Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on July 01, 2022, has been entered.


Status of Claims


Applicant filed an amendment on July 01, 2022. Claims 1-20 were pending in the Application. Claims 1-2, 5, 10, 16-17, and 19-20 are amended. No new claims have been added. No claims have been canceled.  Claims 1, 16, and 19 are independent claims, the remaining claims depend, directly or indirectly, on claims 1, 16, and 19. Thus, the claims 1-20 are currently pending. After careful and full consideration of Applicant arguments and amendments, the Examiner finds them to be moot and/or not persuasive. This action is made FINAL.

Response to Arguments


















In the context of 35 U.S.C. §112(a), Lack of Algorithm, which Examiner notes should have been under Written Description, paragraphs 19 and 21-23, of the Final Rejection Office Action dated April 01, 2022, Applicant respectfully disagrees. Applicant argues that MPEP § 2163 states "[t]o satisfy the written description requirement, a patent specification must describe the claimed invention in sufficient detail that one skilled in the art can reasonably conclude that the inventor had possession of the claimed invention. See, e.g., Moba, B.V. v. Diamond Automation, Inc., 325 F.3d 1306, 1319, 66 USPQ2d 1429, 1438 (Fed. Cir. 2003)." More importantly, with respect to original claims, MPEP states "[t]here is a presumption that an adequate written description of the claimed invention is present when the application is filed. In re Wertheim, 541 F .2d 257, 263, 191 USPQ 90, 97 (CCPA 1976)." Claims 1, 2, 16, and 19 are either identical or almost identical to the original claims 1, 2, 16, and 19, especially with respect to the features cited by the Office. Therefore, the Office's rejection of claims 1, 2, 16, and 19 is in error because these claims are either identical or almost identical to the original claims, and there is presumption that there is adequate written description of the claimed invention when the application is filed. Moreover, description of these features of claims 1, 2, 16, and 19 may be found throughout Applicant's originally-filed disclosure, which demonstrates possession under both MPEP § 2161.01(1) and MPEP § 2163.03(V). 
Examiner has considered these arguments and is not persuaded. Examiner notes the limitation “configured to determine …; determine …; store …; combine …; determine …; and control …”; “webpage placement that is configured as multi-page flow”; and “control a client server” is claim language that is ipsis verbis in the specification with lack of support for how the processor is configured to perform the functional limitations; how the webpage placement is configured as multi-page flow”; and how “a client server” is being controlled as claimed. Examiner also notes that MPEP § 2163.03(V) also recites “The written description requirement is not necessarily met when the claim language appears in ipsis verbis in the specification. "Even if a claim is supported by the specification, the language of the specification, to the extent possible, must describe the claimed invention so that one skilled in the art can recognize what is claimed. The appearance of mere indistinct words in a specification or a claim, even an original claim, does not necessarily satisfy that requirement. "Enzo Biochem, Inc. v. Gen-Probe, Inc., 323 F.3d 956, 968, 63 USPQ2d 1609, 1616 (Fed. Cir. 2002).” Therefore, the written description has not necessarily been met, and Examiner does not hereby rescind the rejections under the 35 U.S.C. §112(a), Lack of Algorithm (Written Description), for paragraphs 19 and 21-23, of the Final Rejection Office Action dated April 01, 2022.
In the context of 35 U.S.C. § 112(b), Means-Plus-Function, paragraph 28 of the Final Rejection Office Action dated April 01, 2022, Applicant argues that claims 1, 2, 16, 17, and 20 were interpreted under 35 U.S.C. § 112(f) because claim limitations allegedly use generic placeholders that are coupled with functional language. Applicant respectfully traverses the interpretation for the following reasons. In rejecting claim 1, the Office asserted that "model" and "placeholder" are generic placeholders that are coupled with functional language. The allegedly functional language: "that differentiates" and "that is configured," is not functional language, but rather, description of a thing, i.e., "model" and "placement," respectively. Indeed, the "model" and the "placement" can simply exist without being associated with any "action." Therefore, "model" and "placement" cannot be interpreted as "generic placeholders of a structure coupled with functional language" because the description of "model" and "placement" is not functional language, but rather, a further description of "model" and "placement" that exists regardless of any action.
Examiner has considered these arguments and is not persuaded. Examiner notes that MPEP § 2181(I) (A) recites “With respect to the first prong of this analysis, a claim element that does not include the term "means" or "step" triggers a rebuttable presumption that 35 U.S.C. 112(f)  does not apply. When the claim limitation does not use the term "means," examiners should determine whether the presumption that 35 U.S.C. 112(f)  does not apply is overcome. The presumption may be overcome if the claim limitation uses a generic placeholder (a term that is simply a substitute for the term "means"). The following is a list of non-structural generic placeholders that may invoke 35 U.S.C. 112(f): "mechanism for," "module for," "device for," "unit for," "component for," "element for," "member for," "apparatus for," "machine for," or "system for." … Note that there is no fixed list of generic placeholders that always result in 35 U.S.C. 112(f)  interpretation, and likewise there is no fixed list of words that always avoid 35 U.S.C. 112(f)  interpretation. Every case will turn on its own unique set of facts.” Examiner finally notes that “model” and “placement” can be classified as generic placeholders, terms that are simply a substitute for the term “means” and that do not connotate structure. The specification is also silent as to the sufficient structure for “model” and “placement” to perform the claimed functions. Therefore, Examiner does not hereby rescind the rejection under 35 U.S.C. § 112(b), Means-Plus-Function, paragraph 28 of the Final Rejection Office Action dated April 01, 2022.
In the context of 35 U.S.C. §103, Applicant submits without conceding the propriety of the rejection, and to further clarify and emphasize the combining of input data into "multi-page input data" as suggested by the Examiner during the interview, Applicant has amended claim 1. Applicant further submits the combination of Starikova, Hufsmith, and Kedem fails to disclose or suggest at least "combining the input data into multi-page input data in response to determining that the OAO service is enabled and that the website configuration includes the list of multi-page placements for the online application," as recited by amended claim 1. Thus, Starikova, Hufsmith, and Kedem fail to establish a prima facie case of obviousness with respect to amended claim 1 because Starikova, Hufsmith, and Kedem, alone or in any combination, fail to disclose or suggest all of the features of amended claim 1, and provide no apparent reason for modification to include such features. 
For at least these reasons, claim 1 is patentable under 35 U.S.C. § 103. Independent claims 16 and 19 recite features that are similar to claim 1 and have been amended to recite features that are similar to amended claim 1. Therefore, claims 16 and 19 are respectively distinct from Starikova, Hufsmith, and Kedem for at least the reasons provided above with respect to claim 1 and amended claim 1, although each claim should be considered according to its particular recitations. The dependent claims, i.e., claims 2-15, 17-18, and 20, are respectively distinct from Starikova, Hufsmith, and Kedem by their incorporation of the features of their respective base claims, as well as for their separately recited patentably distinct features.
Examiner has considered these arguments and is not persuaded. Examiner notes Kedem, [0041], recites “… ( 6) determining that a pattern or a characterizing feature of multiple on-screen pointer movements, that are a result of mouse gestures or touch-pad gestures or other input-unit gestures, is sufficiently different from previous or historic or past or most-recent pattern(s) or characterizing feature(s) of the same user, in general and/or particularly in similar past transactions that he performed or in the same type of transactions (e.g., comparing a pattern or a characterizing feature of multiple on-screen pointer movements in a current usage-session specifically in a wire-transfer page, to previous such patterns or characteristics in previous utilization of that particular wire-transfer page by the same user);” and Kedem, [0050], recites “Some embodiments may utilize or may take into account, additionally or alternatively, an analysis of the Frequency of Mouse Tums (or of the on-screen cursor turns) of the user as a parameter for determining whether it is estimated that the user is operating within a vishing attack. In some embodiments, for example, a victim of a vishing attack may exhibit a greater number of mouse-turns or on-screen pointer turns, due to her uncertainty of the next step until the vishing attacker advises her what to do, and/or while she is navigating the page; and this may be compared to previous sessions of that user, and/or to a threshold value. In some embodiments, the threshold value may be pre-defined or hard-coded; or may be determined based on an average of usage sessions of a population of users or a group of sessions that are known to be (or that are estimated to be) genuine non-vishing sessions; or may be determined based on the historical or past or previous usage sessions of the same user whose current interactions are analyzed.” Examiner notes that for the comparison of a pattern or a characterizing feature of pointer movements in a current usage session to previous such patterns or characteristics in previous utilization of that particular wire-transfer page by the same user to occur, there must be stored input data of the same user on the same type of device to ensure the comparison has validity.
Examiner also notes that Kedem, [0128], recites “In some embodiments, the method or the process comprises: (A) defining a parameter that indicates fluency of navigation of the user through multiple pages and multiple GUI elements of an online interface; …” which discloses combining the input data into multi-page data by tracking the defined parameter indicating fluency of navigation as the user navigates multiple pages and multiple GUI elements of an online interface. 
Therefore, amended claim 1, as well as amended claims 16 and 19, are not distinct from the cited references and, thus, not patentable. Claims 2-15, which depend on claim 1, stand rejected under 35 U.S.C. § 103; claims 17-18, which depend on claim 16, stand rejected under 35 U.S.C. § 103; and claim 20, which depend on claim 19, stand rejected under 35 U.S.C. § 103. Examiner maintains the current rejection under 35 U.S.C. § 103.

Claim Interpretation – Intended Use
Regarding claim 1, Examiner notes that the following limitations: “control a client server to approve …” is an intended use of “client server”; and therefore, carries limited patentable weight. Additionally, similar language is recited in claims 16 and 19. (See MPEP § 2103 (I) (C)).

Claim Interpretation - Optional Language
Claim 16, recites the limitation: “determining, …, whether an online application origination (OA) service is enabled …; determining, …, whether a website configuration includes a list of multi-page placements for an online application; … combining, …, the input data into multi-page input data in response to determining that the OAO service is enabled and that the website configuration includes the list of multi-page placements for the online application;” Therefore, “combining the input data into multi-page input data” does not necessarily occur in the case “it is determined that the OAO service is not enabled and/or that the website configuration does not include the list of multi-page placements for the online application.” See MPEP 2013 (I) (C).

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. § 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. § 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. § 112(a) or 35 U.S.C. § 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. § 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 

Written Description
Claim 1 recites “…the electronic processor is configured to determine whether …, determine whether …, store input data …, combine the input data …; determine a fraud risk score …, and control a client server …” The specification is silent as to a specific configuration of the electronic processor such that “the specification must describe the claimed invention in a manner understandable to a person of ordinary skill in the art in a way that shows that the inventor actually invented the claimed invention at the time of filing.  Id.; Ariad, 598 F.3d at 1351, 94 USPQ2d at 1172. The function of the written description requirement is to ensure that the inventor had possession of the specific subject matter later claimed as of the filing date of the application relied on; how the specification accomplishes this is not material. In re Herschler, 591 F.2d 693, 700-01, 200 USPQ 711, 717 (CCPA 1979), further reiterated in In re Kaslow, 707 F.2d 1366, 217 USPQ 1089 (Fed. Cir. 1983),” where the “function” is “configured to determine whether …, determine whether …, store input data …, combine the input data …; determine a fraud risk score …, and control a client server …” (See MPEP § 2161.01 (I) and MPEP § 2163.03 (V)). 
Claim 1 recites “control a client server …” The specification is silent as to control a client server such that “the specification must describe the claimed invention in a manner understandable to a person of ordinary skill in the art in a way that shows that the inventor actually invented the claimed invention at the time of filing.  Id.; Ariad, 598 F.3d at 1351, 94 USPQ2d at 1172. The function of the written description requirement is to ensure that the inventor had possession of the specific subject matter later claimed as of the filing date of the application relied on; how the specification accomplishes this is not material. In re Herschler, 591 F.2d 693, 700-01, 200 USPQ 711, 717 (CCPA 1979), further reiterated in In re Kaslow, 707 F.2d 1366, 217 USPQ 1089 (Fed. Cir. 1983),” where the “function” is “control a client server.” Additionally, similar language is recited in claims 16 and 19. (See MPEP § 2161.01 (I) and MPEP § 2163.03 (V)).
Claim 2 recites “… wherein the electronic processor is further configured to determine whether … an additional specific webpage placement that is configured as multi-page flow …, determine that an additional …” The specification is silent as to a specific configuration of the electronic processor such that “the specification must describe the claimed invention in a manner understandable to a person of ordinary skill in the art in a way that shows that the inventor actually invented the claimed invention at the time of filing.  Id.; Ariad, 598 F.3d at 1351, 94 USPQ2d at 1172. The function of the written description requirement is to ensure that the inventor had possession of the specific subject matter later claimed as of the filing date of the application relied on; how the specification accomplishes this is not material. In re Herschler, 591 F.2d 693, 700-01, 200 USPQ 711, 717 (CCPA 1979), further reiterated in In re Kaslow, 707 F.2d 1366, 217 USPQ 1089 (Fed. Cir. 1983),” where the “function” is “configured to determine whether …” (See MPEP § 2161.01 (I) and MPEP § 2163.03 (V)).  
Claim 2 recites “determine whether … an additional specific webpage placement that is configured as multi-page flow, and determine that … the additional specific webpage placement that is configured as the multi-page flow.” The specification is silent as to a specific configuration of the additional specific webpage placement such that “the specification must describe the claimed invention in a manner understandable to a person of ordinary skill in the art in a way that shows that the inventor actually invented the claimed invention at the time of filing.  Id.; Ariad, 598 F.3d at 1351, 94 USPQ2d at 1172. The function of the written description requirement is to ensure that the inventor had possession of the specific subject matter later claimed as of the filing date of the application relied on; how the specification accomplishes this is not material. In re Herschler, 591 F.2d 693, 700-01, 200 USPQ 711, 717 (CCPA 1979), further reiterated in In re Kaslow, 707 F.2d 1366, 217 USPQ 1089 (Fed. Cir. 1983),” where the “function” is “configured as …” (See MPEP § 2161.01 (I) and MPEP § 2163.03 (V)). 

The following is a quotation of 35 U.S.C. § 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. § 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 1- 20 are rejected under 35 U.S.C. § 112(b) or 35 U.S.C. § 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Means-Plus-Function
Claims 1, 16, and 20 recite “determine … an online application origination (OAO) model that differentiates between …”
Claims 2, 17, and 20 recite "determine … an additional specific webpage placement that is configured as multi-page flow …” 
The claim limitations above do not use the word "means" but are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitations use generic placeholders that are coupled with functional language, "acts", without reciting sufficient structures to perform the recited functions and the generic placeholders are not preceded by structural modifiers.
These claim limitations invoke 35 U.S.C. § 112(f) or pre-AIA  35 U.S.C. § 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function (See specification [0006]-[0008], [0122], and [0124]; and  [0075], [0076], and [0079]). Therefore, the claims are indefinite and are rejected under 35 U.S.C. § 112(b) or pre-AIA  35 U.S.C. § 112, second paragraph.
Applicant may:
Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. § 112(f) or pre-AIA  35 U.S.C. § 112, sixth paragraph; 
Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. § 132(a)); or 
Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. § 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. § 132(a)); or 
Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP § 608.01 (o) and § 2181.

Claim Rejections - 35 USC § 103






In the event the determination of the status of the application as subject to AIA  35 U.S.C. § 102 and § 103 (or as subject to pre-AIA  35 U.S.C. § 102 and § 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. § 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U. S. 1. 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. § 103 are summarized as follows:
Determining the scope and contents of the prior art.
Ascertaining the differences between the prior art and the claims at issue.
Resolving the level of ordinary skill in the pertinent art.
Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-20 are rejected under 35 U.S.C. § 103 as being unpatentable over Starikova et al (U. S. Patent Application Publication No. 20150324908 A1), herein referred to as Starikova, in view of Hufsmith et al (U. S. Patent Application Publication No. 20200097662 A1), herein referred to as Hufsmith, and in further view of Kedem et al (U. S. Patent Application Publication No. 20190158535 A1), herein referred to as Kedem.
Regarding claims 1, 16, and 19, Starikova discloses a fraud prevention system (FIG. 1, item 112, and [0026]) comprising: a fraud prevention server (FIG. 1, item 114, and [0031]) including an electronic processor (FIG. 1, item 116, and [0031]) and a memory (FIG. 1, item 124, and [0031]), 
the memory (FIG. 1, item 124, and [0031] and [0036]) including an online application origination (OAO) service (FIG. 1, item 126, and [0037]), 
wherein the electronic processor (FIG. 1, item 116, and [0031]) is configured to determine whether the OAO service is enabled (FIG. 8A, item 806, and [0174]-[0175], [0179], and [0185]),
determine whether a website configuration includes a list of multi-page placements (FIG. 8B, item 800, and [0169]) for an online application (FIG. 10A-10D, item 1000, and [0200]-[0201]), …
of the online application based on the multi-page input (FIG. 8B (Open an Account), item 800, and [0169]; FIG. 10A (Financial Documents) -10D, item 1000, and [0200]-[0201]) …
control a client server to approve, hold, or deny the online application based on the fraud risk score that is determined (FIG. 7, and [0166]) …
With respect to claim 19, Starikova discloses a non-transitory computer-readable medium comprising instructions that, when executed by a fraud prevention server, causes the fraud prevention server to perform a set of operations comprising (FIG. 1, item 124, and [0031], [0033], and [0222]):
Starikova does not specifically disclose, however, Hufsmith discloses determine a fraud risk score data (FIG. 6, item 603, 605, and [0145] and [0210]-[0211]) …
Hufsmith discloses determining threat score for container images or distributed applications. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a process for determining threat scores for distributed applications that consider factors such as context information which may include information about a given execution environment for the distributed application. The functionality for obtaining a distributed application and determining the threat scores for the distribute application is implemented with machine-readable instructions stored on a tangible, non-transitory, machine-readable medium, such that when the instructions are executed, the described functionality may be implemented. These instructions may be stored on a plurality of different memory devices (which may include dynamic and persistent storage), and different processors may execute different subsets of the instructions, an arrangement consistent with use of the singular term "medium." This overcomes the inability of the various scanning engines available today to quantify a degree to which the disparate vulnerabilities they detect pose a threat to a given, and often highly complex, execution environment of distributed applications.
Starikova and Hufsmith do not specifically disclose, however, Kedem discloses store input data in the memory ([0041] and [0050]),
combine the input data into multi-page input data in response to determining that the OAO service is enabled and that the website configuration includes the list of multi-page placements for the online application ([0050] and [0128]), …
… and an online application origination (OAO) model that differentiates between a behavior of a normal user and a behavior of a nefarious actor ([0017] and [0023]-[0025]) during a submission of the online application on a device, and …
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide devices, systems, and methods to monitor transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with user interface elements to detect operations performed by a victim that follows a pre-defined playbook of a vishing attack. The user interactions being performed within a certain user transaction or usage session may thus be analyzed and/or compared to such criteria to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claims 2, 17, and 20, Starikova, Hufsmith, and Kedem disclose the limitations of claims 1, 16, and 19. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the electronic processor is further configured to determine whether the website configuration includes an additional specific webpage placement that is configured as a multi-page flow ([0128]), and
store an additional set of input data associated with the additional specific webpage placement in the memory ([0041] and [0050]), and 
combine the additional set of input data into the multi-page input data in response to determining that the website configuration includes the additional specific webpage placement that is configured as the multi-page flow ([0050] and [0128]).
	Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide systems that may operate to detect or to confirm identity of a user of an electronic device, and/or for determining whether or not an electronic device is being used by a fraudulent user or by a legitimate user, and/or for differentiating or distinguishing between (or among) users of a computerized service or between (or among) users of an electronic device, so as to be able to more easily detect and/or prevent nefarious activities by a user when inputting data in real time during online multiple web page applications.
Regarding claims 3 and 18, Starikova, Hufsmith, and Kedem disclose the limitations of claims 1 and 16. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with mouse movement behavioral features, and wherein the mouse movement behavioral features include a standard deviation of a mouse click in an X direction feature ([0119]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 4, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include a time from last key to submission feature ([0114]-[0115]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 5, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include a coefficient of variation of keystroke rate across all fields in a form of the online application ([0025] and [0057]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 6, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with mouse movement behavioral features, and wherein the mouse movement behavioral features further include a standard deviation of a mouse click in a Y direction feature ([0119]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 7, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include an average number of mouse clicks per field of a form feature ([0048]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 8, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include an amount of time on page feature ([0048]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 9, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with mouse movement behavioral features, and wherein the mouse movement behavioral features further include a total mouse distance feature ([0054]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 10, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include a ratio of time spent in fields of a form to the overall time on page feature ([0052]). 
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 11, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include an average keystroke rate standard deviation feature ([0047]).
Kedem teaches detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 12, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include an average of time between focus and first keystroke feature ([0054] and [0121]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 13, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with navigation behavioral features, and wherein the navigation behavioral features further include a total mouse click count feature ([0048]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 14, Starikova, Hufsmith, and Kedem disclose the limitations of claim 1. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 1, wherein the OAO model includes a feature set with non-behavioral features ([0056] and [0077]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.
Regarding claim 15, Starikova, Hufsmith, and Kedem disclose the limitations of claims 1 and 14. Starikova and Hufsmith do not specifically disclose, however, Kedem discloses the fraud prevention system of claim 14, wherein the non-behavioral features further include a proxy concealed detection feature ([0077]).
Kedem discloses detecting vishing attacks. It would have been obvious to one of ordinary skill in the art at the effective filing date of the invention to include detecting vishing attacks, as in Kedem; and to include determining a threat score for container images or distributed applications, as in Hufsmith, to improve and/or enhance the technology for dynamically modifying an application questionnaire, as in Starikova, because it would amount to combining elements that in the combination would perform the same function as they functioned separately. One of ordinary skill in the art at the effective filing date of the invention would have been motivated to combine the references to provide a computerized system to differentiate or distinguish between: (i) a legitimate user that voluntarily and freely operates under his own free will and without duress, and (ii) the legitimate user that operates under duress and/or that performs computerized operations under the dictated instructions or the dictated guidelines that are conveyed to him by a third party. The user interactions, being performed within a certain user transaction or usage session (e.g., a wire transfer session), may be analyzed and/or compared to criteria, in order to generate a risk score or a probability score that indicates how close the logged interactions are to a behavioral profile of a victim that operates under duress or to a victim that operates in a vishing attack unknown to himself.









Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:


Ronning et al (U. S. Patent Application Publication No. 20050154676 A1) – Electronic Commerce System Method for Detecting Fraud



Ronning discloses an electronic commerce system having a server and an end user machine interacting through a network during an electronic commerce transaction is disclosed. The server includes a software module configured to receive user entered information via the network including an electronic purchase order for a product within the electronic commerce system. In addition, the server includes a fraud detection mechanism active during electronic commerce transactions. The fraud detection mechanism determines a likelihood that the electronic purchase order is attempted fraud based upon (i) information associated with the user entered information and (ii) factors relating to a user’s real-time interaction with the server during a transaction to process the electronic purchase order. A method performed by an electronic commerce system for determining a likelihood that the electronic purchase order is attempted fraud based is also provided. Ronning not used as cited references better teach the claimed subject matter.















































































































































Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEVEN CHISM whose telephone number is (571) 272-5915. The examiner can normally be reached during 9:00 AM – 3:00 PM Monday – Thursday, EST.
	Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Calvin L. Hewitt II can be reached (571) 272-6709. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/STEVEN CHISM/
Examiner, Art Unit 3692


/DANIEL S FELTEN/Primary Examiner, Art Unit 3692