`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLE INC.,
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY, LLC,
`
`Patent Owner.
`
`_________________________________________
`
`Case IPR2018-00810
`
`U.S. Patent No. 9,100,826
`
`_________________________________________
`
`PETITIONER’S OPPOSITION TO PATENT OWNER’S
`
`CONDITIONAL MOTION TO AMEND
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`Table of Contents
`
`Page
`
`I.
`II.
`
`INTRODUCTION ........................................................................................... 1
`ARGUMENT ................................................................................................... 1
`A. USR Proposes An Unreasonable Number Of Substitute Claims. ......... 1
`B.
`USR Cannot Substitute Claims That Apple Did Not Challenge. .......... 2
`C.
`Substitute Claim 56 Does Not Satisfy § 112. ........................................ 3
`D.
`The Substitute Claims Would Have Been Obvious To A Person Of
`Ordinary Skill In The Art. ..................................................................... 4
`1.
`Substitute Claims 36-37 and 45-46 Are Obvious In View Of
`Maritzen, Jakobsson, Niwa, And Schutzer. ................................ 5
`Substitute Claims 56, 57, And 60 Are Obvious Over Maritzen,
`Jakobsson, Niwa, Schutzer, And Burnett. ................................ 14
`The Substitute Claims Are Drawn To Ineligible Subject Matter. ....... 18
`1.
`Alice Step 1: The Substitute Claims Are Directed to the
`Abstract Idea Of Verifying an Account Holder’s Identity Based
`On Codes And/Or Information Related to an Account Holder
`Before Enabling a Transaction. ................................................. 18
`Alice Step 2: The Remaining Limitations Of The Substitute
`Claims Add Nothing Inventive To The Abstract Idea. ............. 22
`USR Failed To Meet Its Duty Of Candor Under 37 C.F.R. § 42.11. .. 24
`
`E.
`
`F.
`
`2.
`
`2.
`
`i
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`INTRODUCTION
`
`I.
`
`USR’s proposed amendments cannot save its invalid claims. USR’s
`
`Conditional Motion to Amend (“CMTA”) fails procedurally because, although it
`
`purports a one-for-one claim substitution, it in fact seeks to substitute 26 claims for
`
`16 and to replace claims that Apple did not even challenge. The CMTA also fares
`
`no better on the merits, because USR’s added limitations are well-known
`
`encryption and authentication techniques that existed in the prior art and would be
`
`obvious to combine. Accordingly, even if the specification supported all added
`
`limitations (which it does not), the substitute claims are obvious under § 103.
`
`Furthermore, USR has withheld from the Board prior art cited in a co-pending
`
`proceeding that invalidates multiple amendments that USR seeks to enter. Finally,
`
`the substitute claims are directed to patent ineligible subject matter. For at least
`
`these reasons, USR’s CMTA should be denied.
`
`II. ARGUMENT
`A. USR Proposes An Unreasonable Number Of Substitute Claims.
`
`A CMTA must submit a “reasonable number of substitute claims for each
`
`challenged claim.” Lectrosonics, Inc. v. Zaxcom, Inc., IPR2018-01129, -01130,
`
`Paper No. 15, Order, 4 (PTAB Feb. 25, 2019) (precedential). USR’s attempt to
`
`replace 16 challenged claims with 26 new claims is unreasonable. By adding 10
`
`more claims than Apple challenged, USR’s 26 substitute claims disregard the
`
`1
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`rebuttable presumption that a one-to-one ratio of substitute claims per challenged
`
`claims is reasonable. See id. at 4. Though USR acknowledges this presumption in
`
`its CMTA (Paper No. 19, 2), it does not attempt to demonstrate a need to submit
`
`more claims than Apple challenged. Instead, USR makes the following untrue
`
`assertion: “[c]onsistent with this presumption, the present Motion provides only
`
`one substitute claim for each Challenged Claim.” Id. at 2.1 Twenty-six for
`
`sixteen is not one-to-one.
`
`By failing to demonstrate a need for additional claims, USR waived its right
`
`to do so. That USR had no space to demonstrate need in its CMTA due to its
`
`reduced page limits is no excuse—the Board already informed USR here that USR
`
`“assumes the risk that it will not have sufficient space to make the preliminary
`
`showing required in a motion to amend.” Paper No. 16, Order, 2. Accordingly,
`
`the Board should deny USR’s amendment for failing to comply with the
`
`procedural requirements in 37 C.F.R. § 42.121(a)(3). See SAP America, Inc. v.
`
`Lakshmi Arunachalam, CBM2016-00081, Paper No. 28, 53-54 (PTAB Dec. 21,
`
`2017) (holding that Patent Owner did not comply with §42.221(a)(3) when it failed
`
`to address a need for adding more claims than were challenged).
`
`B. USR Cannot Substitute Claims That Apple Did Not Challenge.
`
`
`1 Emphasis added unless otherwise indicated.
`
`2
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`The Board should deny USR’s CMTA because it seeks to substitute claims
`
`that were not challenged in the present Petition. 35 U.S.C § 316(d)(1) only allows
`
`a patent owner to amend “challenged” claims. Thus, USR has no statutory basis
`
`for substituting claims 38-41, 44, 47, 48, 51-55, 58, 59, and 61 for unchallenged
`
`claims 3-6, 9, 12, 13, 16-20, 32, 33, 35. Accordingly, the Board should dismiss
`
`USR’s CMTA for failing to comply with § 316.
`
`C.
`
`Substitute Claim 56 Does Not Satisfy § 112.
`
`USR’s attempt to demonstrate that the claimed encryption and decryption
`
`using the second key in substitute claim 56 satisfies § 112 is deficient because the
`
`written description does not support or enable the claimed symmetric second key.
`
`USR bears the burden of “sett[ing] forth written description support in the
`
`originally-filed disclosure” “for each proposed substitute claim as a whole,” and
`
`cannot introduce new matter into the claims. Lectrosonics at 7-8, 35 U.S.C. §
`
`316(d)(3), 37 C.F.R. §§ 42.121(a)(2)(ii), 42.121(b). To satisfy the written
`
`description requirement, a patent specification must describe the claimed invention
`
`in sufficient detail that a POSITA can reasonably conclude that the inventor
`
`possessed the claimed invention. See, e.g., Moba, B.V. v. Diamond Automation,
`
`Inc., 325 F.3d 1306, 1319 (Fed. Cir. 2003). USR fails to meet this requirement.
`
`USR’s alleged support for the claimed second key describes only symmetric
`
`encryption because the same public key is used to both encrypt and decrypt. See,
`
`3
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`e.g., Ex-2008, ’860 Application, 49:24-32 (describing encrypting a DES key with a
`
`public key), 50:24-31 (describing decrypting a DES key with a public key).
`
`However, the patent does not enable this public key encryption scheme because a
`
`value encrypted with a public key, which is an asymmetric key, could not be
`
`decrypted using the same public key. Even with extensive experimentation, it
`
`would be impossible for a POSITA to implement encryption and decryption with a
`
`public key. Ex-1019, Shoup-Decl., ¶27.
`
`Dr. Jakobsson admits that the encryption and decryption scheme described
`
`on pages 49 and 50 in the specification is nonsensical as written. See Ex-1017
`
`Jakobsson Dep., 52-54. But Dr. Jakobsson asserts this language must be read as a
`
`typographical error, and that the text means to say decrypting the DES key with a
`
`different (private) key. Id. Dr. Jakobsson’s declaration mentions no typographical
`
`error. Furthermore, claim 56 requires encrypting and decrypting the first key with
`
`the same second key. Accordingly, under Dr. Jakobsson’s interpretation of the
`
`text, pages 49 and 50 do not provide adequate written description support. The
`
`remaining sections USR cite to for alleged support fail to cure this deficiency.
`
`Either the patent does not enable the described encryption and decryption with a
`
`public key, or it does not claim the alleged public/private key
`
`encryption/decryption—not both. Ex-1019, Shoup-Decl., ¶28.
`
`D. The Substitute Claims Would Have Been Obvious To A Person Of
`Ordinary Skill In The Art.
`
`4
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`1.
`Substitute Claims 36-37 and 45-46 Are Obvious In View Of
`Maritzen, Jakobsson, Niwa, And Schutzer.
`
`a)
`
`Substitute Claim 36
`
`(1)
`
`Substitute Limitations 36[pre], 36[b], 36[j]
`
`Substitute claim 36 recites “[a] system for authenticating identities of a
`
`plurality of users to conduct a credit and/or debit card transaction, the system
`
`comprising[.]” 36[pre]; see also 36[b], 36[j]. Maritzen in view of Jakobsson and
`
`Niwa discloses credit and/or debit card transactions. Ex-1019, Shoup-Decl., ¶29.
`
`As explained in the Petition, Maritzen discloses “[a] system for
`
`authenticating identities of a plurality of users, the system comprising[.]” See
`
`Paper No. 3, Petition (“Pet.”), 18-19. Maritzen further teaches that “[t]he
`
`appropriate enabling authority may be, for example, a financial institution, a third
`
`party distributor, a credit card issuer, or the like.” Ex-1004, Maritzen, ¶¶38, 85,
`
`108, 144. A POSITA would understand the “financial services” and “credit card
`
`issuer” of Maritzen to include a credit card and/or debit card transaction or
`
`would have found it obvious to do so. Accordingly, Maritzen discloses these
`
`added limitations. Ex-1019, Shoup-Decl., ¶30.
`
`To the extent that Maritzen does not expressly disclose conducting a credit
`
`card and/or debit card transaction, Schutzer provides this disclosure. For example,
`
`Schutzer teaches “a method and system for securely performing a bankcard
`
`transaction, such as a credit card or debit card transaction” in which a
`
`5
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`transaction card is used to authenticate a user and authorize a transaction. Ex-
`
`1030, Schutzer, ¶10; see also id. at Abstract, ¶¶8, 12, 24-37, Figs. 1-4. Ex-1019,
`
`Shoup-Decl., ¶31.
`
`Accordingly, Maritzen in view of Jakobsson, Niwa, and Schutzer discloses
`
`the credit and/or debit card transaction in limitations 36[pre], [b], and [j]. Ex-1019,
`
`Shoup-Decl., ¶32. It would have been obvious to combine Schutzer’s application
`
`for a bankcard transaction with the authentication system of Maritzen, Jakobsson,
`
`and Schutzer. Ex-1019, Shoup-Decl., ¶33.
`
`First, it would have been obvious to combine Schutzer’s bankcard
`
`transaction authentication system with the authentication system of Maritzen,
`
`Jakobsson, and Niwa because it would have involved nothing more than applying a
`
`known technique (using authentication for bankcard transactions of Schutzer) to a
`
`known device (the authentication system of Maritzen, Jakobsson, and Niwa) in the
`
`same way (by verifying information). A POSITA would have had a reasonable
`
`expectation of success in doing so at least because they would have recognized that
`
`the authentication system of Maritzen, Jakobsson, and Niwa could be implemented
`
`using simple and predictable computer code for a number of different transactions,
`
`including bankcard transactions. Ex-1019, Shoup-Decl., ¶34.
`
`Second, Maritzen, Jakobsson, Niwa, and Schutzer provide teachings,
`
`suggestions, and motivations that would have led a POSITA to combine the bank
`
`6
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`card transaction authentication system of Schutzer with the authentication systems
`
`of Maritzen, Jakobsson, and Niwa to arrive at the claimed credit card and/or debit
`
`card transaction. For example, all references recognize the risk of stolen
`
`authentication credentials and disclose methods for protecting such information.
`
`Ex-1030, Schutzer, ¶3 (“The link is encrypted so that no eavesdropper can listen in
`
`and steal the card number”), ¶9; Ex-1004, Maritzen, ¶29; Ex-1005, Jakobsson, ¶8;
`
`Ex-1007, Niwa, 8:66-9:3. Thus, it would have been obvious to combine
`
`Schutzer’s alternate bankcard system with the authentication system of Maritzen,
`
`Jakobsson, and Niwa because Maritzen, Jakobsson, and Niwa already teach that
`
`user identifying information should be obscured, and Schutzer teaches that an
`
`application for obscuring such information is bankcard transactions. Ex-1019,
`
`Shoup-Decl., ¶35.
`
`(2)
`
`Substitute Limitation 36[c]
`
`Limitation 36[c] recites “the first wireless signal including encrypted
`
`authentication information of the user of the first handheld device.” Maritzen
`
`discloses this limitation. Ex-1019, Shoup-Decl., ¶36.
`
`As explained in the Petition, Maritzen discloses a transaction or biometric
`
`key [authentication information] that is transmitted wirelessly. Pet., 20-21.
`
`Maritzen further teaches that the transaction or biometric key can be encrypted
`
`with well-known encryption algorithms. Ex-1004, Maritzen, ¶¶45 (“[T]he
`
`7
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`transaction key is encrypted prior to transmission using standard encrypting
`
`methods such as, for example, public key infrastructure (PKI) encryption.”), 47
`
`(“[C]learing house 130 decrypts . . . the transaction key.”); see also id. ¶¶46, 50,
`
`82, 88, 90, 92, 96, 109-111, 114, 124, 129, 134, 138, 148-151,164-167.
`
`Accordingly, Maritzen discloses this limitation. Ex-1019, Shoup-Decl., ¶X37.
`
`(3)
`
`Substitute Limitations 36[f], 36[g], 36[h], 36[j]
`
`Limitation 36[f] has been amended to recite that “the first processor further
`
`programmed to generate a one-time code and a digital signature, the digital
`
`signature generated using a private key associated with the first handheld device,
`
`and to transmit the first wireless signal including the first authentication
`
`information, the one-time code, and the digital signature of the user of the first
`
`handheld device to the second device via the network.” Limitations 36[g], 36[h],
`
`and 36[i] further require that “the second processor is configured to: receive the
`
`first wireless signal . . . [verify] the digital signature,” and “use the first
`
`authentication information, the one-timecode, the digital signature, and the second
`
`authentication information to authenticate an identity of the user of the first
`
`handheld device . . . .” Maritzen in view of Jakobsson, Niwa, and Schutzer
`
`disclose these additional limitations. Ex-1019, Shoup-Decl., ¶38.
`
`First, Jakobsson discloses a number of different one-time codes that can
`
`change over time and can be combined with other information using combination
`
`8
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`function 230 to generate an authentication code. See, e.g., Ex-1005, Jakobsson,
`
`¶¶13, 63, 64-77, 116, 140. Jakobsson further teaches that the combined
`
`authentication code can be received by a verifier (see, e.g., id. at 43, 44, 48, 112)
`
`and used to authenticate the user of the first handheld device (see, e.g., id. at 21,
`
`118). Ex-1019, Shoup-Decl., ¶39.
`
`Second, Schutzer discloses that a cardholder can authenticate his or herself
`
`by providing certain information, and that “[i]f the transaction or the customer’s
`
`history warrants, the issuing bank 8 can require more secure authentication, such as
`
`additional secrets, matching biometrics, and/or digital signatures.” Ex-1030,
`
`Schutzer, ¶29. Furthermore, it was well known to use a digital signature to
`
`authenticate the entity that generated the digital signature, as Dr. Jakobsson admits.
`
`See Ex-1017, Jakobsson Dep, 76:5-79:9, 82:12-83:5. Ex-1019, Shoup-Decl., ¶40.
`
`Accordingly, Maritzen, Jakobsson, Niwa, and Schutzer discloses substitute
`
`limitations 36[f], 36[g], 36[h], 36[j]. Ex-1019, Shoup-Decl., ¶41.
`
`First, A POSITA would have been motivated to add Jakobsson’s one-time
`
`code and Schutzer’s digital signature to the authentication system of Maritzen
`
`because such a combination would be a combination of prior art elements (one-
`
`time code and digital signature) according to known methods (the combination
`
`function 230 or additional information of Jakobsson) to yield predictable results (a
`
`combination with or addition to authentication code that can be used to more
`
`9
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`securely authenticate a user). See Pet., 40-46. Ex-1019, Shoup-Decl., ¶42.
`
`Second, Maritzen further teaches sending additional information in a
`
`transaction key (Ex-1004, Maritzen, ¶¶45, 46), and Schutzer explicitly teaches,
`
`suggests, and/or motivates using multiple authentication elements at the same time
`
`(Ex-1030, Schutzer, ¶29 (“the issuing bank 8 can require more secure
`
`authentication, such as additional secrets, matching biometrics, and/or digital
`
`signatures.”)). Jakobsson similarly teaches sending additional authentication
`
`information and/or combining multiple values via the appending/prepending
`
`combination function to arrive at an authentication code. See, e.g., Ex-1005,
`
`Jakobsson, ¶¶21, 63, 73, 97, 112. Thus, it also would have been obvious to try
`
`adding the digital signature of Schutzer and one-time code disclosed by Jakobsson
`
`to the key of Maritzen. A POSITA would have had a reasonable expectation of
`
`success in prepending or appending values such as Maritzen’s keys, Jakobsson’s
`
`one-time code, and Schutzer’s digital signature or adding them as additional
`
`authentication information because Jakobsson explicitly contemplates variations or
`
`additions to the combination functions with many different values and the results
`
`of such variations or additions would have been easily foreseeable. See, e.g., Ex-
`
`1005, Jakobsson, ¶¶21, 69-77, 83, 97, 112. A POSITA also would have
`
`understood that doing so would add more layers of security. Ex-1019, Shoup-
`
`Decl., ¶¶43-45.
`
`10
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`(4)
`The Remaining Limitations
`
`As discussed in the Petition, Substitute limitations 36[a], 36[d], 36[e], 36[i],
`
`and the portions of limitations 36[pre], 36[b], 36[c], 36[f], 36[g], 36[h], and 36[j]
`
`not explicitly addressed above are disclosed by Maritzen, Jakobsson, and Niwa.
`
`See Pet., 18-49. It would have been obvious to combine Maritzen, Jakobsson, and
`
`Niwa with Schutzer to arrive at these limitations for at least the reasons discussed
`
`above. See, supra, Sections II.D.1.a.(1)-(3). Ex-1019, Shoup-Decl., ¶46.
`
`b)
`
`Substitute Claim 45
`
`As discussed in the Petition, claim 10, which corresponds to substitute claim
`
`45, is obvious over Maritzen, Jakobsson, and Niwa. See Pet., 56-58; Ex-1002,
`
`Shoup-Decl., ¶¶125-137. Substitute claim 45 adds similar amendments to claim 10
`
`as substitute claim 36 to 1. Accordingly, substitute claim 45 is obvious for at least
`
`the same reasons claims 10 and 36 are obvious. Ex-1019, Shoup-Decl., ¶47.
`
`c)
`
`Substitute Claims 37, 46, and 49
`
`As discussed in the Petition, claims 2, 11, and 14, which correspond to
`
`substitute claims 37, 46, and 49, are obvious over Maritzen, Jakobsson, and Niwa.
`
`See Pet., 49-52, 58; Ex-1002, Shoup-Decl., ¶¶108-114, 138-141. Substitute claims
`
`37, 46, and 49 add similar limitations to original claims 2 and 11, and are obvious
`
`for at least the same reasons claims 2, 11, 13, 36, and 45 are obvious. Ex-1019,
`
`Shoup-Decl., ¶48.
`
`11
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`Substitute Claim 42
`
`d)
`
`As discussed in the Petition, claim 7, which corresponds to substitute claim
`
`42, is obvious over Maritzen, Jakobsson, and Niwa. See Pet., 52-54; Ex-1002,
`
`Shoup-Decl., ¶¶115-120. Substitute claim 42 adds similar limitations to original
`
`claim 7, and is obvious for at least the same reasons original claim 7 and substitute
`
`claim 36 are obvious. Ex-1019, Shoup-Decl., ¶47. Substitute claim 42 further
`
`adds “wherein the first authentication information, the one-time code, and the
`
`digital signature included in the transmitted first wireless signal are separable fields
`
`of the first wireless signal.” Maritzen, Jakobsson, Schutzer, and Niwa disclose this
`
`limitation. Ex-1019, Shoup-Decl., ¶49.
`
`In the Decision Granting Institution for IPR2018-00809 (-809 IPR), which
`
`addresses similar issues relating to U.S. Patent No. 9,530,137 (a family member of
`
`the ’826 patent), the Board found “Jakobsson’s ‘event state (E)’ to correspond to
`
`the claimed indicator of biometric authentication[,] . . . Jakobsson’s ‘dynamic[,
`
`time-varying] value (T)’ to correspond to the claimed time varying value[, and] . . .
`
`the remainder of Jakobsson’s authentication code, comprising the ‘user data value
`
`(P)’ and ‘secret (K)’ to correspond with the claimed first authentication
`
`information.” Paper No. 9, Decision, 11 (citations omitted). The Board further
`
`found that Jakobsson “discloses a variety of implementations in which the function
`
`may combine certain values at one stage and then combine the resulting
`
`12
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`authentication code with further values to result in another authentication code”
`
`and “Jakobsson’s combination of values may occur in any sequence; the end result
`
`is an ‘authentication code’ that includes multiple types of information.” Id.
`
`(citations omitted). Ex-1019, Shoup-Decl., ¶50.
`
`Furthermore, Jakobsson teaches that combination function 230 can generate
`
`an authentication code 292 (another authentication code) by “prepending or
`
`appending the PIN (P) to A (K, T, E).” Ex-1005, Jakobsson, ¶¶73, 15. A POSITA
`
`would have understood that the various values making up the biometric or
`
`transaction key of Maritzen could be combined using any of the disclosed
`
`combination techniques, including prepending or appending or inclusion as
`
`additional authentication information as disclosed by Jakobsson. Ex-1005,
`
`Jakobsson, ¶¶21, 63, 97, 112. A POSITA also would have understood that an
`
`authentication code including prepended, appended, or additional elements would
`
`be capable of being separated by a receiving device. Accordingly, it would have
`
`been obvious to a POSITA to append or add Jakobsson’s one-time code and
`
`Schutzer’s digital signature to Maritzen’s biometric or transaction key such that
`
`they would be separable from one another. Ex.-1019, Shoup-Decl., ¶52.
`
`A POSITA would have been motivated to do so because such a combination
`
`of the values of Jakobsson, Maritzen, and Schutzer would be a combination of
`
`prior art elements (one-time code, the digital signature, and the biometric or
`
`13
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`transaction key) according to known methods (appending or prepending
`
`combination of Jakobsson) to yield predictable results (combined/additional
`
`authentication code/information that can be used to securely authenticate the user
`
`of an authentication device). Ex-1019, Shoup-Decl., ¶53.
`
`Jakobsson also explicitly teaches, suggests, and motivates adding additional
`
`information and varying combination functions. Ex-1005, Jakobsson, ¶63, 15. 21.
`
`73, 97, 112. Thus, it would have obvious to try the prepending or appending
`
`combination function or inclusion as additional authentication information of
`
`Jakobsson as one of a finite number of Jakobsson’s identified and predictable
`
`options. A POSITA would have had a reasonable expectation of success
`
`prepending/appending or otherwise adding such values because Jakobsson
`
`explicitly contemplates doing so and the results of such variation or additions
`
`would have been foreseeable. Ex-1019, Shoup-Decl., ¶54.
`
`2.
`Substitute Claims 56, 57, And 60 Are Obvious Over
`Maritzen, Jakobsson, Niwa, Schutzer, And Burnett.
`
`a)
`
`Substitute Claim 56
`
`As discussed in the Petition, claim 30, which corresponds to substitute claim
`
`56, is obvious over Maritzen, Jakobsson, and Niwa. See Pet., 72-74; Ex-1002,
`
`Shoup-Decl., ¶¶193-203. Substitute limitations 56[c], [e], and [g] add “at least a
`
`portion of the first authentication information encrypted by a first key, the first
`
`authentication information including the first key encrypted by a second key” and
`
`14
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`“decrypting, at the second device, the encrypted first key using the second key to
`
`retrieve the first key; decrypting, at the second device, the portion of the first
`
`authentication information encrypted by the first key using the first key [to
`
`authenticate the first entity].” Maritzen and Burnett discloses these limitations.
`
`Ex-1019, Shoup-Decl., ¶55.
`
`As discussed, supra, Section II.D.1.a(2), Maritzen in view of Jakobsson
`
`discloses encrypted authentication information. See also Ex-1005, Jakobsson, ¶¶6-
`
`7, 21, 58; Ex-1004, Maritzen ¶¶45-46; Pet., 69-72, Paper No. 8, Decision Granting
`
`Institution, 20 (adopting Petitioner’s position for same). Ex-1019, Shoup-Decl.,
`
`¶56.
`
`To the extent that Maritzen and Jakobsson do not explicitly discuss
`
`encrypting data with a first key and encrypting the first key with a second key,
`
`Burnett2 discloses this limitation. For example, Burnett discloses that a “session
`
`key” ([first key]) used to encrypt information can be encrypted using a key
`
`encryption key (“KEK”) ([second key]), and that the same KEK can be used to
`
`decrypt the first key. Ex-1021, Burnett, 54-55, FIG. 3-1. Furthermore, Dr.
`
`
`2 Burnett qualifies as prior art under 35 U.S.C. § 102(b) because it is a
`
`printed publication that was publicly available more than one year prior to USR’s
`
`earliest alleged priority date. See Ex-1022, Mullins-Decl.
`
`15
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`Jakobsson acknowledges that such encryption schemes were known in the prior
`
`art. Ex-10, Jakobsson Dep., 34:22-36:12. A POSITA would understand that the
`
`session key decrypted with the KEK would be used to decrypt the data.
`
`Accordingly, Maritzen, Jakobsson, and Burnett disclose substitute limitations
`
`56[c], [e], and [g]. Ex-1019, Shoup-Decl., ¶57.
`
`It would have been obvious to modify the authentication information of
`
`Maritzen, Jakobsson, Niwa, and Schutzer by encrypting it with a session key,
`
`encrypting the session key with a KEK, and transmitting the KEK-encrypted
`
`session key and the session key encrypted authentication information to the second
`
`device for decryption as taught by Burnett to arrive at limitations 56[c], [e], and
`
`[g]. Ex-1019, Shoup-Decl., ¶58.
`
`First, it would have been obvious to combine the authentication system of
`
`Maritzen and Jakobsson with Burnett’s encryption scheme because it would have
`
`involved nothing more than applying a known technique (standard KEK
`
`cryptosystem) to a known device (the authentication system of Maritzen and
`
`Jakobsson) in the same way (using a known KEK and session key for encryption
`
`and decryption). A POSITA would have had a reasonable expectation of success
`
`in doing so at least because such an encryption scheme could be implemented via
`
`simple, predictable computer code that would improve different types of
`
`communications including those described by Jakobsson. Ex-1019, Shoup-Decl.,
`
`16
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`
`¶59.
`
`Second, Maritzen, Jakobsson, and Burnett provide teachings, suggestions,
`
`and motivations that would have led a POSITA to encrypt the authentication
`
`information of Jakobsson with Burnett’s KEK cryptosystem to arrive at limitations
`
`56[c], [e], and [g]. For example, Maritzen, Jakobsson, and Burnett disclose
`
`encrypting information sent from a first to a second device. See Ex-1004,
`
`Maritzen, ¶¶46-47, Ex-1005, Jakobsson, ¶¶6, 7, 58; Ex-1021, Burnett, 54-55, see
`
`also Pet., 51-52. Maritzen contemplates using “well-known encrypting methods”
`
`(Ex-1004, Maritzen, ¶45), and Burnett provides an example of such a known
`
`system (Ex-1021, Burnett, 54-55). Jakobsson further teaches that decryption can
`
`include symmetric key encryption (Ex-1005, Jakobsson, ¶58), and Burnett’s KEK
`
`key and session key are both symmetric encryption keys. Furthermore, Burnett
`
`teaches such a technique that is more secure than other techniques, such as
`
`standard password-based encryption (PBE). Ex-1021, Burnett, 58. A POSITA
`
`also would have recognized that encrypting and decrypting authentication
`
`information with a session key as taught by Burnett could be done faster than with
`
`other encryption options, such as a public-key cryptosystem. Therefore, it would
`
`have been obvious to a POSITA to combine Maritzen, Jakobsson, and Burnett to
`
`arrive at limitations 56[c], [e], and [g]. Ex-1019, Shoup-Decl., ¶60.
`
`b)
`
`Substitute Claims 57 and 60
`
`17
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`As discussed in the Petition, claims 31 and 34, which correspond to
`
`substitute claims 57 and 60, are obvious over Maritzen, Jakobsson, and Niwa. See
`
`Pet. 74-75; Ex-1002, Shoup-Decl., ¶¶204-206. Substitute claims 57 and 60 add
`
`similar limitations to original claims 31 and 34, and are obvious for at least the
`
`same reasons original claims 31 and 34, and substitute claim 56 are obvious. Ex-
`
`1019, Shoup-Decl., ¶61.
`
`E.
`
`The Substitute Claims Are Drawn To Ineligible Subject Matter.
`
`The Board should also deny USR’s motion because the substitute claims
`
`recite ineligible subject matter under 35 U.S.C. § 101, which is a prerequisite for a
`
`CMTA. See Amazon.com, Inc. et al. v. Uniloc Luxembourg S.A., IPR2017-00948,
`
`Paper No. 31 Final Written Decision, 58-59 (PTAB Aug. 1, 2018) (precedential).
`
`Even with USR’s proposed amendments, the claims fail each prong of the well-
`
`known two-step framework for identifying claims that recite ineligible subject
`
`matter. Alice Corp. Pty. v. CLS Bank Int’l, 573 U.S. 208, 2355, 2358 (2014).
`
`1.
`Alice Step 1: The Substitute Claims Are Directed to the
`Abstract Idea Of Verifying an Account Holder’s Identity Based
`On Codes And/Or Information Related to an Account Holder
`Before Enabling a Transaction.
`
`The substitute claims fail the first step of Alice because the claims are
`
`directed to the abstract idea of verifying an account holder’s identity based on
`
`codes and/or information related to the account holder before enabling a
`
`transaction. Dr. Jakobsson agrees that “[t]he ’137 patent is generally directed to
`
`18
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditional Motion to Amend
`the idea of verifying an account holder’s identity to enable a transaction based on
`
`codes or information related to an account holder.” Ex-1017, Jakobsson Dep.,
`
`92:14-20. The claims of the ’826 patent are directed to the same abstract idea. For
`
`example, substitute claim 36 recites in its preamble: “A system for authenticating
`
`identities of a plurality of users to conduct a credit and/or debit card transaction.”
`
`Although claim 36 is limited to a computer system and credit/debit card
`
`transactions, the underlying problem that the claim purports to solve is age-old:
`
`“authenticating identity or verifying the identity of individuals and other entities
`
`seeking access to certain privileges.” ’826 patent, 1:36-39. Limiting this pre-
`
`Internet problem to using a computer database, generic encryption techniques, and
`
`known authentication values cannot confer patent eligibility. See Bilski v. Kappos,
`
`561 U.S. 593, 612 (2010). Ex-1019, Shoup-Decl., ¶63.
`
`Similar claims have been found directed to an abstract idea at Alice step 1 in
`
`numerous Supreme Court and Federal Circuit decisions. See, e.g., Secured Mail
`
`Sols., LLC v. Universal Wilde, Inc., 873 F.3d 905 (Fed. Cir. 2017) (finding claims
`
`directed to method for verifying authenticity of mail object using identifier or
`
`barcode and, as in ’826 patent, an authenticating portion of identifier was stored in
`
`a database to be directed to an abstract idea at step 1); Smart Systems Innovations,
`
`LLC v. Chicago Transit Auth., 873 F.3d 1364 (Fed. Cir. 2001) (finding patents
`
`directed to acquiring identification from a bankcard, using data to verify validity of
`
`19
`
`
`
`U.S. Patent No. 9,100,826
`Petitioner’s Opposition to Conditio