throbber
IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`Asghari-Kamrani, et al.
`In re Patent of:
`8,266,432 Attorney Docket No.: 36137-0007CP2
`U.S. Patent No.:
`September 11, 2012
`
`Issue Date:
`Appl. Serial No.: 12/210,926
`
`Filing Date:
`September 15, 2008
`
`Title:
`CENTRALIZED IDENTIFICATION AND
`AUTHENTICATION SYSTEM AND METHOD
`
`
`DECLARATION OF SETH NIELSON
`
`I.
`
`Introduction
`
` My name is Seth James Nielson. I have previously submitted two
`
`expert declarations in this matter. The first is dated April 29th, 2016 and the second
`
`is dated August 25th, 2016.
`
`
`
`In addition to the professional background sections of these two
`
`declarations, I have been appointed the Director of Advanced Research Projects at
`
`the Johns Hopkins University Information Security Institute. I am now teaching
`
`Advanced Network Security in addition to the Network Security course I have
`
`been teaching for the last few years. Moreover, in my new role, I am engaging
`
`with internal and external researchers on a range of projects relating to
`
`cryptography vulnerabilities, Internet-of-Things (IoT) forensics, and computer
`
`security in health care.
`
`
`
`As stated in previous declarations, I am not currently and have not at
`
`any time in the past been an employee of United Services Automobile Association
`Page 1 of 52
`
`
`
`
`
`
`USAA 1054
`USAA v Asghari-Kamrani
`CBM2016-00063
`CBM2016-00064
`
`

`

`
`
`
`
`
`
`
`
`
`
`(“USAA”). I have been engaged in the present matter to provide my independent
`
`analysis of the issues raised in the petition for post-grant review of the ‘432 patent.
`
`I received no compensation for this declaration beyond my normal hourly
`
`compensation based on my time actually spent studying the matter, and I will not
`
`receive any added compensation based on the outcome of this post-grant review of
`
`the ‘432 patent.
`
`
`
`I have been asked by counsel for Petitioner to opine on certain
`
`technical issues set forth in Patent Owner’s Response in this matter, dated
`
`December 5th, 2016 as well as to the opinions set forth in the Expert Declaration of
`
`Dr. Alfred C. Weaver, also dated December 5th, 2016. In reviewing the Response
`
`and accompanying Expert Declaration, I have been asked to opine as to whether
`
`either U.S. Patent Application Serial No. 11/333,400 or U.S. Patent Application
`
`Serial No. 11/239,046 provides sufficient supporting disclosure for the claims of
`
`U.S. Patent No. 8,266,432, which claims priority thereunto.
`
`II. Materials Considered
`
`
`
`In writing this Declaration, I have considered the following: my own
`
`knowledge and experience, including my work experience in the fields of
`
`computer science and IT security and authentication; my industry experience with
`
`those subjects; and my experience in working with others involved in those fields.
`
`
`
`
`Page 2 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`I have also analyzed the following publications and materials, in addition to other
`
`materials I cite in my declaration:
`
` U.S. Patent No. 8,266,432 and its accompanying prosecution history
`
`(“the ‘432 Patent”, USAA-1001, USAA-1002)
`
` U.S. Patent No. 7,444,676 (“the ‘676 Patent”, USAA-1015)
`
` U.S. Patent No. 8,281,129 (“the ‘129 Patent”, Ex. 2004)
`
` U.S. Patent Application Serial No. 11/333,400 (“the ‘400 Application”,
`
`Ex. 2009)
`
` U.S. Patent Application Serial No. 11/239,046 (“the ‘046 application”,
`
`Ex. 1014)
`
` Patent Owner’s Preliminary Response (Paper 11)
`
` Patent Owner’s Response (Paper 22)
`
` PCT Application Publication WO2003021837 A1 (USAA-1028)
`
` Grandparent U.S. Patent Application Serial No. 09/940,635 (USAA-
`
`1016)
`
`
`
`Although for the sake of brevity this Declaration refers to selected
`
`portions of the cited references, it should be understood that one of ordinary skill in
`
`the art would view the references cited herein in their entirety, and in combination
`
`with other references cited herein or cited within the references themselves. The
`
`
`
`
`Page 3 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`references used in this Declaration, therefore, should be viewed as being
`
`incorporated herein in their entirety.
`
`III. Summary of Opinions
`
`
`
`I am of the opinion that U.S. Patent No. 8,266,432 does not have
`
`sufficient supporting disclosure in either U.S. Patent Application Serial No.
`
`11/333,400 or U.S. Patent Application Serial No. 11/239,046 to satisfy the
`
`requirements of 35 U.S.C. §112, first paragraph. Although my opinion relates to
`
`the lack of sufficient supporting disclosure in these two applications, for
`
`convenience I will refer to citations in the ‘676 patent, which issued from the ‘046
`
`application, and citations in the ‘129 patent, which issued from the ‘400
`
`application. Where there are differences between the patent and the application, I
`
`will so indicate.
`
`
`
`I understand that the requirements of 35 U.S.C. 112, first paragraph,
`
`include that the specification includes the following: (A) A written description of
`
`the invention; (B) The manner and process of making and using the invention (the
`
`enablement requirement); and (C) The best mode contemplated by the inventor of
`
`carrying out his invention.
`
`
`
`I also understand that the disclosure requirement of 35 U.S.C. 112,
`
`first paragraph, must be met in a single parent application in order to obtain an
`
`
`
`
`Page 4 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`earlier filing date for individual claims and requires that each claim limitation must
`
`be expressly, implicitly, or inherently supported in the originally filed disclosure.
`
`
`
`I also understand that, to satisfy the written description requirement,
`
`the claimed invention must be described in sufficient detail that one skilled in the
`
`art can reasonably conclude that the inventor had possession of the claimed
`
`invention.
`
`
`
`I further understand that, the fact that a parent application could
`
`support a narrower scope of the invention for the same claim term does not show
`
`that the parent application provides sufficient support for the claims in the
`
`continuation application.
`
`
`
`I maintain the opinions I set forth previously in my two earlier
`
`declarations. Although none of those opinions have changed, I restate a subset of
`
`those opinions herein for emphasis.
`
`a. 4/29/2016 Declaration (¶ 64): It is my opinion that the specification
`
`of the '676 Patent does not support any independent claim in the '432
`
`Patent. Accordingly, by failing to provide written description support
`
`for at least one limitation in each of the independent claims of the
`
`‘432 Patent, the specification of the ‘676 Patent lacks written
`
`description for all the claims of the ‘432 Patent.
`
`
`
`
`Page 5 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`b. 8/25/2016 Declaration (¶ 35): It is my opinion that Section VIB [of
`
`the Patent Owner’s Preliminary Response] does not show sufficient
`
`written description support [from the ‘129 Patent] for all claim
`
`limitations of each claim of the ‘432 Patent.
`
`
`
`In addition to these and other opinions set forth in my two previous
`
`declarations, I disagree with Dr. Weaver that the ‘432 Patent has sufficient written
`
`description support from either the ‘676 or ‘129 patents to the extent that he holds
`
`this opinion. I note as an initial matter that he never clearly states this view in his
`
`Declaration. Rather, he says:
`
`a. “To provide my opinions that the original disclosure of a prior-filed
`
`application no. 11/333,400 (‘the 400 application’) provides written
`
`description support for the 432 Patent claims, I herein cite…” (Ex.
`
`2010 at ¶ 41)
`
`b. “To provide my opinions that the original disclosure of a prior-filed
`
`application no. 11/239,046 (‘the 046 application’) provides written
`
`description support for the 432 Patent claims, I herein cite…” (Ex.
`
`2010 at ¶ 62)
`
` These two statements appear to be the closest he gets to expressing his
`
`opinions about written description support. I remain unclear as to whether or not
`
`he reached his conclusions. But to the extent that he believes that the ‘400
`
`Page 6 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`application or the ‘046 application provide sufficient written description for the
`
`claims of the ‘432 Patent, I disagree.
`
` Moreover, I note that Dr. Weaver did not show written description
`
`support for any claim limitation for any claim of the ‘432 Patent. Instead, Dr.
`
`Weaver presents various opinions that certain terms have sufficient written
`
`description support from either the ‘129 or ‘676 patents. Because Dr. Weaver did
`
`not present any arguments or evidence of written description for claim limitations,
`
`I cannot analyze or rebut any opinions he has, if any, with respect to the actual
`
`language of those claim limitations. Should he introduce any additional opinions
`
`in the future, I reserve the right to address them.
`
` Although I understand from counsel that it is insufficient to opine that
`
`certain claim terms, rather than the claim limitations, have written description
`
`support, I have nevertheless reviewed Dr. Weaver’s opinions. I disagree with him
`
`on at least the following:
`
`a. User vs. Individual (Ex. 2010 at VII. A.)
`
`b. Central-Entity vs. Trusted-Authenticator (Ex. 2010 at VII. B.)
`
`c. External-Entity vs. Business (Ex. 2010 at VII. C.)
`
`d. Dynamic Code vs. Dynamic Key (Ex. 2010 at VII. E.)
`
` Moreover, I have affirmatively reviewed any claim limitations of the
`
`‘432 patent that include the terms identified by Dr. Weaver. I have also reviewed
`
`Page 7 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`Patent Owner’s Response and the claims charts attached thereunto. Contrary to
`
`Patent Owner’s assertion or implication, I am of the opinion that neither the ‘676
`
`patent nor the ‘129 patent provide sufficient written description for at least the
`
`following claim limitations from claim 1, and the corresponding limitations of
`
`claims 25, 48, and 52:
`
`a. receiving electronically a request for a dynamic code for the user by a
`
`computer associated with a central-entity during the transaction
`
`between the user and the external entity;
`
`b. generating by the central-entity during the transaction a dynamic code
`
`for the user in response to the request, wherein the dynamic code is
`
`valid for a predefined time and becomes invalid after being used;
`
`c. providing by the computer associated with the central entity said
`
`generated dynamic code to the user during the transaction;
`
`d. receiving electronically by the central-entity a request for
`
`authenticating the user from a computer associated with the external-
`
`entity based on a user-specific information and the dynamic code as a
`
`digital identity included in the request which said dynamic code was
`
`received by the user during the transaction and was provided to the
`
`external-entity by the user during the transaction; and
`
`
`
`
`Page 8 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`e. authenticating by the central-entity the user and providing a result of
`
`the authenticating to the external-entity during the transaction if the
`
`digital identity is valid.
`
`
`
`I understand from counsel that each and every limitation of a claim
`
`must have written description support. As I have identified multiple such
`
`unsupported limitations, I am also of the opinion that there is insufficient written
`
`description support for the claims of the ‘432 patent in either the ‘676 patent or the
`
`‘129 patent.
`
`
`
`I have not set forth an opinion about each and every statement in
`
`either Patent Owner’s Response or Dr. Weaver’s Declaration. Nevertheless, I
`
`explicitly disclaim endorsement for any opinion not specifically addressed herein.
`
`IV. Analysis of Dr. Weaver’s Expert Declaration
`
` As stated previously, Dr. Weaver expressed no opinions about written
`
`description support for any individual claim limitation, let alone all of them. He
`
`did, however, express his views that certain claim terms had written description
`
`support. I understand from counsel that it is insufficient to arrive at the conclusion
`
`that the ‘432 patent has sufficient written description support from either the ‘129
`
`Patent or the ‘676 Patent simply because certain claim terms are described. I
`
`understand that a proper analysis requires an analysis of the written description
`
`support for each and every limitation in a claim.
`
`Page 9 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
` However, even in his analysis of written description support for claim
`
`terms, I do not agree with Dr. Weaver’s conclusions as outlined below.
`
`A.
`‘129 Patent: User vs. Individual
` Dr. Weaver argues that there is sufficient written description support
`
`for the term “user” in the ‘432 Patent from the ‘129 Patent. Specifically, he
`
`identifies the ‘129 Patent’s disclosure of an “individual” as sufficient support. (Ex.
`
`2010 at ¶¶ 42-45).
`
`
`
`I disagree. A “user” in the ‘432 Patent is broader than “individual” in
`
`the ‘129 Patent and therefore the disclosure of the ‘129 Patent does not provide
`
`sufficient written description support. To illustrate I have reproduced their
`
`respective definitions below (emphasis added):
`
`‘432 Patent
`
`‘129 Patent
`
`For convenience, the term “user” is
`used throughout to represent both
`a typical person consuming goods
`and services as well as a business
`consuming good and services. Ex.
`1001 at 2:10-12.
`
`Furthermore, as used herein,
`“individual” 10 broadly refers to a
`person, company or organization
`that has established a trusted
`relationship with a trusted-
`authenticator 30.
`
`
`
` Dr. Weaver correctly identified the necessity for an “individual” in the
`
`‘129 patent to have a trusted relationship: “[t]hus the definition of ‘individual’ is
`
`tied to a trusted relationship rather than to a single human.” Ex. 2010 at ¶43.
`
`However, Dr. Weaver failed to note that the “user” defined in the ‘432 patent has
`
`Page 10 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`no such limitations. To reiterate, the “user” in the ‘432 patent is not required to
`
`have a trusted relationship with a trusted-authenticator.
`
` While it is true that the “user” from the ‘432 patent has data stored by
`
`the “central entity”, and Dr. Weaver associates the “central entity” with the trusted-
`
`authenticator, there is no requirement for the “user” and “central entity” of the ‘432
`
`Patent to maintain a trusted relationship. In the ‘432 patent, all that is required is
`
`that the “central entity” is “any party that has user’s personal and/or financial
`
`information, UserName, Password and generates dynamic, non-predictable and
`
`time dependable SecureCode for the user.” (‘432 patent at 2:13-16). The “central
`
`entity” could have the user’s information from a third party, or any number of
`
`ways that do not require a trusted relationship. All that is required is that the
`
`“central entity” has the information.
`
` Thus, I conclude that “user,” as disclosed and claimed in the ‘432
`
`Patent, is broader than “individual,” as disclosed in the ‘129 Patent, and the ’129
`
`Patent therefore does not provide sufficient written description support.
`
`B.
`‘129 Patent: Central Entity vs. Trusted-Authenticator
` Dr. Weaver also argues that there is sufficient written description
`
`support for the term “central entity” in the ‘432 Patent and identifies the term
`
`“trusted-authenticator” from the ‘129 Patent as providing that support.
`
`
`
`
`Page 11 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`
`
`I disagree. A “central entity” is broader than a “trusted-authenticator”
`
`for much the same reason that a “user” is broader than an “individual”, and
`
`therefore the disclosure of the ‘129 Patent does not provide sufficient written
`
`description support. To illustrate, I have reproduced their respective definitions
`
`below (emphasis added):
`
`‘432 Patent
`
`‘129 Patent
`
`As used herein, a “Central-Entity”
`is any party that has user’s personal
`and/or financial information,
`UserName, Password and generates
`dynamic, non-predictable and time
`dependable SecureCode for the
`user.
`
`
`
`The use of “trusted-authenticator”
`30 refers to an entity that already
`knows the individual 10, maintains
`information about that individual
`10, and has established a trusted
`relationship with that individual 10.
`
` The ‘129 Patent lists three separate requirements:
`
`a. The trusted-authenticator must already know the individual
`
`b. The trusted-authenticator must maintain information about the
`
`individual
`
`c. The trusted-authenticator must have established a trusted relationship
`
`with that individual
`
` On the other hand, the ‘432 Patent only requires the maintaining of
`
`information. The “central entity” is “any” party that has the user’s personal
`
`information regardless of whether or not it already knows the individual and/or has
`
`
`
`
`Page 12 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`a trusted relationship with the individual. While both terms have overlapping
`
`examples (e.g., both are identified as potentially being banks), the “central entity”
`
`also has a broader list of potential embodiments including “intermediary service
`
`provider.” (‘432 Patent at 2:17-18). The ‘129 Patent does not include such
`
`intermediaries in its description.
`
` The ‘129 Patent expressly states that this trusted relationship is a key
`
`component of the disclosure. “The trusted authenticator would be an entity that
`
`already knows the individual, maintains personal information about that individual,
`
`and has established a trusted relationship with that person. The advantage of using
`
`trusted authenticators is that the authentication process can be built on trust
`
`relationships and infrastructures already in place.” (‘129 Patent at 4:5-11
`
`(emphasis added)).
`
` Even the ‘129 Patent’s example of a bank for the “trusted-
`
`authenticator” is narrower than the ‘432 Patent’s example of a bank for the “central
`
`entity.” The ‘129 Patent explicitly states that the bank should be the individual’s
`
`bank, not just any bank. “A reasonable candidate for such a trusted authenticator
`
`would be a bank or other financial institution with whom the individual has already
`
`established an account. After all, if most people trust a bank to handle their money
`
`and keep it safe, trusting that same bank to authenticate their identities in other
`
`
`
`
`Page 13 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`financial transactions should be natural.” (‘129 Patent at 4:11-16 (emphasis
`
`added)).
`
` On the other hand, the ‘432 Patent makes no such limitations and
`
`places no such expectations on its banks. To the contrary, it appears to be open to
`
`having any financial institution serve as a “central entity”.
`
` Thus, I conclude that “central entity,” as disclosed and claimed in the
`
`‘432 Patent, is broader than “trusted-authenticator,” as disclosed in the ‘129 Patent,
`
`and the ‘129 Patent therefore does not provide sufficient written description
`
`support.
`
`C.
`‘129 Patent: External Entity vs. Business
` Similar to his analysis of the “user” and “central entity” terms of the
`
`‘432 patent, Dr. Weaver concludes that the term “external entity” in the ‘432 patent
`
`has sufficient written support from the ‘129 patent. He states that a POSITA
`
`would understand that “Business 20” of the ‘129 patent provides that support. (Ex.
`
`2010 at ¶¶ 47-48).
`
`
`
`I disagree. An “external entity” is broader than a “business” for much
`
`the same reason that a “user” is broader than an “individual” and “central entity is
`
`broader than “trusted-authenticator”, and therefore the disclosure of the ‘129 Patent
`
`does not provide sufficient written description support. To illustrate, I have
`
`reproduced their respective definitions below (emphasis added):
`
`Page 14 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`‘432 Patent
`
`‘129 Patent
`
`As also used herein, an “External-
`Entity” is any party offering goods
`or services that users utilize by
`directly providing their UserName
`and SecureCode as digital identity.
`
`Furthermore, as used herein,
`“business” 20 broadly refers to a
`company or organization (online or
`offline) that has established a
`trusted relationship with a trusted-
`authenticator 40 and that needs to
`authenticate the identity of the
`individual
`
`
`
`
`
` The “business” identified by the ‘129 patent is required to have a
`
`trusted relationship established with the trusted authenticator while the “external
`
`entity” of the ‘432 patent is not similarly limited.
`
` Moreover, I understand at least from the disclosure of the ‘432 Patent
`
`that the full scope of the claim terms includes the “external entity” and the “central
`
`entity” of the ‘432 Patent being the same entity, e.g., both could be banks. See also
`
`USAA-1026, 6. Not only is there no support for the “business” and “trusted-
`
`authenticator” to be the same entity in the ‘129 Patent, but such an arrangement
`
`would be antithetical. In fact, during prosecution of the application that issued as
`
`the ‘129 Patent, arguments were presented that make clear the “business” and
`
`“trusted-authenticator” cannot be the same entity: “[t]he business, organization, or
`
`another individual disclosed in the present specification is different from the
`
`trusted-authenticator (which plays a different role in the current authentication
`
`framework).” USAA-1053, 555 (emphasis in original).
`
`Page 15 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
` The ‘129 Patent requires that the business “needs to authenticate the
`
`identity of the individual.” It would not make sense for this to be the same entity
`
`as the trusted-authenticator that “already has a trusted relationship with the
`
`individual.” With such an established “trusted relationship,” the business as the
`
`same entity as the trusted-authenticator would not need to authenticate the
`
`individual, but that is a requirement of the business as defined in the ‘129 Patent.
`
`Because it is antithetical to the disclosure of the ‘129 Patent, the ‘129 Patent cannot
`
`possibly provide support for the external entity and central entity being the same
`
`entity.
`
`
`
`I also understand that Patent Owner previously argued that the
`
`“external entity” of the ‘432 Patent is not limited to corporate personalities but
`
`could be embodied in computer systems. USAA-1064, 4. But whereas Patent
`
`Owner argued that the “external entity” of the ‘432 Patent could be just a
`
`“computer system”, the ‘129 Patent requires that the “business” be a “company or
`
`organization.” Thus, because the “business” disclosed in the ’129 patent is limited
`
`to that corporate identity of a “company or organization,” the ’129 patent’s
`
`disclosed “business” fails to provide supporting disclosure for the full scope of the
`
`“external-entity,” which according to PO, can be simply a computer system.
`
`
`
`
`Page 16 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
` Thus, I conclude that “external entity,” as disclosed and claimed in the
`
`‘432 Patent, is broader than “business,” as disclosed in the ‘129 Patent, and the
`
`‘129 Patent therefore does not provide sufficient written description support.
`
`D.
`‘129 Patent: Dynamic Code vs. Dynamic Key
` According to Dr. Weaver, the “dynamic code” of the ‘432 Patent is
`
`“the same or similar to dynamic keys” of the ‘129 Patent. (Ex. 2010 at ¶ 53).
`
`“Accordingly,” Dr. Weaver concludes, “a POSITA would understand that the
`
`‘dynamic key,’ as disclosed in the 676 Patent, provides sufficient written
`
`description support for the claimed ‘dynamic code’ of the 432 Patent.” (Ex. 2010
`
`at ¶ 53).
`
`
`
`I disagree. While Dr. Weaver cites to the specification of the ‘432
`
`Patent to define a “SecureCode,” which Patent Owner has stated corresponds to the
`
`claimed dynamic code, as “any dynamic, non-predictable and time dependent
`
`alphanumeric code, secret code, PIN or other code … and may be used as part of a
`
`digital identity to identify a user as an authorized user,” (Ex. 2010 at ¶ 53
`
`(emphasis added)), he errs in that this is an embodiment of the term and not its
`
`only definition. For example, from that disclosure, the dynamic code is a dynamic,
`
`non-predictable and time dependent alphanumeric code, or a dynamic, non-
`
`predictable and time dependent secret code, or a dynamic, non-predictable and
`
`
`
`
`Page 17 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`time dependent PIN or other code, with the secret code, PIN, or other code
`
`including non-alphanumeric codes.
`
` Moreover, the term “dynamic code” does not have to be alphanumeric
`
`as used in claims 1 and 25 of the ‘432 Patent. I understand from counsel that the
`
`principle of “claim differentiation” indicates that if two independent claims recite
`
`similar elements, and one introduces a new limitation not found in the other with
`
`respect to one of those elements, it is implied that the limitation is not present
`
`where it is not mentioned, and thus the element has a broader meaning. As claims
`
`48 and 52 of the ‘432 Patent explicitly require that the dynamic code be
`
`alphanumeric, a POSITA would understand that the other independent claims 1
`
`and 25 do not require the dynamic code to be alphanumeric, such that the dynamic
`
`code includes a non-alphanumeric code. An example of a non-alphanumeric code
`
`is a series of symbols or non-alphanumeric characters, i.e., characters that are not
`
`letters or numbers. Alternatively, an example of a non-alphanumeric code is a
`
`code containing only numbers or a code containing only letters. See USAA-1064,
`
`1-2. On the other hand, there is no support in the ‘129 Patent for the “dynamic
`
`key” to be anything other than alphanumeric.
`
` Thus, I conclude that “dynamic code,” as disclosed in the ‘432 Patent,
`
`is broader than “dynamic key,” as disclosed in the ‘129 Patent, and the ‘129 Patent
`
`therefore does not provide sufficient written description support.
`
`Page 18 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`V. Analysis of the Lack of Written Description Support in the ‘129
`Patent for the Claims of the ‘432 Patent
`A. The ‘129 Patent Does Not Provide Sufficient Written
`Description for Independent Claim 1 of the ‘432 Patent
` Dr. Weaver implies (but does not directly say) that it is his opinion
`
`that the ‘129 Patent provides sufficient written description support for Claim 1 of
`
`the ‘432 Patent. (Ex. 2010 at ¶¶ 41-61)
`
`
`
`I disagree. I understand from counsel that for there to be sufficient
`
`written description support for Claim 1, the ‘129 Patent must provide sufficient
`
`written description for each limitation therein. Nevertheless, all of the limitations
`
`do not have sufficient written description support for the reasons set forth below.
`
` Claim 1’s preamble reads: “A method for authenticating a user during
`
`an electronic transaction between the user and an external-entity, the method
`
`comprising:” Claim 1 then lists the following limitations (emphasis added for later
`
`analysis):
`
`a. [Limitation 1[a]] “receiving electronically a request for a dynamic
`
`code for the user by a computer associated with a central-entity
`
`during the transaction between the user and the external entity;”
`
`b. [Limitation 1[b]] “generating by the central-entity during the
`
`transaction a dynamic code for the user in response to the request,
`
`
`
`
`Page 19 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`wherein the dynamic code is valid for a predefined time and becomes
`
`invalid after being used;”
`
`c. [Limitation 1[c]] “providing by the computer associated with the
`
`central entity said generated dynamic code to the user during the
`
`transaction;”
`
`d. [Limitation 1[d]] “receiving electronically by the central-entity a
`
`request for authenticating the user from a computer associated with
`
`the external-entity based on a user-specific information and the
`
`dynamic code as a digital identity included in the request which said
`
`dynamic code was received by the user during the transaction and was
`
`provided to the external-entity by the user during the transaction; and”
`
`e. [Limitation 1[e]] “authenticating by the central-entity the user and
`
`providing a result of the authenticating to the external-entity during
`
`the transaction if the digital identity is valid.”
`
` Limitations 1[a], 1[b], 1[c], and 1[d] all require the use of a “dynamic
`
`code”. However, the claimed “dynamic code” is not described in the ‘129 Patent.
`
`Dr. Weaver, although never asserting that these claim limitations are met, does
`
`assert that a POSITA would understand the term “dynamic key” as described in the
`
`‘129 Patent would provide sufficient written description support for the “dynamic
`
`code.” I disagree. The term “dynamic code” is broader than the term “dynamic
`
`Page 20 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`key” because a “dynamic key” is limited to alphanumeric sequences while a
`
`“dynamic key” is not. These opinions are set forth in more detail above in Section
`
`IV. D. of this declaration.
`
` Limitations 1[a], 1[d], and 1[e] all require the interaction of a “user”.
`
`However, the claimed “user” is not described in the ‘129 Patent. Dr. Weaver,
`
`although never asserting that these claim limitations are met, does assert that a
`
`POSITA would understand the term “individual” as described in the ‘129 Patent
`
`would provide sufficient written description support for the “user.” I disagree.
`
`The term “user” is broader than the term “individual” because an “individual” is
`
`limited to parties that already have a trusted relationship with a trusted-
`
`authenticator while a “user” is not. These opinions are set forth in more detail
`
`above in Section IV. A. of this declaration.
`
` Limitations 1[a], 1[b], 1[c], 1[d], and 1[e] all require the interaction of
`
`a “central-entity”. However, the claimed “central-entity” is not described in the
`
`‘129 Patent. Dr. Weaver, although never asserting that these claim limitations are
`
`met, does assert that a POSITA would understand the term “trusted-authenticator”
`
`as described in the ‘129 Patent would provide sufficient written description support
`
`for the “central-entity.” I disagree. The term “central-entity” is broader than the
`
`term “trusted-authenticator” because a “trusted-authenticator” is required to (1)
`
`already know the user and (2) already have a trusted relationship with the user. A
`
`Page 21 of 52
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`“central-entity” does not have these limitations. These opinions are set forth in
`
`more detail above in Section IV. B. of this declaration.
`
` Limitations 1[a], 1[b], 1[c], 1[d], and 1[e] all require the interaction of
`
`an “external-entity”. However, the claimed “external-entity” is not described in
`
`the ‘129 Patent. Dr. Weaver, although never asserting that these claim limitations
`
`are met, does assert that a POSITA would understand the term “business” as
`
`described in the ‘129 Patent would provide sufficient written description support
`
`for the “external-entity.” I disagree. The term “external-entity” is broader than the
`
`term “business” because a “business” is required to already have a trusted
`
`relationship with its trusted-authenticator. Not only does an “external-entity” not
`
`have this limitation, but an “external-entity” and a “central-entity” can be the same
`
`entity while a “business” and a “trusted-authenticator” cannot. These opinions are
`
`set forth in more detail above in Section IV. C. of this declaration.
`
`B.
`The ‘129 Patent Does Not Provide Sufficient Written
`Description for Independent Claim 25 of the ‘432 Patent
` Dr. Weaver implies (but does not directly say) that it is his opinion
`
`that the ‘129 Patent provides sufficient written description support for Claim 25 of
`
`the ‘432 Patent. (Ex. 2010 at ¶¶ 41-61)
`
`
`
`I disagree. I understand from counsel that for there to be sufficient
`
`written description support for Claim 25, the ‘129 Patent must provide sufficient
`
`
`
`
`Page 22 of 52
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`
`written description for each limitation therein. Nevertheless, all of the limitations
`
`do not have sufficient written description support for the reasons set forth below.
`
` Claim 25’s preamble reads: “An apparatus for authenticating a user
`
`during an electronic transaction with an external-entity, the apparatus
`
`comprising…” Claim 25 then lists the following limitations (emphasis added for
`
`later analysis):
`
`a. [Limitation 25[a]] “a first central-entity computer adapted to”
`
`b. [Limitation 25[b]] “generate a dynamic code for the user in response
`
`to a request during the electronic transaction, wherein the dynamic
`
`code is valid for a predefined time and becomes invalid after being
`
`used; and”
`
`c. [Limitation 25[c]] “provide said dynamic code to the user during the
`
`electronic transaction;”
`
`d. [Limitation 25[d]] “a second central-entity computer adapted to
`
`validate a digital identity in response to an authentication request from
`
`the ex

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket