`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`________________
`
`APPLE INC.
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC
`Patent Owner
`________________
`
`Case IPR2018-00808
`U.S. Patent No. 9,530,137
`________________
`
`PATENT OWNER’S PRELIMINARY RESPONSE
`PURSUANT TO 35 U.S.C. § 313 AND 37 C.F.R. § 42.107
`
`
`
`TABLE OF CONTENTS
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`Page
`
`I.
`II.
`
`IV.
`V.
`
`VI.
`
`INTRODUCTION ...........................................................................................1
`OVERVIEW OF THE ’137 PATENT ............................................................3
`A.
`The ’137 Patent Specification ...............................................................3
`B.
`The ’137 Patent Claims .........................................................................6
`C.
`Prosecution History of the ’137 Patent .................................................8
`III. OVERVIEW OF THE ASSERTED PRIOR ART..........................................8
`A. Maritzen.................................................................................................8
`B.
`Gullman .................................................................................................9
`C.
`Niwa ....................................................................................................10
`D.
`Schutzer...............................................................................................10
`LEVEL OF ORDINARY SKILL IN THE ART...........................................11
`CLAIM CONSTRUCTION ..........................................................................12
`A.
`“The One Or More Signals” (All Challenged Claims) .......................12
`THE PETITION FAILS TO DEMONSTRATE A REASONABLE
`LIKELIHOOD THAT ANY CLAIM IS INVALID BASED ON
`MARITZEN IN VIEW OF GULLMAN AND NIWA (GROUND 1) .........15
`A.
`A POSITA Would Not Combine Maritzen With Gullman To
`Use Secret Information (Limitations 1[a] and 12[b]) .........................16
`1.
`Maritzen And Gullman Disparage, Criticize And
`Discourage Using Pin-Based Authentication ...........................18
`Petitioner Has Not Carried Its Burden To Show
`Obviousness ..............................................................................21
`Petitioner Fails To Show Any Disclosure Of Transmitting And
`Processing “The One Or More Signals” (Limitations 1[f], 1[h],
`And 12[f])............................................................................................25
`VII. GROUND 2 IS MOOT BECAUSE CLAIMS 8 AND 11 HAVE
`BEEN CANCELLED ....................................................................................29
`VIII. CONCLUSION..............................................................................................30
`
`2.
`
`B.
`
`i
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`TABLE OF AUTHORITIES
`
`Page(s)
`
`Cases
`Cheese Sys. v. Tetra Pak Cheese & Powder Sys.,
`725 F.3d 1341 (Fed. Cir. 2013) ..........................................................................17
`Commvault Systems, Inc. v. Realtime Data LLC,
`Case No. IPR2017-02006 (P.T.A.B. March 29, 2018).......................................28
`Cuozzo Speed Techs., LLC v. Lee,
`136 S. Ct. 2131 (2016)........................................................................................12
`Google Inc. v. SimpleAir, Inc.,
`Case CBM2015-00019 (PTAB May 19, 2015) ..................................................11
`Kinetic Concepts, Inc. v. Smith & Nephew, Inc.,
`688 F.3d 1342 (Fed. Cir. 2012) ..........................................................................17
`KSR Int’l Co. v. Teleflex, Inc.,
`550 U.S. 398 (2007)............................................................................................17
`Light Guard Systems, Inc. v. Spot Devices, Inc.,
`2012 WL 2131943 (D. Nev. 2012).....................................................................13
`Medgraph, Inc. v. Medtronic, Inc.,
`843 F.3d 942 (Fed. Cir. 2016) ............................................................................13
`Nevro Corp. v. Boston Scientific Neuromodulation Corp.,
`Case No. IPR2018-00143 (P.T.A.B May 2, 2018).............................................23
`Polaris Industries, Inc. v. Arctic Cat, Inc.,
`882 F.3d 1056 (Fed. Cir. 2018) ..........................................................................18
`Secure Technologies, Inc. v. Global Tel*Link Corp.,
`701 Fed. Appx. 971 (Fed. Cir. 2017)..................................................................24
`Santarus, Inc. v. Par Pharmaceutical, Inc.,
`694 F.3d 1344 (Fed. Cir. 2012) ..........................................................................18
`Square, Inc. v. Cooper,
`IPR2014-00015 (May 15, 2014).........................................................................22
`Rules and Regulations
`
`37 C.F.R. § 42.100(b) ..............................................................................................12
`
`ii
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`TABLE OF EXHIBITS
`
`Exhibit #
`2001
`
`Description
`Declaration of Markus Jakobsson in Support of Patent
`Owner's Preliminary Response
`
`2002
`
`2003
`
`Curriculum Vitae of Markus Jakobsson
`
`USR Disclaimer Filed July 6, 2018
`
`iii
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`I.
`
`INTRODUCTION
`
`In just one month, Petitioner Apple Inc. ("Petitioner") has flooded the Board
`
`with eleven petitions challenging four related patents assigned to Universal Secure
`
`Registry LLC (“Patent Owner”). See IPR2018-00808, IPR2018-00809, IPR2018-
`
`00810,
`
`IPR2018-00811,
`
`IPR2018-00812,
`
`IPR2018-00813, CBM2018-00022,
`
`CBM2018-00023, CBM2018-00024, CBM2018-00025, CBM2018-00026. The
`
`present Petition (Paper 1, IPR2018-00808) is one of three petitions challenging
`
`claims 1, 2, 5-7, 9, 10 and 12 of U.S. Patent No. 9,530,137 (“the ’137 Petition”). See
`
`also IPR2018-00809, CBM2018-00022.
`
`Petitioner is unable to muster any
`
`anticipation ground against any claim of the ’137 patent.
`
`Instead, each of its
`
`petitions puts forth hindsight combinations that selectively cull components from
`
`prior art references in an attempt to fit the parameters of the patented invention. In
`
`the present case, the Petition attempts to combine “Maritzen in view of Gullman and
`
`Niwa” to invalidate the independent claims—Claims 1 and 12—of the ’137 patent.
`
`Like its other petitions attacking the ’137 patent, this Petition fails for several
`
`independent reasons. First, Petitioner admits that Maritzen does not disclose
`
`Limitations 1[a] and 12[b] of the independent claims—which requires the use of
`
`PIN-based authentication—but
`
`argues
`
`that Gullman discloses PIN-based
`
`authentication and can be combined with Maritzen to arrive at these limitations. See
`
`Section VI.A. But Petitioner fails to demonstrate that a POSITA would have been
`
`1
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`motivated to combine Maritzen with Gullman in the manner Petitioner proposes.
`
`Maritzen and Gullman disparage, criticize, and discourage the modification set forth
`
`by Petitioner. In fact, Gullman does not even teach using PIN-based authentication.
`
`Rather, Gullman teaches that PIN-based authentication is problematic and that its
`
`invention eliminates the need for PIN-based authentication. Petitioner ignores this
`
`fact, as well as the other statements and teachings in Maritzen and Gullman that
`
`make clear a POSITA would not combine the two references.
`
`Second, limitations 1[f], 1[h], and 12[f] require a first device transmit “the
`
`one or more signals” to a second device for processing. The ’137 patent makes clear
`
`that three separate, and distinct, types of information must be transmitted and
`
`processed in “the one or more signals, specifically:” (1) first authentication
`
`information, (2) an indicator of biometric authentication of the user of the first
`
`device, and (3) a time varying value. See Section V.A. While Petitioner asserts that
`
`Maritzen discloses these limitations because it transmits and processes a “transaction
`
`key,” it makes no attempt to show how Maritzen’s transaction key maps to the
`
`different types of information that must be included in “the one or more signals.”
`
`See Section VI.B. In fact, because Martizen’s transaction key includes at most two
`
`types of information—a biometric key and an PTD identifier—it cannot include all
`
`three types of information that must be transmitted in “the one or more signals” (e.g.,
`
`a time varying value).
`
`2
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`II. OVERVIEW OF THE ’137 PATENT
`
`A.
`
`The ’137 Patent Specification
`
`The '137 patent relates to a unique and highly secure distributed transaction
`
`approval system. Ex. 1001; Ex. 2001 (Jakobsson Decl.), ¶ 25. Figure 21 depicts
`
`one possible embodiment of such a transaction approval system:
`
`Id. The claimed invention provides improved transaction security by providing a
`
`system where users locally authenticate themselves at a first device using multi-
`
`factor authentication (e.g., a PIN code and a biometric, such as a fingerprint) before
`
`the first device generates a transaction approval request that it transmits to a remote
`
`3
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`second device. See, e.g., id. at 29:21-44; Fig. 21; Ex. 2001, ¶ 26. The transaction
`
`approval request from the first device is improved as well. See, e.g., id. at 16:49-
`
`17:54; Figs. 6, 21; Ex. 2001, ¶ 26. The request signal(s) include at least three specific
`
`types of data: first authentication information, an indicator of the device's biometric
`
`authentication of the user, and a one time code that is a time varying value. See, e.g.,
`
`id. at 14:26-53, 32:31-33:19; Figs. 21, 23; Ex. 2001, ¶ 26. The request signal(s) are
`
`sent to a second device for processing authorization of the transaction (e.g., by a
`
`server). 2001, ¶ 26. The second device may return an enablement signal based on
`
`the request signal(s), as well as second authentication information of the user
`
`available at the second device. See, e.g., id. at 33:20-34:6; Figs. 21, 24-25; Ex. 2001,
`
`¶ 26.
`
`The claimed invention solves a technical problem specifically encountered in
`
`distributed electronic transaction approval systems. Ex. 2001, ¶ 27. One important
`
`concern is ensuring that the person remotely initiating a transaction is an authorized
`
`user, and not someone fraudulently using a counterfeit or stolen device (e.g., access
`
`card, credit card, phone, etc.).
`
`Id., ¶ 27. The claimed invention addresses this
`
`concern by locally authenticating the user of the first device through multifactor
`
`authentication (e.g., a secret PIN and fingerprint), and by generating and sending the
`
`remote second device an indication of biometric authentication and other data that
`
`is difficult to counterfeit. See, e.g., id. at 2:50-52, 13:62-14:7, 22:16-20; Ex. 2001,
`
`4
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`¶ 27. Another critical concern in a distributed electronic transaction approval system
`
`is preventing the interception of sensitive information that could be fraudulently
`
`used in future transactions. Ex. 2001, ¶ 27. The claimed invention addresses this
`
`concern by generating and sending authentication information (rather than requiring
`
`users to send their social security number, password, credit card number, or other
`
`sensitive information) from the local first device to the remote second device, and
`
`by incorporating a time varying value that may be used to prevent a replay attack.
`
`See, e.g., id. at 4:23-31, 15:43-50, 18:27-34, 19:45-52; Ex. 2001, ¶ 27.
`
`Hence, the '137 patent provides an improved secure distributed transaction
`
`approval system. Ex. 2001, ¶ 28. A user needs more than just possession of the
`
`local device to conduct transactions, as the claimed system locally authenticates both
`
`secret information and biometric information from the user before it engages in a
`
`transaction, protecting against fraudulent transactions using a stolen device.
`
`Id.
`
`Furthermore, the device in the claimed system does not publish or send the user’s
`
`secret information or other sensitive information over a network, where it might be
`
`stolen and misused.
`
`Id.
`
`Instead,
`
`the device generates signal(s) including
`
`authentication information, indication of the device’s biometric authentication of the
`
`user, and a time varying value, and sends those to the second device for transaction
`
`approval. Id. And, inclusion of the time varying value protects against interception
`
`and resubmission of signal(s) in a replay attack. Id.
`
`5
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`B.
`
`The ’137 Patent Claims
`
`The '137 patent includes 12 claims, of which claims 1 and 12 are independent.
`
`The two independent claims of the ’137 patent are reproduced below:
`
`1. A system for authenticating a user for enabling a transaction, the system
`comprising:
`
`a first device including:
`
`a first processor, the first processor programmed to authenticate a
`user of the first device based on secret information and to retrieve or
`receive first biometric information of the user of the first device;
`
`a first wireless transceiver coupled to the first processor and
`programmed to transmit a first wireless signal
`including first
`authentication information of the user of the first device; and
`
`a biometric sensor configured to capture the first biometric
`information of the user;
`
`wherein the first processor is programmed to generate one or more
`signals including the first authentication information, an indicator of
`biometric authentication, and a time varying value in response to
`valid authentication of the first biometric information, and to
`provide the one or more signals including the first authentication
`information for transmitting to a second device; and
`
`wherein the first processor is further configured to receive an
`enablement signal from the second device; and
`
`the system further including the second device that is configured to
`provide the enablement signal
`indicating that
`the second device
`approved the transaction based on use of the one or more signals;
`
`wherein the second device includes a second processor that is
`configured to provide the enablement signal based on the indication
`of biometric authentication of the user of the first device, at least a
`
`6
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`the first authentication information, and second
`portion of
`authentication information of the user of the first device to enable
`and complete processing of the transaction.
`
`Ex. 1001 at 45:27-61.
`
`12. A system for authenticating a user for enabling a transaction, the
`system comprising:
`
`a first device including:
`
`a biometric sensor configured to capture a first biometric
`information of the user;
`
`a first processor programmed to: 1) authenticate a user of the first
`device based on secret information, 2) retrieve or receive first
`biometric information of the user of the first device, 3) authenticate
`the user of the first device based on the first biometric, and 4)
`generate one or more signals including first authentication
`information, an indicator of biometric authentication of the user of
`the first device, and a time varying value; and
`
`a first wireless transceiver coupled to the first processor and
`programmed to wirelessly transmit the one or more signals to a
`second device for processing;
`
`wherein generating the one or more signals occurs responsive to
`valid authentication of the first biometric information; and
`wherein the first processor is further configured to receive an
`enablement signal from the second device; and
`
`wherein the first processor is further programmed to receive an
`enablement signal indicating an approved transaction from the second
`device, wherein the enablement signal is provided from the second
`device based on acceptance of the indicator of biometric authentication
`and use of the first authentication information and use of second
`authentication information to enable the transaction.
`
`Id. at 46:55-47:14.
`
`7
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`C.
`
`Prosecution History of the ’137 Patent
`
`The '137 patent
`
`issued on December 27, 2016 from Application No.
`
`15/019,660 filed on February 9, 2016.
`
`The '137 patent was subject to a thorough examination by Examiner Calvin
`
`Cheung, and was allowed over a large body of cited prior art. See Ex. 1001 at 1-3.
`
`Examiner Cheung indicated that he allowed the claims of the '137 patent because the
`
`prior art taken either individually or in combination with other prior art of record
`
`failed to disclose, suggest, teach, or render obvious the claimed limitations in the
`
`context of the invention as a whole. See Ex. 1010 at 7-8.
`
`III. OVERVIEW OF THE ASSERTED PRIOR ART
`
`A. Maritzen
`
`Maritzen states that “[a] situation that still requires use of cash is in the
`
`collection of fees at vehicle-accessed payment gateways such as toll booths,
`
`vehicular kiosks, smog-certification stations, and the like.” Ex. 1013 at [0003].
`
`Maritzen explains that “[t]he collection of fees at these gateways is time consuming
`
`and subject to fraud.” Id.
`
`Martizen discloses a system and method for electronic payment of fees using
`
`a personal transaction device (PTD) at vehicle-accessed, payment-gateway terminals
`
`(VAPGT). Ex. 1013 at Abstract, [0007]-[0009]. In the system of Maritzen, a PTD
`
`is sensed by a VAPGT and the VAPGT then transmit a payment request to the PTD.
`
`8
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`Id. at [0029]-[0030]. The PTD can then be accessed using biometric control (e.g., a
`
`fingerprint), which in the preferred embodiment is inputted into a separate “privacy
`
`card,” and a transaction key is then generated. Id. at [0029]-[0030], [0088]-[0089].
`
`Maritzen teaches two embodiments for its transaction key.
`
`Id. at [0089].
`
`In one
`
`embodiment, the transaction key includes only one type of information, namely it
`
`includes “only [a] biometric key.” Id. In a second embodiment, the transaction key
`
`includes two types of information, namely a “PTD identifier” that “identifies the
`
`particular PTD being used” and a “biometric key.” Id. The PTD transmits the
`
`transaction key to a clearing house for verifying that the vehicle-access payment
`
`should be authorized. Id. at [0029]-[0030].
`
`B.
`
`Gullman
`
`Gullman explains that “[a]utomatic teller machines for banking transactions”
`
`use a personal identification number (PIN) to “access a corresponding bank account
`
`to withdraw or transfer money.” Ex. 1014 at 1:17-27. Gullman teaches that the
`
`problem with PINs is “the legitimate user must remember the number or password”
`
`and that for “users having many numbers or passwords, the task of remembering can
`
`be burdensome.”
`
`Id. at 1:46-56. Accordingly, Gullman states that it uses an
`
`improved security mechanism that “eliminates the need for a user to memorize a
`
`code or carry a printed memorandum of the code” and uses a security token instead
`
`Id. at 6:46-61.
`
`9
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`Gullman teaches that “Figure 1 is a block diagram of a security system
`
`including a biometric security apparatus for generating a token according to an
`
`embodiment of this invention”:
`
`Id. at 3:7-12, Fig. 1. In Gullman, “a user turns on the apparatus 14 using switch 16,
`
`then enters biometric input” and then a “security token” is generated and shown on
`
`the display. Id. at 6:9-35. “The user then reads the token from the display 20 and
`
`enters the token at
`
`the access device 12,” for transmission to the host and
`
`determination of whether access is authorized.
`
`Id. at 6:35-45.
`
`C.
`
`Niwa
`
`Niwa discloses a fingerprint authentication device. Ex. 1017 at 2:19-44. The
`
`fingerprint authentication device allows a user to conduct a commercial transaction
`
`by inputting a valid fingerprint. Ex. 1017 at 2:19-44.
`
`D.
`
`Schutzer
`
`Petitioner relies on Schutzer only for Ground 2 of the Petition, which asserts
`
`that dependent Claims 8 and 11 of the ’137 patent are invalid based on Maritzen in
`
`10
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`view of Gullman, Niwa and Schutzer. Pet. at 64-74. Claims 8 and 11 have been
`
`cancelled by Patent Owner. Ex. 2003. Accordingly, Ground 2 is now moot. Google
`
`Inc. v. SimpleAir, Inc., Case CBM2015-00019, slip op. at 14–15 (PTAB May 19,
`
`2015) (Paper 11) (“[W]e treat the [challenged] patent as though [the disclaimed
`
`claim] never existed.”).
`
`IV. LEVEL OF ORDINARY SKILL IN THE ART
`
`A person of ordinary skill in the art (“POSITA”) relevant to the ’137 patent at
`
`the time of the invention would have a Bachelor of Science degree in electrical
`
`engineering, computer science or computer engineering, and three years of work or
`
`research experience in the fields of secure transactions and encryption, or a Master’s
`
`degree in electrical engineering, computer science or computer engineering and two
`
`years of work or research experience in related fields. Ex. 2001 (Jakobsson Decl.),
`
`¶ 16. Patent Owner’s description of the level of ordinary skill in the art is essentially
`
`the same as that of the Petitioner, except that Petitioner’s description requires two
`
`years of work or research experience (as compared to three years). See Pet. at 4; Ex.
`
`2001, ¶ 17. The positions set forth in this preliminary response would be the same
`
`under either parties’ proposal. Ex. 2001, ¶ 17.
`
`11
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`V.
`
`CLAIM CONSTRUCTION
`
`Claim terms in an IPR are given their broadest reasonable interpretation
`
`(“BRI”) in view of the specification in which they appear. 37 C.F.R. § 42.100(b);
`
`see also Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2142 (2016).
`
`Petitioner identifies three terms that purportedly require construction. Pet. at
`
`14-20. Patent Owner contends construction of these terms is not necessary to resolve
`
`the matters raised by this Preliminary Response. However, Patent Owner contends
`
`that the term “the one or more signals” should be construed as set forth below.
`
`A.
`
`“The One Or More Signals” (All Challenged Claims)
`
`The ’137 patent includes two independent claims: Claims 1 and 12. Both
`
`independent claims recite the term “the one or more signals.” Consistent with the
`
`context of the claims in which they appear, Patent Owner contends that “the one or
`
`more signals” should be construed to mean “one or more signals that include all of
`
`the following three types of information: (1) first authentication information, (2) an
`
`indicator of biometric authentication of the user of the first device, and (3) a time
`
`varying value.” Ex. 2001 (Jakobsson Decl.), ¶ 39.
`
`Patent Owner’s construction is supported by the plain language of the claims.
`
`Ex. 2001, ¶ 40. In all the Challenged Claims, this definition of the term “the one or
`
`more signals” is provided within the following limitation:
`
`12
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`wherein the first processor is programmed to generate one
`
`or more
`
`signals
`
`including
`
`first
`
`authentication
`
`information, an indicator of biometric authentication
`
`of the user of the first device, and a time varying value
`
`in response to valid authentication of the first biometric
`
`information . . . ”
`
`Ex. 1001 at 45:40-44 (Claim 1); 46:60-67 (Claim 12). The use of the conjunctive
`
`“and” in the list of included constituents means that all three of these constituents
`
`must be included within “the one or more signals.” See, e.g., Medgraph, Inc. v.
`
`Medtronic, Inc., 843 F.3d 942 (Fed. Cir. 2016) (holding “‘and’ means ‘and’ because
`
`claim terms are to be given their plain and ordinary meaning,” and construing claim
`
`to require “both computer and telephonic capabilities”); see also Light Guard
`
`Systems, Inc. v. Spot Devices, Inc., 2012 WL 2131943, *7 (D. Nev. 2012)
`
`(construing claim reciting adjustment “for poor visibility and night operating
`
`conditions” to require adjustment for “both” conditions and rejecting accused
`
`infringer’s attempt “to impermissibly rewrite the claim by turning the conjunction
`
`‘and’ into the term ‘or.’”); Ex. 2001, ¶ 40.
`
`Subsequent limitations in the claim also confirm that “the one or more signals”
`
`must include all three types of information. Ex. 2001, ¶ 41. For example, the claims
`
`recite the step of transmitting “the one or more signals” to a second device for
`
`13
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`processing, and require that the second device enable a transaction using “the first
`
`authentication information” and “the indication of biometric authentication” list
`
`elements referenced in the “one or more signals” limitation. Ex. 1001 at 45:44-61
`
`(Claim 1), 47:1-14 (Claim 12). A POSITA would understand the term “the one or
`
`more signals” includes all three listed types of information so that the recited
`
`transmission of “the one or more signals” to the second device provides the second
`
`device with the different types of information the second device uses to approve the
`
`transaction. Ex. 2001, ¶ 41.
`
`Patent Owner’s construction is also consistent with the specification, where
`
`all three of the recited constituents are included in “the one or more signals.” Ex.
`
`2001, ¶ 42. For example, Figure 23 of the ’137 patent illustrates an embodiment of
`
`the various fields included in the signals transmitted between the first wireless device
`
`and the second wireless device:
`
`Ex. 1001 at Fig. 23, 32:31-34. The signals shown in Figure 23 include examples of
`
`the three types of information recited in Claims 1 and 12, including a first
`
`14
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`authentication information (e.g., a “digital signature field 306 containing a digital
`
`signature of the first user”), a time varying value (e.g., “one-time varying code field
`
`308 that includes a random code”), and an indicator of biometric authentication (e.g.,
`
`“biometric data field 312”). Ex. 1001 at 32:31-58; Ex. 2001, ¶ 42.
`
`VI. THE PETITION FAILS TO DEMONSTRATE A REASONABLE
`LIKELIHOOD THAT ANY CLAIM IS INVALID BASED ON
`MARITZEN IN VIEW OF GULLMAN AND NIWA (GROUND 1)
`
`The Petition should be denied and no review instituted. The ’137 patent
`
`includes two independent claims: Claims 1 and 12. Petitioner fails to demonstrate a
`
`reasonable likelihood that either of these claims is invalid for at least two reasons.
`
`First, Petitioner concedes that Maritzen does not disclose Limitations 1[a]
`
`and 12[b], and advances a combination of Maritzen with Gullman.1 Petitioner’s
`
`combination relies upon hindsight bias, cherry-picking components from the prior
`
`art to match up with the parameters of the patented invention. Petitioner fails to
`
`demonstrate that a POSITA would have been motivated to combine the references
`
`in the manner Petitioner proposes. In truth, Maritzen and Gullman both disparage,
`
`criticize, and discourage the modification set forth by Petitioner and a POSITA
`
`would not be motivated to combine the references.
`
`1 Patent Owner’s Preliminary Response adopts the limitation numbering format
`
`(e.g., “limitation 1[a]) used by Petitioner in its Petition.
`
`15
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`Second, limitations 1[f], 1[h], and 12[f] require a first device transmit “the
`
`one or more signals” to a second device for processing. Petitioner contends that
`
`Maritzen satisfies these limitations by transmitting and processing a “transaction
`
`key.” But, Claims 1 and 12 require (and the ’137 patent makes clear) that three
`
`separate, and distinct, types of information must be transmitted and processed in “the
`
`one or more signals:” (1) first authentication information, (2) an indicator of
`
`biometric authentication of the user of the first device, and (3) a time varying value.
`
`Petitioner makes no attempt
`
`to show transmitting Maritzen’s transaction key
`
`transmits all three of these types of information. Petitioner’s failure of proof is fatal
`
`to its Petition.
`
`A.
`
`A POSITA Would Not Combine Maritzen With Gullman To Use
`Secret Information (Limitations 1[a] and 12[b])
`
`Both independent claims of the ’137 patent require the system authenticate a
`
`user of the first device based on secret information:
`
`• “a first device including: a first processor,
`
`the first processor
`
`programmed to authenticate a user of the first device based on secret
`
`information…” (limitation 1[a]); and
`
`• “a first processor programmed to: 1) authenticate a user of the first
`
`device based on secret information…” (limitation 12[b]).
`
`Ex. 1001 at 45:30-33, 46:60-62.
`
`16
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`Petitioner admits that Maritzen does not teach using secret information, but
`
`argues that “[a] POSITA would have understood that the biometric authentication of
`
`Maritzen can be substituted for the PIN-based authentication of Gullman because
`
`both forms of user authentication were known in the art.” Pet at 23. Petitioner’s
`
`argument contradicts Supreme Court precedent, where the Court has explained, “a
`
`patent composed of several elements is not proved obvious merely by demonstrating
`
`that each of its elements was, independently, known in the prior art.” KSR Int’l Co.
`
`v. Teleflex, Inc., 550 U.S. 398, 418 (2007); see also Cheese Sys. v. Tetra Pak Cheese
`
`& Powder Sys., 725 F.3d 1341, 1352 (Fed. Cir. 2013) (obviousness “cannot be based
`
`on the hindsight combination of components selectively culled from the prior art to
`
`fit the parameters of the patented invention.”). Prior art can only be combined to
`
`invalidate a claim if there is, in fact, a reason for a POSITA to have done so at the
`
`time of the invention. Kinetic Concepts, Inc. v. Smith & Nephew, Inc., 688 F.3d
`
`1342, 1360 (Fed. Cir. 2012) (“motivation must be shown”).
`
`Here, there is no showing of a motivation to combine the system of Gullman
`
`with that of Maritzen. Ex. 2001 (Jakobsson Decl.), ¶ 47. Both references disparage,
`
`criticize and discourage a POSITA from using PIN-based authentication. Id. As a
`
`result, Petitioner cannot show a valid reason for combining Maritzen and Gullman.
`
`Id. The Petition should be denied.
`
`17
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`1.
`
`Maritzen And Gullman Disparage, Criticize And Discourage
`Using Pin-Based Authentication
`
`“A reference may be said to teach away when a person of ordinary skill, upon
`
`reading the reference, would be discouraged from following the path set out in the
`
`reference, or would be led in a direction divergent from the path that was taken by
`
`the applicant.” Polaris Industries, Inc. v. Arctic Cat, Inc., 882 F.3d 1056, 1069 (Fed.
`
`Cir. 2018) (Board erred in rejecting teaching away argument because it improperly
`
`focused “on what a skilled artisan would have been able to do, rather than what a
`
`skilled artisan would have been motivated to do” based on the teachings of the
`
`references); see also Santarus, Inc. v. Par Pharmaceutical, Inc., 694 F.3d 1344, 1354
`
`(Fed. Cir. 2012) (“A reference ‘teaches away’ when it ‘suggests that the line of
`
`development flowing from the reference’s disclosure is unlikely to be productive of
`
`the result sought by the applicant.’”). “Even if a reference is not found to teach
`
`away, its statements regarding preferences are relevant to a finding regarding
`
`whether a skilled artisan would be motivated to combine that reference with another
`
`reference.” Polaris, 882 F.3d at 1069. Here, Petitioner cannot show a motivation
`
`to combine because the relied upon art criticizes and discourages a POSITA from
`
`using PIN-based authentication. Ex. 2001 (Jakobsson Decl.), ¶ 49.
`
`Petitioner erroneously contends that
`
`the “PIN-based authentication of
`
`Gullman” can be combined with Maritzen. Pet at 23. But Gullman does not teach
`
`18
`
`
`
`Case No. IPR2018-00808
`U.S. Patent No. 9,530,137
`
`using PIN-based authentication at all. Ex. 2001 (Jakobsson Decl.), ¶ 50. Instead,
`
`Gullman’s Background section’s discussion of PIN-based authentication that
`
`Petitioner
`
`relies on dismisses PIN-based authentication as problematic and
`
`burdensome:
`
`A problem with personal identification numbers…is that
`
`the legitimate user must
`
`remember
`
`the number or
`
`password. For users having many numbers or passwords,
`
`the task of remembering can be burdensome.
`
`Ex. 1014 at 1:45-49; Pet. at 23 (citing Ex. 1013 at 1:18-45); Ex. 2001, ¶ 50. Contrary
`
`to Petitioner’s contention, Gullman teaches that its system is advantageous because
`
`it “eliminates” the use of PIN-based authentication. Ex. 1014 at 6:46-61 (“The
`
`method and apparatus of the present invention have significant advantage over
`
`known security systems. Reliable and secure identification is provided which
`
`eliminates the need for the user to memorize a code or carry a printed memorandum
`
`of the code.”) (Emphasis added); Ex. 2001 , ¶ 51. Instead of using a PIN to gain
`
`access, a user of Gullman’s system provides “biometric information” to a “biometric
`
`security device which genera