Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This action is in response to the application filed December 16, 2019.  Claims 1-20 are pending and examined.
Specification
Applicant is required to update the status (pending, allowed, etc.) of all parent priority applications in the first line of the specification.  The status of all citations of US filed applications in the specification should also be updated where appropriate.  (This application does not appear to claim priority to any other applications if that is correct there is nothing to update.  If there a priority claim the sooner it is brought up the better for everyone.)
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.



Claims 1-8, 11-15, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Rajput et al. (USPG 2020/0099,713 A1) in view of Shimoni et al. (USPG 2010/0192,201 A1). 
	As per claim 1 Rajput teaches:
A method, comprising: 
receiving, from a transmitting client system, a plurality of transaction requests to conduct transactions with an entity, wherein the transaction requests each have a respective identifier that corresponds to an account usable to complete the respective transaction request; (see at least Rajput abstract)
comparing the one or more characteristics against one or more specified threshold limits;  (see at least Rajput paragraph 51  The bot detection component lists 
based on the comparing, assessing whether the one or more specified threshold limits are exceeded; (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits that suggest robot.)
selecting, based on an assessment that at least a particular one of the one or more specified threshold limits is exceeded and that a particular specified threshold limit is exceeded, a set of computer instructions from different sets of computer instructions for execution on the client system;  (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.)
receiving, from the client system, a result of an execution of the set of computer instructions; (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.) and 
determining, based on the result of the execution of the set of computer instructions, whether the plurality of transaction requests appear to have originated from a machine-automated submission process. (see at least Rajput paragraph 54  The Feedback regarding whether the user is human.)
While Rajput is not explicit about monitoring the rate of requests Shimoni teaches monitoring the rate of requests as indicating a problem when it exceeds a threshold.  (see at least Shimoni abstract)  Therefore it would have been obvious to a person of 
As per claim 2 while Rajput is not explicit about monitoring the rate of requests Shimoni teaches monitoring the rate of requests as indicating a problem when it exceeds a threshold within a specific timeframe.  (see at least Shimoni abstract)  Therefore it would have been obvious to a person of ordinary skill in the art of detecting attacks to monitor the rate of accesses something that could signal an attach since it is solving a known problem in a known way with an expectation of success.
As per claim 3 Rajput teaches: 
The method of claim 1, wherein: 
the analyzing further comprises analyzing an Internet Protocol (IP) address of the client system or a device identifier of the client system; (see at least Rajput paragraph 23 Binning based on IP address) and 
the comparing further comprises comparing the IP address with one or more historical IP addresses of the client system or comparing the device identifier with one or more historical device identifiers of the client system. (see at least Rajput paragraphs 32-33  Since IP addresses can be reassigned its confidence can fade over time which is considering history in the short term)
As per claim 4 Rajput teaches: 
The method of claim 1, further comprising: 
in response to a determination that the transaction requests appear to have originated from the machine-automated submission process, performing one or more see at least Rajput paragraph 37 “select and start taking actions against visitors or a set of visitors which are suspected as bots. The actions include exhibiting/displaying a block page, exhibiting/displaying captcha, enforcing multi-factor authentication etc.”  captcha is Completely Automated Public Turing Test to tell Computers and Humans Apart.  All of the actions would help mitigate the risk of processing a transaction.)
As per claim 5 Rajput teaches: 
The method of claim 4, wherein the performing the one or more actions comprises applying a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA). (see at least Rajput paragraph 37 “select and start taking actions against visitors or a set of visitors which are suspected as bots. The actions include exhibiting/displaying a block page, exhibiting/displaying captcha, enforcing multi-factor authentication etc.”  captcha is Completely Automated Public Turing Test to tell Computers and Humans Apart.  All of the actions would help mitigate the risk of processing a transaction.)
As per claim 6 Rajput teaches: 
The method of claim 4, wherein the one or more actions comprises: 
denying the transaction requests, (see at least Rajput paragraph 37 “select and start taking actions against visitors or a set of visitors which are suspected as bots. The actions include exhibiting/displaying a block page, exhibiting/displaying captcha, enforcing multi-factor authentication etc.”  captcha is Completely Automated Public Turing Test to tell Computers and Humans Apart.  Blocking access by displaying a block page would deny the transaction requests.)

As per claim 7 Rajput teaches: 
The method of claim 1, wherein an execution of the set of computer instructions causes the client system to download, from a website of the entity, a JavaScript program as the set of computer instructions for execution. (see at least Rajput paragraphs 40 and 47 Receiving JavaScript parameters)
As per claim 8 Rajput teaches: 
The method of claim 1, wherein: 
the transaction requests are received from a purported browser of the client system; (see at least Rajput paragraphs 33, 39  Browser data is purported to be from a browser) and 
the result of the execution of the set of computer instructions indicates whether the transaction requests are received from the purported browser of the client system. (see at least Rajput paragraphs  39  “when the visitor's actions using the mouse and keyboard are found to be suspicious, or when the cookie capability and browser configuration are found to be highly suspicious.”  When executing a Captcha which would be such instructions it finds the browser configuration to be highly suspicious is such analysis.)
As per claim 11 Rajput teaches: 
The method of claim 1, further comprising: 
see at least Rajput paragraph 37  The visitors that are not blacklisted are being allowed to proceed because they are not having actions taken against them.)
As per claim 12 Rajput teaches: 
The method of claim 1, further comprising: 
calculating the specified threshold limits based on historical transaction data for the entity. (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits that suggest robot.)
As per claim 13 Rajput teaches: 
A system, comprising: 
a non-transitory memory; (see at least Rajput paragraph 12) and 
one or more hardware processors (see at least Rajput paragraph 12)
 coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising: 
analyzing online transaction traffic for an entity, the online transaction traffic being originated by a client system and containing identifiers for completing transactions with the entity;  (see at least Rajput abstract)
selecting, based on the determining, one or more sets of computer instructions for transmission to and execution on the client system; (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.)
sending the one or more sets of computer instructions to the client system;  (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.)
accessing a result of an execution of the one or more sets of computer instructions; (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.) and 
evaluating, based on the result of the execution, whether the client system used a machine-automated submission process to originate the online transaction traffic. (see at least Rajput paragraph 54  The Feedback regarding whether the user is human.)
While Rajput is not explicit about monitoring the rate of requests Shimoni teaches monitoring the rate of requests as indicating a problem when it exceeds a threshold.  (see at least Shimoni abstract)  Therefore it would have been obvious to a person of ordinary skill in the art of detecting attacks to monitor the rate of accesses something that could signal an attach since it is solving a known problem in a known way with an expectation of success.
As per claim 14 Rajput teaches: 
The system of claim 13, wherein the operations further comprise: 
facilitating the transactions in response to the evaluating indicating that the client system did not use the machine-automated submission process to originate the online see at least Rajput paragraph 37  The visitors that are not blacklisted are being allowed to proceed because they are not having actions taken against them.)
 or 
applying additional scrutiny to the online transaction traffic in response to the evaluating indicating that the client system used the machine-automated submission process to originate the online transaction traffic. (see at least Rajput paragraph 37 “select and start taking actions against visitors or a set of visitors which are suspected as bots. The actions include exhibiting/displaying a block page, exhibiting/displaying captcha, enforcing multi-factor authentication etc.”  captcha is Completely Automated Public Turing Test to tell Computers and Humans Apart.  Blocking access by displaying a block page would deny the transaction requests.)
As per claim 15 Rajput teaches:  
The system of claim 13, wherein the determining comprises determining, based on historical transaction data associated with the entity, that the volume of the transaction traffic exceeds a predefined limit. (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits that suggest robot the predetermined limit is probably zero.)
As per claim 19 Rajput teaches: 
A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising: 
receiving, from a transmitting client system, a plurality of transaction requests to conduct transactions with an entity, wherein the transaction requests each have a see at least Rajput abstract)
calculating one or more specified threshold limits based on historical transaction data for the entity; (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits that suggest robot.)
comparing the one or more characteristics against the one or more specified threshold limits; (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits than suggest robot.)
based on the comparing, assessing whether the one or more specified threshold limits are exceeded; (see at least Rajput paragraph 51  The bot detection component lists many things including “a past bot data component” which are all threshold limits that suggest robot.)
selecting, based on an assessment that at least a particular one of the one or more specified threshold limits is exceeded and that a particular specified threshold limit is exceeded, a set of computer instructions from different sets of computer instructions for execution on the client system; (see at least Rajput paragraph 54  The “Completely Automated Public Turing test” are such instructions being executed on the client machines to provide the data to be analyzed.)
receiving, from the client system, a result of an execution of the set of computer instructions; (see at least Rajput paragraph 54  The “Completely Automated Public 
determining, based on the result of the execution of the set of computer instructions, whether the plurality of transaction requests appear to have originated from a machine-automated submission process; (see at least Rajput paragraph 54  The Feedback regarding whether the user is human.)
in response to a determination that the transaction requests appear to have originated from the machine-automated submission process, performing an action selected from the group consisting of: 
applying a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), temporarily suspending the transaction requests, placing a limit on a monetary amount of the transaction requests, placing a limit on a number of transaction requests that can be processed for the entity within a predefined duration, and denying the transaction requests; (see at least Rajput paragraph 37 “select and start taking actions against visitors or a set of visitors which are suspected as bots. The actions include exhibiting/displaying a block page, exhibiting/displaying captcha, enforcing multi-factor authentication etc.”  captcha is Completely Automated Public Turing Test to tell Computers and Humans Apart.  All of the actions would help mitigate the risk of processing a transaction.)
wherein at least one of the receiving the plurality of the transaction requests, the analyzing, the comparing, the assessing, the selecting, the receiving the result of the execution, the determining, or the performing the action is performed via one or more electronic processors. (see at least Rajput paragraph 37 “select and start taking actions 
As per claim 20 Rajput teaches: 
The method of claim 19, wherein: 
the transaction requests are received from a purported web browser of the client system; (see at least Rajput paragraphs 33, 39  Browser data is purported to be from a browser) and 
the result of the execution of the set of computer instructions indicates whether the transaction requests are received from the purported browser or from a program that is emulating the purported browser. (see at least Rajput paragraphs  39  “when the visitor's actions using the mouse and keyboard are found to be suspicious, or when the cookie capability and browser configuration are found to be highly suspicious.”  When executing a Captcha which would be such instructions it finds the browser configuration to be highly suspicious is such analysis.)
Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Rajput et al. (USPG 2020/0099,713 A1) in view of Shimoni et al. (USPG 2010/0192,201 A1) and Shafet et al. USPG (2020/0110,874 A1). 
As per claims 9 and 18 while Rajput does not explicitly teach checking for such native functionality Shafet does have such a teaching.  (see at least Shafet abstract)  (Examiner’s note this reference is to another Paypal assignee case but there did not .
Claims 10, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Rajput et al. (USPG 2020/0099,713 A1) in view of Shimoni et al. (USPG 2010/0192,201 A1) and Bailey et al. (USPG 2017/0070,523 A1). 
As per claim 10 while Rajput is not explicit about analyzing the frequency of credit or debit card number frequency Bailey teaches such analysis.  (see at least Bailey paragraph 40  making several orders connected to one account using different credit cards is using the frequency of those cards as a flag that there is problem.)  Therefore it would have been obvious to a person of ordinary skill in the art at the time the invention was made since it is solving a known problem in a known way with an expectation of success.
As per claim 16 while Rajput is not explicit about analyzing the historical transaction data Bailey teaches such analysis.  (see at least Bailey paragraph 40  new account making several orders is using the lack of historical support for such behaviors working out.)  Therefore it would have been obvious to a person of ordinary skill in the art at the time the invention was made since it is solving a known problem in a known way with an expectation of success. 
As per claim 17 while Rajput is not explicit about analyzing the frequency of credit or debit card number frequency Bailey teaches such analysis.  (see at least Bailey paragraph 40  making several orders connected to one account using different credit .
Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant’s disclosure:
Zhang et al. USPG 2018/0077,179 A1
Baikalov USPG 2015/0067,850 A1
Any inquiry concerning this communication from the examiner should be directed to Scott S. Trotter, whose telephone number is 571-272-7366.  The examiner can normally be reached on 8:30 AM – 5:00 PM, M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Namrata Boveja, can be reached on 571-272-8205.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
The fax phone number for the organization where this application or proceeding is assigned are as follows:

(571) 273-8300	(Official Communications; including After Final Communications labeled “BOX AF”)
(571) 273-7366	(Draft Communications)

/SCOTT S TROTTER/Primary Examiner, Art Unit 3696