DETAILED ACTION

Examiner’s Note
	The previous office action mailed 07/05/2022 has been vacated and replaced with the current office action, to include the examination of claims 24 and 25. 

Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/22/2022 has been entered.
 
Response to Arguments
	Applicant’s arguments have been carefully considered.  Applicant’s arguments regarding the 112 1st rejection has been carefully considered and is persuasive.  The 112 1st rejection has been withdrawn.
	Applicant’s arguments regarding the 103 rejection have been carefully considered and are not deemed persuasive.
	Applicant argues that Rubenstein fails to disclose or suggest "generating an alert".  Applicant argues that Rubenstein only teaches  that the authentication module may further investigate the flagged user, wherein the flagged user is a potentially fake profile.  Investigation of a flagged user is different from generating an alert based on two different calculated scores, and Rubenstein makes no explicit reference to an alert.  

The examiner respectfully disagrees.  Rubenstein teaches calculating a score and flagging a user based on that score (for a potentially fake profile).  Rubenstein teaches that there may be further investigation based on that score.  Rubenstein teaches that this prevents users from luring unsuspecting fans to harmful websites - see [0053].  Therefore, it is implied that some sort of alert would be presented to users that a profile is fake.  Either to the owner of the profile, to other users (since the intention is to build trust between connections), or to people managing the monitoring program.  It is highly likely that some type of alert would be intrinsic to the system of Rubenstein.  In addition, alerts are notoriously well known in the art to inform users of potential dangers in computing systems, and an alert does not distinguish the applicant's claimed invention over the prior art.  
	Applicant argues, in response to this (from Advisory action), that the Examiner is relying on inherency.  The examiner notes that inherency is not being relied upon here.  However, the Examiner notes that alerts were notoriously well known in the art.  There is an implication of an alert in Rubenstein, or this would have at least been obvious to the skilled artisan, as alerts are a simple, extremely well-known step that the skilled artisan has at their disposal, to notify users of what is happening, especially if it is a type of security alert (as is the case in Rubenstein).  Merely adding an alert does not make the claim patentable.  Applicant states that it would not be necessary to issue an alert in the event that the non-authenticated user is being prevented from presenting themselves as a public figure.  The Examiner notes that even if it is not necessary, it is still obvious, well-known, and within the skill set of the skilled artisan to include if they desire.
Applicant further argues that Rubenstein teaches away from the modification of Rubenstein based on Dhillon.  Applicant argues that Rubenstein teaches away from modifying Rubenstein by using financial behavioral patterns to determine a second score, in order to calculate trust/risk more accurately and that these modification would result in more security.  Rubenstein teaches "calculating user confidence scores can be an expensive process in terms of computational power and computational time" and "caching the confidence scores helps to prevent the social networking system from overloading in case a large number of authentication requests are received in a short period of time."  The proposed modification of Rubenstein with Dhillon would result in additional user-performed steps in conflict with Rubenstein's emphases on improving the social networking system's capacity to handle authentication requests.

The examiner respectfully disagrees.  Rubenstein teaches advantages of caching confidence scores, but does not specifically say that other factors cannot or should not be included in the confidence scores.  Additional data could be used, for example, when there are not a large number of authentication requests and the system is not overloaded.  It would be reasonable to provide additional scoring for enhanced security in certain situations.  Therefore, Rubenstein does not teach away from the combination.
Applicant responds to the Examiner’s response, which was in the Advisory action, that the Examiner’s response is speculative rationale which is insufficient to rebut Applicant’s remarks pertaining to teaching away.  The Examiner respectfully disagrees, and stands by the position stated above.
Applicant further argues that the office action has not presented any motivation or rationale for generating an alert based on the first score and the second score.  
The examiner respectfully disagrees.  Clearly, based on applicant's specification, the alert is for the purpose of determining a risk of fraud.  Rubenstein's first score and Dhillon's second score, are both used for determining fraud.  The alert would obviously rely on both scores since both scores are contributing to a fraud risk.  This is intrinsic to the combination of references.  The scores both contribute to the risk of fraud and therefore, including both scores in the alert would make the alert more accurate to a risk of fraud.  It must be remembered that the references are relied upon in combination and are not meant to be considered separately as in a vacuum.  It is the combination of all of the cited and relied upon references which make up the state of the art with regard to the claimed invention.  Applicant's claimed invention fails to patentably distinguish over the state of the art represented by the references.

	Applicant’s arguments regarding the Zises reference not reading on the claim limitation added to the independent claims has been carefully considered and is deemed moot in view of the new grounds of rejection presented below.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claims 2, 3, 5, 8-12, 14, 15, 18, 19, and 23 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Rubenstein et al. (US 2014/0196110) in view of Dhillon et al. (US 2013/0227700), and further in view of Zises (US 2013/0311315), and further in view of Ocko et al. (US 2016/0250557).
Regarding claims 2, 14, and 18, Rubenstein teaches a method (and corresponding system and medium), comprising:
Identifying at least one of profile data of the first user account or a social connection between the first user account and a second user account from the plurality of user accounts (Module retrieves data stored in user profile objects and connection objects) – see [0026].
Calculating, via the processor, a first score based on the at least one of: the profile data of the first user account, or the social connection between the first user account and the second user account (The confidence module computes user confidence score based on user connections associated with the user in the social networking system.  Also, user profile information may be authenticated and used to verify that a user account is the real public personal of a public figure.  Confidence score is stored in user profile object) – see [0026], [0027], [0030], [0031], and [0047].
Generating, via the processor, an alert based on the first score and causing presentation of the alert via at least one of a mobile application or a web based application  (User is flagged, low confidence score represents estimate of whether the target user is a real public figure and may warrant further investigation, prevents users from luring unsuspecting fans to harmful websites (note that this indicates some type of alert of low confidence score and mobile or web based applications are notoriously well known in the art)) – see [0047], [0052], and [0053].
Rubenstein does not teach calculating a second score based on a financial behavioral pattern.
Dhillon teaches calculating a dynamic trust score for evaluating online relationships.  Financial records may be put into an identity database and a trust score is calculated – see abstract, [0020] and [0021].
It would have been obvious to one of ordinary skill in the art at the time the invention was made, to modify the teachings of Rubenstein by using financial behavioral patterns to determine a second score, in order to calculate trust/risk more accurately, based upon the beneficial teachings provided by Dhillon.  These modifications would result in a more security.
Rubenstein and Dhillon do not teach scanning, via a processor, a profile of a social network to identify the information, or monitoring the first user account via an API of the social network.
Zises teaches a determination module that may crawl through (i.e., scan) all the data, metadata, and information associated with a user’s publicly accessible and private profile page.  This is to access the social media identity information user profile information regarding the registered user from information available in the user’s social profile.  The data from the profile is then analyzed.  Any publically available social media identity information regarding the user may be obtained from other social media or online sources as well. Social media platforms may expose social media identity information in some sort of application programming interface (API) that is accessible by the system. Thus, the system may retrieve or be fed user profile information of the user profile pages from application programming interfaces (APIs) that are exposed by the respective social medial platforms – see [0048] and [0049].
  It would have been obvious to one of ordinary skill in the art at the time the invention was made, to modify the teachings of Rubenstein and Dhillon by scanning the user profile in order to identify and analyze profile data, based upon the beneficial teachings provided by Zises.  These modifications would result in more accurately identifying relevant information.
Rubenstein, Dhillon, and Zises do not teach that the API is used to detect an abnormal usage pattern.
Ocko teaches detecting suspicious behavior (i.e., abnormal usage pattern) by retrieving social network activity of a user over a social networking API - see claim 1.
  It would have been obvious to one of ordinary skill in the art at the time the invention was made, to modify the teachings of Rubenstein, Dhillon, and Zises by using the social media API to detect abnormal usage patterns, in order to detect suspicious behavior, based upon the beneficial teachings provided by Ocko.  These modifications would result in better security for the system.

Regarding claims 3, 15, and 19, Rubenstein further teaches that the calculating the first score is based on the profile data of the first user account from the plurality of accounts, the profile data including at least one of…user contact information (home address, phone number from profile) – see [0030], for example.

Regarding claim 5, Rubinstein teaches checking an identity of one or more user accounts making a post to distinguish between a post by the first user account and a post by at least a second user account connected to the first user (Identities of trusted agents are established to distinguish between real and fake public persona) - see [0029], for example.

Regarding claim 8, Rubinstein teaches calculating the connections score includes processing data associated with connections formed between the first use account and at least one account associated with a friend – see [0005], [0006], and [0031], for example.

Regarding claims 9 and 11, Rubenstein/Dhillon suggest communicating one alert to a user account in association with at least one of the calculated scores and communicating at least one of the first score or the second score to a computing device of an enterprise using an application program interface (Rubenstein teaches that user is flagged, low confidence score represents estimate of whether the target user is a real public figure and may warrant further investigation, prevents users from luring unsuspecting fans to harmful websites (note that this indicates some type of alert of low confidence score – see [0047], [0052], and [0053].  Dhillon further teaches sending a trust score to the online service (i.e., enterprise) when the trust score affects a client of the first user – see figure 3, 330).

Regarding claim 10, Dhillon teaches that calculating the second score includes combining data  associated with at least one transaction involving the first user account or the second user account (Financial records/transaction, and other data such as phone numbers, school registrations, etc. combined into database which is used to generate trust score) - see [0010], [0020], [0021], and [0024].

Regarding claim 12, the combination of Rubenstein and Dhillon teaches generating an alert based on a first score based on a connection or profile data, and a second score based on financial behavior patterns (see above).  Therefore, the skilled artisan would recognize that since profile data, connection data, and financial patterns are analyzed, it would be beneficial to calculate scores for both the financial patterns of the first and second devices (since data relating to both the profile and its connections are looked at).  

Regarding claim 23, Rubenstein further teaches periodically recalculating the first score in response to detected activity of the social network (Confidence update module updates a user confidence score based on triggering events such as new friends, etc.) – see [0040].

Claims 4, 16, and 20 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Rubenstein et al. (US 2014/0196110) in view of Dhillon et al. (US 2013/0227700), in view of Zises (US 2013/0311315), and further in view of Ocko et al. (US 2016/0250557), and further in view of Raviv (US 2012/0297477).
The teachings of Rubinstein, Dhillon, Zises, and Ocko are relied upon for the reasons set forth above.
Regarding claims 4, 16, and 20, Rubinstein teaches that the confidence score can be based on whether a user rarely has his posts liked or commented - see [0044], for example.
Rubenstein, Dhillon, Zises, and Ocko do not explicitly teach calculating the score based on frequency of posting.
Raviv teaches a method that detects hijacking in a social network, and monitors activity of the user by monitor the frequency of which a user post links to particular types of sites - see [0013], [0059], and [0065].
It would have been obvious at the time the invention was made to modify the teachings of Rubinstein, Dhillon, Zises, and Ocko by calculating a score based on frequency of posting, for the purpose if a profile has been hijacked (i.e., is authentic), based on the beneficial teachings provided by Raviv.  This would increase security in social networks.

Claim 6 is rejected under pre-AIA  35 U.S.C. 103(a) as obvious over Rubinstein et al. (US 2014/0196110) in view of Dhillon et al. (US 2013/0227700), further in view of Zises (US 2013/0311315), further in view of Ocko et al. (US 2016/0250557), and further in view of Fire et al. (US 2014/0150109).
The teachings of Rubinstein, Dhillon, Zises, and Ocko are relied upon for the reasons set forth above.
Regarding claim 6, Rubinstein, Dhillon, Zises, and Ocko do not teach processing at least one attribute of at least one application installed on at least the first user account.
Fire teaches a method of protecting user privacy in social networks wherein persons are notified of applications installed on a personal network profile that may impose a threat to his privacy (i.e., spam) which may indicate a fake profile – see [0039], for example
It would have been obvious at the time the invention was made to modify the teachings of Rubinstein, Dhillon, Zises, and Ocko by processing attributes of applications installed on the user account, for the purpose of protecting privacy and identifying fake profiles, based on the beneficial teachings provided by Fire.  This would increase security in social networks.

Claim 7 is rejected under pre-AIA  35 U.S.C. 103(a) as obvious over Rubinstein et al. (US 2014/0196110) in view of Dhillon et al. (US 2013/0227700), in view of Zises (US 2013/0311315), further in view of Ocko et al. (US 2016/0250557), and further in view of De et al. (US 8,225,413)
The teachings of Rubinstein, Dhillon, Zises, and Ocko are relied upon for the reasons set forth above.
Regarding claim 7, Rubinstein, Dhillon, Zises, and Ocko do not teach calculating the user score comprises comparing at least a portion of the profile data of the first user account of the first user account to multiple reference profile models associated with multiple networks.
De teaches a method where a user’s profile is compared to another profile in order to detect an impersonator on a social network - see abstract, for example.  Please note that using multiple models would be obvious for the purpose of increasing security by having more data to compare.
It would have been obvious at the time the invention was made to modify the teachings of Rubinstein, Dhillon, Zises, and Ocko by comparing profile with fake profiles, for the purpose of protecting privacy and identifying fake profiles, based on the beneficial teachings provided by De.

Claims 13, 17, and 21 are rejected under pre-AIA  35 U.S.C. 103(a) as obvious over Rubinstein et al. (US 2014/0196110 in view of Dhillon et al. (US 2013/0227700), in view of Zises (US 2013/0311315), further in view of Ocko et al. (US 2016/0250557), and further in view of Kremen et al. (US 2013/0013489).
The teachings of Rubinstein, Dhillon, Zises, and Ocko are relied upon for the reasons set forth above.
Regarding claims 13, 17, and 21, Rubinstein, Dhillon, Zises, and Ocko do not teach generating a dashboard that is configured to display one of: a graphical representation associated with one of…the first score, the second score, or a combination thereof.
Kremen teaches that a verification score can be returned in a web-based dashboard type graphical user interface which allows the reviewer to review areas which helped increase or decrease the verification score and verification data can be illustrated to the reviewer – see [0026] and [0259], for example.
It would have been obvious at the time the invention was made to modify the teachings of Rubinstein, Dhillon, Zises, and Ocko by using a dashboard graphical display to display the scoring information, for the purpose of allowing the reviewer to review areas which increased or decreased the score, based on the beneficial teachings provided by Kremen. 

Claim 24 is rejected under pre-AIA  35 U.S.C. 103(a) as obvious over Rubinstein et al. (US 2014/0196110 in view of Dhillon et al. (US 2013/0227700), in view of Zises (US 2013/0311315), further in view of Ocko et al. (US 2016/0250557), and further in view of McCorkendale et al. (US 8,726,392).
The teachings of Rubinstein, Dhillon, Zises, and Ocko are relied upon for the reasons set forth above.
Regarding claim 24, Rubenstein, Dhillon, Zises, and Ocko do not teach scanning a list of installed applications associated with a user to identify a leak of private data associated with the first user, and generating, via the processor, a second alert in response to identifying the leak of private data associated with the first user.
McCorkendale teaches a dynamic analyzer 110 may analyze a set of applications to determine whether any installed combination of applications results in a risk of sensitive data being leaked. If a single application or combination of applications results in risk of sensitive data being leaked, the systems described herein may warn consumers that installing the application(s) may present a privacy risk - see column 8 lines 37-44.
It would have been obvious at the time the invention was made to modify the teachings of Rubinstein, Dhillon, Zises, and Ocko by scanning installed applications to identify a leak of private data, and generating an alert, for the purpose of maintaining the security of the applications and user, based on the beneficial teachings provided by McCorkendale. 

Allowable Subject Matter
Claims 25 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:  The prior art does not teach or suggest scanning at least one of a plurality of security settings or a plurality of privacy settings associated with the first user to identify a threat and generating, via the processor, a second alert in response to identifying the threat.

	
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LISA C LEWIS whose telephone number is (571)270-7724.  The examiner can normally be reached on Monday - Thursday 7am-2pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/LISA C LEWIS/Primary Examiner, Art Unit 2495