Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This action is responsive to application filed on 1/6/2021. Claims 1, 4 and 10 are independents. Claims 1-12 are currently pending.

Drawing Objections
	The drawing is objected. There are no numberings 125A and 125B (that are used in the instant specification) in the drawing filed on 1/6/2021.
	Appropriate correction is required.

Specification Objections
	The instant specification is objected. There are no numberings 125A and 125B (that are recited in para. 0023 of the instant specification) in the drawing filed on 1/6/2021.
	Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-4 and 10-12 are rejected under 35 U.S.C. 103 as being unpatentable over Goyal et al. (US 20180255010 A1), hereinafter Goyal, in view of Higbee et al. (US 10187407 B1), hereinafter Higbee.
	
Regarding claims 1 and 4, Goyal teaches a data security system, comprising:
	a security manager computer making network application programming interface (API) calls to a cloud-based service (para. 0048 and 0142 making API calls; para. 0142, support performance of the relevant operations in a “cloud computing” environment or as a “software as a service” (SaaS). For example, at least some of the operations may be performed by a group of computers (as examples of machines including processors), these operations being accessible via a network (e.g., the Internet) and via one or more appropriate interfaces (e.g., application program interfaces (APIs)) that (i) performs data exchange transactions for end users (para. 0019 and 0020, social networking service (SNS) (for example, email service or text messaging service),… members of the SNS receive digital content via various services provided on the SNS. Some of that digital content is found objectionable by the receiving members. For example, a member of the SNS receives objectionable digital content in an Inbox provided by the SNS for the member. The objectionable digital content may be a spam message sent to the one or more members by a spam sender. The spam sender may be another member of the SNS, or a user who is not a member of the SNS), and (ii) includes a mechanism for an end user to invoke in order to report a transaction received by the end user as being a potentially harmful or deceptive transaction, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service (para. 0022, a system associated with the SNS allows members who receive messages that they find objectionable to report such messages to the system. A member of the SNS may flag an objectionable message by, for example, selecting an objectionable message indicator (e.g., a button) in a user interface of a client device. As a result of the member selecting the objectionable message indicator, the system may generate a reporting event associated with the objectionable message. Based on the reporting event, the system may analyze the objectionable message to identify and execute a treatment for it; para. 0058, member may indicate, via a user interface (e.g., by clicking a user interface button that states “Report as objectionable”) displayed on the member's client device, that the message is objectionable to the member. The client device may generate a communication that pertains to objectionable message, and transmit the communication to the content treatment system 200. In some instances, the communication includes a reporting event (e.g., a flagging event) that indicates that the member has designated (e.g., reported, flagged, etc.) the message as objectionable. The communication may also indicate an identifier of the message reported as objectionable. In some example embodiments, the accessing of the message reported as objectionable by the member is based on the identifier of the message reported as objectionable; para. 0073, an action by a user (e.g., a member of the SNS) reporting a spam message via an Inbox (Domain) Frontend 218 (e.g., a click on a “report as spam” button in a user interface) of a client device 150 results in the generation of a user reporting event at the Domain (Inbox) Backend 220 of the client device 150. The user reporting event may be stored, by a Content Classification Client Library 222, in a Client Database 224 at the client device 150. The Domain (Inbox_Backend 220 may communicate (e.g., transmit) a detailed flagging event to the content treatment system 200. The detailed flagging event may include various information pertaining to the flagged message (e.g., the content of the message, a sender identifier of the message, a time sent, a time received, a recipient's identifier, etc.); and
	a data inspector operative to analyze a transaction as being harmful or deceptive, by applying machine learning, wherein said security manager computer controls the cloud-based service so as to transmit transactions reported by the mechanism to said security manager (para. 0024, 0025 and 0035, performing syntactic and semantic analysis of the reported message; para. 0038, using machine learning model).
	Goyal does not explicitly disclose transmit transactions reported by the end user to central authority. However, in an analogous art, Higbee teaches transmit transactions reported by the end user to central authority (col4 ln11-40, Responses (if any) of the individuals to the simulated phishing attacks may be recorded in database 26 [central authority], col8 ln1-24 and col10 ln33-49).
	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Goyal and Higbee providing a way making users more knowledgeable about phishing attacks. In an education process, individuals are subjected to simulated phishing attacks, which are designed to resemble actual phishing attacks (col1 ln 64-col2 ln17).

	Regarding claim 10, the combination of Goyal and Higbee teaches a security manager computer making network application programming interface (API) calls to a cloud-based service that (i) performs data exchange transactions for end users, and (ii) includes a mechanism for an end user to invoke in order to report a transaction received by the end user to a central authority as being a potentially harmful or deceptive transaction, the API calls remotely controlling the cloud-based service so that the security manager computer accesses transactions that have entered the cloud-based service, as shown above. Higbee further teaches a data inspector operative to analyze a transaction as being harmful or deceptive, by applying machine learning, wherein said security manager computer controls the cloud-based service so as (i) to intercept a message that is automatically generated and sent to the cloud-based service, in response to user invocation of the mechanism, and (ii) to identify the potentially harmful or deceptive transaction based at least on information in the intercepted message (col7 ln13-48).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Goyal and Higbee to help making the detecting and reporting process as automatic.

Regarding claims 2 and 11, the combination of Goyal and Higbee teaches all of the limitations of claims 1 and 10, as described above. Higbee further teaches wherein the potentially harmful or deceptive transaction is a training transaction, used to train end users how to identify potential security breaches (col4 ln11-40, individuals subject to simulated phishing attacks; col4 ln11-40).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Goyal and Higbee providing a way making users more knowledgeable about phishing attacks. In an education process, individuals are subjected to simulated phishing attacks, which are designed to resemble actual phishing attacks (col1 ln 64-col2 ln17).

Regarding claims 3 and 12, the combination of Goyal and Higbee teaches all of the limitations of claims 1 and 10, as described above. Goyal further teaches wherein the mechanism comprises a user interface button within an end user or a web-based application that sends and receives data exchange transactions (para. 0048, the user interface module(s) 122 may receive requests in the form of Hypertext Transport Protocol (HTTP) requests, or other web-based, application programming interface (API) requests. The client device(s) 150 may be executing conventional web browser applications and/or applications (also referred to as “apps”) that have been developed for a specific platform to include any of a wide variety of mobile computing devices and mobile-specific operating systems (e.g., iOS™, Android™, Windows® Phone); para. 0151).

Allowable Subject Matter
Claims 5-9 are objected to as being dependent upon rejected base claim 4, but would be allowable they are rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHU CHUN GAO whose telephone number is (571)270-5999. The examiner can normally be reached on Monday - Thursday 6:00-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KRISTINE KINCAID can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SHU CHUN GAO/ 	Examiner, Art Unit 2437 


/MATTHEW SMITHERS/           Primary Examiner, Art Unit 2437