DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to Applicant’s RCE filed on July 15, 2022 in which claims 1, 19 and 20 have been amended. Claims 6, 8, 12, 15, 17 and 18 have previously been cancelled. Therefore, claims 1-5, 7, 9-11, 13-14, 16, and 19-31 are pending in the application. 

                             Continued Examination Under 37 CFR 1.114 
2.       A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 07/15/2022 has been entered. 

Claim Rejections - 35 USC § 112 
3.       The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 1 and 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
          In claims 1 and 20, the limitation “a web server” lacks antecedent basis. Appropriate clarification is required. 
          The dependent claims 2-5, 7, 9-11, 13-14 and 16 are rejected by virtue of dependency on a rejected claim.

			   Claim Rejections - 35 USC § 101
4. 		35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-5, 7, 9-11, 13-14, 16, and 19-31 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Claim 1 is directed to a method, thus it is one of the four statutory categories of invention (Step 1: YES).
The claim 1 recites a series of steps, e.g., identifying requests for a login page of a web server associated with the financial institution, upon identifying the requests,  determining a referring website for each of the identified requests; classifying the referring websites into classes based on a classification system, each of the classes having a risk rating; identifying logins to access the web server, upon identifying the logins, determining a user associated with each of the logins; associating each of the logins with one of the identified requests and with the referring website for that identified request; for each of the users, identifying transactions occurring within a time period from when one of the logins was initiated; for each of the transactions occurring within the time period, associating a transaction destination of that transaction with the referring website for that one of the logins; and assigning a risk rating to each of the transaction destinations based at least in part on a risk rating of the class of the associated referring website; and  permitting or blocking an electronic financial transaction of the transactions occurring within the time period based on the risk rating of the transaction destination associated with that transaction. These limitations (with the exception of italicized portions), under their broadest reasonable interpretation, when considered collectively as an ordered combination, is a process that covers Certain methods of organizing human activity such as Fundamental economic principles or practices (assigning a risk rating to the transaction destination is a way of mitigating the risk and mitigating the risk is a Fundamental economic practice), and Commercial or legal interactions (a transaction is fulfilling the agreement in the form of contracts and hence it is a Commercial Interaction).  The claims recite a method to facilitate electronic financial transactions. The claim also recites a web server, a website and an implicit processor. That is, other than, a web server, a website and an implicit processor (not explicitly recited in the claim), nothing in the claim precludes the steps from being performed as a method of organizing human activity. If the claim limitations, under the broadest reasonable interpretation, covers methods of organizing human activity but for the recitation of generic computer components, then it falls within the “Certain methods of organizing human activity” grouping of abstract ideas. Accordingly, the claim 1 recites an abstract idea (Step 2A: Prong 1: YES).
This judicial exception is not integrated into a practical application. The additional elements a web server, a website and an implicit processor result in no more than simply applying the abstract idea using generic computer elements. The specification describes the additional elements of a web server, a website and an implicit processor to be generic computer elements (see Fig. 3, [0112]). A web server and a website, recited in the claim, are broadly interpreted to correspond to generic software suitably programmed to perform the claimed function.  Hence, the additional elements in the claims are all generic components suitably programmed to perform their respective functions. The step of determining a referring website for each of the identified requests is recited at a high level of generality and does not rise to the level of a practical application.  The additional elements of a web server, a website and an implicit processor are recited at a high level of generality and under their broadest reasonable interpretation comprises a generic computer arrangement. The presence of a generic computer arrangement is nothing more than to implement the claimed invention (MPEP 2106.05(f)). Accordingly, these additional elements, when considered separately and as an ordered combination, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Hence, the claims as a whole are not integrated into a practical application. Therefore, the claim 1 is directed to an abstract idea (Step 2A - Prong 2: NO). 
The claim 1 does not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements of a web server, a website and an implicit processor are recited at a high level of generality in that it results in no more than simply applying the abstract idea using generic computer elements. The additional elements, when considered separately and as an ordered combination, does not add significantly more (also known as an “inventive concept”) to the exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements amount to no more than mere instructions to apply the exception using a generic computer component (MPEP 2106.05(f)). The specification, para. [0006], teaches determining the referring website could be just extracting an identifier of the referring website which is nothing more than extracting data and it has been shown not to be significantly more (see MPEP 2106.05(d), II, Electronically scanning or extracting data from a physical document, Content Extraction and Transmission, LLC v. Wells Fargo Bank). The additional elements of the instant underlying process, when taken in combination, together do not offer substantially more than the sum of the functions of the elements when each is taken alone. Thus, claim 1 is not patent eligible (Step 2B: NO).
Similar arguments can be extended to other independent claims 19 and 20 and hence the claims 19 and 20 are rejected on similar grounds as claim 1.
Dependent claims 2-5, 7, 9-11, 13-14, 16, 21-31 when analyzed as a whole are held to be patent ineligible under 35 U.S.C. 101 because the additional recited limitations only refine the abstract idea further.
For instance, in claim 2, the steps, “wherein the determining the referring website comprises extracting an identifier of the referring website web server logs from the financial institution”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.
In claim 3, the steps, “wherein the requests are HTTP requests”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.  A HTTP is recited at a high level of generality such that it amounts to applying the abstract idea using this generic component.
In claim 4, the steps, “wherein the determining the referring website comprises extracting an identifier of the referring website from HTTP referrer header information”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the intermediate steps of the underlying process.
In claim 5, the steps, “wherein the associating each of the logins with one of the requests and the referring website for that request is based at least in part on at least one of: comparing a time stamp of the login and a time stamp of the request; or a cookie upon login linking an account of the user with a browser of the user.”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the intermediate steps of the underlying process. A browser, recited in the claim, is broadly interpreted to correspond to generic software suitably programmed to perform the claimed function. Further, the browser is recited at a high level of generality such that it amounts to applying the abstract idea using this generic component.
In claim 7, the steps, “wherein the determining the user associated with each login is based at least in part on at least one of: an IP address in a web server log; or an IP address in a HTTP request.”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process. An IP address, recited in the claim, is broadly interpreted to correspond to generic software suitably programmed to perform the claimed function. Further, the browser is recited at a high level of generality such that it amounts to applying the abstract idea using this generic component.
In claim 9, the steps, “grouping users from a common class of the referring websites and identifying, for each of the groups of users, a common transaction destination”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the intermediate steps of the underlying process.
In claim 10, the steps, “wherein the common transaction destination is identified from the destinations containing a common word ”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.
In claim 11, the steps, “wherein the time period is at least one of: between ten and thirty minutes; or twenty minutes.”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.
In claim 13, the steps, “wherein the risk ratings of the classes are based at least in part on a whitelist of websites”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.
In claim 14, the steps, “wherein the transaction destination of at least one of the transactions at least one of: an identification of an entity; or a bank account”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the intermediate steps of the underlying process.
In claim 16, the steps, “identifying additional transactions that send funds to one or more of the transaction destinations; assigning a risk rating to the additional transactions based at least in part on the risk ratings of the transaction destinations; or for each of the transactions, identifying a transaction type and assigning a risk rating to the transaction type based at least in part on the risk rating of the transaction destination.”, under the broadest reasonable interpretation, are further refinements of methods of organizing human activity because these steps further describe the data or information used in the underlying process.
Similar arguments can be extended to claims 19 and 20 and hence the claims 19 and 20 are rejected on similar grounds as claim 1.
In all the dependent claims, the judicial exception is not integrated into a practical application because the limitations are recited at a high-level of generality such that it amounts to no more than mere instructions to apply the exception using generic computer components. This is because the claims do not affect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a computer system itself; the claims do not affect a transformation or reduction of a particular article to a different state or thing; and the claims do not move beyond a general link of the use of an abstract idea to a particular technological environment. In addition, the dependent claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. The additional elements of the instant underlying process, when taken in combination, together do not offer substantially more than the sum of the functions of the elements when each is taken alone. The claims as a whole, do not amount to significantly more than the abstract idea itself. For these reasons, the dependent claims also are not patent eligible. 

					Prior Art Rejection
5.	After further search and consideration, the prior art rejection of claims 1-5, 7, 9-11, 13-14, 16, and 19-31 is withdrawn. 

                                                Response to Arguments 
6.       Applicant's arguments filed July 15, 2022 have been fully considered but they are not persuasive due to the following reasons:
7.       Applicant argues that (on page 8), “any alleged judicial exception directed in the claims has been integrated into a full practical application (Step 2A, Prong 2).”
	The Examiner respectfully disagrees. The Examiner would like to point out that according to 2019 Patent Eligibility Guidelines (2019 PEG), limitations that are indicative of integration into a practical application include:
•    Improvements to the functioning of a computer, or to any other technology or technical field - see MPEP 2106.05(a)
•    Applying or using a judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition - see Vanda Memo
•    Applying the judicial exception with, or by use of, a particular machine - see MPEP 2106.05(b)
•    Effecting a transformation or reduction of a particular article to a different state or thing -see MPEP 2106.05(c)
•    Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception - see MPEP 2106.05(e) and Vanda Memo
          In the instant case, the judicial exception is not integrated into a practical application, because none of the above criteria is met. The amendments to the claims only further define the data being used however a specific abstract idea is still an abstract idea. The claimed invention makes use of available resources and uses them in an efficient manner in order to provide a solution. The limitations of the amended claims do not result in computer functionality improvement or technical/technology improvement when the underlying abstract idea is implemented using technology. All the features in the Applicant’s claims can at best be considered an improvement in the abstract idea of facilitating electronic financial transactions. The advantages over conventional systems are directed towards improving the abstract idea.  The specification describes the additional elements a web server, a website and an implicit processor to be generic computer elements (see Fig. 3, [0112]). A web server and a website, recited in the claim, are broadly interpreted to correspond to generic software suitably programmed to perform the claimed function.  Hence, the additional elements in the claims are all generic components suitably programmed to perform their respective functions. The additional elements of a web server, a website and an implicit processor are recited at a high level of generality. The claims at issue do not require any nonconventional computer, network, or other components, or even a non-conventional and non-generic arrangement of known, conventional pieces but merely call for performance of the claimed functions on a set of generic computer components.  The additional elements are recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using generic computer components. Accordingly, the additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Hence, the claims as a whole are not integrated into a practical application.
          Thus, the Applicants’ arguments are not persuasive.

8.	Applicant’s arguments with respect to the 35 U.S.C. 103 rejection have been fully considered and are persuasive. The 35 U.S.C. 103 of claims 1-5, 7, 9-11, 13-14, 16, and 19-31 has been withdrawn. 
				Prior Art made of Record
9.     The following prior art made of record and not relied upon is considered pertinent: 
	Saunders et al. (U.S. 2016/0239831 A1) relates generally to money or value transfer services. More particularly, an internet based money or value transfer service with a digital wallet is provided that includes features to reduce the risk of any transaction being used for nefarious purposes.

Conclusion
10.            Any inquiry concerning this communication or earlier communications from the examiner should be directed to BHAVIN D SHAH whose telephone number is (571)272-2981.  The examiner can normally be reached on 8:00-5:00 M-F.
          Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
          If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shahid Merchant can be reached (571) 270 1360.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
          Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.                                                                                                                                                                                              /B.D.S./Examiner, Art Unit 3693                                                                                                                                                         September 24, 2022

/KENNETH BARTLEY/Primary Examiner, Art Unit 3693