UNITED STATES PATENT AND TRADEMARK OFFICE
`
`___________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`___________
`
`GOOGLE INC.
`Petitioner
`
`v.
`
`ALFONSO CIOFFI, MEGAN ELIZABETH ROZMAN,
`MELANIE ANN ROZMAN, AND MORGAN LEE ROZMAN
`Patent Owners
`
`___________
`
`Proceeding No. CBM2017-00015
`Patent No. RE43,528
`___________
`
`PETITION FOR COVERED BUSINESS METHOD REVIEW
`OF U.S. PATENT NO. RE43,528
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`B.
`
`2.
`
`I.
`II.
`
`TABLE OF CONTENTS
`Table of Contents ....................................................................................................... i
`Table of Authorities .............................................................................................. viii
`List of Exhibits .........................................................................................................ix
`Mandatory Notices Under 37 C.F.R. § 42.8 .......................................................... xii
`Real Party-in-Interest (37 C.F.R. § 42.8(b)(1)) ........................................... xii
`Related Matters (37 C.F.R. § 42.8(b)(2)) .................................................... xii
`Lead and Back-Up Counsel (37 C.F.R. § 42.8(b)(3)) ................................. xii
`Service Information (37 C.F.R. § 42.8(b)(4)) ............................................ xiii
`Introduction ..................................................................................................... 1
`Standing to Seek Covered Business Method Review .................................... 2
`A.
`Petitioner Has Been Sued for Infringement of the ’528 Reissue
`and Is Not Estopped ............................................................................. 2
`The ’528 Reissue Is a Covered Business Method Patent ..................... 2
`1.
`The ’528 Reissue Is Directed to a “Financial Product or
`Service” ...................................................................................... 3
`The ’528 Reissue Is Not Directed to a “Technological
`Invention” ................................................................................. 10
`a.
`The Challenged Claims Do Not Recite a
`Technological Feature That Is Novel and
`Nonobvious .................................................................... 10
`The Challenged Claims Do Not Solve a Technical
`Problem Using a Technical Solution ............................. 13
`Challenged Claims and Grounds for Challenge ................................. 15
`C.
`The Challenged Patent and Prosecution History .......................................... 16
`A.
`Effective Filing Date of the ’528 Reissue .......................................... 16
`B.
`The Original ’247 Patent .................................................................... 16
`C.
`The ’528 Reissue ................................................................................ 22
`D.
`Person of Ordinary Skill in the Art .................................................... 26
`IV. Construction of Terms in the Challenged Claims ........................................ 26
`
`b.
`
`III.
`
`i
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`V.
`
`C.
`
`B.
`
`The Challenged Claims Are Obvious in Light of the Prior Art ................... 29
`A.
`Identification of the Primary Prior Art References ............................ 29
`1.
`Ioannidis-2002 (Ex. 1025) ....................................................... 29
`2.
`Ioannidis-2001 (Ex. 1026) ....................................................... 30
`3.
`Absolute OpenBSD (Ex. 1027)................................................ 31
`4.
`Complete FreeBSD (Ex. 1028) ................................................ 31
`Overview of the Ioannidis Secure Multi-Process Web Browser
`Disclosed in Ioannidis-2002 (Ex. 1025) and Ioannidis-2001
`(Ex. 1026) ........................................................................................... 32
`Claims 21-24, 30, 44, 64, and 67 Are Rendered Obvious by
`Ioannidis in View of Absolute OpenBSD [Ground 1] ....................... 36
`1.
`Claim 21: A portable computer capable of executing
`instructions using a common operating system,
`comprising: ............................................................................... 37
`a.
`a network interface device configured to exchange
`data across a network of one or more computers
`and access at least one website; ..................................... 37
`at least a first memory space and a second memory
`space, the first memory space containing at least
`one system file; .............................................................. 38
`at least one electronic data processor
`communicatively coupled to the network interface
`device, the first and second memory space, and to
`a user interface, wherein the user interface is
`configured to receive input from a computer user; ....... 39
`the at least one electronic data processor
`configured to execute a first web browser process,
`capable of accessing data of the at least one
`website via the network, in a first logical process
`within the common operating system, wherein the
`first logical process is capable of accessing data
`contained in the first memory space; ............................. 41
`
`b.
`
`c.
`
`d.
`
`ii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`e.
`
`f.
`
`g.
`
`the at least one electronic data processor further
`configured to execute a second web browser
`process in a second logical process within the
`common operating system, wherein the second
`logical process is capable of accessing data
`contained in the second memory space and is
`further capable of generating video data from the
`at least one website accessed via the network; and ....... 42
`a video processor configured to process video data
`from the second web browser process for display; ....... 44
`wherein the first web browser process is capable of
`opening the second web browser process and is
`further capable of passing data to the second web
`browser process; ............................................................ 45
`wherein further the portable computer is
`configured such that the at least one system file
`residing on the first memory space is protected
`from corruption by a malware process downloaded
`from the network and executing within the second
`web browser process. ..................................................... 46
`Claim 22: The portable computer of claim 21 wherein
`the first web browser process is capable of directly
`exchanging data with the network interface device and
`with the second web browser process. ..................................... 48
`Claim 23: The portable computer of claim 22 wherein
`the first web browser process is capable of passing data
`downloaded from the network to the second web browser
`process. ..................................................................................... 49
`Claim 24: The portable computer of claim 21 wherein
`the second web browser process is capable of directly
`exchanging data with the network interface device and
`with the first web browser process. ......................................... 49
`Claim 30: The portable computer of claim 21 configured
`such that the first web browser process is protected from
`executing instructions initiated by a malware process
`downloaded from the network and executing as part of
`the second web browser process. ............................................. 50
`
`h.
`
`2.
`
`3.
`
`4.
`
`5.
`
`iii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`6.
`
`b.
`
`Claim 44: A method of operating a portable computer
`capable of executing instructions using a common
`operating system and comprising a network interface
`device, at least a first memory space and a second
`memory space, and at least one electronic data processor
`communicatively coupled to the network interface
`device, the first and second memory space, and to a user
`interface, comprising:............................................................... 51
`a.
`exchanging data across a network of one or more
`computers with the network interface device and
`accessing at least one website;....................................... 51
`storing at least one system file in the first memory
`space; ............................................................................. 51
`opening a first web browser process capable of
`accessing data of the at least one website via the
`network, wherein the first web browser process is
`capable of accessing data contained in the first
`memory space; ............................................................... 52
`opening a second web browser process, wherein
`the second web browser process is capable of
`accessing data contained in the second memory
`space, and is further capable of generating data for
`video display; ................................................................. 52
`passing data from the first web browser process to
`the second web browser process; .................................. 52
`wherein the portable computer is configured such
`that the at least one system file residing on the first
`memory space is protected from corruption by a
`malware process downloaded from the network
`and executing as part of the second web browser
`process. .......................................................................... 53
`
`c.
`
`d.
`
`e.
`
`f.
`
`iv
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`7.
`
`8.
`
`b.
`
`Claim 64: A computer program product comprising a
`program code stored in a non-transitory computer
`readable medium operable on computer capable of
`executing instructions using a common operating system
`and having at least one electronic data processor
`communicatively coupled to a first and second memory
`space and to a network interface device configured to
`exchange data across a network of one or more
`computers and access at least one website, configured to: ...... 53
`a.
`store at least one system file within the first
`memory space; ............................................................... 54
`open a first web browser process, capable of
`accessing data of the at least one website via the
`network, in a first logical process, the first logical
`process being configured to access data contained
`in the first memory space; ............................................. 54
`open a second web browser process in a second
`logical process, the second logical process being
`configured to access data contained in the second
`memory space; and ........................................................ 54
`pass data from the first web browser process to the
`second web browser process, wherein the at least
`one system file residing on the first memory space
`is protected from corruption by a malware process
`downloaded from the network and executing as
`part of the second web browser process. ....................... 55
`Claim 67: The computer program product of claim 64
`wherein the first web browser process is capable of
`directly exchanging data with the network interface
`device and the second web browser process or the second
`web browser process is capable of directly exchanging
`data with the network interface device and the first web
`browser process. ....................................................................... 55
`Claims 1, 5, and 8 Are Rendered Obvious by Ioannidis in View
`of Absolute OpenBSD and Complete FreeBSD [Ground 2] ............. 56
`
`c.
`
`d.
`
`D.
`
`v
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`1.
`
`2.
`
`b.
`
`Claim 1: A method of operating a computer system
`capable of exchanging data across a network of one or
`more computers and having at least a first and second
`electronic data processor capable of executing
`instructions using a common operating system,
`comprising: ............................................................................... 56
`a.
`executing a first web browser process, capable of
`accessing data of a website via the network, in a
`first logical process within the common operating
`system using the first electronic data processor,
`wherein the first logical process is capable of
`accessing data contained in a first memory space; ........ 57
`executing a second web browser process in a
`second logical process within the common
`operating system using the second electronic data
`processor, wherein the second logical process is
`capable of accessing data contained in the second
`memory space; and ........................................................ 58
`displaying data from the first logical process and
`the second logical process, wherein a video
`processor is adapted to combine data from the first
`and second logical processes and transmit the
`combined data to a display; ........................................... 58
`wherein the computer system is configured such
`that the second electronic data processor is
`operating in a protected mode and data residing on
`the first memory space is protected from
`corruption by a malware process downloaded from
`the network and executing as part of the second
`web browser process. ..................................................... 59
`Claim 5: The method of claim 1 wherein the first and
`second electronic data processors are part of a multi-core
`electronic data processor. ......................................................... 60
`
`c.
`
`d.
`
`vi
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`3.
`
`Claim 8: The method of claim 1 and further comprising:
`encrypting data with the first logical process; transferring
`the encrypted data from the first logical process to the
`second logical process; and transferring the encrypted
`data from the second logical process to the network
`interface device. ....................................................................... 60
`VI. Conclusion .................................................................................................... 61
`
`vii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`TABLE OF AUTHORITIES
`
`Federal Court Cases
`Catalina Marketing International, Inc. v. Coolsavings.com, Inc.,
` 289 F.3d 801 (Fed. Cir. 2002) .............................................................................28
`Cioffi v. Google, Inc.,
` 632 Fed.Appx. 1013 (Fed. Cir. 2015) .......................................................... 26, 27
`In re Cuozzo Speed Techs., LLC,
` 793 F.3d 1268 (Fed. Cir. 2015) ...........................................................................26
`Versata Development Group, Inc. v. SAP America, Inc.,
` 793 F.3d 1306 (Fed. Cir. 2015) .................................................................... 3, 7, 9
`Federal Statutory Authorities
`
`35 U.S.C. § 102(a) ....................................................................................... 29, 30, 31
`35 U.S.C. § 103 ........................................................................................................15
`35 U.S.C. § 251 ........................................................................................................22
`35 U.S.C. § 324(a) ...................................................................................................... 2
`Federal Rules and Regulations
`
`37 C.F.R. § 42.300(b) ..............................................................................................26
`37 C.F.R. § 42.301(b) ..............................................................................................10
`37 C.F.R. § 42.302(a) ................................................................................................ 2
`77 Fed. Reg. 48,756 ..................................................................................... 3, 10, 13
`
`viii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`LIST OF EXHIBITS
`
`Exhibit
`
`Description
`
`1001
`
`1002
`
`1003
`
`1004
`
`1005
`
`1006
`
`1007
`
`1008
`
`1009
`
`1010
`
`1011
`
`1012
`
`1013
`
`1014
`
`U.S. Patent No. RE43,528 (“’528 Reissue”)
`
`Prosecution history of U.S. Application No. 12/720,147, which led
`to the issuance of the ’528 Reissue (“File History”)
`
`U.S. Patent No. 7,484,247 (“’247 Patent”)
`
`Prosecution history of U.S. Application No. 10/913,609, which led
`to the issuance of the ’247 Patent (“’247 Patent File History”)
`
`Amended Complaint for Patent Infringement, Case No. 2:13-cv-103,
`E.D. Texas (“Complaint”)
`
`U.S. Patent No. 6,578,140 (“Policard”)
`
`U.S. Patent No. 6,192,477 (“Corthell”)
`
`U.S. Patent Application Publication No. 2002/002673 (“Narin”)
`
`Prosecution history of U.S. Application No. 13/757,684, which is a
`reissue continuation of U.S. Pat. No. RE43,987, which is a reissue
`continuation of U.S. Pat. No. RE43,103, which is a reissue of the
`’247 Patent (“’684 Application File History”)
`
`Patent Local Rule 4-3 Joint Claim Construction and Prehearing
`Statement excluding exhibits (“Joint Claim Const. Statement”)
`
`Excerpts from Plaintiff’s Reply Memorandum In Support of
`Opening Claim Construction Brief (“PO Reply Claim Const. Brief”)
`
`Claim Construction Memorandum and Order (“Claim Const.
`Order”)
`
`Excerpts from transcript of deposition of H. E. Dunsmore dated June
`17, 2014 (“2014 Dunsmore Dep.”)
`
`Excerpts from transcript of deposition of H. E. Dunsmore dated
`October 10, 2016 (“2016 Dunsmore Dep.”)
`
`ix
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`Exhibit
`
`1015
`
`1016
`
`1017
`
`1018
`
`1019
`
`1020
`
`1021
`
`1022
`
`1023
`
`1024
`
`1025
`
`1026
`
`Description
`
`Excerpts from Expert Declaration of H.E. (“Buster”) Dunsmore
`(“Dunsmore Claim Const. Decl.”)
`
`Excerpts from Expert Report of Professor H. E. Dunsmore
`(“Dunsmore Report”)
`
`Excerpts from transcript of deposition of Alfonso Cioffi dated June
`26, 2014 (“June 2014 Cioffi Dep.”)
`
`Excerpts from transcript of deposition of Alfonso Cioffi dated
`November 7, 2014 (“Nov. 2014 Cioffi Dep.”)
`
`Microsoft Press Computer Dictionary, 5th ed. 2002 (“Computer
`Dictionary”)
`
`Joint Notice of Agreed Construction
`
`Declaration of Daniel Callaway in Support of Petition for Covered
`Business Method Review
`
`Declaration of Michael Kogan, Ph.D. Regarding U.S. Patent No.
`RE43,528 in Support of Petition for Covered Business Method
`Review (“Kogan Decl.”)
`
`Excerpts from R. Bryant and D. O’Halloran, “Computer Systems: A
`Programmer’s Perspective,” Prentice Hall, 2003 (“Bryant and
`O’Halloran”)
`
`Excerpts from B. Kernighan and R. Pike, The UNIX Programming
`Environment, Prentice-Hall Software Series, 1984 (“Kernighan and
`Pike”)
`
`S. Ioannidis, S. Bellovin, and J. Smith, “Sub-Operating Systems: A
`New Approach to Application Security,” September 2002
`(“Ioannidis-2002”)
`
`S. Ioannidis and S. Bellovin, “Building a Secure Web Browser,”
`June 2001 (“Ioannidis-2001”)
`
`1027
`
`M. Lucas, “Absolute OpenBSD: UNIX for the Practical Paranoid,”
`
`x
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`Exhibit
`
`Description
`No Starch Press, 2003 (“Absolute OpenBSD”)
`
`1028
`
`1029
`
`1030
`
`1031
`
`1032
`
`1033
`
`G. Lehey, “The Complete FreeBSD: Documentation from the
`Source,” O’Reilly Community Press, Fourth Ed., May 2003
`(“Complete FreeBSD”)
`
`Excerpts from R. Weeks, E. Dumbill, and B. Jepson, “Linux
`Unwired – A Complete Guide to Wireless Configuration,” O’Reilly
`Media, April 2004 (“Linux Unwired”)
`
`Excerpts from E. Zwicky, S. Cooper, and B. Chapman, “Building
`Internet Firewalls,” ISBN: 1-56592-871-7, Second Edition, June
`2000 (“Building Internet Firewalls”)
`
`BAA-00-06-SNK Focused Research Topic 5 by M. Stiegler and M.
`Miller, “A Capability Based Client: The DarpaBrowser,” June 26,
`2002 (“DarpaBrowser”)
`
`Declaration of Steven M. Bellovin, Ph.D. (“Bellovin Decl.”)
`
`Declaration of William Arbaugh, Ph.D. Regarding U.S. Patent No.
`RE43,528 in Support of Petition for Covered Business Method
`Review (“Arbaugh Decl.”)
`
`xi
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`MANDATORY NOTICES UNDER 37 C.F.R. § 42.8
`
`Real Party-in-Interest (37 C.F.R. § 42.8(b)(1))
`
`The real party-in-interest is Google Inc. (“Petitioner”). Petitioner
`
`understands and believes that U.S. Patent No. RE43,528 (the “’528 Reissue”) is
`
`owned by Alfonso Cioffi, Megan Elizabeth Rozman, Melanie Ann Rozman, and
`
`Morgan Lee Rozman (collectively referred to as “Patent Owners”).
`
`Related Matters (37 C.F.R. § 42.8(b)(2))
`
`The Petitioner is aware of the following pending matter related to the ’528
`
`Reissue: Cioffi, et al. v. Google Inc., 2:13-cv-00103 (E.D. Tex.).
`
`Earlier today, Petitioner filed a separate CBM petition challenging claims of
`
`the ’528 Reissue (CBM2017-00010).
`
`The ’528 Reissue is a reissue patent based on U.S. Patent No. 7,484,247 (the
`
`“’247 Patent”). Petitioner is concurrently filing additional CBM petitions
`
`challenging each of the following related patents that are also reissues of the
`
`’247 Patent: U.S. Patent No. RE43,500; U.S. Patent No. RE43,529; and U.S.
`
`Patent No. RE43,103.
`
`Lead and Back-Up Counsel (37 C.F.R. § 42.8(b)(3))
`
`Petitioner appoints James L. Day (Reg. No. 72,681) of Farella Braun +
`
`Martel LLP as lead counsel and appoints Daniel Callaway (Reg. No. 74,267) of
`
`Farella Braun + Martel LLP as back-up counsel. An appropriate Power of
`
`xii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`Attorney is being filed concurrently herewith.
`
`Service Information (37 C.F.R. § 42.8(b)(4))
`
`Service of any documents to lead and back-up counsel can be made via
`
`hand-delivery to Farella Braun + Martel LLP, 235 Montgomery Street, 17th Floor,
`
`San Francisco, California, 94104. Petitioner consents to electronic service to the
`
`following email addresses: jday@fbm.com, dcallaway@fbm.com, and
`
`calendar@fbm.com.
`
`xiii
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`I.
`
`INTRODUCTION
`
`Petitioner Google Inc. respectfully requests covered business method
`
`(“CBM”) review of claims 1, 5, 8, 21-24, 30, 44, 64, and 67 of the ’528 Reissue.
`
`(Ex. 1001). The ’528 Reissue describes and claims a secure web browser for uses
`
`that include Internet banking. The claimed invention permits a computer user to
`
`communicate with a bank host computer securely even when malware is running
`
`on the user’s computer. The system is intended to protect data, such as passwords,
`
`credit card numbers, and bank account numbers, from malware that would
`
`otherwise access and potentially steal the data. The claimed invention purports to
`
`protect sensitive data by employing two computer processes – (1) a first process
`
`with access to the sensitive data that is shielded from malware and (2) a second
`
`isolated process that cannot access sensitive data, but is used to run code that
`
`contains potential malware.
`
`The challenged claims would have been obvious, however, in view of the
`
`prior art. Sotiris Ioannidis (of the University of Pennsylvania) and Steven Bellovin
`
`(of AT&T Labs Research) developed a secure, multi-process web browser years
`
`before the 2004 priority date of the ’528 Reissue. They described the secure web
`
`browser in a 2001 paper entitled “Building a Secure Web Browser” and a 2002
`
`paper entitled “Sub-Operating Systems: A New Approach to Application
`
`Security.” Both papers describe a web browser that employs (1) a first process
`
`1
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`with access to the sensitive data that is shielded from malware and (2) a second
`
`isolated process that cannot access sensitive data but is used to run code that
`
`contains potential malware, just as in the challenged claims. In light of these two
`
`papers – whether considered individually or together – the challenged claims are
`
`invalid as obvious.
`
`Thus, this petition sets forth a prima facie case that at least one of the patent
`
`claims challenged in the petition is unpatentable. 35 U.S.C. § 324(a). Therefore,
`
`CBM review should be instituted and the challenged claims of the ’500 Reissue
`
`should be canceled.
`
`II.
`
`STANDING TO SEEK COVERED BUSINESS METHOD REVIEW
`
`A.
`
`Petitioner Has Been Sued for Infringement of the ’528 Reissue
`and Is Not Estopped
`
`Pursuant to 37 C.F.R. § 42.302(a), Petitioner certifies that it has been sued
`
`for infringement of the ’528 Reissue and therefore satisfies the standing
`
`requirement to seek CBM review. Complaint at 6-7 (Ex. 1005). The lawsuit
`
`remains pending.
`
`Petitioner further certifies that the ’528 Reissue is available for CBM review
`
`and that Petitioner is not barred or otherwise estopped from requesting such review
`
`on the grounds identified in this petition.
`
`B.
`
`The ’528 Reissue Is a Covered Business Method Patent
`
`Under Section 18 of the AIA, the Board may institute a CBM review
`
`2
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`proceeding for any patent that qualifies as a CBM patent. AIA § 18(a)(1)(E). The
`
`AIA provides a two part definitional test to determine whether a patent is a CBM
`
`patent. The claimed invention (i) must be directed to a “financial product or
`
`service” and (ii) must not be a “technological invention.” AIA § 18(d)(1). The
`
`’528 Reissue meets both requirements.
`
`1.
`
`The ’528 Reissue Is Directed to a “Financial Product or
`Service”
`
`The ’528 Reissue claims are directed to a “financial product or service.”
`
`The phrase “financial product or service” is to be “interpreted broadly” to
`
`encompass patents “claiming activities that are financial in nature, incidental to a
`
`financial activity or complementary to a financial activity.” Versata Development
`
`Group, Inc. v. SAP America, Inc., 793 F.3d 1306, 1325 (Fed. Cir. 2015) (quoting
`
`77 Fed. Reg. 48734, 48735 (Aug. 14, 2012)). The patent claims themselves need
`
`not explicitly recite particular financial terms to qualify as a CBM patent. See
`
`Google v. ContentGuard Holdings, CBM2015-00040, Paper 9 at 8 (PTAB June 24,
`
`2015) (rejecting argument that a CBM patent must “recite explicitly a financial
`
`product or service”). It is also not required that the claims be “limited to finance-
`
`related activities, such as a financial transaction, without also encompassing other
`
`kinds of activity.” Southside Bancshares, Inc. v. St. Isidore Research, LLC,
`
`CBM2016-00027, Paper 28 at 11 (PTAB Aug. 1, 2016) (rejecting argument that
`
`claims “must cover only financial transactions, and not other kinds of
`
`3
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`transactions”; emphasis in original). “Rather, the patent claims must only be broad
`
`enough to cover a financial product or service.” Informatica Corp. v. Protegrity
`
`Corp., CBM2015-00021, Paper 38 at 18 (PTAB May 31, 2016) (quoting legislative
`
`history of AIA);1 see also Southside Bancshares, CBM2016-00027, Paper 28 at 11
`
`(specification showed claim language “is broad enough in scope to encompass a
`
`financial activity”); T. Rowe Price Investment Services, Inc. v. Secure Axcess, LLC,
`
`CBM2015-00027, Paper 31 at 10-11 (PTAB June 13, 2016) (rejecting arguments
`
`that “none of the claims mentions a financial product or service” and “the claimed
`
`method and apparatus aid businesses in general”). The ’528 Reissue meets this
`
`requirement because its claims cover and imply using a secure web browser in the
`
`specification’s Internet banking embodiment, which is indisputably a financial
`
`activity.
`
`Patent Owner’s expert witness in the related litigation confirmed in sworn
`
`testimony that the challenged claims of the ’528 Reissue cover an Internet banking
`
`embodiment disclosed in the patent. 2016 Dunsmore Dep. at 274:10-22, 278:13-
`
`279:3 (claims that recite a “first web browser process that can access website data
`
`via the network” cover Internet banking embodiment) (Ex. 1014). While a patent
`
`need have only one claim directed to a covered business method to be eligible for
`
`review (see Informatica, CBM2015-00021, Paper 38 at 17), all of the challenged
`
`1 All emphasis is added unless otherwise indicated.
`
`4
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`claims here are tied to a specific financial activity described in the ’528 Reissue.
`
`In particular, the specification describes a “preferred embodiment of the
`
`present invention” in which data is encrypted by a first process and sent to a
`
`second process to be passed on to the Internet. ’528 Reissue at 17:22-56. The
`
`specification further explains that encryption is used to protect user files or
`
`“sensitive user interface data” (id. at 17:1-4), which would include passwords,
`
`bank account numbers, credit card numbers, etc. Id. at 16:38-42 (malware is
`
`capable of stealing “important user information” such as “passwords, bank
`
`account numbers, social security numbers, driver’s license numbers, credit
`
`account numbers, etc.”), 17:39-41 (“A user 160 may wish to encrypt just a portion
`
`of the data destined for the network, such as passwords, credit card numbers,
`
`etc.”).
`
`The specification further explains that “data desired to be protected is
`
`encrypted prior to sending the data to processor P2 140, which may be running one
`
`or more malware processes.” ’528 Reissue at 17:22-25. Because “processor P2
`
`140 does not have visibility to the decryption keys,” it is “unable to decrypt the
`
`data” and therefore the data is protected from malware executing on the second
`
`processor. Id. at 17:25-27. The encrypted data is sent to the “network interface
`
`device,” which can send the encrypted data “over the network for decryption by
`
`another computer system, including, for example, an internet banking host
`
`5
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`computer.” Id. at 17:27-31. The specification confirms that this embodiment is
`
`financial in nature because it protects financial information, such as bank account
`
`numbers, and other personal information to prevent theft of “money or securities,
`
`etc.” Id. at 16:42-44 (“Theft of such personal information could result in the theft
`
`of actual assets (money or securities, etc.) or perhaps used for identity theft, among
`
`other malicious intents.”).
`
`All challenged claims cover and imply the use of the ’528 Reissue’s Internet
`
`banking embodiment. Patent Owner and Patent Owner’s own expert witness in the
`
`related litigation agree. Patent Owner’s expert witness testified under oath that
`
`claims of the ’528 Reissue cover the Internet banking embodiment so long as the
`
`claims include a “first web browser process that can access website data via the
`
`network.” 2016 Dunsmore Dep. at 271-21:272:5, 274:10-22, 278:13-279:3
`
`(Ex. 1014). All of the challenged claims include this limitation. Kogan Decl. ¶
`
`115 (Ex. 1022). The Patent Owner has also affirmatively asserted that the Internet
`
`banking embodiment is within the scope of all the challenged claims. See, e.g., PO
`
`Reply Claim Const. Brief at 7 (“Plaintiffs’ claims were intentionally directed
`
`towards Figure 1, and the embodiment disclosed in column 17 that teaches using
`
`the first process in some instances to communicate with the Internet, such as when
`
`performing encrypted Internet banking.”) (Ex. 1011). All of the claims are at
`
`least “incidental or complementary to a financial activity” (i.e., Internet banking).
`
`6
`
`

`
`Petition for Covered Business Method Review of Patent No. RE43,528
`
`See Versata, 793 F.3d at 1325; see also 2016 Dunsmore Dep. at 271:21-272:5
`
`(confirming that “the claimed invention can be used to protect sensitive financial
`
`information”) (Ex. 1014). Thus, the claims contain specific language, identified
`
`by the Patent Owner’s own expert, that directly ties the challenged claims to and
`
`implies the use of an embodiment for conducting a financial activity.
`
`In addition, dependent claim 8 explicitly recites the steps of “encrypting
`
`data” in the first process, “transferring the encrypted data” to the second process,
`
`and then “transferring” it again to the “network interface device” just as the
`
`specification describes in the context of a preferred embodiment for Internet
`
`banking. ’528 Reissue at 18:56-62 (Ex. 1001). Thus, claim 8 (and therefore claim
`
`1 from which it depends) is tied to and implies the use of the banking embodiment
`
`and is, at least, “broad enough to cover a financial product or service” for this
`
`further reason as well. See Informatica, CBM2015-00021, Paper 38 at 18.
`
`The Board has found similar patents directed to protecting data related to
`
`banking eligible for CBM review. For example, in Informatica v. Protegrity the
`
`challenged patent recited claims directed to “processing of data to be protected.”
`
`CBM2015-00021, Paper 38 at 5-7. The Board re