DETAILED ACTION

Status of Claims

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This action is in reply to the remarks/arguments for Application 16/932,788 filed on 19 July 2020.
Claims 1-20 are currently pending and have been examined.

Information Disclosure Statement
The Information Disclosure Statement filed 19 July 2020 has been considered. An initialed copy of the Form 1449 are enclosed herewith.

Claim Rejections - 35 USC § 101

35 U.S.C. 101 reads as follows:

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 

In the instant case, claim 1 is directed towards managing anti-fraud techniques associated with media service accounts and/or devices credentials suspected to be compromised. Claim 1 is directed to the abstract idea of using rules and/or instructions to mitigate user account and/or device fraud risk comprising the steps of merely identifying media service accounts suspected to be at risk for fraud, determining fraud suspicion values, identifying devices associated with an account that satisfies a risk criterion, predicting a likelihood of account takeover, detecting a triggering event, executing a validation or remediation procedure associated with an account suspected to be at risk for fraud, but for the recitation of generic computer components, which is grouped under the certain methods of organizing human activity – fundamental economic principles, practices or concepts; following set of instructions; commercial or legal interactions (marketing; sales activities or behaviors; business relations); managing personal behavior of relationships or interactions between people (including social activities, teachings, following rules or instructions) as well as mental processes – concepts performed in the human mind (including an observation, evaluation, judgment, opinion); key word is “reasonably” performed in the mind ((generic computer components do not preclude the claim from reciting an abstract idea) groupings, in prong one of step 2A (See 2019 Revised Patent Subject Matter Eligibility Guidance). 

Claim 1 recites: “… determining, for a plurality of media service accounts, corresponding fraud suspicion values based on a model; identifying a plurality of suspected accounts from the plurality of media service accounts based on the corresponding fraud suspicion values, wherein each of the plurality of suspect accounts has a corresponding fraud suspicion value that satisfies an account fraud detection criterion; identifying one or more devices associated with each of the plurality of suspected accounts, wherein each of the one or more devices is associated with a device risk value that satisfies a device risk criterion; predicting a likelihood of account takeover from each of the one or more devices associated with each of the suspected accounts; detecting a triggering event from a device of the one or more devices associated with an account; and executing at least one of a validation procedure or a remediation procedure in response to the triggering event and based on a trigger sensitivity value associated with the triggering event, a respective likelihood of account takeover from the device associated with the account, a respective device risk value associated with the device, and a respective fraud suspicion value associated with the account”. Accordingly, the claim recites an abstract idea (See 2019 Revised Patent Subject Matter Eligibility Guidance). Hence, claim 1 is not patent eligible.

This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A (See 2019 Revised Patent Subject Matter Eligibility Guidance), the additional elements of the claim such as a “device”, “processor”, “non-transitory memory”, represent the use of a computer as a tool to perform an abstract idea and/or does no more than generally link the abstract idea to a particular field of use. Therefore, the additional elements do not integrate the abstract idea into a practical application as they do no more than represent a computer performing functions that correspond to (i.e. automate) implement the acts of using rules and/or instructions to mitigate user account and/or device fraud risk.

When analyzed under step 2B (See 2019 Revised Patent Subject Matter Eligibility Guidance), the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception itself.  Viewed as a whole, the combination of elements recited in the claims merely describe the concept of using rules and/or instructions to mitigate user account and/or device fraud risk using computer technology. Therefore, the use of these additional elements does no more than employ a computer as a tool to automate and/or implement the abstract idea, which cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). 

Independent claim 14 recites substantially the same limitations as claim 1 above and is ineligible for the same reasons. The subject matter of claim 14 corresponds to the subject matter of claim 1 in terms of a device (e.g., manufacture). Therefore the reasoning provided for claim 1 applies to claim 14 accordingly.  

In the instant case, claim 15 is directed towards managing anti-fraud techniques associated with media service accounts and/or devices credentials suspected to be compromised. Claim 15 is directed to the abstract idea of using rules and/or instructions to mitigate user account and/or device fraud risk comprising the steps of merely identifying media service accounts suspected to be at risk for fraud, determining fraud suspicion values, identifying devices associated with an account that satisfies a risk criterion, predicting a likelihood of account takeover, detecting a triggering event, executing a validation or remediation procedure associated with an account suspected to be at risk for fraud, but for the recitation of generic computer components, which is grouped under the certain methods of organizing human activity – fundamental economic principles, practices or concepts; following set of instructions; commercial or legal interactions (marketing; sales activities or behaviors; business relations); managing personal behavior of relationships or interactions between people (including social activities, teachings, following rules or instructions) as well as mental processes – concepts performed in the human mind (including an observation, evaluation, judgment, opinion); key word is “reasonably” performed in the mind ((generic computer components do not preclude the claim from reciting an abstract idea) groupings, in prong one of step 2A (See 2019 Revised Patent Subject Matter Eligibility Guidance). 

Claim 15 recites: “… obtaining a trigger sensitivity value associated with a triggering event from one or more devices associated with one or more media service accounts; requesting from a model fraudulent classifications of the one or more media service accounts and the one or more devices associated with the one or more media service accounts, wherein the fraudulent classifications indicate a respective likelihood of account takeover from a respective device of the one or more devices, a respective device risk value associated with the respective device associated with a respective media service account of the one or more media service accounts, and a respective fraud suspicion value associated with the respective media service account; receiving from the model the fraudulent classifications of the one or more media service accounts and the one or more devices; and causing executing at least one of a validation procedure or a remediation procedure corresponding to the fraudulent classifications and the trigger sensitivity value”. Accordingly, the claim recites an abstract idea (See 2019 Revised Patent Subject Matter Eligibility Guidance). Hence, claim 1 is not patent eligible.

This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A (See 2019 Revised Patent Subject Matter Eligibility Guidance), the additional elements of the claim such as a “device”, “processor”, “non-transitory memory”, represent the use of a computer as a tool to perform an abstract idea and/or does no more than generally link the abstract idea to a particular field of use. Therefore, the additional elements do not integrate the abstract idea into a practical application as they do no more than represent a computer performing functions that correspond to (i.e. automate) implement the acts of using rules and/or instructions to mitigate user account and/or device fraud risk.

When analyzed under step 2B (See 2019 Revised Patent Subject Matter Eligibility Guidance), the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception itself.  Viewed as a whole, the combination of elements recited in the claims merely describe the concept of using rules and/or instructions to mitigate user account and/or device fraud risk using computer technology. Therefore, the use of these additional elements does no more than employ a computer as a tool to automate and/or implement the abstract idea, which cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). 

Independent claim 20 recites substantially the same limitations as claim 15 above and is ineligible for the same reasons. The subject matter of claim 20 corresponds to the subject matter of claim 15 in terms of a device (e.g., manufacture). Therefore the reasoning provided for claim 15 applies to claim 20 accordingly.  

Dependent claims 2-13 and 16-19 add further details and contain limitations that narrow the scope of the invention. However, these details do not result in significantly more than the abstract idea itself. As explained in the December 16, 2014 Interim Eligibility Guidance from the USPTO (in reference to the BuySAFE, Inc. v. Google, Inc. decision), further narrowing the details of an abstract idea does not change the § 101 analysis since a more narrow abstract idea does not make it any less abstract. 

Viewed individually and in combination, these additional elements do not provide meaningful limitations to transform the abstract idea such that the claims amount to significantly more than the abstraction itself.

Accordingly, the present pending claims are not patent eligible and are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.

Claim Rejections – 35 USC § 102  
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless -
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective Filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Priess et al., US 2015/0026027 (“Priess”).

Re Claim 1: Priess discloses a method comprising: 

at a device including a processor and a non-transitory memory: (¶¶[0009, 0114])

determining, for a plurality of media service accounts, corresponding fraud suspicion values based on a model; (¶¶[0055, 0303, 0868])

identifying a plurality of suspected accounts from the plurality of media service accounts based on the corresponding fraud suspicion values, wherein each of the plurality of suspect accounts has a corresponding fraud suspicion value that satisfies an account fraud detection criterion; (¶¶[0055, 0111, 0303, 0868])

identifying one or more devices associated with each of the plurality of suspected accounts, wherein each of the one or more devices is associated with a device risk value that satisfies a device risk criterion; (¶¶[0090, 0103, 0111, 0303, 0868])

predicting a likelihood of account takeover from each of the one or more devices associated with each of the suspected accounts; (¶¶[0062, 1195])

detecting a triggering event from a device of the one or more devices associated with an account; (¶¶[0068, 0703])

executing at least one of a validation procedure or a remediation procedure in response to the triggering event and based on a trigger sensitivity value associated with the triggering event, a respective likelihood of account takeover from the device associated with the account, a respective device risk value associated with the device, and a respective fraud suspicion value associated with the account.  (¶¶[1159-1160, 1162, 1195])

Re Claim 2:  Priess teaches the method of claim 1 as described above. Priess further discloses:

labeling a first set of accounts and a second set of accounts, wherein the first set of accounts has a first set of characteristics associated with known fraudulent accounts and the second set of accounts has a second set of characteristics associated with non-fraudulent accounts; (¶¶[0087, 0090, 0099, 0108, 0867, 1214])

extracting features from the first set of characteristics and the second set of characteristics; (¶¶[0087, 0090, 0099, 0108, 0867, 1214])

establishing the model using the features and the labeling of the first set of accounts and the second set of accounts.  (¶¶[0053, 0072-0073, 0098])

Re Claim 3:  Priess teaches the method of claim 2 as described above. Priess further discloses:

obtaining compromised accounts through intelligence; and identifying the known fraudulent accounts with account identifiers of the compromised accounts.  (¶¶[0118, 1059])

Re Claim 4:  Priess teaches the method of claim 2 as described above. Priess further discloses:

wherein extracting the features from the first set of characteristics and the second set of characteristics includes: establishing correlations among one or more of entities, users, and devices associated with the plurality of media service accounts; and 

determining the features based on the correlations.  

(¶¶[0595, 0867, 1197])

Re Claim 5:  Priess teaches the method of claim 2 as described above. Priess further discloses:

wherein extracting the features from the first set of characteristics and the second set of characteristics includes: identifying lack of correlations among one or more of entities, users, and devices associated with the plurality of media service accounts; and determining the features based on the lack of correlations, including number of media service accounts a respective device is associated with.  (¶¶[0595, 0867, 1197])

Re Claim 6:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein: the account fraud detection criterion includes a threshold that indicates a level of suspected fraudulent activity associated with a respective account; (¶¶[0103, 0136])

identifying the plurality of suspected accounts from the plurality of media service accounts includes: determining the corresponding fraud suspicion values of the plurality of suspected accounts based on characteristics of the plurality of suspected accounts and features in the model; comparing the corresponding fraud suspicion values with the threshold; (¶¶[0103, 0136])

classifying the plurality of suspected accounts as high risk in accordance with a determination that each of the plurality of suspected accounts has the corresponding fraud suspicion value above the threshold.  (FIG. 22: “Review all high risk alerts”)

Re Claim 7:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein: the device risk criterion includes a threshold that indicates a level of suspected fraudulent activity from a respective device with a respective account; (¶¶[0103, 0136])

identifying the one or more devices associated with each of the plurality of suspected accounts includes: obtaining a pre-fraudulent state of each of the one or more devices associated with each of the plurality of suspected accounts; (¶[0076])

calculating the device risk value for each of the one or more devices based on deviations of the characteristics of the one or more devices associated with each of the suspected accounts from the characteristics in the pre-fraudulent state, including changes in number of media service accounts a respective device is associated with; (¶¶[0076, 0083])

classifying the one or more devices as high risk in accordance with a determination that each of the one or more devices has the device risk value above the threshold.  (FIG. 22: “Review all high risk alerts”; ¶¶[0055, 0103])

Re Claim 8:  Priess teaches the method of claim 1 as described above. Priess further discloses:

grouping the one or more devices into one or more entities based on at least one of network or geographic locations from which media content is consumed; and determining features in the model based on the grouping.  (¶¶[0087, 0471])

Re Claim 9:  Priess teaches the method of claim 1 as described above. Priess further discloses:
wherein predicting the likelihood of account takeover for each of the one or more devices associated with each of the suspected accounts includes: identifying features in the model that indicate likelihoods of account takeover; (¶¶[0062, 1195])

predicting the likelihood of the account takeover for each of the one or more devices associated with each of the suspected fraudulent accounts based on activities on each of the one or more devices and the features.  (¶¶[0062, 0237, 0446, 1195])

Re Claim 10:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein detecting the triggering event from the device of the one or more devices associated with the account includes: obtaining past activities associated with the device and trigger sensitivity values associated with the past activities; 

detecting the triggering event as an anomaly based on the past activities; 

assigning the trigger sensitivity value associated with the triggering event based on characteristics of the triggering event, characteristics of the past activities, and the trigger sensitivity values associated with the past activities.  

(¶¶[0087, 0776, 1115, 1138])

Re Claim 11:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein executing the at least one of the validation procedure or the remediation procedure: permitting media service associated with the account from the device in accordance with a determination that the trigger sensitivity value, the respective likelihood of account takeover, the respective device risk value, and the respective fraud suspicion value associated with the account satisfy a first set of criteria.  (¶¶[0103, 0136, 1159-1160, 1162, 1195])

Re Claim 12:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein executing the at least one of the validation procedure or the remediation procedure: executing the validation procedure in accordance with a determination that the trigger sensitivity value, the respective likelihood of account takeover, the respective device risk value, and the respective fraud suspicion value satisfy a set of criteria; 

determining whether or not executing the validation procedure succeeds; 

executing the remediation procedure in accordance with a determination that executing the validation procedure succeeds; and 

executing a second remediation procedure in accordance with a determination that executing the validation procedure does not succeed.  

(¶¶[0055, 0111, 0303, 0697, 0868, 0902, 1159-1160, 1162, 1195])

Re Claim 13:  Priess teaches the method of claim 1 as described above. Priess further discloses:

wherein: the trigger sensitivity value, the respective likelihood of account takeover, the respective device risk value, and the respective fraud suspicion value satisfy a set of criteria indicating a high risk level of account takeover; and 

executing the at least one of the validation procedure or the remediation procedure includes ceasing media service to the device associated with the account.  

(¶¶[0055, 0111, 0303, 0697, 0868, 0902, 1159-1160, 1162, 1195])

Re Claim 14:  Claim 14, as best understood by the Examiner, encompasses the same or substantially the same scope as claim 1. Accordingly, claim 14 is rejected in the same or substantially the same manner as claim 1.

Re Claim 15:  Priess discloses a method comprising: 

at a device including a processor and a non-transitory memory: (¶¶[0009, 0114])

obtaining a trigger sensitivity value associated with a triggering event from one or more devices associated with one or more media service accounts; (¶¶[1159-1160, 1162, 1195])

requesting from a model fraudulent classifications of the one or more media service accounts and the one or more devices associated with the one or more media service accounts, (¶¶[0595, 0867, 1197])

wherein the fraudulent classifications indicate a respective likelihood of account takeover from a respective device of the one or more devices, a respective device risk value associated with the respective device associated with a respective media service account of the one or more media service accounts, and a respective fraud suspicion value associated with the respective media service account; (¶¶[0062, 1195])

receiving from the model the fraudulent classifications of the one or more media service accounts and the one or more devices; (FIG. 22: “Review all high risk alerts”; ¶¶[0055, 0103])

causing executing at least one of a validation procedure or a remediation procedure corresponding to the fraudulent classifications and the trigger sensitivity value.  (¶¶[1159-1160, 1162, 1195])

Re Claim 16:  Priess teaches the method of claim 15 as described above. Priess further discloses:

detecting the triggering event as an anomaly based on past activities; (¶¶[1159-1160, 1162, 1195])

assigning the trigger sensitivity value based on one or more of characteristics of the triggering event, characteristics of the past activities, characteristics of known triggering events, and trigger sensitivity values associated with the known triggering events.  (¶¶[1159-1160, 1162, 1195])

Re Claim 17:  Priess teaches the method of claim 15 as described above. Priess further discloses:

training the model using known fraudulent accounts and non-fraudulent accounts, wherein the model includes features and labels; (¶¶[0010, 0051])

causing the model to classify a plurality of media service accounts as high risk or low risk based on characteristics of the one or more media service accounts and features in the model, wherein the model associates each high risk account with a fraud suspicion value that satisfies an account fraud detection criterion; (¶¶[0062, 1195])

causing the model to classify a device associated with a high risk account as high risk or low risk based on characteristics of the device and features in the model, wherein the model associates each high risk device with a device risk value that satisfies a device risk criterion; (FIG. 22: “Review all high risk alerts”; ¶¶[0055, 0103])

causing the model to predict a likelihood of account takeover from a high risk device associated with a high risk account.  (¶¶[0062, 1195])

Re Claim 18:  Priess teaches the method of claim 17 as described above. Priess further discloses:

updating the features and the labels based on period data, wherein the period data includes one or more of results from executing the at least one of the validation procedure or the remediation procedure, account data, device data, and intelligence data.  (¶¶[0060, 0070, 0076, 0085])

Re Claim 19:  Priess teaches the method of claim 17 as described above. Priess further discloses:

updating one or more of trigger sensitivity values associated with a plurality of triggering events and updating one or more policies associated with the at least one of the validation procedure or the remediation procedure based on the features and the labels.  (¶¶[0060, 0070, 0076, 0085])

Re Claim 20:  Claim 20, as best understood by the Examiner, encompasses the same or substantially the same scope as claim 15. Accordingly, claim 20 is rejected in the same or substantially the same manner as claim 15.


Conclusion

Claims 1-20 are rejected.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Clifford Madamba whose telephone number is 571-270-1239. The examiner can normally be reached on Mon-Thu 7:30-5:00 EST Alternate Fridays.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Calvin Hewitt II, can be reached at 571-272-6709. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/CLIFFORD B MADAMBA/Primary Examiner, Art Unit 3692