UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLE INC.,
`
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY, LLC,
`
`Patent Owner.
`
`_________________________________________
`
`Case IPR2018-00813
`
`U.S. Patent No. 9,100,826
`
`_________________________________________
`
`DECLARATION OF DR. VICTOR SHOUP
`
`IN SUPPORT OF PETITIONER’S OPPOSITION TO
`
`PATENT OWNER’S CONDITIONAL MOTION TO AMEND
`
`Apple 1119
`Apple v. USR
`IPR2018-00813
`
`

`

`Table of Contents
`
`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`
`Page
`
`I.
`II.
`
`2.
`
`3.
`
`4.
`
`5.
`
`INTRODUCTION ...........................................................................................1
`LEGAL PRINCIPLES.....................................................................................2
`A.
`Claim Construction................................................................................2
`B.
`Obviousness...........................................................................................3
`C. Written Description...............................................................................5
`D.
`Enablement............................................................................................6
`E.
`Indefiniteness.........................................................................................7
`F.
`Subject Matter Eligibility......................................................................7
`III. OPINIONS.......................................................................................................8
`A.
`Substitute Claim 56 Does Not Satisfy § 112.........................................8
`B.
`The Substitute Claims Would Have Been Obvious To A Person Of
`Ordinary Skill In The Art....................................................................11
`1.
`Substitute Claims 36-37 and 45-46 Are Obvious Over
`Jakobsson In View of Schutzer.................................................11
`Substitute Claim 49 Is Obvious Over Jakobsson In View Of
`Schutzer, Verbauwhede, And Maritzen....................................23
`Substitute Claim 42 Is Obvious Over Jakobsson In View Of
`Verbauwhede And Maritzen.....................................................23
`Substitute Claims 56 And 57 Are Obvious Over Jakobsson In
`View Of Burnett........................................................................27
`Substitute Claim 60 Is Obvious Over Jakobsson In View Of
`Burnett, Verbauwhede, And Maritzen......................................30
`The Substitute Claims Are Drawn To Ineligible Subject Matter........30
`1.
`Alice Step 1: The Substitute Claims Are Directed to the
`Abstract Idea Of Verifying an Account Holder’s Identity Based
`On Codes And/Or Information Related to an Account Holder
`Before Enabling a Transaction..................................................31
`Alice Step 2: The Remaining Limitations Of The Substitute
`Claims Add Nothing Inventive To The Abstract Idea..............33
`IV. CONCLUSION..............................................................................................35
`
`C.
`
`2.
`
`i
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`V. AVAILABILITY FOR CROSS-EXAMINATION ......................................35
`VI. RIGHT TO SUPPLEMENT..........................................................................36
`VII. JURAT...........................................................................................................36
`
`ii
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`
`I, Victor Shoup, Ph.D., declare as follows:
`
`I.
`
`INTRODUCTION
`
`1.
`
`I have been retained by Apple to provide opinions in this proceeding
`
`relating to Universal Secure Registry’s (“USR” or “Patent Owner”) Conditional
`
`Motion to Amend (“CMTA”) the claims of U.S. Patent No. 9,100,826 (“’826
`
`patent”). I previously prepared and submitted a Declaration in support of the
`
`Petition in this proceeding, dated April 4, 2018.
`
`2.
`
`Since preparing my previous Declaration, I have reviewed the
`
`following additional materials in connection with this Declaration:
`
`(cid:120) The Board’s Decision on Institution (“DOI”)
`
`(cid:120) USR’s Patent Owner Response (“POR”)
`
`(cid:120) Dr. Jakobsson’s Declaration in Support of USR’s POR (Ex. 2003)
`
`(cid:120) USR’s CMTA
`
`(cid:120) Dr. Jakobsson’s Declaration in support of USR’s CMTA (Ex. 2013)
`
`(cid:120) The transcript of Dr. Jakobsson’s March 20, 2019 deposition (Ex.
`
`1117)
`
`(cid:120) EP 1 028 401 to Schutzer (Ex. 1130)
`
`(cid:120) Declaration of Dr. Juels (Ex. 1120)
`
`(cid:120) Declaration of Dr. Mullins (Ex. 1022)
`
`(cid:120) Burnett et al., RSA Security’s Official Guide to Cryptography (Ex.
`
`1
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`
`1021)
`
`(cid:120) Copy of Burnett et al., RSA Security’s Official Guide to
`
`Cryptography from deposition of Dr. Jakobsson (Ex. 1023)
`
`(cid:120) Introduction to Cryptography (Ex. 1024)
`
`3.
`
`My background and qualifications are summarized in Section I of my
`
`previous Declaration and my curriculum vitae, which was attached thereto as
`
`Appendix A.
`
`4.
`
`I am being compensated at my normal consulting rate for my work.
`
`My compensation is not dependent on the outcome of this IPR proceeding or the
`
`related litigation, and does not affect the substance of my statements in this
`
`Declaration.
`
`5.
`
`I have no financial interest in Petitioner. I have no financial interest in
`
`the ’826 patent.
`
`II.
`
`LEGAL PRINCIPLES
`
`6.
`
`I am not an attorney. For purposes of this Declaration, I have been
`
`informed about certain aspects of the law that are relevant to my analysis and
`
`opinions.
`
`A.
`
`7.
`
`Claim Construction
`
`I have been informed that claim construction is a matter of law and
`
`that the final claim construction will be determined by the Board.
`
`2
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`I have been informed that the claim terms in an IPR review should be
`
`8.
`
`given their broadest reasonable construction in light of the specification as
`
`commonly understood by a person of ordinary skill in the art (“POSITA”). I have
`
`applied this standard in my analysis.
`
`B.
`
`9.
`
`Obviousness
`
`I have been informed and understand that a patent claim can be
`
`considered to have been obvious to a POSITA at the time the application was filed.
`
`I understand that this means that, even if all the requirements of a claim are not
`
`found in a single prior art reference, the claim is not patentable if the differences
`
`between the subject matter in the prior art and the subject matter in the claim
`
`would have been obvious to a POSITA at the time the application was filed.
`
`10.
`
`I have been informed and understand that a determination of whether
`
`a claim would have been obvious should be based upon several factors, including,
`
`among others:
`
`(cid:120) the level of ordinary skill in the art at the time the application was
`
`filed;
`
`(cid:120) the scope and content of the prior art; and
`
`(cid:120) what differences, if any, existed between the claimed invention and
`
`the prior art.
`
`11.
`
`I have been informed and understand that the teachings of two or
`
`3
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`more references may be combined in the same way as disclosed in the claims, if
`
`such a combination would have been obvious to a POSITA. In determining
`
`whether a combination based on either a single reference or multiple references
`
`would have been obvious, it is appropriate to consider, among other factors:
`
`(cid:120) whether the teachings of the prior art references disclose known
`
`concepts combined in familiar ways, and when combined, would yield
`
`predictable results;
`
`(cid:120) whether a POSITA could implement a predictable variation, and
`
`would see the benefit of doing so;
`
`(cid:120) whether the claimed elements represent one of a limited number of
`
`known design choices, and would have a reasonable expectation of
`
`success by those skilled in the art;
`
`(cid:120) whether a POSITA would have recognized a reason to combine
`
`known elements in the manner described in the claim;
`
`(cid:120) whether the proposed modification would have a reasonable
`
`expectation of success by those skilled in the art;
`
`(cid:120) whether there is some teaching or suggestion in the prior art to make
`
`the modification or combination of elements claimed in the patent;
`
`and
`
`(cid:120) whether the innovation applies a known technique that had been used
`
`4
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`
`to improve a similar device or method in a similar way.
`
`12.
`
`I have been informed and understand that a POSITA has ordinary
`
`creativity, and is not an automaton.
`
`13.
`
`I have been informed and understand that in considering obviousness,
`
`it is important not to determine obviousness using the benefit of hindsight derived
`
`from the patent being considered.
`
`14.
`
`I have also been informed that objective evidence can also be relevant
`
`to the question of obviousness. I understand that such evidence, which is
`
`sometimes referred to as “secondary considerations,” can include evidence of
`
`commercial success, long-felt but unsolved needs, failure of others, copying by
`
`others, and unexpected results. I also understand that when considering the
`
`strength of secondary considerations, weight is not given unless a nexus is
`
`established between the rebuttal evidence and the claimed invention. In other
`
`words, secondary considerations only carry weight when the secondary
`
`considerations are attributable to the claimed invention.
`
`C. Written Description
`
`15.
`
`I have been informed that a patent must satisfy the written description
`
`requirement separate from any enablement requirement. I understand that a patent
`
`owner seeking to amend the claims in an Inter Partes Review (“IPR”) proceeding
`
`must show that the substitute claims are supported by the specification.
`
`5
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`To satisfy the written description requirement under § 112, I
`
`16.
`
`understand that the patent’s description must describe the claimed invention in
`
`sufficient detail that a POSITA can reasonably conclude that the inventor had
`
`possession of the claimed invention. I understand that the breadth of the claims
`
`determines the extent of the required disclosure. I understand that the written
`
`description must be commensurate with the scope of the claims. In other words, I
`
`understand that the test is whether the disclosure of the application reasonably
`
`conveys to those skilled in the art that the inventor had possession of the claimed
`
`subject matter as of the filing date, which I have been informed to assume is
`
`February 21, 2006 for this proceeding. I understand that new matter is matter not
`
`supported by the disclosure.
`
`D.
`
`17.
`
`Enablement
`
`I have been informed that a patent must satisfy the enablement
`
`requirement separate from any written description requirement.
`
`18.
`
`To satisfy the enablement requirement, the patent’s description must
`
`describe the invention such that one skilled in the art is enabled to make and use it
`
`without undue or unreasonable experimentation. I understand that certain factors
`
`are relevant, including the breadth of the claims, the nature of the invention, the
`
`state of the prior art, the level of one of ordinary skill, the level of predictability in
`
`the art, the amount of direction provided by the inventor, the existence of working
`
`6
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`examples, and the quantity of experimentation needed to make or use the invention
`
`based on the content of the disclosure.
`
`E.
`
`19.
`
`20.
`
`Indefiniteness
`
`I have been informed that a patent claims must be definite.
`
`To be definite, I understand that patent claims must particularly point
`
`out and distinctly claim the subject matter that the patentee regards as his or her
`
`invention. Definite claims definite claims clearly and precisely inform persons of
`
`ordinary skilled in the art of the boundaries of protected subject matter. I
`
`understand that determining if a claim is definite requires a determination of
`
`whether those skilled in the art would understand what is claimed when the claim
`
`is read in light of the specification.
`
`F.
`
`21.
`
`Subject Matter Eligibility
`
`I have been informed that laws of nature, abstract ideas, and natural
`
`phenomena are not patent eligible.
`
`22.
`
`I have been informed that an application of an abstract idea, such as a
`
`mathematical formula, may be patent eligible if the patent claims add significantly
`
`more than routine, conventional activity to the underlying concept.
`
`23.
`
`I have been informed that an important and useful clue to patent
`
`eligibility is whether a claim is tied to a particular machine or apparatus or
`
`transforms a particular article into a different state or thing, according to the so-
`
`7
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`called machine-or-transformation test. I have been informed that the machine-or-
`
`transformation test is not the only test for patent eligibility.
`
`24.
`
`I have been informed that the Supreme Court’s decision in the Alice
`
`Corp. case in 2014 articulates a two-step framework for distinguishing patents that
`
`claim ineligible abstract ideas from those that claim eligible applications of those
`
`ideas. In step one, the court must determine whether the claims at issue are
`
`directed to a patent-ineligible abstract concept. If the claim is directed to an
`
`abstract idea, the analysis proceeds to step two. In step two, I understand that the
`
`elements of the claim must be searched, both individually and as an ordered
`
`combination, for an inventive concept—i.e., an element or combination of
`
`elements that is sufficient to ensure that the patent in practice amounts to
`
`significantly more than a patent upon the ineligible concept itself. I am informed
`
`that a patentee cannot circumvent the prohibition on patenting abstract ideas by
`
`limiting the idea to a particular technological environment, nor by adding
`
`insignificant post-solution activity, or well-understood, routine, conventional
`
`features.
`
`III. OPINIONS
`
`A.
`
`Substitute Claim 56 Does Not Satisfy § 112.
`
`25. USR’s attempt to demonstrate that the claimed encryption and
`
`decryption using the second key in substitute claim 56 satisfies § 112 is deficient
`
`8
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`because the written description does not support or enable the claimed symmetric
`
`second key.
`
`26.
`
`I have been informed that USR bears the burden of setting forth
`
`written description support in the originally-filed disclosure for each proposed
`
`substitute claim as a whole, and cannot introduce new matter into the claims. I
`
`understand that to satisfy the written description requirement, a patent specification
`
`must describe the claimed invention in sufficient detail that a POSITA can
`
`reasonably conclude that the inventor had possession of the claimed invention.
`
`USR fails to meet this requirement.
`
`27. USR’s alleged support for the claimed second key describes only
`
`symmetric encryption because the same public key is used to both encrypt and
`
`decrypt. See, e.g., Ex-2106, ’860 Application, 49:24-32 (describing encrypting a
`
`DES key with a public key), 50:24-31 (describing decrypting a DES key with a
`
`public key). However, this public key encryption scheme is not enabled because a
`
`value encrypted with a public key, which a POSITA would recognize as an
`
`asymmetric key, could not be decrypted using the same public key. Even with
`
`extensive experimentation, it would be impossible for a POSITA to implement
`
`encryption and decryption with a public key. This is because data encrypted with
`
`an asymmetric key, such as a public key, cannot be decrypted with the same key.
`
`In fact, an important aspect of asymmetric keys is that a different private key is
`
`9
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`required to decrypt data. Thus, in the case of data encrypted with a public key,
`
`only a private key associated with the public key could decrypt the data. A
`
`POSITA would recognize that using a public key to decrypt data encrypted with
`
`the same public key would be impossible.
`
`28. Dr. Jakobsson admits that the encryption and decryption scheme
`
`described on pages 49 and 50 in the specification is nonsensical as written. See
`
`Ex-1117, Jakobsson Dep., 52-54. But Dr. Jakobsson asserts this language must be
`
`read as a typographical error, and that the text meant to say decrypting the DES
`
`key with a different (private) key. Id. Dr. Jakobsson’s declaration mentions no
`
`typographical error. There are no clues within the rest of the description that
`
`would lead a POSITA to believe that the only way to make sense of the disclosure
`
`would be to replace the term “public key” with “private key.”1 Furthermore, claim
`
`56 requires encrypting and decrypting the first key with the same second key—not
`
`separate public and private keys. Accordingly, even under Dr. Jakobsson’s
`
`interpretation of the text, the page 49 and 50 do not provide adequate written
`
`1 Even if a POSITA were to read the specification in this way, this describes
`
`nothing more than a well-known hybrid cryptosystem that Dr. Jakobsson admits
`
`was already known in the prior art. See Ex-1117, Jakobsson Decl., 44:3-12; see
`
`also Ex-1124, Introduction to Cryptography, 16.
`
`10
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`description support. The remaining sections USR cite to for alleged support fail to
`
`cure this deficiency. Either the patent does not enable the described encryption
`
`and decryption with a public key, or it does not claim the alleged public/private
`
`key encryption/decryption—not both.
`
`The Substitute Claims Would Have Been Obvious To A Person Of
`B.
`Ordinary Skill In The Art.
`
`Substitute Claims 36-37 and 45-46 Are Obvious Over
`1.
`Jakobsson In View of Schutzer.
`
`a)
`
`Substitute Claim 36
`
`(1)
`
`Substitute Limitations 36[pre], 36[b], 36[j]
`
`29.
`
`Substitute claim 36 recites “[a] system for authenticating identities of
`
`a plurality of users to conduct a credit and/or debit card transaction, the system
`
`comprising[.]” 36[pre]; see also 36[b], 36[j]. Jakobsson in view of Schutzer
`
`discloses credit and/or debit card transactions.
`
`30. As explained in my previous Declaration, Jakobsson discloses “[a]
`
`system for authenticating identities of a plurality of users, the system
`
`comprising[.]” See Ex-1102, Shoup-Decl., ¶¶49-50. For example, Jakobsson
`
`teaches that the disclosed “[a]uthentication can result in . . . access to such services
`
`as financial services . . . .” Ex-1104, Jakobsson, ¶39. A POSITA would
`
`understand the “financial services” of Jakobsson to include a credit card and/or
`
`debit card transaction. For example, in the context of Jakobsson’s disclosure, a
`
`11
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`POSITA would have understood that financial services providers routinely
`
`provided the function of processing and enabling transactions like the purchase of
`
`goods via credit card and/or debit card transactions. Thus, a POSITA would have
`
`understood this disclosure in Jakobsson to teach that financial services providers
`
`would have been accessed for the functions for which they were known to
`
`provide—enabling credit and/or debit card transactions or processing other types
`
`of financial transactions. Furthermore, Jakobsson discloses that the device 120 can
`
`be a “credit-card sized device 120 . . . such as a credit card including a magnetic
`
`strip or other data store on one of its sides.” Ex-1104, Jakobsson, ¶41.
`
`Accordingly, Jakobsson discloses these added limitations.
`
`31.
`
`To the extent that Jakobsson does not expressly disclose conducting a
`
`credit card and/or debit card transaction, Schutzer provides this disclosure. For
`
`example, Schutzer teaches “a method and system for securely performing a
`
`bankcard transaction, such as a credit card or debit card transaction” in which
`
`a transaction card is used to authenticate a user and authorize a transaction. Ex-
`
`1130, Schutzer, ¶10; see also id. abstract, ¶¶8, 12, 24-37, Figs. 1-4.
`
`32. Accordingly, Jakobsson in view of Schutzer discloses the credit
`
`and/or debit card transaction in limitations 36[pre], [b], and [j].
`
`33.
`
`It would have been obvious to combine Schutzer’s teaching of an
`
`authentication system for a bankcard transaction with the authentication system of
`
`12
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`
`Jakobsson.
`
`34.
`
`First, it would have been obvious to combine Schutzer’s bankcard
`
`transaction authentication system with the authentication system of Jakobsson
`
`because it would have involved nothing more than applying a known technique
`
`(using authentication for bankcard transactions) to a known device (the
`
`authentication system of Jakobsson) in the same way (by verifying information).
`
`A POSITA would have had a reasonable expectation of success in doing so at least
`
`because they would have recognized that the authentication system Jakobsson
`
`could be implemented for a number of different transactions, including bankcard
`
`transactions, using simple and predictable computer code. For example, Jakobsson
`
`already discloses that authentication information for a financial transaction is
`
`generated using various values including unique numbers and alphanumeric
`
`number strings. Ex-1104, Jakobsson, ¶72 (“User data (P) can also be provided as
`
`input to the combination function 230. The user data (P) is a unit of information
`
`such as an alphanumeric character string, or a strictly numerical value, for example
`
`a personal identification number (PIN) or password. In one embodiment, the user
`
`data (P) is information uniquely associated with the user 110.”); ¶39
`
`(“Authentication can result in the performance of one or more actions including,
`
`without limitation, providing access or privileges, taking action, or enabling some
`
`combination of the two. Access includes, without limitation: access to a physical
`
`13
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`location, communications network, computer system, and so on; access to such
`
`services as financial services. . . .”).
`
`35.
`
`Second, Jakobsson and Schutzer provide teachings, suggestions, and
`
`motivations that would have led a POSITA to combine the bank card transaction
`
`authentication system of Schutzer with the authentication systems of Jakobsson to
`
`arrive at the claimed credit card and/or debit card transaction. For example, both
`
`references recognize the risk of stolen authentication credentials and disclose
`
`methods for protecting such information. Ex-1130, Schutzer, ¶3 (“The link
`
`between the cardholder and the merchant must be encrypted to prevent the card
`
`number from being intercepted and fraudulently read by an unauthorized third
`
`party. This type of fraud is sometimes referred to as the man-in-the-middle attack.
`
`The link is encrypted so that no eavesdropper can listen in and steal the card
`
`number”); ¶9 (“It is another feature and advantage of the present invention to
`
`provide a method and system for securely performing a bankcard transaction which
`
`eliminates transmitting the customer’s actual card number over the Internet to the
`
`merchant and likewise eliminates the need for a secure link between the customer
`
`and the merchant.”); Ex-1104, Jakobsson, ¶8 (“an unattended or stolen token
`
`remains vulnerable to attack. Would-be attackers who gain access to tokens can
`
`subject the tokens to sophisticated analysis intended to determine their methods of
`
`operation, and/or the secret(s) stored within.”). Thus, it would have been obvious
`
`14
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`to combine Schutzer’s alternate bankcard system with the authentication system of
`
`Jakobsson because Jakobsson already teaches that user identifying information
`
`should be obscured, and Schutzer teaches that an application for obscuring such
`
`information is bankcard transactions.
`
`(2)
`
`Substitute Limitation 36[c]
`
`36.
`
`Limitation 36[c] recites “the first wireless signal including encrypted
`
`authentication information of the user of the first handheld device.” Jakobsson in
`
`view of Schutzer discloses this limitation.
`
`37. As explained in my previous Declaration, Jakobsson discloses
`
`“authentication information.” See, e.g., Ex-1102, Shoup-Decl., ¶¶42-43, 52-55,
`
`60-63, 74-90. For example, Jakobsson teaches that “authentication information
`
`can also include one or more of a user identifier, a PIN, password, a biometric
`
`reading, and other additional authentication information.” Ex-1104, Jakobsson,
`
`¶21.
`
`38.
`
`Jakobsson further discloses “the first wireless signal including
`
`encrypted authentication information of the user of the first handheld device.” For
`
`example, Jakobsson discloses encrypting a token sent from a user device. Ex-
`
`1104, Jakobsson, ¶58 (“the verifier 105 decrypts a value encrypted by the user
`
`authentication device 120 using symmetric key encryption or asymmetric
`
`encryption techniques, such as public key encryption.”); see also id. ¶¶6-7 (“For
`
`15
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`example, a token could accept user input, which might include a PIN or a
`
`challenge value, and provide as output a result encrypted with a secret encryption
`
`key stored in the card. The verifier can then compare the output to an expected
`
`value in order to authenticate the entity”), 73 (“In another embodiment, the user
`
`data value (P) and the event state (E) are combined first for use as input to an
`
`encryption function, and then the dynamic value (T) and the secret (K) are
`
`combined with them by using them as a key to encrypt the result.”); Ex-1102,
`
`Shoup-Decl., ¶¶144-146, Decision Granting Institution, Paper No. 9, 16.
`
`39.
`
`To the extent that Jakobsson does not disclose encrypting
`
`authentication information, Schutzer discloses this limitation. For example,
`
`Schutzer teaches a similar authentication system in which a cardholder can
`
`authenticate his or herself by providing information, and that “includes, for
`
`example, one or more of a personal identification number, a password, a biometric
`
`sample, a digital signature or the transaction card number for the transaction card
`
`user, and the transaction card user information can be encrypted.” Ex-1130,
`
`Schutzer, ¶13; see also id. at ¶¶3, 8, 28-29, 57, 59. Accordingly, Jakobsson in
`
`view of Schutzer discloses encrypting and decrypting authentication information.
`
`40.
`
`It would have been obvious to modify the authentication information
`
`of Jakobsson using encryption as taught by Schutzer.
`
`41.
`
`First, it would have been obvious to combine Schutzer’s encryption
`
`16
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`scheme with the authentication information of Jakobsson because it would have
`
`involved nothing more than applying a known technique (encrypted authentication
`
`messages) to a known device (the authentication system of Jakobsson) in the same
`
`way (using encryption). A POSITA would have had a reasonable expectation of
`
`success in doing so at least because such an encryption scheme could be
`
`implemented via simple and predictable computer code that would improve
`
`different types of communications including those described by Jakobsson.
`
`42.
`
`Second, both Jakobsson and Schutzer provide teachings, suggestions,
`
`and motivations that would have led a POSITA to encrypt the authentication
`
`information of Jakobsson to arrive at limitation 36[c]. For example, both
`
`Jakobsson and Schutzer disclose encrypting information sent from a first device to
`
`a second device. See Ex-1104, Jakobsson, ¶¶6, 7, 58; Ex-1130, Schutzer, ¶¶3, 8,
`
`13, 28-29, 57, 59; see also Ex-1102, Shoup-Decl., ¶¶144-146. A POSITA would
`
`have understood that adding encryption to such communications would add more
`
`layers of security. Therefore, it would have been obvious to a POSITA to combine
`
`Jakobsson and Schutzer to arrive at limitation 36[c].
`
`(3)
`
`Substitute Limitations 36[f], 36[g], 36[h], 36[j]
`
`43.
`
`Limitation 36[f] has been amended to recite that “the first processor
`
`further programmed to generate a one-time code and a digital signature, the digital
`
`signature generated using a private key associated with the first handheld device,
`
`17
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`and to transmit the first wireless signal including the first authentication
`
`information, the one-time code, and the digital signature of the user of the first
`
`handheld device to the second device via the network.” Limitations 36[g], 36[h],
`
`and 36[i] further require that “the second processor is configured to: receive the
`
`first wireless signal . . . [verify] the digital signature,” and “use the first
`
`authentication information, the one-timecode, the digital signature, and the second
`
`authentication information to authenticate an identity of the user of the first
`
`handheld device . . . .” Jakobsson in view of Schutzer disclose these additional
`
`limitations.
`
`44.
`
`First, Jakobsson discloses transmitting an authentication code that
`
`depends on a number of different one-time codes that can be combined with other
`
`information using combination function 230 to generate an authentication code.
`
`See Ex-1104, Jakobsson, ¶¶13 (describing dynamic variables that vary over time),
`
`63 (“authentication code 291 is constructed from a stored secret (K), a dynamic
`
`value (T), and an event”), 64-77 (describing various combinations including the
`
`values (K), (T), (E), and (P), including A(KTE)), 116 (describing an authentication
`
`value (S), which is formed by (K) and (T), which is a typical one-time code known
`
`in the art as shown in Fig. 7), 140 (describing “a set quantity of temporary secrets
`
`can be supplied where each secret can be used once at any time prior to the end of
`
`an expiration period”); see also Ex-1102, Shoup-Decl., ¶¶52-55. Jakobsson further
`
`18
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`teaches that the combined authentication code can be received by a verifier (x-
`
`1102, Shoup-Decl., ¶¶60-63) and used to authenticate the user of the first handheld
`
`device (Ex-1102, Shoup-Decl., ¶¶88-90).
`
`45.
`
`Second, Schutzer discloses that a cardholder can authenticate his or
`
`herself by providing certain information, and that “[i]f the transaction or the
`
`customer’s history warrants, the issuing bank 8 can require more secure
`
`authentication, such as additional secrets, matching biometrics, and/or digital
`
`signatures.” Ex-1130, Schutzer, ¶29. Furthermore, it was well known to use a
`
`digital signature to authenticate the entity that generated the digital signature, as
`
`Dr. Jakobsson admits. See Ex-1117, Jakobsson Dep., 76:5-79:9, 82:12-83:5.
`
`46. Accordingly, Jakobsson in view of Schutzer discloses substitute
`
`limitations 36[f], 36[g], 36[h], 36[j].
`
`47. A POSITA would have been motivated to add the digital signature of
`
`Schutzer to the authentication code of Jakobsson because such a combination with
`
`the other values of Jakobsson would be a combination of prior art elements (e.g.,
`
`the one-time code and other elements in the authentication code) according to
`
`known methods (such as the combination function 230, including prepending or
`
`appending, or inclusion as additional authentication information of Jakobsson) to
`
`yield predictable results (a combined or addition to authentication code that can be
`
`used to more securely authenticate a user).
`
`19
`
`

`

`U.S. Patent No. 9,100,826
`Declaration of Dr. Shoup
`Schutzer also explicitly teaches, suggests, and/or motivates using
`
`48.
`
`multiple authentication elements at the same time: “If the transaction or the
`
`customer’s history warrants, the issuing bank 8 can require more secure
`
`authentication, such as additional secrets, matching biometrics, and/or digital
`
`signatures.” Ex-1130, Schutzer, ¶29. Jakobsson also teaches that “[t]he verifier
`
`receives the authentication information, which can optionally include other
`
`authentication and identification data, such as a PIN, password, biometric
`
`reading, and the like,” which a POSITA would have recognized to include the
`
`digital signature of Schutzer that performs an authentication function. Ex-1104,
`
`Jakobsson, ¶¶112, 97 (“As described above, the output is communicated to a
`
`verifier, potentially along with the same or a different PIN or password, and a user
`
`identifier.”), 21 (“The authentication information can also include one or more of a
`
`user identifier, a PIN, password, a biometric reading, and other additional
`
`authentication inf