Patenting Cybersecurity and Software Innovations

June 28, 2022
By Joanna Ma and Ahmed Elmallah

This article continues our discussion on Intellectual Property (IP) Strategies for Cybersecurity Innovations, with a focus on practice points for improving your chances of patenting cybersecurity and software innovations.

Cybersecurity innovations are often driven by software-based solutions that can typically be protected by patents. Although patent law is jurisdictional, the law in the U.S. serves as guidance for the treatment of software patents worldwide (see related article here).

Frame the Innovation as a Technical Solution to a Technical Problem

Following the U.S. Supreme Court’s decision in Alice Corp. v. CLS Bank International, the U.S. Patent Office took a cautious approach towards any patent applications with broad, high-level process claims. Patent claims that recite high level steps of achieving a technical solution are likely to be considered “abstract” by the U.S. Patent Office and directed to patent-ineligible subject matter.

Following the Alice decision, a major takeaway is to focus software patent claims on defining specific technological steps that enable the innovative technical solution. For example, patent claims directed to improvements in network access control systems should focus on the technological steps of how that access is better evaluated by the computer system, such as the improved data authentication process, and what then triggers the computer system to grant or deny access.

Describe the Technical Context of the Innovation

Most patent applications include some background of the invention. Since Alice, it has become even more critical for patent applications directed to software-driven innovations to include a detailed discussion on the technical context of the innovation. Although patent examiners are technically trained, it can be difficult for a third party to appreciate the need for the innovation, especially if the innovation addresses unique issues within that industry. By emphasizing the background on how the innovation was developed and the technical needs that the innovation addresses, the patent examiner can better understand the practical value of the innovation from the industry’s perspective.

Providing such context can include explaining the technical challenges that were overcome to arrive at the solution, technical advantages of the solution, and practical results and improvements that can be obtained with the solution. For example, in the cybersecurity space, consider expanding on how your innovation improves the security of the computer system or network, or the improved identification and handling of malicious attacks.

Understand Office Procedures

When patent applications are received by the patent office, they are categorized based on technology area and assigned to a relevant technical group for examination. In the U.S., each patent application is automatically assigned to an art unit typically based on a combination of the title, the field section, and at least some portion of the claims. Software patent applications that end up in Art Units 3620, 3680 and 3690 (relating to “Business Methods”) often face tremendous ineligible subject-matter hurdles. These art units will often issue rejections against such applications alleging that claimed innovation is directed to patent-ineligible subject matter. While it may be possible to overcome these rejections, it is often an uphill and costly battle.

Instead, applicants of cybersecurity patent applications should aim to have their cases assigned to Art Units 2431 or 2491 under the heading “Information Security”. To increase the likelihood of this, it is helpful to prepare patent applications to emphasize the technical details relevant to the cybersecurity solution – especially in the title, the field section, and the claims. This increases the likelihood of the application being reviewed by patent examiners knowledgeable in the relevant space.

Subscribe to our newsletter

You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

This site is registered on as a development site.