`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`
`In re Covered Business Method
`Patent Review of:
`U.S. Patent No. 5,940,510
`
`For: SYSTEM FOR COMMUNICATING
`DATA SECURELY
`
`
`
`
`
`
`
`
`
`
`DECLARATION OF STEPHEN D. BRISTOW
`
`
`
`Mail Stop PATENT BOARD
`Patent Trial and Appeal Board
`US Patent and Trademark Office
`PO Box 1450
`Alexandria, Virginia 22313-1450
`
`
`
`I, Stephen D. Bristow, hereby declare and state as follows:
`
`1.
`
`I have been retained as a technical consultant on behalf of JP Morgan Chase &
`
`Co. and JP Morgan Chase N.A., the petitioner in the present proceeding, and I
`
`am being compensated at my usual and customary hourly rate. The petition
`
`names JP Morgan Chase & Co. and JP Morgan Chase N.A. as real parties-in-
`
`interest. I have no financial interest in, or affiliation with, the petitioner, real
`
`parties-in-interest, or the patent owner, which I understand to be Maxim
`
`Integrated Products, Inc. My compensation is not dependent upon the
`
`CHASE EX. 1017 - p. 1/44
`
`
`
`Docket No. 020358-00006-US05
`
`outcome of, or my testimony in, the present covered business method patent
`
`review or any litigation proceedings.
`
`Background
`
`2. My background, qualifications, and experience relevant to the issues in
`
`proceeding are summarized below. My curriculum vitae as related to the
`
`issues in this proceeding is submitted herewith as Exhibit 1010.
`
`3.
`
`I am currently Chief Technology Officer of Cloudastructure, an Internet-based
`
`video security service, and am currently on retainer to advise, consult with,
`
`and maintain Parkinson’s disease testers for the Andy Grove Foundation of
`
`Los Altos, California.
`
`4.
`
`I have a Bachelor of Science degree in Electrical Engineering and Computer
`
`Science as a Regent’s Scholar from the University of California at Berkeley. I
`
`also have a Master of Science degree in Electrical Engineering from the
`
`University of Santa Clara, in Santa Clara, California. During my studies, I
`
`took courses in integrated circuit design, communications theory, computer
`
`architecture, programming languages such as machine language, assembly
`
`language, compiled and interpreted language, as well as programming
`
`language theory. I have also attended numerous ongoing continuing
`
`education and technical training classes since graduation, which include
`
`2
`
`CHASE EX. 1017 - p. 2/44
`
`
`
`Docket No. 020358-00006-US05
`
`training in the programming, capabilities, technological limitations, and uses
`
`of smart cards by Micro Card Technologies, Inc., a subsidiary of Bull.
`
`5. Beginning in 1973, I had the position of Vice President of Engineering for
`
`Atari. At that time, Atari’s arcade video games operated on a cash basis, and
`
`the company was interested in finding out ways to, and developing the
`
`technology to, make it easier for customers to play their video games.
`
`Traditional coin-operated games require a large amount of coins, which are
`
`bulky and inconvenient for consumers, and need to be periodically emptied
`
`and deposited, which can be a burden for arcade operators. Paper currency
`
`also has drawbacks, as bill acceptors and change machines at the time had
`
`complicated mechanics and electronics, and were expensive. Credit card
`
`technologies were also not appropriate, since relatively expensive phone lines
`
`would be required for each credit card reader. There was therefore a
`
`recognized benefit from having an inexpensive stored-value medium where
`
`value could be deposited by the consumer and debited by an arcade machine
`
`without communicating with a central authority.
`
`6. Through my work at Atari, I began to follow developments in technologies
`
`related to cash cards, including magnetic strip paper cards such as those used
`
`for mass transit. In the mid-1980s, I became aware of the development of
`
`integrated-circuit based “smart cards” which provided persistent storage
`
`3
`
`CHASE EX. 1017 - p. 3/44
`
`
`
`Docket No. 020358-00006-US05
`
`coupled with a processing capability that could implement sophisticated
`
`security protocols.
`
`7. Around 1986, I began working with my former Atari colleague Christopher
`
`Wright to develop a smart card-based solution for postage-printing stations.
`
`Mr. Wright and I started Wright Technologies to research and implement this
`
`technology. Larger companies at the time used postage-printing stations to
`
`generate U.S. mail postage stamps in-house. This was done using heavy
`
`sealed metal boxes that included mechanical levers to set postage amounts,
`
`which would use mechanicals to set a stamp imprint. Also included was a
`
`mechanical balance calculator, which would decrement as postage stamps
`
`were generated. In order to refill the stored value, the box would need to be
`
`carried to a postal service branch to be physically opened and configured with
`
`additional value. We had the idea of using the secure storage capability of
`
`smart cards in conjunction with an intelligent printing device in order to
`
`generate secure printed postage value. This work resulted in applications for
`
`patents filed by myself and Mr. Wright, which include issued U.S. Patent Nos.
`
`4,900,904 (the “’904 patent”) (Exhibit 1019) and 4,864,618 (Exhibit 1020),
`
`both filed October 17, 1988.
`
`8. Starting in 1986, Wright Technologies completed working prototypes of a
`
`postage terminal that used a smart card to securely store and transmit in an
`
`4
`
`CHASE EX. 1017 - p. 4/44
`
`
`
`Docket No. 020358-00006-US05
`
`interactive basis financial information between a printing device and a smart
`
`card based on user inputs. The smart card stored a running balance and
`
`multiple secret “keys” used to secure the transaction with the printing device.
`
`A user would enter a desired postage amount into the terminal, which would
`
`be transmitted to the smart card. The smart card would then send to a smart
`
`printing element within the printing device an encrypted communication that
`
`included a request for printing, the amount of the postage to be printed, as
`
`well as a challenge number to be used for authentication. The print head
`
`would then decrypt the communication and respond to the challenge with the
`
`same number encrypted using a different secret key. The smart card would
`
`decrypt the response to confirm that the print head is a valid print head. In
`
`turn, the print head would send its own encrypted challenge, which the smart
`
`card would need to decrypt and re-encrypt using a different secret key. The
`
`print head would decrypt the postage amount, and in response print the
`
`appropriate amount, and respond with a message indicating the print was
`
`successful. Only at this point would the smart card deduct from its balance
`
`the amount of the postage.
`
`9.
`
`In parallel with my work at Wright Technologies, I served as Director of
`
`Engineering at Verifone from 1989 to 1991. In that capacity I was responsible
`
`for Verifone’s engineering in California and Taiwan. While there we
`
`5
`
`CHASE EX. 1017 - p. 5/44
`
`
`
`Docket No. 020358-00006-US05
`
`developed a cash card system making use of secure financial transaction data
`
`which was produced and used in a number of locations. The terminals for this
`
`system were designed to read the contents of the cash card and communicate
`
`with a server to complete the transaction.
`
`10. One aspect of my work at Verifone included securing transactions against
`
`“skimming,” which is the fraudulent duplication of a card to create an
`
`identical copy that could then also be used to spend the same value. A cash
`
`card system can be vulnerable to a skimming attack when the communication
`
`between the cash card and a terminal includes a transaction amount, but no
`
`information that uniquely identifies the card as opposed to a copy of the card.
`
`One solution we devised to address skimming attacks was to recognize that
`
`the magnetic encoding of content on individual cards bears a unique
`
`“watermark” that could not be copied by then-existing techniques. This
`
`watermark served as an additional piece of unique information that could be
`
`used to determine whether a card being presented is the same physical card, or
`
`a different physical card, than one presented earlier with the same identifying
`
`information. Verifone also manufactured credit card reading terminals such
`
`as those found in grocery stores. They use encryption techniques, such as
`
`DES, to secure communications to and from the terminals. While at Verifone,
`
`my team designed and implemented a PIN (Personal Identification Number)
`
`6
`
`CHASE EX. 1017 - p. 6/44
`
`
`
`Docket No. 020358-00006-US05
`
`pad to allow users to enter their PIN into the Verifone terminal. The PIN pad
`
`encrypted the user’s PIN using DES encryption.
`
`11. In 1994, Wright Technologies licensed the secure smart card transaction
`
`patents that grew out of our postage metering product to Pitney-Bowes, and
`
`were retained by Pitney-Bowes to develop production versions of a postage
`
`metering system based on our prototype. We ultimately completed a
`
`production system which was rolled out and marketed. We ceased our work
`
`with Pitney-Bowes in 1998, and I continued to develop further smart card-
`
`based applications including an office telephone that used a smart card to
`
`retain a user’s identity in a mobile office situation. In this system, office
`
`telephones were configured to accept a smart card, and would read the
`
`contents of the card. The phone would then communicate with the office
`
`phone network so that calls would be routed to a user’s current location, as
`
`well as having autodial and other preferences carried with a user rather than
`
`tied to a specific phone.
`
`12. Through work related to smart cards I have also become aware of how smart
`
`cards are used in the satellite broadcast field, in particular, the use of smart
`
`cards to store subscriber information and permissions, and to control the
`
`encryption and decryption of secure broadcasts.
`
`7
`
`CHASE EX. 1017 - p. 7/44
`
`
`
`Docket No. 020358-00006-US05
`
`13. During the time period above, and through the present, I have regularly
`
`attended trade shows, including the Consumer Electronics Show (“CES”) and
`
`the National Association of Broadcasters (“NAB”) trade show. At these trade
`
`shows I would observe other companies’ developments in the area of smart
`
`cards and stored value card, in particular as they related to stored value and
`
`security permission and authentication.
`
`14. I am also a member of the Institute for Electrical and Electronics Engineers
`
`(“IEEE”), and have been a member of the Administrative Committee for the
`
`Consumer Electronics Society for the IEEE, as well as a member of the
`
`Society for Motion Picture and Television Engineers (“SMPTE”), the
`
`Program Committee for the Society for Information Display (“SID”), and
`
`other relevant professional organizations. Through my work with these
`
`organizations, I have also become familiar with the state of the art of smart
`
`cards on a continuing basis.
`
`15. My work in the smart card field included implementing security features.
`
`These included mechanical security features of devices themselves; optical
`
`security in the form of ensuring that, for example, printed postage stamps
`
`were proof against copying, as well as electronic security to ensure the
`
`integrity of the smart card interaction.
`
`8
`
`CHASE EX. 1017 - p. 8/44
`
`
`
`Docket No. 020358-00006-US05
`
`16. The patents that issued out of my work in smart cards include U.S. Patent No.
`
`4,900,904 (Exhibit 1019), which describes a secure transaction system that
`
`can be used in a smart card/terminal system. The scheme described in the
`
`’904 patent uses, among other things, a challenge and response authentication.
`
`In that authentication, a smart card first generates a random number and
`
`encrypts it with a known algorithm using a shared key. The smart card sends
`
`the encrypted number to the terminal, which decrypts the number with the
`
`inverse algorithm using the same key. The terminal then re-encrypts the same
`
`number using a different algorithm, which it sends back to the smart card.
`
`The card decrypts using the inverse of the different algorithm, and verifies
`
`that it has received the same random number that was sent. If so, the
`
`transaction is authorized. See, e.g., ‘904 Patent at 3:46-66.
`
`17. Through my work, I have become familiar with public-private key encryption,
`
`and in particular the RSA implementation of public-private key encryption. In
`
`a public-private key system, each side to a communication has both a “public”
`
`key, which is made generally available, and a “private” key, which is kept
`
`secret. Either key can be used to encrypt a message, which can only be
`
`decrypted using the other key. The RSA system for generating public and
`
`private keys was described in a paper by Rivest, Shamir, and Adelman
`
`(Exhibit 1005).
`
`9
`
`CHASE EX. 1017 - p. 9/44
`
`
`
`Docket No. 020358-00006-US05
`
`Materials Considered
`
`18. I have reviewed each of the following:
`
`a. U.S. Patent No. 5,940,510 (“the ’510 Patent”), including the claims,
`
`description and prosecution history (which are identified in the Petition
`
`respectively as Exhibits 1001 and 1002);
`
`b.
`
`International Patent Application Publication No. WO 1983/003018 to
`
`Cremin at al. (Exh. 1003; hereinafter “Cremin”);
`
`c.
`
`Integrated Circuit Cards, Tags, and Tokens by P.L. Hawkes, et al. (Exh.
`
`1004; hereinafter “Hawkes”), which includes:
`
`i. Preface and Introduction by P.L. Hawkes (“Hawkes Preface &
`
`Introduction”);
`
`ii. Chapter 2: Smart Card Technology – A US Pioneer’s Viewpoint by
`
`A.R. Lessin (hereinafter, “Hawkes Ch. 2”);
`
`iii. Chapter 6: Secure Transactions with an Intelligent Token by W.L.
`
`Price and Bernard J. Chorley (hereinafter, “Hawkes Chapter 6”); and
`
`iv. Chapter 8: Cryptography and the Smart Card by D.W. Davies
`
`(hereinafter, “Hawkes Chapter 8”).
`
`10
`
`CHASE EX. 1017 - p. 10/44
`
`
`
`Docket No. 020358-00006-US05
`
`d. Rivest, et al., A method for obtaining digital signatures and public key
`
`crypto-systems, Communications of ACM, Volume 21, Number 2 (1978).
`
`(Exh. 1005).
`
`19. Upon reviewing the ’510 Patent, I understand that a non-provisional
`
`application was filed on January 31, 1996 (Appl. No. 08/594,975), which
`
`issued as the ’510 Patent. For the purposes of my analysis, based on the filing
`
`date that appears on the patent, I assume the time of the purported invention to
`
`be January, 1996.
`
`Level of Ordinary Skill in the Art
`
`20. It is my opinion that a person of ordinary skill in the art at the time of the
`
`inventions claimed in the ’510 Patent would have had at least a B.S. degree in
`
`electrical engineering or computer engineering with at least two years of
`
`practical or post-graduate work in the areas of secure financial transactions
`
`and real-time microcontroller programming, or, alternatively, an additional
`
`year (at least three years) of postgraduate or professional experience in
`
`computer systems engineering related to secure data transactions, or the
`
`equivalent. I was a person of at least ordinary skill in this art in January,
`
`1996.
`
`State of the Art in 1995
`
`11
`
`CHASE EX. 1017 - p. 11/44
`
`
`
`Docket No. 020358-00006-US05
`
`21. The development and rapid proliferation of computing technology in the
`
`1990’s, and in particular its application to financial transactions, created a
`
`requirement for computerized mechanisms for secure communications.
`
`22. In discussing my background, I explained developments in this area that I
`
`was involved in. In particular, as described in further detail above, almost
`
`ten years prior to 1995 I was personally involved in developing a smart card
`
`solution to completing financial transactions with a postage metering
`
`terminal. This solution included storing both the programming necessary to
`
`process a transaction and a cash balance on the smart card, coupled with an
`
`encrypted authentication and communication process between the smart
`
`card and a custom integrated-circuit based printing device.
`
`23. Others in the industry were also developing smart card technology well
`
`before 1995. For example, as described in Hawkes Ch. 2, Roland Moreno
`
`obtained patents on smart card technology in 1975 that were licensed to
`
`companies such as Honeywell Bull, Schlumberger and Philips by 1978.
`
`Hawkes Ch. 2, p. 26.
`
`24. By 1985, financial services companies such as Visa were developing smart
`
`card technology. Id. at 26. By 1987, France was using smart cards as bank
`
`cards. Id. at 27.
`
`12
`
`CHASE EX. 1017 - p. 12/44
`
`
`
`Docket No. 020358-00006-US05
`
`25. The Hawkes Chapters, published in 1990, disclose various aspects of
`
`integrated circuit devices holding data, such as monetary equivalents, that
`
`can be manipulated in a secure manner to prevent tampering. For example,
`
`Hawkes Ch. 6 discloses an “intelligent token.” Figure 6.3 shows a block
`
`diagram of the “intelligent token.”
`
`
`
`26. Encryption technology as it relates to smart cards was mature by 1995.
`
`Shared key encryption schemes, which rely on two parties to a
`
`communication performing known algorithms to encrypt and decrypt
`
`messages using the same secret key, had already been in use for some time.
`
`In 1976, Whitfield Diffie and Martin Hellman published their seminal paper
`
`describing a public key cryptography system where the two parties to a
`
`communication instead use different keys. See Diffie-Hellman. In a public
`
`13
`
`CHASE EX. 1017 - p. 13/44
`
`
`
`Docket No. 020358-00006-US05
`
`key cryptography system, each entity has two keys. Id. at 647-648. One
`
`key is made public, and the other kept private; the public key can decrypt
`
`information encrypted with the private key, and vice versa. Id. Diffie-
`
`Hellman articulated the concept of a public key cryptography system, but
`
`did not fully describe an implementation to put the concept into practice.
`
`Two years later, in 1978, Rivest, Shamir, and Adelman published an
`
`implementation of a public key cryptography system called “RSA.” See
`
`Rivest. Within 10 years, by 1987, RSA-specific chip designs were made
`
`available and marketed, and it was recognized that implementing RSA on
`
`smart card chips was feasible. See, e.g., Hawkes Ch. 8, p. 151. One such
`
`smart card, incorporating a math coprocessor to perform RSA calculations,
`
`was developed as a prototype for a pilot program in the U.K. See Hawkes
`
`Ch. 6, pp. 87-88.
`
`Overview of the ’510 Patent
`
`27. Based on my review of the ’510 Patent, it describes a system for
`
`communicating a cash equivalent to and from a portable module. ’510
`
`Patent, Abstract.
`
`28. Figure 2 of the ’510 patent is an illustrative block diagram showing the
`
`components of the system for communicating data securely between a
`
`portable module (portable module 102) and a secure module (secure
`
`14
`
`CHASE EX. 1017 - p. 14/44
`
`
`
`Docket No. 020358-00006-US05
`
`microprocessor based device 108) through a portable module reader
`
`(microprocessor based device 104):
`
`
`
`Portable module 102 communicates with a microprocessor based device
`
`104 through a communication means 106, and device 104 in turn relays
`
`those communications to secure microprocessor based device 108. In
`
`addition to the secure microprocessor based device 108, the device 104 can
`
`be connected to a number of other systems, such as a credit card reader 114
`
`or phone line 116.
`
`29. The structure of a portable module 102 is shown in Figure 2 of the ’510
`
`Patent:
`
`15
`
`CHASE EX. 1017 - p. 15/44
`
`
`
`Docket No. 020358-00006-US05
`
`
`
`Figure 2 illustrates components described in the specification that include a
`
`memory 202, input/output circuit 212, timer 208, counter 206, and
`
`substantially unique identification number 210. A memory circuit 204
`
`controls reading and writing to and from these various components.
`
`30. The “portable module” is recited as having the following components, all of
`
`which are readily understood by a person of ordinary skill to be components
`
`of generic computers:
`
`a. The “nonvolatile memory for storing a first data” is described in the
`
`specification as being “for storing and retrieving vital information
`
`pertaining to the system to which the module 102 may become
`
`16
`
`CHASE EX. 1017 - p. 16/44
`
`
`
`Docket No. 020358-00006-US05
`
`attached to.” Id. at 3:57-60. The claim references that the
`
`“nonvolatile memory” is “for storing a first data,” but does not further
`
`qualify what the “first data” is. A person of ordinary skill in the art
`
`would understand this to be no different than ordinary memories that
`
`can be used to store data persistently on a generic computer, such as
`
`read-only memories (“ROM”), or random-access memory whose
`
`contents are preserved by a battery even after the main device is no
`
`longer receiving power. Generic computers generally use a
`
`nonvolatile memory like a ROM for storing, for example, programs or
`
`data that do not need to be changed and should be the same every time
`
`a computer is used.
`
`b. The only disclosure in the specification related to the “real time clock
`
`circuit for time stamping data transactions” is the description in the
`
`specification of a “timer 102” that “may be provided in the module to
`
`provide the ability to time stamp transactions performed by the
`
`module.” Id. at 4:2-4 I understand the reference to “timer 102” to be
`
`intended to refer to “timer 208” shown in Figure 2, although neither
`
`timer is referred to anywhere else in the patent. Id. at Fig. 2. A
`
`person of ordinary skill would understand that this the function of
`
`“time stamping” can be provided by the real time clock typically
`
`17
`
`CHASE EX. 1017 - p. 17/44
`
`
`
`Docket No. 020358-00006-US05
`
`incorporated in generic computers. The “time stamping,” moreover,
`
`simply refers to reading and writing a value from a clock to some
`
`other data in order to mark when the data was generated. Generic
`
`computers include a real time clock that can be used to time stamp
`
`transactions.
`
`c. The “counter for counting a transaction count” is described as being
`
`“for keeping track of the number of transactions the module has
`
`performed.” Id. at 3:66-4:2. A person of ordinary skill in the art
`
`would understand that this functional description could refer to
`
`hardware or software that keeps track of a value that can incremented
`
`periodically. The person would further understand that this counter
`
`can be implemented by a simple location in memory representing a
`
`number. Generic computers include memory that can be used as a
`
`counter.
`
`d. The “input/output circuit” is described as being a circuit that “controls
`
`the data flow into and out of the portable module 102.” Id. at 4:10-24.
`
`A person of ordinary skill in the art would understand that generic
`
`computers include hardware that allows a computer to receive data
`
`input or generate data output for communication with other systems.
`
`Generic computers include an input/output circuit.
`
`18
`
`CHASE EX. 1017 - p. 18/44
`
`
`
`Docket No. 020358-00006-US05
`
`e. The “substantially unique electronically readable identification
`
`number” is described as being something that “identifies the portable
`
`module from any other portable module.” Id. at 4:7-9. A person of
`
`ordinary skill in the art would understand that hardware or software in
`
`a generic computer can store a number that can identify a device and
`
`distinguish it from other devices.
`
`f. The “memory control circuit” is described as a memory controller that
`
`“controls the reading and writing of data into and out of the memory
`
`202.” Id. at 4:4-6. A person of ordinary skill in the art would
`
`understand that generic computers include various circuits to read and
`
`write contents to or from memory.
`
`31. The ’510 Patent does not include a detailed description of the structure of
`
`the portable module reader (microprocessor based device 104). The patent
`
`instead describes that it “can be any of an unlimited number of devices.”
`
`’880 Patent at 2:37-46. Examples of the kind of device it can be include a
`
`“personal computer, an add-a-fare machine at a train or bus station (similar
`
`to those in today's District of Columbia metro stations), a turn style, a toll
`
`booth, a bank's terminal, a ride at a carnival, a washing machine at a
`
`Laundromat, a locking device, a mail metering device or any device that
`
`controls access, or meters a monetary equivalent, etc.” Id. The main
`
`19
`
`CHASE EX. 1017 - p. 19/44
`
`
`
`Docket No. 020358-00006-US05
`
`description of the device 104 is functional, describing what the device 104
`
`can do instead of its structure.
`
`32. The “portable module reader” is a device that mediates communication
`
`between a portable module and a secure module. The “portable module
`
`reader” is not described as having any components, but instead is described
`
`functionally by what it is capable of doing. The portable module reader
`
`both (1) can be placed in communication with a portable module, and (2)
`
`can be connected to a plurality of other devices. From this description,
`
`coupled with the discussion of the portable module reader in the
`
`specification, a person of ordinary skill in the art would understand that any
`
`generic computer can fulfill these functional roles. The specification is
`
`clear that the portable module reader, which it calls “microprocessor based
`
`device 104,” can be “any of an unlimited number of devices,” including “a
`
`personal computer.” ’510 Patent, 2:37-45. The form of communication
`
`between the portable module reader and the portable module is, moreover,
`
`described as being “preferably via a single wire or contact connection,” but
`
`could instead be “multiple wires, a wireless communication system,
`
`infrared light, any electromagnetic means, a magnetic technique, or any
`
`other similar technique.” Id. at 2:52-58. A person of ordinary skill would
`
`understand that the communication is not limited to any particular structure
`
`20
`
`CHASE EX. 1017 - p. 20/44
`
`
`
`Docket No. 020358-00006-US05
`
`or form of communication, and that generic computers at the time were able
`
`to communicate over wired, wireless, infrared, and a variety of other ways.
`
`Since any possible form of communication was contemplated, a generic
`
`computer would be able to fulfill this role. The specification also
`
`contemplates that the “plurality of other devices” that the portable module
`
`reader can be connected to “include, but are not limited to a cash acceptor
`
`110, an automatic teller machine (ATM) 112, a credit card reader 114, and
`
`a phone line 116.” Id. at 2:66-3:2. A person of ordinary skill would
`
`understand that each of these devices would refer to systems to which a
`
`generic computer could be connected using a serial data connection,
`
`network connection, or phone connection. Generic computers at the time
`
`included a variety of ways to provide communication with external,
`
`peripheral devices.
`
`33. The structure of a secure microprocessor based device 108 is illustrated in
`
`Figure 3:
`
`21
`
`CHASE EX. 1017 - p. 21/44
`
`
`
`Docket No. 020358-00006-US05
`
`
`
`Figure 3 illustrates the components including a micro processor 12, math
`
`coprocessor 18, real time clock 14, memory control 16, memory 20,
`
`input/output circuit 26, and an energy circuit 34. The specification
`
`describes the structure of the secure module “can be a single integrated
`
`circuit,” but “could also be a monolithic or multiple circuits combined
`
`together.” 4:25-29.
`
`22
`
`CHASE EX. 1017 - p. 22/44
`
`
`
`Docket No. 020358-00006-US05
`
`34. The “secure module” is recited as having the following components, all of
`
`which are readily understood by a person of ordinary skill to be components
`
`of generic computers:
`
`a. The “microcontroller core” is described to be a generic
`
`microprocessor, such as “preferably an 8-bit microprocessor.” Id. at
`
`4:56-57. Generic computers include a processor to control the
`
`operation of the computer.
`
`b. The “math coprocessor” is described as being “designed and used to
`
`handle very large numbers. In particular, the coprocessor will handle
`
`the complex mathematics of RSA encryption and decryption or other
`
`types of math intensive encryption or decryption techniques.” Id. at
`
`4:61-65. A person of ordinary skill in the art would understand that at
`
`the time of the patent generic computers had regularly included
`
`circuits that operated in conjunction with a central processing unit to
`
`provide enhanced mathematical computation ability. The trend
`
`towards on-chip math coprocessors is shown by, for example,
`
`Motorola’s announcement years earlier of its 68040 chip that included
`
`an on-board math coprocessor, and it was known that they would
`
`significantly improve the performance of encryption and decryption
`
`techniques. Martin Marshall, Motorola Unveils Details of 68040,
`
`23
`
`CHASE EX. 1017 - p. 23/44
`
`
`
`Docket No. 020358-00006-US05
`
`INFOWORLD, April 3, 1989 at 105 (Exh. 1015). Math coprocessors
`
`were recognized in the field as a key component for efficiently
`
`processing encryption routines. Erik Sandberg-Diment, The
`
`Executive Computer; How To Improve A PC's Math Skills, THE
`
`NEW YORK TIMES, January 19, 1986 (Exh. 1016).
`
`c. The “energy circuit” is described as “necessary to maintain stored
`
`information in the memory circuitry 20 and/or aid in powering the
`
`other circuitry in the module 108.” ’510 Patent, 5:17-22. Since the
`
`energy circuit is described as being used to power any circuitry in the
`
`module, a person of ordinary skill in the art would understand this
`
`disclosure to refer to any power source used by the module. Generic
`
`computers run off of electricity, and have circuits to receive power
`
`from either a battery or a power main.
`
`d. The “memory circuit” is described as being able to “contain both
`
`read-only-memory and non-volatile random-access-memory” and
`
`“volatile memory, EPROM, SRAM and a variety of other types of
`
`memory circuitry might be used to create an equivalent device.” Id. at
`
`5:1-4. A person of ordinary skill in the art would understand this to
`
`refer to any form of memory in the module. Generic computers
`
`include a memory control circuit.
`
`24
`
`CHASE EX. 1017 - p. 24/44
`
`
`
`Docket No. 020358-00006-US05
`
`e. As for the portable module 102, the “real time clock circuit” is
`
`generally understood to be a clock that keeps track of the current date
`
`and/or time. Generic computers include a real time clock.
`
`Claim Construction
`
`35. I have been asked to offer my opinion regarding the understanding of a
`
`person skilled in the art regarding certain claim terms in the ’510 Patent. I
`
`understand that in the present proceeding, claim terms are interpreted as the
`
`broadest reasonable construction consistent with the specification. Based
`
`on my review of the ‘510 Patent, it is my opinion that the terms in the ‘510
`
`Patent would be understood by a person of ordinary skill in the art to carry
`
`their plain and ordinary meaning, and do not require construction. In
`
`particular, the claims provide context to understand the structure and
`
`function of each of the two modules (by reference to their components,
`
`which a person of ordinary skill would understand to be generic computer
`
`components), and the portable module reader (by reference to its
`
`communication functions).
`
`Cremin
`
`36. Based on my review, Cremin discloses a system to securely transfer data
`
`between two portable integrated circuit cards through a coupling terminal.
`
`25
`
`CHASE EX. 1017 - p. 25/44
`
`
`
`Docket No. 020358-00006-US05
`
`In one embodiment of Cremin, one card is held by a “consumer” (such as a
`
`customer) wishing to make a payment and the other card held by a “trader”
`
`(such as a store) wishing to receive a payment from the consumer. Id. at
`
`5:22-6:4.
`
`37. An example of the structure of the portable integrated circuit cards, which
`
`applies to both the consumer and the trader, is shown in Figure 2. Cremin
`
`states that this example can be illustrative of both the trader card and the
`
`consumer card. Id. at 6:2-4:
`
`26
`
`CHASE EX. 1017 - p. 26/44
`
`
`
`Docket No. 020358-00006-US05
`
`
`
`Figure 2 in Cremin discloses structures recited as part of the claimed portable
`
`module and secure module in the ‘510 Patent. These include a central
`
`processing unit 12 that controls reading and writing from read-only memory
`
`11, which is nonvolatile; a clock generator 15 that is used to generate time
`
`stamps; an input/output driver 16 that handles communication with