`571-272-7822
`
`
`Paper 14
`Entered: May 2, 2018
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`UNIFIED PATENTS INC.,
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC,
`Patent Owner.
`____________
`
`Case IPR2018-00067
`Patent 8,577,813 B2
`____________
`
`
`
`
`
`Before BART A. GERSTENBLITH, SCOTT C. MOORE, and
`JASON W. MELVIN, Administrative Patent Judges.
`
`MELVIN, Administrative Patent Judge.
`
`
`
`
`DECISION
`Institution of Inter Partes Review
`35 U.S.C. § 314(a)
`
`
`
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`I.
`INTRODUCTION
`Petitioner, Unified Patents Inc., requests inter partes review of
`claims 1–3 and 5–26 of U.S. Patent No. 8,577,813 B2 (Ex. 1001, “the
`’813 patent”). Paper 12 (“Pet.”).1 Patent Owner, Universal Secure Registry
`LLC, filed a Preliminary Response (Paper 7, “Prelim. Resp.”) and a
`Supplemental Preliminary Response (Paper 13, “Supp. Prelim. Resp.”).2
`An inter partes review may not be instituted unless “the information
`presented in the petition . . . and any response . . . shows that there is a
`reasonable likelihood that the petitioner would prevail with respect to at least
`1 of the claims challenged in the petition.” 35 U.S.C. § 314(a). For the
`reasons set forth below, there is a reasonable likelihood that Petitioner will
`prevail in establishing the unpatentability of at least one claim. We,
`therefore, institute inter partes review of claims 1–3 and 5–26 of the
`’813 patent. Our determinations at this stage of the proceeding are
`preliminary and based on the evidentiary record developed thus far. This is
`not a final decision as to the patentability of the claims for which inter
`partes review is instituted. Our final decision will be based on the record as
`fully developed during trial.
`
`A. RELATED MATTERS
`The parties identify the following judicial matter involving the
`’813 patent: Universal Secure Registry LLC v. Apple Inc. et al., Case
`No. 1:17-cv-00585 (D. Del.) (filed May 21, 2017). Pet. 67; Paper 5.
`
`
`1 We authorized Petitioner to file a Corrected Petition. See Paper 11.
`2 We authorized Patent Owner to file a Supplemental Preliminary Response
`addressing claims 7–10. Paper 11, 5–7.
`
`2
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`B. THE ’813 PATENT
`The ’813 patent issued November 5, 2013, from an application filed
`September 20, 2011. Ex. 1001, [45], [22]. The ’813 patent includes a
`number of priority claims, including dates as early as February 21, 2006. Id.
`at [63], [60], 1:6–32.
`The ’813 patent is titled “Universal Secure Registry” and is directed
`to authenticating a user using biometric and secret information provided to a
`user device, encrypted, and sent to a secure registry for validation. Id. at
`[57]. The Specification describes one aspect of the invention as an
`“information system that may be used as a universal identification system
`and/or used to selectively provide information about a person to authorized
`users.” Id., 3:65–4:1. One method described for controlling access involves
`“acts of receiving authentication information from an entity at a secure
`computer network, communicating the authentication information to the
`secure registry system, and validating the authentication information at the
`secure registry system.” Id. at 4:43–48. The “universal secure registry”
`(“USR”) is described as a computer system with a database containing
`entries related to multiple people, with a variety of possible information
`about each person, including validation, access, and financial information.
`Id. at 9:35–12:18.
`Validation information in the ’813 patent “is information about the
`user of the database to whom the data pertains and is to be used by the USR
`software 18 to validate that the person attempting to access the information
`is the person to whom the data pertains or is otherwise authorized to receive
`it.” Id. at 12:19–23. Such information must “reliably authenticate the identity
`of the individual” and may include “a secret known by the user (e.g., a pin, a
`
`3
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`phrase, a password, etc.), a token possessed by the user that is difficult to
`counterfeit (e.g., a secure discrete microchip), and/or a measurement such as
`a biometric (e.g., a voiceprint, a fingerprint, DNA, a retinal image, a
`photograph, etc.).” Id. at 12:23–31. The ’813 patent describes using such
`information in combination with other information “to generate a one-time
`nonpredictable code which is transmitted to the computer system” and used
`“to determine if the user is authorized access to the USR database.” Id.
`at 12:50–60; see also id. at 45:55–46:36. Communication between a user
`device and the secure registry may occur through a point-of-sale (“POS”)
`device in the ’813 patent. Id. at 43:4–44:31.
`
`C. CHALLENGED CLAIMS
`Petitioner challenges claims 1–3 and 5–26. Challenged claims 1, 16,
`and 24 are independent. Claim 1 (reproduced below) is illustrative of the
`claimed subject matter:
`1. An electronic ID device configured to allow a user to select
`any one of a plurality of accounts associated with the user
`to employ in a financial transaction, comprising:
`a biometric sensor configured to receive a biometric input
`provided by the user;
`a user interface configured to receive a user input including
`secret information known to the user and identifying
`information concerning an account selected by the user
`from the plurality of accounts;
`a communication interface configured to communicate with
`a secure registry;
`a processor coupled to the biometric sensor to receive
`information concerning the biometric input, the user
`interface and the communication interface, the processor
`being programmed to activate the electronic ID device
`based on successful authentication by the electronic ID
`
`4
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`device of at least one of the biometric input and the
`secret information, the processor also being programmed
`such that once the electronic ID device is activated the
`processor is configured to generate a non-predictable
`value and to generate encrypted authentication
`information from the non-predictable value, information
`associated with at least a portion of the biometric input,
`and the secret information, and to communicate the
`encrypted authentication information via the
`communication interface to the secure registry; and
`wherein the communication interface is configured to
`wirelessly transmit the encrypted authentication
`information to a point-of-sale (POS) device, and
`wherein the secure registry is configured to receive at
`least a portion of the encrypted authentication
`information from the POS device.
`Ex. 1001, 51:65–52:29.
`
`D. PROPOSED GROUNDS OF UNPATENTABILITY
`Petitioner asserts the following grounds of unpatentability, each based
`on 35 U.S.C. § 103(a):3
`Challenged Claims
`References
`1–3, 5, 11–17, and 19–26
`Maes,4 Pare,5 and Labrou6
`Maes, Pare, Labrou, and Burger7 6–10 and 18
`
`3 The America Invents Act included revisions to, inter alia, 35 U.S.C. § 103
`effective on March 16, 2013. Because the ’813 patent issued from an
`application filed before March 16, 2013, the pre-AIA version of 35 U.S.C.
`§ 103 applies.
`4 U.S. Patent No. 6,016,476, issued January 18, 2000 (Ex. 1003).
`5 U.S. Patent No. 5,870,723, issued February 9, 1999 (Ex. 1004).
`6 U.S. Patent Publication No. US 2004/0107170 A1, published June 3, 2004
`(Ex. 1005).
`7 International Publication WO 01/24123 A1, published April 5, 2001
`(Ex. 1006).
`
`5
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`References
`Pizarro8 and Pare
`
`Challenged Claims
`1, 2, 5, 11, 13, 16, 17, and 24
`
`
`
`Petitioner also relies on the declaration of Dr. Eric Cole (Ex. 1009).
`
`E. OBVIOUSNESS OVERVIEW
`An invention is not patentable “if the differences between the subject
`matter sought to be patented and the prior art are such that the subject matter
`as a whole would have been obvious at the time the invention was made to a
`person having ordinary skill in the art to which said subject matter pertains.”
`35 U.S.C. § 103(a). The question of obviousness is resolved on the basis of
`underlying factual determinations including: (1) the scope and content of the
`prior art; (2) any differences between the claimed subject matter and the
`prior art; (3) the level of skill in the art; and, (4) where in evidence, so-called
`secondary considerations, including commercial success, long-felt but
`unsolved needs, and failure of others. Graham v. John Deere Co., 383 U.S.
`1, 1718 (1966). When evaluating a combination of teachings, we must also
`“determine whether there was an apparent reason to combine the known
`elements in the fashion claimed by the patent at issue.” KSR Int’l Co. v.
`Teleflex Inc., 550 U.S. 398, 418 (2007) (citing In re Kahn, 441 F.3d 977,
`988 (Fed. Cir. 2006)). Whether a combination of elements produced a
`predictable result weighs in the ultimate determination of obviousness. KSR,
`550 U.S. at 416–17.
`
`
`8 U.S. Patent No. 7,865,448 B2, filed October 19, 2004 (Ex. 1007).
`
`6
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`II. DISCUSSION
`A. CLAIM CONSTRUCTION
`Petitioner proposes constructions for three terms: “biometric input,”
`“secret information,” and “secure registry.” Pet. 6–7. Patent Owner
`challenges Petitioner’s proposals, asserting that because Petitioner’s
`proposed constructions provide only examples of what the claim terms
`include, Petitioner has not provided definitions sufficient to meet our
`standard under 37 C.F.R. § 42.104(b)(3). Prelim. Resp. 14–19.
`We do not agree with Patent Owner, which has not identified any
`logical reason or case law to support its position that examples cannot define
`claim scope sufficiently to resolve a particular dispute. See Sumitomo
`Dainippon Pharma Co. v. Emcure Pharm. Ltd., No. 2017-1798, 2018 WL
`1787667, at *3 (Fed. Cir. Apr. 16, 2018) (construing claim to cover certain
`scope “at a minimum” and explaining that resolving the dispute required
`determining only that the claim “at least covers” such scope); Nidec Motor
`Corp. v. Zhongshan Broad Ocean Motor Co., Ltd., 868 F.3d 1013, 1017
`(Fed. Cir. 2017) (affirming that the Board only need construe claims terms
`“to the extent necessary to resolve the controversy”) (citing Vivid Techs.,
`Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir. 1999)); cf. O2
`Micro Int’l Ltd. V. Beyond Innovation Tech. Co., 521 F.3d 1351, 1361–62
`(Fed. Cir. 2008) (holding that the district court erred by refusing to construe
`a claim term sufficiently to resolve the parties’ dispute).
`We do not understand the parties to dispute the meaning or
`application of “biometric input” or “secret information” and we therefore
`decline to adopt a construction at this stage of the proceeding.
`
`7
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`As discussed below, for one prior-art reference, Patent Owner
`disputes whether Petitioner has identified a “secure registry” as claimed, but
`in that dispute, Patent Owner applies Petitioner’s proposed construction for
`the term. Prelim. Resp. 27; see infra at 26. Petitioner proposes that a “secure
`registry” includes “one or more systems maintaining one or more secure
`databases for storing account information for a plurality of users and that
`perform the function of validating authentication information of users.”
`Pet. 6–7 (citing Ex. 1001, 9:63–67, 10:24–26, 10:58–11:3, 12:10–18, 44:39–
`46, 46:27–31).
`Patent Owner challenges Petitioner’s proposed construction as
`improperly “purely functional.” Prelim. Resp. 17–19. We do not agree that
`Petitioner’s proposed construction is defective. While Petitioner’s
`construction includes functional language, that does not demonstrate that the
`construction is improper because claim limitations may include functional
`language. See MasterMine Software, Inc. v. Microsoft Corp., 874 F.3d 1307,
`1316 (Fed. Cir. 2017) (determining limitations were “permissible functional
`language used to describe capabilities of the ‘reporting module’” software
`element in the claim).
`Petitioner’s construction appears consistent with the Specification’s
`description of a secure registry. The Specification states that one
`embodiment of the secure registry “includes a secure database that stores
`account information for a plurality of users” including “records concerning
`one or more accounts” for each user. Ex. 1001, 44:39–46. It further
`describes that “the authentication information (for example, encrypted
`authentication information) is communicated to the secure registry for
`authentication and approval of the requested account access and/or financial
`
`8
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`transaction.” Id. at 46:27–31. Accordingly, we adopt Petitioner’s
`construction for purposes of this Decision.
`
`B. OBVIOUSNESS OVER MAES, PARE, AND LABROU9
`1. The prior art
`a. Maes (Ex. 1003)
`Petitioner asserts Maes is prior art under 35 U.S.C. § 102(b) based on
`its January 18, 2000, issue date. Pet. 7. Maes discloses a system for
`processing transactions using a “transaction processing device (‘personal
`digital assistant’ or ‘PDA’) in which a user can store his or her credit card,
`ATM card and/or debit card (i.e., financial) information, as well as personal
`information, and then access and write selected information to a smartcard
`(‘Universal Card’), which is then used to initiate a POS, ATM, or consumer
`transaction.” Ex. 1003, 2:23–31. User verification on the device “may be
`performed by using either biometric data, PIN or password, or a combination
`thereof.” Id. at 3:59–61.
`Maes’s device may communicate with a “central server” to obtain a
`“temporary digital certificate” in order to access a user’s information. Id.
`at 2:36–42, 3:38–52. The central server stores personal information, secret
`information, and biometric data for a user, and verifies a user’s identity to
`issue a digital certificate. Id. at 7:20–35. A PDA’s connection to the central
`server may occur directly through a variety of channels, or may connect via
`“a special ATM (or other such kiosks).” Id. at 7:60–8:5. In one embodiment,
`Maes discloses using the PDA for a transaction with a POS transaction
`
`9 We explain in further detail how we consider this heading to encompass
`multiple grounds for the independent claims, using Maes as the primary
`reference and using Pare or Labrou as the secondary reference.
`
`9
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`terminal. Id. at 12:5–57. In that embodiment, the PDA generates an
`authorization number upon user verification local to the PDA, and the POS
`terminal verifies the authorization number with the central server. Id.
`at 12:40–13:5.
`
`b. Pare (Ex. 1004)
`Petitioner asserts Pare is prior art under 35 U.S.C. § 102(b) based on
`its February 9, 1999, issue date. Pet. 8. Pare discloses a “method and system
`for tokenless authorization of commercial transactions between a buyer and
`a seller using a computer system.” Ex. 1004, [57]. Pare’s system verifies
`buyers by requiring entry of biometric samples and a PIN, sending the
`information to a remote computer system (the “Data Processing Center
`(DPC)”) in an encrypted state, then comparing the information with such
`information previously registered by the buyer. Id. at 4:14–49, 6:12–16,
`8:35–36.
`Pare describes using a “Biometric Input Apparatus (BIA)” to “gather,
`encode, and encrypt biometric input for use in commercial transaction.” Id.
`at 10:41–46. For encryption, Pare teaches using a derived unique key per
`transaction (DUKPT) to select an encryption key from a “Future Key Table”
`that is an “unpredictable” key. Id. at 17:27–55, 18:50–63. The key is used to
`encrypt the “Biometric-PIN block,” which contains biometric information
`and a PIN, for transmission to the DPC. Id. at 17:29–31.
`c. Labrou (Ex. 1005)
`Petitioner asserts Labrou is prior art under 35 U.S.C. § 102(b) based
`on its June 3, 2004, publication date. Pet. 8. Labrou discloses a “computer
`system for conducting purchase transactions using wireless communications
`between a consumer and a merchant.” Ex. 1005, [57]. Labrou’s system
`
`10
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`employs a “‘Secure Transaction Server (STS)’ . . . for deciding which
`transaction requests are legitimate and passes them to the payment service of
`a financial institution.” Id. ¶ 119. Labrou discloses encrypting a user’s
`transaction information using a “Private Identification Entry (PIE),” which
`may be a PIN or “may be deterministically generated using a biometric
`device such as a fingerprint sensor.” Id. ¶ 524. The PIE is used in
`combination with a “Random Sequence Number (RSN)” to create an
`encryption key. Id. ¶¶ 253, 527, 535–537. The STS decrypts messages and
`validates transaction information. Id. ¶¶ 258–261.
`
`2. Claim 1
`Petitioner maps claim 1’s limitations to the references, applying Maes
`as the primary reference that teaches most claim limitations. See Pet. 9–27.
`While Petitioner asserts further that other references also teach certain
`limitations, other than as addressed below, we construe the ground as relying
`on Maes alone.
`Regarding the processor being “programmed such that once the
`electronic ID device is activated the processor is configured to generate a
`non-predictable value and to generate encrypted authentication information
`from the non-predictable value, information associated with at least a portion
`of the biometric input, and the secret information,” Petitioner asserts that
`Maes discloses generating an authorization number and that Pare teaches
`and Labrou renders obvious “the concept of generating non-predictable
`values for generating encrypted authentication information associated with
`biometric input and secret information.” Pet. 18.
`Regarding Pare, Petitioner relies on Pare’s disclosure of a
`“commercial transaction message,” including biometric and secret
`
`11
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`information, that is encrypted using a randomly generated key. Id. at 19–20
`(citing Ex. 1004, 17:27–46, [57], 4:34–42, 18:51–61, 19:43–20:15, Fig. 7).
`Regarding Labrou, Petitioner relies on Labrou’s disclosure of
`encrypting transaction information using a “Private Identification Entry
`(PIE),” which may be input as a PIN or determined from biometric
`information. Id. at 20–21 (citing Ex. 1005 ¶¶ 253, 259, 524, 527, 535–537).
`Petitioner asserts it would have been obvious to a person of ordinary skill in
`the art to use both a user-entered PIN and biometric information to generate
`Labrou’s PIE, because Labrou “already teaches that both sets of information
`may be used together to authenticate a user” and because “doing so would
`have further enhanced the security of transactions in Labrou by creating an
`additional layer of security.” Id. at 21 (citing Ex. 1005 ¶¶ 421, 158; Ex. 1009
`¶¶ 53–54)).
`Petitioner asserts that a person of ordinary skill had reason “to
`substitute the encrypted authentication information taught in Pare or Labrou
`for the authorization number of Maes” because Maes already teaches
`encrypting certain information and discloses that its invention “may employ
`any known encryption technique or algorithm,” and because “encrypting
`sensitive information had long been an established practice in financial
`security systems to address fraud.” Id. at 21–22 (citing Ex. 1003, 10:10–15,
`12:66–13:5, 13:24–38, 13:51–60, Fig. 5; Ex. 1009 ¶¶ 54, 36–38).
`We consider Petitioner’s assertions to establish two grounds
`applicable to claim 1: Maes and Pare; and Maes and Labrou. In those
`grounds, Pare and Labrou are relied on (respectively) for the generation of
`encrypted authentication information, as discussed above.
`
`12
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`Regarding the requirement to “communicate the encrypted
`authentication information via the communication interface to the secure
`registry,” Petitioner assets that, although Maes discloses that its
`“authorization number may be displayed or verbally communicated to a
`merchant,” a person of ordinary skill would have found it obvious “that this
`number could be transmitted wirelessly.” Id. at 23–24. Petitioner further
`asserts that Pare and Labrou teach the wireless-transmission limitation. Id. at
`24 (citing Ex. 1004 at 4:34–58, 6:12–17, 23:60–24:17, 30:63–31:27,
`Figs. 17–18; Ex. 1005 [57], ¶¶ 188–190, 210–212, 322–323). Petitioner
`contends that a person of skill would have applied these teachings to Maes’s
`system because Pare’s and Labrou’s systems “each perform the functions of
`storing information related to users and authenticating transactions, just as
`the secure registry in the ’813 Patent and the central server in Maes” and
`because “Maes itself already contemplates that authentication information
`may be wirelessly communicated to the central server for verification using
`the POS device as a conduit.” Id. at 24–25 (citing Ex. 1009 ¶¶ 40, 50, 52,
`54–56).
`We understand this aspect of Petitioner’s challenge as continuing to
`rely on Pare and Labrou in each of the respective challenges. In the ground
`applying Maes and Pare, we interpret Petitioner’s challenge as relying on
`Pare’s teaching of communicating the authentication information to the
`secure registry, as combined with Maes; likewise, in the ground applying
`Maes and Labrou, we interpret Petitioner’s challenge as relying on Labrou’s
`teaching of that limitation, as combined with Maes. This understanding
`applies also to the limitations requiring wireless transmission to a point-of-
`
`13
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`sale device and that the secure registry be configured to receive
`authentication information from the point-of-sale device. See id. at 25–27.
`Patent Owner argues that the Petition lacks sufficient particularity and
`specificity because it asserts that multiple references teach the same
`limitations. Prelim. Resp. 19–23. That argument is not persuasive in view of
`our interpretation of the challenges to claim 1 as based on the combination
`of Maes and Pare and the combination of Maes and Labrou, as explained
`above. Properly understood, Petitioner does not raise “hundreds of possible
`permutations” as asserted by Patent Owner, and Petitioner may not “pick-
`and-choose from these myriad alternatives” to show invalidity. Id. at 1.
`In other regards, Patent Owner does not challenge Petitioner’s
`mappings at this stage of the proceeding. We have evaluated Petitioner’s
`proposed grounds of obviousness for claim 1 based on Maes, Pare, and
`Labrou, and Patent Owner’s arguments against institution presented in the
`Preliminary Response. On the present record, we determine that Petitioner
`has shown adequately at this stage of the proceeding a reasonable likelihood
`of succeeding on its obviousness challenge to claim 1 over Maes and Pare,
`and on its challenge to claim 1 over Maes and Labrou.
`
`3. Claims 16 and 24
`Independent claims 16 and 24 are directed to methods of “generating
`authentication information” and of “controlling access to a plurality of
`accounts,” respectively, and recite limitations similar to those of claim 1.
`Petitioner maps the limitations of claims 16 and 24 as it does those of
`claim 1. Pet. 33–35, 38–40. Patent Owner does not raise arguments specific
`to claims 16 or 24 at this stage.
`
`14
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`For the reasons discussed above regarding claim 1, and based on our
`review of the record, we determine that Petitioner has shown adequately at
`this stage of the proceeding a reasonable likelihood of succeeding on its
`obviousness challenges to claims 16 and 24 over Maes and Pare, and on its
`challenges to claims 16 and 24 over Maes and Labrou.
`
`4. Claims 2, 3, 5, and 11
`Claim 2 depends from claim 1 and recites that “the electronic ID
`device comprises a discrete code associated with the electronic ID device.”
`Claim 3 depends from claim 1 and recites that “at least a portion of the
`biometric input received by the biometric sensor is communicated to the
`secure registry for authentication prior to generation of the encrypted
`authentication information.” Claim 5 depends from claim 1 and recites “a
`memory coupled to the processor, wherein the memory stores information
`employed by the electronic ID device to authenticate the biometric received
`by the biometric sensor.” Claim 11 depends from claim 1 and recites that
`“the biometric sensor is configured to receive and process at least one of a
`fingerprint, a speech/voice input, an iris scan, a retina scan, a facial scan,
`written information and a DNA input.”
`Petitioner maps the limitations of claims 2, 3, 5, and 11 onto Maes’s
`teachings. Pet. 27–31. Patent Owner does not contest those assertions at this
`stage. On the present record, we determine that Petitioner has shown
`adequately at this stage of the proceeding a reasonable likelihood of
`succeeding on its obviousness challenges to claims 2, 3, 5, and 11 over Maes
`and Pare, and on its challenges to claims 2, 3, 5, and 11 over Maes and
`Labrou.
`
`15
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`5. Claims 12–15, 17, 21–23, 25, and 26
`Claim 12 depends from claim 11 and recites that “the processor is
`configured to generate account identifying information for the respective one
`of the plurality of accounts, wherein the account identifying information
`does not identify an account number of the respective one of the plurality of
`accounts”; claim 21 recites an analogous limitation. Petitioner maps the
`limitations of claims 12 and 21 onto Labrou’s teachings, asserting a person
`of ordinary skill in the art had reason “to incorporate Labrou’s teachings of
`generating account aliases, rather than account numbers, to identify one of a
`plurality of accounts into the system of Maes at least to further Maes’s
`objective of preventing unauthorized access of a consumer’s confidential
`account information.” Pet. 31 (citing Ex. 1009 ¶ 59); accord id. at 37–38.
`Patent Owner does not contest those assertions at this stage. On the present
`record, we determine that Petitioner has shown adequately at this stage of
`the proceeding a reasonable likelihood of succeeding on its obviousness
`challenge to claims 12 and 21 over Maes, Pare, and Labrou, and on its
`challenge to claims 12 and 21 over Maes and Labrou.10
`Claim 13 depends from claim 1 and recites that “the processor is
`configured to display indicators for the plurality of accounts in the user
`interface, and the user interface is configured to accept user selection of a
`respective one of the plurality of accounts”; claim 17 recites an analogous
`limitation. Petitioner asserts that Maes teaches the limitations of claims 13
`
`
`10 Because Petitioner challenges claims 1 and 16 based on both Maes
`combined with Pare and also Maes combined with Labrou, relying on
`Labrou as disclosing the limitations of a dependent claim creates one
`challenge to the dependent claim based on Maes and Labrou, and another
`challenge based on Maes, Pare, and Labrou.
`
`16
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`and 17 by disclosing that a “desired card may be selected through the user
`interface/display 34.” Id. at 32. Petitioner, however, provides no explanation
`or support for such a conclusion. We conclude that Petitioner has not shown
`adequately that the disclosure in Maes teaches all aspects of the limitations
`of claim 13 and 17. See Harmonic v. Avid Tech., 815 F.3d 1356, 1364–65
`(Fed. Cir. 2016) (holding that simply stating a disclosure in the art satisfies a
`claim limitation may be inadequate). Notwithstanding that conclusion, our
`current practice dictates that this review will include the challenge based on
`Maes’s teaching of the limitations of claims 13 and 17. See SAS Inst. Inc. v.
`Iancu, No. 16-969, 2018 WL 1914661, *5 (U.S. Apr. 24, 2018) (noting that
`the language of 35 U.S.C. § 314(b) “indicates a binary choice—either
`institute review or don’t”). That challenge results in a ground of
`unpatentability of claims 13 and 17 based on Maes and Pare, and another
`ground based on Maes and Labrou.
`Petitioner also maps the limitations of claims 13 and 17 onto Labrou’s
`teachings, asserting a person of ordinary skill had reason “to incorporate
`Labrou’s teachings of a user interface displaying indicators for a plurality of
`accounts and accepting selection of one of the accounts because a PHOSITA
`would have appreciated that this would enhance the usability of the device.”
`Pet. 32 (citing Ex. 1005, ¶ 293, Figs. 52–55; Ex. 1009 ¶ 60); accord id. at
`36. Patent Owner does not contest those assertions at this stage. We
`determine that Petitioner has shown adequately at this stage of the
`proceeding a reasonable likelihood of succeeding on its obviousness
`challenge to claims 13 and 17 over Maes, Pare, and Labrou, and on its
`challenge to claims 13 and 17 over Maes and Labrou.
`
`17
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`
`Claim 14 depends from claim 1 and recites that “the user interface is
`configured to display options for purchase”; claims 22 and 25 depend from
`claims 16 and 24, respectively, and recite analogous limitations. Claim 15
`depends from claim 14 and recites that “the user interface is configured to
`accept selection of at least one product or service”; claims 23 and 26 depend
`from claims 22 and 25, respectively, and recite analogous limitations.
`Petitioner asserts that Maes teaches the limitations of claims 14, 22,
`and 25, and those of claims 15, 23, and 26 because it discloses “the user
`device may be used for transactions on a merchant’s web site.” Id. (citing
`Ex. 1003, 13:39–50, 14:1–16). Patent Owner does not contest those
`assertions at this stage. We are not persuaded that using a device for
`transactions on a website would necessarily satisfy the limitations of claims
`14, 22, and 25, or those of claims 15, 23, and 25. We therefore conclude that
`Petitioner has not shown adequately that the disclosure in Maes teaches all
`aspects of the limitations of claims 14, 15, 22, 23, 25, and 26. See Harmonic,
`815 F.3d at 1364–65. As with claims 13 and 17, however, we nonetheless
`include this challenge in the instituted review. See SAS Inst.,
`2018 WL 1914661, at *5.
`Petitioner also maps the limitations of claims 14, 22, and 25, and
`those of claims 15, 23, and 26 onto Labrou’s teachings, asserting a person of
`ordinary skill in the art had reason “to incorporate Labrou’s teachings of
`displaying options for selection and purchase on a user interface into the
`system of Maes because, as mentioned, Maes contemplates that the user
`device may be used for purchasing items over the Internet.” Pet. 40 (citing
`Ex. 1005 ¶ 157, 161; Ex. 1009 ¶ 61). Patent Owner does not contest those
`assertions at this stage. We interpret Petitioner as asserting that using
`
`18
`
`
`
`IPR2018-00067
`Patent 8,577,813 B2
`
`Labrou’s teachings for an action already taught by Maes would have been a
`simple substitution. See KSR, 550 U.S. at 416 (“[W]hen a patent claims a
`structure already known in the prior art that is altered by the mere
`substitution of one element for another known in the field, the combination
`must do more than yield a predictable result.”). We determine that Petitioner
`has shown adequately at this stage of the proceeding a reasonable likelihood
`of succeeding on its obviousness challenges to claims 14, 15, 22, 23, 25, and
`26 over Maes, Pare, and Labrou, and on its challenges to claims 14, 15, 22,
`23, 25, and 26 over Maes and Labrou.
`
`6. Claim 19
`Although we identify a deficiency in Petitioner’s challenge to claim
`19, we institute review.
`Claim 19 depends from claim 16 and recites “generating a seed from
`which the authentication information is generated by employing at least two
`of the biometric data, the secret information known to the user, and an
`electronic serial number of the electronic ID device.” Petitioner maps the
`limitations of claim 19 onto Labrou’s teachings, asserting a person of
`ordinary skill in the art had reason “to incorporate the teachings of Labrou
`into the system of Maes as a known way to generate a non-predictable value,
`such as a random number, from a seed because the use of seeds to generate
`random numbers for encrypting information was well known in the art, as
`evidenced by the ANSI X9.17 standard.” Pet. 44–46 (regarding claim 10),
`36 (relying on the assertions against claim 10 as applied also t