Paper No. 30
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`________________
`
`APPLE INC.
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC
`Patent Owner
`________________
`
`Case IPR2018-00813
`U.S. Patent No. 9,100,826
`________________
`
`PATENT OWNER’S SUR-REPLY TO PETITIONER’S REPLY
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`________________
`
`APPLE INC.
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC
`Patent Owner
`________________
`
`Case IPR2018-00813
`U.S. Patent No. 9,100,826
`________________
`
`PATENT OWNER’S SUR-REPLY TO PETITIONER’S REPLY
`
`
`
`TABLE OF CONTENTS
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Page
`
`PATENT OWNER’S LIST OF EXHIBITS ............................................................. II
`I.
`PETITIONER FAILS TO PROVE JAKOBSSON DISCLOSES
`“RETRIEVES OR RECEIVES” SECOND AUTHENTICATION
`INFORMATION (CLAIMS 1-20) .................................................................. 2
`PETITIONER FAILS TO PROVE CLAIMS 7, 14, 26 AND 34 ARE
`INVALID ......................................................................................................... 6
`A.
`The Reply Fails To Prove Jakobsson In View Of Maritzen
`Disclose Enabling Or Disabling ............................................................ 7
`1.
`The Reply fails to prove Maritzen discloses enabling or
`disabling ...................................................................................... 7
`The Reply fails to prove a POSITA would combine
`Jakobsson with Maritzen ............................................................. 9
`The Reply Fails To Prove A POSITA Would Combine
`Jakobsson With Verbauwhede ............................................................ 15
`1.
`The Reply fails to prove Jakobsson Discloses Comparing ....... 16
`PETITIONER FAILS TO PROVE CLAIMS 8 AND 15 ARE
`INVALID ....................................................................................................... 19
`A.
`The Reply Fails To Prove Gullman Discloses Storage For
`Multiple Distinguishable Users ........................................................... 20
`The Reply Fails To Prove a POSITA Would Be Motivated To
`Combine Jakobsson With Gullman ..................................................... 22
`STRONG EVIDENCE OF SECONDARY CONSIDERATIONS OF
`NON-OBVIOUSNESS COUNSEL DENIAL OF THE PETITION ............ 24
`CONCLUSION .............................................................................................. 25
`
`II.
`
`III.
`
`IV.
`
`V.
`
`2.
`
`B.
`
`B.
`
`i
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Ex. 2001
`
`Ex. 2002
`
`Ex. 2101
`
`Ex. 2102
`
`Ex. 2103
`
`Ex. 2104
`
`Ex. 2105
`
`Ex. 2106
`
`Ex. 2107
`
`Ex. 2108
`
`Ex. 2109
`
`Ex. 2110
`
`Ex. 2111
`
`Ex. 2112
`
`PATENT OWNER’S LIST OF EXHIBITS
`
`Declaration ISO Motion Pro Hac Vice Harold Barza.
`
`Declaration ISO Motion Pro Hac Vice Jordan Kaericher.
`
`Declaration of Dr. Markus Jakobsson ISO
`Patent Owner’s Response.
`
`Curriculum Vitae of Dr. Markus Jakobsson.
`
`Transcript of December 14, 2018 Deposition of Dr.
`Victor John Shoup.
`
`N. Asokan, et. al, The State of the Art in Electronic
`Payment Systems, IEEE Computer, Vol. 30, No. 9, pp.
`28-35 (IEEE Computer Society Press, Sept. 1997).
`
`M. Baddeley, Using E-Cash in the New Economy: An
`Economic Analysis of Micropayment Systems, J.
`Electronic Commerce Research, Vol. 5, No. 4, pp. 239-
`253 (Nov. 2004).
`
`U.S. Application No. 14/027,860.
`
`U.S. Application No. 11/677,490.
`
`U.S. Provisional Application No. 60/775,046.
`
`U.S. Provisional Application No. 60/812,279.
`
`U.S. Provisional Application No. 60/859,235.
`
`Declaration by Dr. Markus Jakobsson ISO Motion to
`Amend.
`
`U.S. District Court for Delaware Report and
`Recommendation.
`
`ii
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Ex. 2113
`
`Ex. 2114
`Ex. 2115
`
`Ex. 2116
`
`Declaration by Dr. Markus Jakobsson ISO Reply to
`MTA Opposition.
`
`Rough transcript of deposition of Dr. Ari Juels.
`Juels and Hubaux, “Privacy Is Dead; Long Live
`Privacy,” Communications of the ACM, Vol. 59, No. 6
`(June 2016))
`Brainard, Juels, et. al., A New Two-Server Approach for
`Authentication with Short Secrets (Apr. 9, 2003).
`
`iii
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Patent Owner Universal Secure Registry, L.L.C. (“PO”) submits this Sur-
`
`Reply in opposition to Apple Inc.’s (“Petitioner”) Reply (Paper 24, “Reply”) to
`
`PO’s Response (Paper 18, “Response”). Petitioner has failed to prove the
`
`challenged claims are invalid for at least four reasons.
`
`First, Petitioner has failed to demonstrate International Patent Application
`
`Publication No. WO 2004/051585 (“Jakobsson”) (Ex-1104) discloses “retrieves or
`
`receives” second authentication information (claims 1-20) because Jakobsson
`
`neither receives nor retrieves second authentication information; rather, it creates
`
`such information. “Creating” is a fundamentally different concept from “receiving
`
`or retrieving,” and Petitioner effectively asks the Board to rewrite the claim
`
`language (“retrieves or receives or creates”) to make up for Jakobsson’s
`
`shortcoming. It should decline to do so.
`
`Second, Petitioner has failed to prove Jakobsson in view of U.S. Patent
`
`Application Publication No. 2004/0236632 (“Maritzen”) (Ex-1105) disclose the
`
`limitation of enabling or disabling (cl. 7, 14, 26 and 24), or that a POSITA would
`
`be motivated to make such a combination. Further, Petitioner has failed to prove
`
`Jakobsson discloses “compar[ing]” stored authentication information, or that a
`
`POSITA would combine Jakobsson with International Patent Application
`
`Publication No. WO 2005/001751 (“Verbauwhede”) (Ex-1107).
`
`1
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Third, Petitioner has failed to prove U.S. Patent No. 5,280,527 (“Gullman”)
`
`(Ex-1106) discloses “[a first device] configured to store respective biometric
`
`information for a second plurality of users” (cl. 8, 15), or that a POSITA would
`
`combine Gullman with Jakobsson.
`
`Finally, the Reply has not rebutted PO’s strong evidence of secondary
`
`considerations of non-obviousness.
`
`I.
`
`PETITIONER FAILS TO PROVE JAKOBSSON DISCLOSES
`“RETRIEVES OR RECEIVES” SECOND AUTHENTICATION
`INFORMATION (CLAIMS 1-20)
`Claims 1 and 10 require a second device that retrieves or receives second
`
`authentication information. See ’826 Patent, cl. 1, 10. While Petitioner contends
`
`Jakobsson discloses this limitation, Petitioner’s arguments and citations on Reply
`
`continue to fail to meet the required burden of proof. See Reply, 5-9.
`
`As explained in the Response, Jakobsson’s second device (verifier) neither
`
`receives nor retrieves second authentication information; rather, it creates second
`
`authentication
`
`information
`
`to which
`
`it compares
`
`the first authentication
`
`information. These are fundamentally different processes in computer science.
`
`See Jakobsson [0118], [0050]; see also Ex-2101, Decl. of Dr. Markus Jakobsson
`
`ISO Response (“Markus Decl.”), ¶¶54-58. Among other things, a POSITA would
`
`understand the claimed “receiving” or “retrieving” to be from long-term
`
`2
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`memory/storage (such as RAM), and a POSITA would know there is no reason for
`
`Jakobsson’s verifier
`
`to store
`
`intermediate
`
`results
`
`(the accused second
`
`authentication code) in RAM or other related storage. Jakobsson only stores the
`
`created value within registers in the CPU, thus, not meeting the limitation. See
`
`Markus Decl., ¶¶57-58.
`
`In Reply, Petitioner proffers several flawed arguments. First, the Reply
`
`argues it is irrelevant whether Jakobsson’s data is stored in registers as it must be
`
`“retrieve[d] or receive[d]” to perform the authentication. Reply, 6. Relatedly,
`
`Petitioner contends there is no distinction between “retrieval or receipt” from long
`
`term memory such as RAM, and CPU registers—either technically or as required
`
`by the ’826 patent. Reply, 7. These arguments are simply wrong.
`
`The limitation at issue uses the terms “retrieve” and “receive.” The plain
`
`and ordinary meaning of these words are “to come into possession of: acquire //
`
`receive a gift” (https://www.merriam-webster.com/dictionary/receive), and “to
`
`locate and bring
`
`in” (https://www.merriam-webster.com/dictionary/retrieve),
`
`respectively. Both of these suggest a transfer from outside to an entity. CPU
`
`registers are not outside the CPU (the processor), as RAM is. See Markus Decl.,
`
`¶58. Therefore, these claim terms are not used to describe activity related to CPU
`
`registers. Id.
`
`3
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Further, there are only two ways of obtaining a value using a processor: To
`
`compute it (i.e., generate or create), or to get it from another place such as memory
`
`or a third party (i.e., the claimed retrieve or receive). Following Petitioner’s
`
`reasoning, computing a value requires getting that value from memory, meaning
`
`that there is no way to claim a process that generates a value without also using
`
`RAM, etc.
`
`There is also a very good reason from a design perspective that the claimed
`
`retrieve/receive relates to storage such as RAM, but read/fetch is used for access to
`
`registers. That is because the two operations are dramatically different.
`
`Read/fetch is a direct addressing method, whereas retrieving/receiving uses a
`
`complex mapping performed by a memory management unit (MMU). Read/fetch
`
`takes a known amount of time (typically one cycle), whereas retrieve/receive
`
`involves bus activity, and therefore potential bus congestion. Read/fetch is done
`
`by micro-instructions, whereas receive/retrieve is done by instructions. There is no
`
`pipelining for read/fetch, but there is for retrieve/receive.
`
`Second, the Reply argues Jakobsson discloses authentication procedures
`
`using “RAM, ROM, CPU registers, flash memory or any other common memory
`
`device.” Reply, 8. Relatedly, Petitioner argues Jakobsson’s verifier can be
`
`implemented on a computer interacting with one or more other computer programs
`
`4
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`on the same or different computers; thus, a POSITA would purportedly have
`
`understood the verifier could be configured to “retrieve or receive” the second
`
`authentication information from the “different” program or computer or from
`
`hardware. Id., 8-9. These arguments are incorrect.
`
`The authentication code in Jakobsson is generated anew for each time
`
`period/verification. See Markus Decl., ¶57. There is never a need by one entity to
`
`generate the code twice, and nothing is later derived from it in a later time
`
`period/verification session. Therefore, there is no need to store the code, whether
`
`for the device or the verifier. Thus, since it is not desirable to store it, there is no
`
`need to retrieve/receive.
`
`Finally, Petitioner’s argument is mere speculation. There are countless ways
`
`of dividing up computation between two entities and it does not have to be done as
`
`Petitioner suggests. Indeed, Jakobsson does not make such an explicit disclosure.
`
`In fact, one can even break up the generation of the function into different parts
`
`and divide up who does what. As a concrete example, instead of a single party
`
`adding a value 8 to an input, one party can add a number 3 and a second party can
`
`add the value 5. This is known as distributed computing, and is related to so-called
`
`secret sharing, a common cryptographic construction aimed at having sensitive
`
`computation performed by two or more parties, each one of which cannot perform
`
`5
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`the full computation by itself, and neither of which will be in full possession of any
`
`sensitive information used to perform the computation. For example, Petitioner’s
`
`expert, Dr. Ari Juels, discloses two-party password verification methods (that can
`
`also be used for verification of PINs). See, e.g., John Brainard, Ari Juels, et. al., A
`
`New Two-Server Approach for Authentication with Short Secrets (Apr. 9, 2003).
`
`He also admitted neither party knows the credential using such methods. See Ex-
`
`2114, Rough Dep. Tr. of Dr. Ari Juels (“Juels Dep.”) 115:12-25; see id., 116:8-16.
`
`Thus, Petitioner’s argument has no merit.
`
`II.
`
`PETITIONER FAILS TO PROVE CLAIMS 7, 14, 26 AND 34 ARE
`INVALID
`
`As explained in the Response, claims 7, 14, 26, and 34 add limitations that
`
`the first handheld device “enable or disable use of the first handheld device based
`
`on a result of the comparison” of: stored “authentication information” with
`
`“authentication information” of the user (claims 7 and 14); or stored “biometric
`
`information” with “biometric information” provided by the user (claims 26 and
`
`34). ’826 Patent, 45:14-20, 45:60-64, 47:7-12, 48:24-28. The Reply continues to
`
`fail to prove these claims are disclosed by Jakobsson in view of Maritzen and
`
`Verbauwhede. See Reply, 9-15.
`
`6
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`A.
`
`The Reply Fails To Prove Jakobsson In View Of Maritzen
`Disclose Enabling Or Disabling
`The Reply fails to prove Maritzen discloses enabling or
`disabling
`
`1.
`
`First, Petitioner disputes PO’s construction of the claims. 1 Importantly,
`
`Petitioner does not dispute the first handheld device must be capable of both
`
`enabling use and disabling use in different situations, but disputes only what it
`
`means to “disable use” of the device. Reply, 4-5. In particular, Petitioner disputes
`
`disabling use requires a change in the state of the device effecting a “reduction in
`
`functionality.” Id. 2 Yet, Petitioner’s own argument directly supports Patent
`
`Owner’s construction. Specifically, Petitioner asserts that to “disable” means “to
`
`make ineffective or inoperative” (Id., 5), but to make a device ineffective or
`
`inoperative necessarily requires a change in state (from a first state to a second
`
`ineffective/inoperative state) with reduced functionality. In contrast, a device that
`
`1 The Reply also disputes PO’s construction of “authentication information.”
`
`Reply, 1-4. For the reasons set forth in the Response, Petitioner is wrong.
`
`2 To the extent Petitioner suggests PO’s construction requires “completely
`
`disabling the device itself (e.g., turning the phone off)” (Reply, 5), to be clear, it
`
`does not. However, PO’s construction requires the device do more than simply
`
`remain in its preexisting, pre-disabled state.
`
`7
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`remains locked has not been made (or “rendered”) “ineffective or inoperative” (id.
`
`at 4-5), it simply remains in the same locked state. A POSITA would understand
`
`that disabling use requires more. See Response, 23-27.
`
`Second, Petitioner attempts to save its contention that Maritzen’s PTD
`
`“disable[s] use” by simply remaining locked. See Reply, 9. It does not. 3
`
`Maritzen’s PTD has a “PTD disabler manager” that “disable[s] PTD 100 if an
`
`invalid transaction message is received”; in contrast, the PTD simply remains
`
`locked in the event of an unsuccessful comparison of biometric information.
`
`Maritzen, [0066]. Petitioner asserts Maritzen “makes no distinction” between
`
`disabling and remaining locked (Reply, 10)--that is plainly wrong. If there were no
`
`distinction, then Maritzen would not have devoted numerous paragraphs to explain
`
`the “PTD disabler manager” and the circumstances in which the PTD may be
`
`disabled, yet not once describe disabling the PTD in the event of an unsuccessful
`
`comparison of biometric information.
`
`In fact, there are clear distinctions between disabling and remaining locked.
`
`For example, Maritzen teaches “the invalid transaction message disables the PTD
`
`3 The Board should find Petitioner has failed to meet its burden even if it does not
`
`adopt PO’s claim construction, as long as it agrees that to “disable use” requires
`
`more than simply remaining in a locked state.
`
`8
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`100 … such that the user may not access PTD 100.” Maritzen, [0056]. Hence, at a
`
`minimum, disabling the PTD changes the PTD from an unlocked state (in which
`
`the user has access to the PTD)4 to a locked state (in which the user may not access
`
`the PTD).5 In contrast, in the event of an unsuccessful comparison of biometric
`
`information, Maritzen’s PTD begins and remains in the same locked stated through
`
`the entire process. There is no reduction in functionality. The PTD does not
`
`disable any use.
`
`2.
`
`The Reply fails to prove a POSITA would combine Jakobsson
`with Maritzen
`
`As set
`
`forth
`
`in
`
`the Response, even
`
`if Maritzen disclosed
`
`the
`
`enabling/disabling limitation, Petitioner has failed to prove a POSITA would be
`
`motivated to combine it with Jakobsson for at least three reasons: the combination
`
`would remove key components of Jakobsson; it would change the basic principles
`
`4 The PTD must be in an unlocked state in order to conduct a transaction and
`
`receive an invalid transaction message. Maritzen, [0042]-[0056], [0087]-[0104].
`
`5 Moreover, if the PTD is disabled, the user “may not access” the PTD, meaning
`
`the user cannot unlock the device, even if the correct biometric information is
`
`supplied. Maritzen, [0055]-[0056]. In contrast, if the PTD is merely locked, the
`
`user can still unlock it by supplying the correct biometric information. Id., [0044].
`
`9
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`under which Jakobsson was designed to operate; and/or it would render the
`
`reference inoperable for its intended purpose. See Markus Decl., ¶67. The Reply
`
`has failed to prove otherwise.
`
`As explained in the Response, Jakobsson improved upon the prior art “by
`
`including an indication of the occurrence of an event directly into the efficient
`
`computation of an identity authentication code,” while the device remained in a
`
`state where it can be used. See Jakobsson, [0010], [0015]; see Markus Decl., ¶69;
`
`Response, 37. Adding Maritzen’s alleged disabling function to Jakobsson would
`
`eliminate this key functionality. Markus Decl., ¶69.
`
`The Reply argues Jakobsson discloses embodiments where “the event state
`
`is not necessarily reported when local authentication fails,” and allegedly
`
`Jakobsson teaches if authentication fails, “the device can be disabled.” Reply, 10-
`
`11 (citing Jakobsson, [0015]). This corresponds to what Jakobsson refers to as
`
`overt communication (Jakobsson, [0019].) The disclosure also describes covert
`
`communication of an event state, which corresponds to situations in which an
`
`attacker cannot determine that an alert is conveyed by a compromised device. See,
`
`e.g., Jakobsson, [0019], [0088]. The background section of Jakobsson highlights
`
`the problem addressed by the disclosure, “Many tamper resistant hardware designs
`
`are available, however, new attacks are frequently developed to thwart tamper
`
`10
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`resistance. Further, current tamper resistant designs do not provide verifiers,
`
`authentication systems, system administrators, or another relevant authority with
`
`any indication that the token has been tampered with.” Id., [0008]. It is clear that
`
`if the attacker would be able to determine that a token has registered being
`
`tampered with, he can avoid conveying the corresponding authentication code to
`
`the verifier, to avoid detection. See Juels Dep., 125:8-14, 18-23, 126: 16-23.
`
`Therefore, covert communication of alerts is important in Jakobsson.
`
`Jakobsson further explains there are “funkspiel schemes whereby a device
`
`can indicate to a verifier that tampering has occurred, without revealing to an
`
`adversary whether the tampering has been detected,” but that the prior art “does
`
`not provide any method for efficiently verifying a single authentication code
`
`among those over a very long period of time, without substantial computation by
`
`the verifier.” Id., [0009]. In the very next paragraph, Jakobsson clarifies the scope
`
`of the disclosed invention: “The invention addresses these shortcomings by
`
`including an indication of the occurrence of an event directly into the efficient
`
`computation of an identity authentication code, where the verifier may efficiently
`
`verify the authentication code and identify the signaling of an event state.” Id.,
`
`[0010].
`
`11
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`A POSITA reading these paragraphs from Jakobsson would have understood
`
`the primary goal is to generate covert token codes. See id., [0019] (“Covert
`
`communication may be beneficial because it can be used to report the occurrence
`
`of an event without an attacker becoming aware of the report.”). Therefore, a
`
`POSITA would have known security sensitive event information would be
`
`intended to be conveyed covertly by Jakobsson, while non-sensitive information
`
`(e.g., battery state) could be conveyed overtly. See id., [0019] (“Overt
`
`communication may be beneficial in that it allows a general observer to become
`
`informed about state information.”). The information the Petitioner argues could
`
`be conveyed overtly, though, is sensitive, which makes no sense to do in
`
`Jakobsson, and is contrary to the very goal of the disclosure. See Juels Dep.,
`
`130:21-24 (“The protection of sensitive personal data has always been relevant to
`
`society. It’s mentioned in the Hippocratic Oath.”).
`
`The Reply further argues the references have only “superficial differences”
`
`that would not have dissuaded a POSITA from making the alleged combination.
`
`Reply, 11-15. Again, the Reply has failed to meet its burden of proof on this issue.
`
`As it did in the Petition, the Reply adopts an overbroad view of the
`
`references, alleging both “are directed toward secure financial transactions that
`
`address the issue of electronic fraud.” Id., 12. However, as explained in the
`
`12
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Response, Jakobsson and Maritzen are directed to entirely different fields and
`
`problems, and as such their structure and function are different. See Response, 39-
`
`41; Markus Decl., ¶74. Maritzen is directed at solving problems associated with
`
`“the collection of fees at vehicle-accessed payment gateways such as toll booths.”
`
`Maritzen, [0002-0003]. In contrast, Jakobsson discloses a personal (as opposed to
`
`vehicle) event detecting and alert system (as opposed to anonymous real-time
`
`settlement of financial transactions). Jakobsson, [0010-0011]; Markus Decl., ¶¶75-
`
`76.
`
`The Reply also contends the Response “misunderstand[s] that Jakobsson is
`
`the primary reference.” Reply, 12-13. There is no such misunderstanding. PO
`
`discussed the proposed combination in both the specific combination proffered
`
`(adding Maritzen’s enabling/disabling feature to Jakobsson) and in the general
`
`view of whether a POSITA would even consider looking to a reference such as
`
`Maritzen to add features to Jakobsson (e.g., consider a PIN-less vehicle payment
`
`reference to apply to an invention disclosing a personal event detection system that
`
`utilizes PIN numbers).
`
`Petitioner further disputes Maritzen’s goal of anonymity would conflict with
`
`Jakobsson’s disclosure of sharing authentication information. Id., 13-15. In
`
`particular, the Reply argues “a POSITA would understand that there are many
`
`13
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`levels of anonymity that may disclose varying levels of user information” and that
`
`“at most, Maritzen advises against sending unprotected user information, and is
`
`compatible with Jakobsson’s teachings, which disclose the encryption or
`
`obfuscation of user information.” Id., 14. Petitioner is wrong. See, e.g., Maritzen,
`
`[0044] (“The biometric information identifying the user is not transmitted at
`
`any time.”), [0090] (“No user information is transmitted”).
`
`In fact, as explained by Petitioner’s expert Dr. Juels in a 2016 publication he
`
`authored, there are substantial risks associated with conveying sensitive data:
`
`“Sensitive data might be collected by a benevolent party for a purpose that is
`
`acceptable to a user, but later fall into dangerous hands, due to political pressure, a
`
`breach, and other reasons.” Juels and Hubaux, “Privacy Is Dead; Long Live
`
`Privacy,” Communications of the ACM, Vol. 59, No. 6 (June 2016)). See also
`
`Juels, Dep., 128:17-129:11. This was also true and well understood at the time
`
`Jakobsson and Maritzen, respectively, were filed. Id., 129:24-130:12, 130:21-24.
`
`Privacy is an important aspect of Maritzen, and Maritzen protects sensitive
`
`data, such as biometric information, using a privacy card, e.g., “Privacy card 110
`
`only transmits the biometric key. The biometric information identifying the
`
`user is not transmitted at any time. The biometric key is used to unlock PTD
`
`100 and to gain authorization of the financial transaction.” Maritzen, [0044].
`
`14
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Maritzen further states, “In one embodiment, PTD 100 transmits the
`
`transaction key via communication link 150 to VAPGT 120. PTD 100 does not
`
`transmit any user information to VAPGT 120.” Id., [0045]. And, it discloses
`
`that, “No user information is transmitted to VAPGT 120.” Id., [0090]. Also,
`
`“Thus, VAPGT 120 does not obtain information as to who the user is, who the
`
`financial processor 140 is, or the account being used. Thus the privacy of both
`
`the user and the financial processor is maintained.” Id., [0101]. In direct
`
`contrast, Jakobsson requires transmission of both an authentication code
`
`containing biometric information and a user name and/or other user identifying
`
`information, or the verifier won’t be able to authenticate the user at all. Jakobsson
`
`Tr., 103:10:19, 104:19-106:15; Jakobsson, [0004], [0021], [0097], [0112]. See
`
`Juels Dep., 128:17-129:11 (biometric information is sensitive and personal data;
`
`user address is personal information).
`
`B.
`
`The Reply Fails To Prove A POSITA Would Combine Jakobsson
`With Verbauwhede
`
`Claims 7, 14, 26 and 34 also require the first processor to “compare stored
`
`authentication information with the authentication of the user of the first handheld
`
`device” (cl. 7, 14) or to “compare stored biometric information for the first user
`
`with the first biometric information” (cl. 26, 34). Petitioner’s Reply fails to prove
`
`Jakobsson in view of Verbauwhede disclose this limitation. See Reply, 15-18.
`
`15
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`1.
`
`The Reply fails to prove Jakobsson Discloses Comparing
`
`The Reply argues Jakobsson discloses the limitation because it “expressly
`
`teaches that devices compare stored information with received information to
`
`authenticate a user . . . . and a POSITA would have understood that authenticating
`
`a user involves comparing a stored value against a received value.” Id., 16.
`
`Petitioner is incorrect.
`
`As explained
`
`in
`
`the Response, Jakobsson merely describes user
`
`authentication “based on information supplied to the authentication device 120 by
`
`the user 110.” Response, 44-45. Jakobsson does not explicitly disclose how
`
`authentication occurs, or whether the authentication mechanism compares stored
`
`authentication information with authentication information of the user, as required
`
`by the claims. Markus Decl., ¶81. Accordingly, Petitioner’s reliance upon [0005]
`
`is misplaced. Indeed, not only is that paragraph part of the background section of
`
`the reference, it specifically relates to computation performed by “a verifier,”
`
`which in the context of Jakobsson is not part of the device; therefore, this is not
`
`local authentication.
`
`While the Reply further argues that PO has failed to identify “a single viable
`
`alternative for conducting the claimed local authentication without comparing a
`
`16
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`stored value with a received value” (Reply, 16-17), that is not PO’s burden:
`
`Petitioner must show Jakobsson discloses the claimed comparison.
`
`Moreover, as noted in the Response, a device could authenticate a user in
`
`many ways depending on what type of authentication information was used.
`
`Response, 44-45. Indeed, there are various methods of performing password
`
`verification using two or more parties that do not involve comparisons. See
`
`Markus Decl., ¶81. For example, consider a situation in which the user device in
`
`Jakobsson either does not store the PIN, or only stores some parts of it (e.g., first
`
`two digits). It cannot verify the PIN by itself then. But it may be connected (e.g.,
`
`using radio such as Bluetooth or WiFi) to another device (say a phone) that stores
`
`the PIN or portions thereof. Together they can verify a received PIN. For
`
`instance, the device can verify the first two digits, then send the other two digits to
`
`the phone for comparison, and get back a yes/no. Alternatively, it can send the
`
`entire PIN and get back a yes/no. Alternatively, the phone may refuse to respond
`
`instead of saying “no.” If it responds, then the computation proceeds (without a
`
`comparison) and if there is a time-out (also not involving a comparison) then the
`
`software starts again. Yet other ways could involve performing a Zero-Knowledge
`
`protocol with another party, such as a phone, the user device and the other party
`
`determining whether the PIN is correct without either of them storing the PIN. Yet
`
`17
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`another way was published by Petitioner’s expert Dr. Juels. See Brainard, Juels, et.
`
`al., A New Two-Server Approach for Authentication with Short Secrets (Apr. 9,
`
`2003). See also Juels Dep., 116:8-16, 117:16-20, 117:25-118:3. The Reply
`
`therefore fails to prove a POSITA would combine Jakobsson with Verbauwhede.
`
`The Reply asserts Verbauwhede discloses the claimed comparison and a
`
`POSITA would combine it with Jakobsson. Reply, 17-19. As explained in the
`
`Response (45-49), Petitioner has failed to meet its burden of proof because
`
`Verbauwhede teaches away from Jakobsson. Specifically, Verbauwhede discloses
`
`a localized biometric authentication device (such as a thumbpod), “rather than a
`
`widespread distribution of biometric data to each financial institution, [which]
`
`allows for both psychological as well as cryptographic security.” Verbauwhede,
`
`[0079]. Verbauwhede describes such localization as the “unique system
`
`characteristics.” Id., [0089].
`
`In contrast, Jakobsson discloses not only
`
`transmitting biometric
`
`information to the second device but further discloses that biometric information
`
`is stored on the second device (or elsewhere) as that second device creates a
`
`second authentication code to compare to the code from the first device (i.e., a
`
`thumbpod). See Jakobsson, [0021], [0017], [0050], [0112], [0139]; see also
`
`Markus Decl., ¶¶85-86. Thus, to a POSITA, Verbauwhede’s localization of user
`
`18
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`data does not provide the same basic structure and function of Jakobsson, which
`
`uses stored user data in the second device. Id.
`
`In Reply, Petitioner argues “a POSITA would have understood that
`
`[Verbauwhede’s disclosure of comparison for local authentication] is easily
`
`separable from Verbauwhede’s remote authentication techniques.” Reply, 17.
`
`And, “USR does not, and cannot, identify any teaching that discourages the
`
`comparison of stored biometric information against received biometric information
`
`to authenticate a user. In fact, Verbauwhede, expressly advocates for it.” Id., 18.
`
`Petitioner is incorrect. A POSITA interested in password replacements, which is
`
`what Jakobsson discloses, would not have looked at Verbauwhede. See Markus
`
`Decl., ¶¶83-86. For one thing, based on the title, summary, cited prior art, etc.,
`
`there would be no reason a POSITA would have expected Verbauwhede to have a
`
`relevant answer to their question of how to improve Jakobsson. See id.
`
`III. PETITIONER FAILS TO PROVE CLAIMS 8 AND 15 ARE INVALID
`
`For claims 8 and 15, Petitioner alleges Gullman discloses “[a first device]
`
`configured to store respective biometric information for a second plurality of
`
`users.” See Reply, 19-20. However, as explained in the Response, Petitioner has
`
`failed to prove such disclosure as the limitation requires multiple distinguishable
`
`users and Gullman merely describes a token that can be used by multiple people
`
`19
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`having identical access to the same account. See Response, 49-51. Even
`
`assuming Gullman’s disclosure met the limitation, Petitioner has also failed to
`
`p
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
