13752271 - (D) (P.T.A.B. Jul. 27, 2020)

Visa International Service Association

Patent Trials and Appeals BoardJul 27, 2020

13752271 - (D) (P.T.A.B. Jul. 27, 2020)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 13/752,271 01/28/2013 Michael F. Buhrmann 079900-1003465 9962 66945 7590 07/27/2020 KILPATRICK TOWNSEND & STOCKTON LLP/VISA Mailstop: IP Docketing - 22 1100 Peachtree Street Suite 2800 Atlanta, GA 30309 EXAMINER ANSARI, AZAM A ART UNIT PAPER NUMBER 3682 NOTIFICATION DATE DELIVERY MODE 07/27/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): KTSDocketing2@kilpatrick.foundationip.com ipefiling@kilpatricktownsend.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE _____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD _____________ Ex parte MICHAEL F. BUHRMANN, CHARLES L. DENNIS, and JEFFREY BRENNAN1 _____________ Appeal 2020-001504 Application 13/752,271 Technology Center 3600 ______________ Before JOHN A. EVANS, LARRY J. HUME, and CARL L. SILVERMAN, Administrative Patent Judges. EVANS, Administrative Patent Judge. DECISION ON APPEAL 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42(a). The Appeal Brief identifies Visa International Service Association, as the real party in interest. Appeal Br. 2. Appeal 2020-001504 Application 13/752,271 2 STATEMENT OF THE CASE2 This is a decision on appeal under 35 U.S.C. § 134(a) from the Examiner’s Final Rejection of Claims 1, 3, 4, 12–14, 16–28, 31, 32, 35, and 36, all claims on appeal. Final Act. 1. We have jurisdiction over the pending claims under 35 U.S.C. § 6(b). We AFFIRM. INVENTION The claimed invention is directed to a system and method for authenticating entities or individuals engaging in automated or electronic transactions. See Abstract. Claims 1 and 14 are independent. Claim 1, reproduced below, is illustrative of the invention. 1. A method, comprising the steps of: a) electronically accessing, by a processing device, over a network, mobile subscriber data comprising a geographic location for a wireless device, and being associated with a user, and data from multiple financial institutions for multiple accounts of the user, the multiple accounts comprising at least one electronic account; b) determining, by the processing device, a risk score, the risk score being based on the accessed mobile subscriber data 2 Throughout this Decision, we refer to the Appeal Brief (“Appeal Br.”) filed July 24, 2019, the Reply Brief (“Reply Br.”) filed December 19, 2019, the Final Office Action (“Final Act.”) mailed January 24, 2019, the Examiner’s Answer mailed October 21, 2019, and the Specification (“Spec.”) filed January 28, 2013, claiming benefit of US 61/591,232 filed Jan. 26, 2012. Appeal 2020-001504 Application 13/752,271 3 associated with the user and the accessed data from the multiple financial institutions for the multiple accounts of the user; c) transmitting, by the processing device, the risk score to the wireless device, wherein the wireless device compares said risk score against a threshold, wherein if said risk score is determined to be below said threshold, allowing a mobile wallet application on the wireless device to be accessed, and if said risk score is determined to be above said threshold, then denying a capability of the mobile wallet application to be accessed; and d) repeating steps a)-c) continuously without interaction of the user with the wireless device. PRIOR ART Name Reference Date Varghese US 7,908,645 B2 Mar. 15, 2011 Taveau US 2012/0123841 A1 Dec. 19, 2011 Brudnicki US 2014/0040139 A1 Dec. 19, 2011 Appeal 2020-001504 Application 13/752,271 4 REJECTIONS3 AT ISSUE4 1. Claims 1, 3, 4, 12–14, 16–28, 31, 32, 35, and 36 stand rejected under 35 U.S.C. § 112 (pre-AIA), first paragraph, as failing to comply with the written description requirement. Final Act. 3–4. 2. Claims 1, 3, 4, 12–14, 16–28, 31, 32, 35, and 36 stand rejected under 35 U.S.C. § 103 as unpatentable over Taveau, Varghese, and Brudnicki. Final Act. 6–23. ANALYSIS We have reviewed the rejections of Claims 1, 3, 4, 12–14, 16–28, 31, 32, 35, and 36 in light of Appellant’s arguments that the Examiner erred. We have considered in this Decision only those arguments Appellant actually raised in the Briefs. Any other arguments which Appellant could have made but chose not to make in the Briefs are deemed to be waived. See 37 C.F.R. § 41.37(c)(1)(iv). We provide the following explanation to highlight and address specific arguments and findings primarily for emphasis. We consider Appellant’s arguments as they are presented in the Appeal Brief and the Reply Brief. CLAIMS 1, 3, 4, 12–14, 16–28, 31, 32, 35, AND 36: WRITTEN DESCRIPTION Independent Claims 1 and 14 recite, inter alia: “determining, by the processing device, a risk score.” The Examiner finds “[n]either the 3 The present application is being examined under the pre-AIA first to invent provisions. Final Act. 2. 4 The Examiner has withdrawn the rejection of Claim 36 under 35 U.S.C. § 112 (4th paragraph). Ans. 3. Appeal 2020-001504 Application 13/752,271 5 specification nor the drawings disclose in detail the specific steps or algorithm needed to perform the operation [determination of risk score].” Final Act. 3. Appellant argues a fraud risk score can be determined by: “weighting” various inputs. Appeal Br. 5 (citing Spec. ¶¶ 56, 89). Appellant further argues Identity Risk Logic Resources may use “one or more previously calculated fraud risk scores stored in the exemplary Wireless Device ID Database and weighting factors designating the importance of each of the information elements that may be defined in the Identity Risk Configuration data to generate a current fraud risk score for the entity, individual or data subject.” Id. (quoting Spec. ¶ 78). The Examiner finds in order for Appellant’s Specification to provide written description for “determining a risk score,” Appellant’s Specification needs to clearly outline the type of inputs involved, how the input data is manipulated, and the output (i.e., risk score) derived. Ans. 5. The Examiner finds the Specification is inadequate because the “disclosure merely uses exemplary language to describe the type of inputs that may be involved and does not provide a clear, explicit definition of the type of inputs used to determine a risk score.” Id. Moreover, the Examiner finds the Specification fails to disclose a specific mathematical operation. Id. The Examiner further finds Appellant fails to disclose how a risk score is calculated ab initio, but rather, discloses that once a risk factor is calculated, a new risk score may be calculated by application of “weighting factors.” Id. Appeal 2020-001504 Application 13/752,271 6 Appellant contends the Examiner’s application of LizardTech5 is improper because in order “to establish that the claims do not satisfy the written description requirement, the Examiner must first articulate why the full scope of the claims requires ‘undue experimentation’ to practice.” Reply Br. 3. “The test for the sufficiency of the written description ‘is whether the disclosure of the application relied upon reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date.” Vasudevan Software, Inc. v. MicroStrategy, Inc., 782 F.3d 671, 682 (Fed. Cir. 2015) (quoting Ariad Pharm., Inc. v. Eli Lilly & Co., 598 F.3d 1336, 1351 (Fed. Cir. 2010) (en banc)). The written description requirement is not met if the specification merely describes a “desired result.” Ariad, 598 F.3d at 1349. The claims recite, inter alia, “determining, by the processing device, a risk score” which is a computer-implemented functional claim. For computer-implemented functional claims, the determination of the sufficiency of the disclosure will require an inquiry into the sufficiency of both the disclosed hardware and the disclosed software (i.e., “how [the claimed function] is achieved.” USPTO, Examining Computer-Implemented Functional Claim Limitations for Compliance With 35 U.S.C. § 112, 84(4) Fed. Reg. 57, 61 (Jan. 7, 2019) (quoting Vasudevan, 782 F.3d at 683). The key question is “whether the specification discloses the computer and the algorithm(s) that achieve the claimed function in 5 LizardTech, Inc. v. Earth Resource Mapping, Inc., 424 F.3d 1336 (Fed. Cir. 2005). Appeal 2020-001504 Application 13/752,271 7 sufficient detail that one of ordinary skill in the art can reasonably conclude that the inventor possessed the claimed subject matter at the time of filing.” 84 Fed. Reg. at 61. Appellant argues a person skilled in the art could write the necessary software. Appeal Br. 6 (“It is submitted that the specification provides sufficient description and guidance for one of ordinary skill in the art to create a risk score.”) (emphasis added); Reply Br. 3 (“Appellant has already explained why the calculation of a risk score would not require undue experimentation by a person of skill in the art at the time of the present invention.”). However, “[i]t is not enough that one skilled in the art could theoretically write a program to achieve the claimed function, rather the specification itself must explain how the claimed function is achieved to demonstrate that the applicant had possession of it.” 84 Fed. Reg. at 62 (citing Vasudevan, 782 F.3d at 682–83). In view of the foregoing, we find Claims 1, 3, 4, 12–14, 16–28, 31, 32, 35, and 36 lacking written description support under 35 U.S.C. § 112 (first paragraph). CLAIMS 1, 3, 4, 12–14, 16–28, 31, 32, 35, AND 36: OBVIOUSNESS OVER TAVEAU, VARGHESE, AND BRUDNICKI. Transmitting a risk score to a wireless device. Independent Claim 1 recites, inter alia, “transmitting, by the processing device, the risk score to the wireless device.” Independent Claim 14 contains commensurate limitations. The Examiner finds Taveau teaches this limitation. Final Act. 7 (quoting Taveau ¶ 75) (“While the main risk profile may be stored in the Appeal 2020-001504 Application 13/752,271 8 cloud, a subset version could be stored on the mobile device with a specific set of parameters, especially for ‘offline’ transactions using a stored value.”). The Examiner finds Varghese teaches, but without explicitly disclosing, the claimed limitation. The Examiner finds Appellant’s Specification discloses that the risk score may be stored in a Wireless Device Identity database which may be accessible by the user’s wireless device. Final Act 8 (citing Spec. ¶ 38). Varghese discloses: The combined input information along with the current device identifying information is transmitted to the OCR where it is used to update the historical risk database. The combined input information is also evaluated by the flagging rules engine 1210 applies rules definitions 1220 in order to maintain lists that identify devices and their associated fraud risk based on historical information and optionally targeted to one or more specific user devices. Id. (quoting Varghese, col. 32, ll. 53–60). The Examiner finds that in view of Appellant’s disclosure, this disclosure of Varghese also teaches the claimed limitation. Id. With respect to Taveau, Appellant contends “Taveau . . . only describes a user risk profile that may be stored on a mobile device and says nothing about the transmission of a risk score to a wireless device by a processing device.” Appeal Br. 8. The Examiner finds, as Appellant admits, Taveau teaches a “user risk profile” may be stored on a user device. Ans. 8. The Examiner finds Varghese was cited to teach a numerical value representing the risk is transmitted. Id. Appeal 2020-001504 Application 13/752,271 9 Appellant’s Reply refers to the Appeal Brief to argue the Examiner errs with respect to the “transmitting” limitation, but focusses on a “continuously” limitation, to be discussed below. See Reply Br. 4. The Examiner makes a finding based on the combination of Taveau and Varghese, whereas Appellant argues the references individually. “[O]ne cannot show non-obviousness by attacking references individually where . . . the rejections are based on combinations of references.” In re Keller, 642 F.2d 413, 426 (CCPA 1981); see also In re Merck & Co., 800 F.2d 1091, 1097 (Fed. Cir. 1986). Moreover, we note Varghese discloses: “any technique that allows a remote application to store and retrieve persistent data on a user device can be used.” Varghese, col. 25, ll. 22–24. Appellant has not persuaded us the Examiner errs with respect to the “transmitting” limitation. Continuously without interaction of the user. Independent Claim 1 recites, inter alia, “repeating steps a)-c) continuously without interaction of the user.” The Examiner finds Varghese teaches updating profile histories. Final Act. 9. Having argued “[a]gain, there is no transmission of a risk score from a server to a wireless device,” Appellant concludes, therefore, “there is clearly no disclosure of using a continuously transmitted risk score.” Appeal Br. 8; see Appeal Br. 9–10. Appellant’s Reply merely argues “the Examiner has still not explained where the ‘continuous’ transmission of risk scores is in the cited prior art.” Reply Br. 4 (emphasis omitted). We note Varghese discloses: Appeal 2020-001504 Application 13/752,271 10 Another such technique is known as “flash cookies.” Graphical software applications and/or plug-ins from Macromedia, and generally identified by the trade name “Flash,” are currently resident on many user devices. This software can create local shared objects, known as flash cookies,” for maintaining locally persistent data on a user’s device akin to the standard “cookies” stored by web browsers. Flash cookies can be stored locally on a flash plug-in user’s device, are updatable, and have the advantage not being as easily removed from the user’s device as are standard cookies. Varghese, col. 25, ll. 33–43. Appellant discloses that a “benefit of an embodiment of the invention is its ability to continuously update the fraud risk score based on changing inputs.” Spec. ¶ 116. We take Appellant’s disclosure to mean that where an input changes, a risk score may be re- calculated, and a value on the user’s device may be updated which is substantially the teaching of Varghese, supra. Appellant has not persuaded us the Examiner errs with respect to the “continuously” limitation. CLAIM 21 Claim 21, dependent from Claim 1, recites the “method of claim 1 wherein the processing device runs a neural network that is used to determine the risk score.” The Examiner finds Taveau discloses a “smart wallet” which teaches the claimed “neural network.” Final Act 16. Appellant argues: As is well understood in the art, a “neural network” is a specific type of machine learning algorithm that mimics the function of the human brain. This is not disclosed in paragraph [0079] or any other paragraph in Taveau[.] Appeal 2020-001504 Application 13/752,271 11 Appeal Br. 10. The Examiner refers to paragraphs 74 and 79 of Taveau to teach the claimed “neural network.” Ans. 10. We find no disclosure in Taveau that relates to a neural network. We are persuaded of error with respect to Claim 21. CONCLUSION Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 3, 4, 12– 14, 16–28, 31, 32, 35, 36 112(1st ¶) Written Description 1, 3, 4, 12– 14, 16–28, 31, 32, 35, 36 1, 3, 4, 12– 14, 16–28, 31, 32, 35, 36 103 Taveau, Varghese, Brudnicki 1, 3, 4, 12– 14, 16–20, 22–28, 31, 32, 35, 36 21 Overall Outcome 1, 3, 4, 12– 14, 16–28, 31, 32, 35, 36 TIME PERIOD FOR RESPONSE No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). See 37 C.F.R. § 41.50(f). AFFIRMED