Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
                                                      DETAILED ACTION
1.	This office action is in response to an amendment received on 12/16/21 for patent application 17/017,829.
2.	Claims 1-2, 4, 7-9 ,11, 14-16, 18, 20 are amended.
3.	Claims 5, 12 are cancelled.
4.	Claims 1-4, 6-11, 13-20 are pending.

                                           RESPONSE TO ARGUMENTS

Applicant argues#1
 Claim Rejection under 35 U.S.C. § 112
Claims 4 and 11 were rejected under 35 U.S.C. § 112(b) as allegedly being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention. Applicant respectfully traverses the rejection for the following reasons.
The Office asserted that there is a mismatch between “at least one of the IP address, the device identification, and the account identification” and “and in response to determining that none of the IP address, the device identification, and the account identification are on the suspicious user list” because the “second step...requires all of the elements to be on the suspicious user list.”!

Examiner Response
The 35 USC 112(b) rejections for claims 4&11 are hereby withdrawn.

Applicant argues#2
IV. Claim Rejections under 35 U.S.C. § 102 and 35 U.S.C. § 103
Applicant respectfully traverses the rejections for the following reasons. The cited references, alone or in any combination, fail to disclose or suggest all of the features of the amended claims, and provide no apparent reason for modification to include such features.

Applicant respectfully disagrees. As discussed during the Examiner interview, paragraph [0050] of Douglas teaches alerting a user to a transaction that is outside of the user’s scope of transaction indicating the transaction may be fraudulent. In other words, paragraph [0050] of Douglas teaches reacting to an existing transaction that has already occurred.

Therefore, paragraph [0050] of Douglas fails to disclose or suggest at least “determine whether a successful purchase for an account associated with the electronic transaction has been completed within a past predetermined time period, in response to determining that no successful purchases for the account have been completed within the past predetermined time period, trigger a fraud detection rule to be completed successfully in order to permit the electronic transaction, in response to determining that at least one successful purchase for the account has been completed within the past predetermined time period, determine whether the electronic transaction was initiated by a known user,” as recited by amended claim 1 including the subject matter of claim 5. Thus, the combination of Kolkowitz and Douglas fails to establish a prima facie of obviousness with respect to amended claim 1 because Kolkowitz and Douglas, alone or in any combination, fail to disclose or suggest all of the features of amended claim 1, and provide no apparent reason for modification to include such features.For at least these reasons, claim 1 is patentable under 35 U.S.C. § 102(a)(1). Independent claims 8 and 15 have been amended to recite features that are similar to the features of amended claim 1. Therefore, claims 8 and 15 are respectively distinct from Kolkowitz for at least the reasons provided above with respect to amended claim 1, although each claim should be considered according to their particular recitations. The dependent claims, i.e., claims 2, 4, 9, 11, and 16 are respectively distinct from Kolkowitz by their incorporation 
Accordingly, Applicant respectfully requests reconsideration and withdrawal of the rejection of claims 1, 2, 4, 8, 9, 11, 15, and 16 under 35 U.S.C. § 102(a)(1) as allegedly being anticipated by Kolkowitz. Likewise, Applicant respectfully requests reconsideration and withdrawal of the rejections of claims 3, 6, 10, 13, 17, and 19 under 35 U.S.C. § 103.
Examiner Response
The section 102 and 103 rejections are hereby withdrawn.

Applicant argues#3
Amended claim 1 recites an improvement in the efficiency of entering certain transaction information when qualified as a known user. Specifically, the recitations “in response to determining that no successful purchases for the account have been completed within the past predetermined time period, trigger a fraud detection rule to be completed successfully in order to permit the electronic transaction,” “in response to determining that at least one successful purchase for the account has been completed within the past predetermined time period, determine whether the electronic transaction was initiated by a known user,” and “in response to determining that the electronic transaction was initiated by the known user, permitting, with the server, the electronic transaction” in amended 1 represent the improvement. Moreover, the improvement is supported by at least paragraph [0004] of Applicant’s corresponding pre-grant Publication No. 2021/0081949, which states “[b]y qualifying as a known user, greater efficiencies can result by, for example, not having to reenter certain information ( e.g., a card verification value ["CVV"]) for each operation.”
In view of the foregoing, the above-noted features are an improvement over the conventional rule-based fraud detection techniques as evidenced at paragraph [0003] of Applicant’s corresponding pre-grant Publication No. 2021/0081949 for the reasons provided by at least paragraph [0004] of Applicant’s corresponding pre-grant Publication No. 2021/0081949. Therefore, Applicant respectfully submits that the amendments to claim 1 render the Office’s ineligibility rejection of claim 1 to be moot because amended claim 1 includes an improvement over the conventional rule-based fraud detection techniques, and consequently, integrated into a practical application.
For at least these reasons, claim 1 is patentable under 35 U.S.C. § 101. Independent claims 8 and 15 have been amended to recite features that are similar to the features of amended claim 1. Therefore, Applicant respectfully submits that the amendments to claims 8 and 15 render the Office’s ineligibility rejection of claims 8 and 15 to be moot for at least the reasons provided above with respect to amended claim 1
Examiner Response
Examiner respectfully disagrees.
The limitations, (“in response to determining that no successful purchases for the account have been completed within the past predetermined time period, trigger a fraud detection rule to be completed successfully in order to permit the electronic transaction,” “in response to determining that at least one successful purchase for the account has been completed within the past predetermined time period, determine whether the electronic transaction was initiated by a known user,” and “in response to determining that the electronic transaction was initiated by the known user, permitting, with the server, the electronic transaction”) are part of the identified abstract idea.
The server is recited at a high level of generality and is being used as tool to implement the identified abstract idea.

Applicant is pointed to the October 2019 update, which states on page 13:
During examination, the examiner should analyze the “improvements” consideration by evaluating the specification and the claims to ensure that a technical explanation of the asserted improvement is present in the specification, and that the claim reflects the asserted improvement.
Now turning to the instant specification, paras 3, 4, 10, 17 is reproduced below:

[0003] Identifying known users associated with an initiated transaction is currently achieved using a rule-based solution. Such rule-based solutions utilize score bands, success, fraud lists, and endpoints (e.g., IP address) to identify a known user. Threshold values can be used to trigger the rules, and the threshold values can be manually adjusted to modify system performance.
 [0004] By qualifying as a known user, greater efficiencies can result by, for example, not having to reenter certain information (e.g., a card verification value [“CVV”]) for each operation. If the entity who initiated a transaction does not qualify as known, that entity can be required to enter a valid CVV as part of an identification process to avoid false operations.
 [0010] In addition, it should be understood that embodiments may include hardware, software, and electronic components or modules that, for purposes of discussion, may be illustrated and described as if the majority of the components were implemented solely in hardware. However, one of ordinary skill in the art, and based on a reading of this detailed description, would recognize that, in at least one embodiment, the electronic-based aspects may be implemented in software (e.g., stored on non-transitory computer-readable medium) executable by one or more processing units, such as a microprocessor and/or application specific integrated circuits (“ASICs”). As such, it should be noted that a plurality of hardware and software based devices, as well as a plurality of different structural components, may be utilized to implement the embodiments. For example, “servers,” “computing devices,” “controllers,” “processors,” etc., described in the specification can include one or more processing units, one or more computer-readable medium modules, one or more input/output interfaces, and various connections (e.g., a system bus) connecting the components. Similarly, aspects herein that are described as implemented in software can, as recognized by one of ordinary skill in the art, be implemented in various forms of hardware.

[0017] Embodiments described herein provide systems, methods, devices, and computer readable media for determining whether a transaction was initiated by a known user. FIG. 1 illustrates a fraud detection system 100. The system 100 includes a plurality of client-side devices 105-125, a network 130, a first server-side mainframe computer or server 135, a second server-side mainframe computer or server 140, a database 145, and a server-side user interface 150 (e.g., a workstation). The plurality of client-side devices 105-125 include, for example, a personal, desktop computer 105, a laptop computer 110, a tablet computer 115, a personal digital assistant (“PDA”) (e.g., an iPod touch, an e-reader, etc.) 120, and a mobile phone (e.g., a smart phone) 125. Each of the devices 105-125 is configured to communicatively connect to the server 135 or the server 140 through the network 130 and provide information to the server 135 or server 140 related to, for example, a transaction, a requested webpage, etc. Each of the devices 105-125 can request a webpage associated with a particular domain name, can attempt to login to an online service, can initiate a transaction, etc. The data sent to and received by visitors of a website will be generally referred to herein as client web traffic data. In the system 100 of FIG. 1, the server 135 represents a client server that is hosting a client website. Client web traffic data is produced as the devices 105-125 request access to webpages hosted by the server 135 or attempt to complete a transaction. The server 140 is connected to the server 135 and is configured to log and/or analyze the client web traffic data for the server 135. In some embodiments, the server 140 both hosts the client website and is configured to log and analyze the client web traffic data associated with the client website. In some embodiments, the server 140 is configured to store the logged client web traffic data in the database 145 for future retrieval and analysis. The workstation 150 can be used, for example, by an analyst to manually review and assess the logged client web traffic data, generate fraud detection rules, update fraud detection rules, etc. The logged client web traffic data includes a variety of attributes related to the devices interacting with the client website. For example, the attributes of the devices 105-125 include, among other things, IP address, user agent, operating system, browser, device ID, account ID, country of origin, time of day, etc. Attribute information received from the devices 105-125 at the server 135 can also be stored in the database 145.

It can be seen from the instant specification that there is no technical explanation of the asserted improvement (rule based fraud detection) and reflected in the claims. The additional elements (the database and server) are computing components that are recited at a high level of generality, and as such are being used as a tool to implement the identified abstract idea. Therefore there are no additional elements in the claims that are indicative of integration into a practical application. 
The rejection is maintained.



Applicant argues#4
 Lastly, Applicant respectfully submits that the dependent claims, 1.e., claims 2—4, 6, 7, 9-11, 13, 14, and 16-20 are patent eligible by their incorporation of the features of their respective base claims, as well as for their separately recited patentably distinct features.    For at least the reasons above, claims 1—4, 6—11, and 13-20 are patentable under 35 U.S.C. § 101. Accordingly, Applicant respectfully requests reconsideration and withdrawal of the rejection of claims 1-4, 6-11, and 13-20 under 35 U.S.C. § 101 as allegedly being directed to an abstract idea without significantly more.
Examiner Response
Examiner respectfully disagrees.
This argument has been addressed above with respect to claim 1, see the Response to Applicant argues#3 above.
The rejection is maintained.


                                    Claim Rejections- 35 U.S.C § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
6. Claims 1-4, 6-11, 13-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
The claims are either directed to a system, method, and computer readable medium which are one of the statutory categories of invention. (Step 1: YES).
Representative, claim 1 recites the limitations of:  
          A fraud detection system comprising: a database; and a server connected to the database, the server including an electronic processor and memory, the server configured to:
receive a fraud analysis request related to an electronic transaction, the electronic transaction including an associated plurality of features; 
determine whether a successful purchase for an account associated with  the electronic transaction has been completed within a past predetermined time period,
 in response to determining that no successful purchases for the account have been completed within the past predetermined time period, trigger a fraud protection rule to be completed successfully in order to permit the electronic transaction,
in response to determining that at least one successful purchase for the account has been completed within the past predetermined time period, determine whether the electronic transaction was initiated by a known user,
 wherein, to determine whether the electronic transaction was initiated by the known user, the server is configured to:
 determine values for the associated plurality of features,
 apply a weighted coefficient to each of the values of the associated plurality of features, the weighted coefficients related to an influence that each respective feature has on the electronic transaction potentially being a fraudulent transaction, 
determine a fraud prediction value based on the values of the associated plurality of features and the weighted coefficients,
 compare the fraud prediction value to a threshold value, and 
identify a user who initiated the electronic transaction as the known user when the fraud prediction value is less than the threshold value and
in response to determining that the electronic transaction was initiated by the known user, permit the electronic transaction.
These limitations, under their broadest reasonable interpretation, cover performance of the limitation as certain methods of organizing human activity.
The claim recites elements that are in bold above, which covers performance of the limitation as a commercial interaction (steps for determining fraud in an electronic transaction),  (e.g., receive a fraud analysis request related to an electronic transaction, the electronic transaction including an associated plurality of features;  determine whether a successful purchase for an account associated with  the electronic transaction has been completed within a past predetermined time period,  in response to determining that no successful purchases for the account have been completed within the past predetermined time period, trigger a fraud protection rule to be completed successfully in order to permit the electronic transaction,in response to determining that at least one successful purchase for the account has been completed within the past predetermined time period,         determine whether the electronic transaction was initiated by a known user, 
 wherein, to determine whether the electronic transaction was initiated by the known user,  determine values for the associated plurality of features,
 apply a weighted coefficient to each of the values of the associated plurality of features, the weighted coefficients related to an influence that each respective feature has on the electronic transaction potentially being a fraudulent transaction,  determine a fraud prediction value based on the values of the associated plurality of features and the weighted coefficients, compare the fraud prediction value to a threshold value, and identify a user who initiated the electronic transaction as the known user when the fraud prediction value is less than the threshold value and in response to determining that the electronic transaction was initiated by the known user, permit the electronic transaction).
If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation as a commercial interaction then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, claim 1 recites an abstract idea.
Claims 8&15 are also abstract for similar reasons.
 (Step 2A-Prong 1: YES. The claims are abstract)
This judicial exception is not integrated into a practical application. Limitations that are not indicative of integration into a practical application include: (1) Adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea (MPEP 2106.05.f), (2) Adding insignificant extra solution activity to the judicial exception (MPEP 2106.05.g), (3) Generally linking the use of the judicial exception to a particular technological environment or field of use (MPEP 2106.05.h). 
Claim 1 includes the following additional elements:
A database, a server connected to the database, the server including an electronic processor and a memory. 
The database, and the server including an electronic processor and memory are recited at a high level of generality and being used in its ordinary capacity and are being used as a tool for implementing the steps of the identified abstract idea, see MPEP 2106.05(f), where applying a computer or using a computer as a tool to perform the abstract idea is not indicative of a practical application.
Accordingly, these additional elements, when considered separately and as an ordered combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Therefore claims 1, 8, 15 are directed to an abstract idea without a practical application. (Step 2A-Prong 2: NO. The additional claimed elements are not integrated into a practical application)
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when considered separately and as an ordered combination, they do not add significantly more (also known as an “inventive concept”) to the exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using computer hardware amounts to no more than generally linking the use of the judicial exception to a particular technological environment or field of use. Generally linking the use of the judicial exception to a particular technological environment or field of use, with the use of generic computer components, cannot provide an inventive concept - rendering the claim patent ineligible. Thus claims 1, 8, 15 are not patent eligible. (Step 2B: NO. The claims do not provide significantly more)
Dependent claims 2-7, 9-14, 16-20 which further define the abstract idea that is present in their respective independent claims 1, 8, 15 and thus correspond to Certain Methods of Organizing Human Activity and hence are abstract for the reasons presented above. The dependent claims do not include any additional elements that integrate the abstract idea into a practical application or are sufficient to amount to significantly more than the judicial exception when considered both individually and as an ordered combination. Therefore, the dependent claims 2-7, 9-14, 16-20 are directed to an abstract idea. Thus, claims 1-20 are not patent-eligible.
                             

                                         
No Prior Art Rejections
None of the prior art teaches, renders obvious the limitations of claim 1: 
“determine whether a successful purchase for an account associated with the electronic              transaction has been completed within a past predetermined time period, in response to              determining that no successful purchases for the account have been completed within the past    predetermined time period, trigger a fraud detection rule to be completed successfully in order   to permit the electronic transaction, in response to determining that at least one successful         purchase for the account has been completed within the past predetermined time period,             determine  whether the electronic transaction was initiated by a known user”

The closest prior art of record:
US 2010/0293094 to Kolkowitz et al, discloses, “Systems and methods for assessing and authenticating transactions are disclosed. Some exemplary embodiments may authenticate transactions based at least in part on a comparison of a newly obtained electronic signature associated with a user with a previously obtained electronic signature associated with the user, where a payment instrument presented for use in the transaction is also associated with the user. Exemplary electronic signatures may comprise any information which may identify the user, such as browser fingerprints, computer fingerprints, IP addresses, geographic IP location information, information associated with a payment, and/or a typing patterns.

US 2015/0193775 to Douglas et al, discloses, “Systems and methods are provided for providing alerts to a user. The systems and methods may include a financial service provider including a memory device storing instructions. The financial service provider may also include at least one processor configured to execute the instructions to perform a plurality of operations. The operations may include receiving data relating to an activity of a user. The operations may also include identifying a merchant based at least on the received data. The operations may also include accessing historical fraud or disputes data associated with at least one of the user and the merchant. The operations may also include determining whether the received data triggers an alert. The operations may further include sending an alert message to a user device associated with the user when the processor determines that the received data triggers the alert.

US 2018/0211256 to Anson et al,  “A trusted transaction signal is passed from a merchant to an account provider. A merchant receives a payment account association with a transaction between a customer and the merchant, and determines a level of risk for the transaction. If the customer is unknown to the merchant, the trust level is determined to be a default trust level. If the customer is known to the merchant, then a risk assessment determines whether the trust level is the default trust level, or a second, greater, trust level. A transaction notification is sent to the account provider. When the trust level is the default level, the notification includes a merchant ID that identifies the merchant and signifies the default trust level for the transaction. When the trust level is the greater level, the notification includes a different merchant ID that also identifies the merchant, but represents the second trust level for the transaction.



                                                           CONCLUSION
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD Z SHAIKH whose telephone number is (571)270-3444. The examiner can normally be reached M-T, 9-600; Fri, 8-11, 3-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, BENNETT SIGMOND can be reached on 303-297-4411. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD Z SHAIKH/Primary Examiner, Art Unit 3694                                                                                                                                                                                                        3/3/2022