transaction amount, merchant identifier, merchant location, etc., as well as any other information that may be utilized in determining whether to identify and/or authorize a transaction").
It would have been obvious to one of ordinary skill in the art at the time of the invention to include user account information and service verification identifier as offline services information as in Wong in the system executing the method of Jajara with the motivation to [0006 line 3] “address the problem of security concerns with conducting transactions with a communication device that does not have or does not rely on a secure element” as taught by Wong over that of Jajara.

Response to Arguments
Applicant's arguments, see pages 11 to 13, filed 07 September 2021, with respect to 35 U.S.C. 101 rejection of the claims, have been fully considered but they are not persuasive. The Applicant contends, see pages 12 to 13, that the independent claims recite a technology for improving application security even if a current user of an end-user device passes original identity verification of an application. Examiner respectfully disagrees. The added limitations of the amendment to the claims are not reciting a technological solution to a technological problem, but are rather reciting a business solution to a business problem, which is to provide an improved identity verification process. The recited method does not require any specialized hardware components, nor does it require any interactions between different devices to properly perform the verification operation. The additional elements recited by the claims are generic computer components merely instructed to perform generic functions, such as receive data, perform stored rules or models, compare data, and transmit data, thus the additional elements do not integrate the judicial exception into a practical application, and are not indicative of an inventive concept. Therefore, the 35 U.S.C. 101 rejection is maintained.
Applicant’s arguments, see pages 13 to 15, with respect to 35 U.S.C. 103 rejection of the claims, specifically the newly amended independent claims 1, 13, and 20, have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Mardirossian (U.S. 5,896,255) discloses of a system and method for erasing software contents from a disc after the user enters an incorrect password for a predetermined number of consecutive times.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY H JUNG whose telephone number is (571)270-5018.  The examiner can normally be reached on Mon - Fri 8:30 - 4:30.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christine M Behncke can be reached on 571-272-8103.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/H.H.J./           Examiner, Art Unit 3697                                                                                                                                                                                            
	
	/CHRISTINE M BEHNCKE/           Supervisory Patent Examiner, Art Unit 3697