`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`________________
`
`APPLE INC.
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC
`Patent Owner
`________________
`
`Case IPR2018-00813
`U.S. Patent No. 9,100,826
`________________
`
`PATENT OWNER’S SUR-REPLY TO PETITIONER’S REPLY
`
`
`
`TABLE OF CONTENTS
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Page
`
`PATENT OWNER’S LIST OF EXHIBITS ............................................................. II
`I.
`PETITIONER FAILS TO PROVE JAKOBSSON DISCLOSES
`“RETRIEVES OR RECEIVES” SECOND AUTHENTICATION
`INFORMATION (CLAIMS 1-20) .................................................................. 2
`PETITIONER FAILS TO PROVE CLAIMS 7, 14, 26 AND 34 ARE
`INVALID ......................................................................................................... 6
`A.
`The Reply Fails To Prove Jakobsson In View Of Maritzen
`Disclose Enabling Or Disabling ............................................................ 7
`1.
`The Reply fails to prove Maritzen discloses enabling or
`disabling ...................................................................................... 7
`The Reply fails to prove a POSITA would combine
`Jakobsson with Maritzen ............................................................. 9
`The Reply Fails To Prove A POSITA Would Combine
`Jakobsson With Verbauwhede ............................................................ 15
`1.
`The Reply fails to prove Jakobsson Discloses Comparing ....... 16
`PETITIONER FAILS TO PROVE CLAIMS 8 AND 15 ARE
`INVALID ....................................................................................................... 19
`A.
`The Reply Fails To Prove Gullman Discloses Storage For
`Multiple Distinguishable Users ........................................................... 20
`The Reply Fails To Prove a POSITA Would Be Motivated To
`Combine Jakobsson With Gullman ..................................................... 22
`STRONG EVIDENCE OF SECONDARY CONSIDERATIONS OF
`NON-OBVIOUSNESS COUNSEL DENIAL OF THE PETITION ............ 24
`CONCLUSION .............................................................................................. 25
`
`II.
`
`III.
`
`IV.
`
`V.
`
`2.
`
`B.
`
`B.
`
`i
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Ex. 2001
`
`Ex. 2002
`
`Ex. 2101
`
`Ex. 2102
`
`Ex. 2103
`
`Ex. 2104
`
`Ex. 2105
`
`Ex. 2106
`
`Ex. 2107
`
`Ex. 2108
`
`Ex. 2109
`
`Ex. 2110
`
`Ex. 2111
`
`Ex. 2112
`
`PATENT OWNER’S LIST OF EXHIBITS
`
`Declaration ISO Motion Pro Hac Vice Harold Barza.
`
`Declaration ISO Motion Pro Hac Vice Jordan Kaericher.
`
`Declaration of Dr. Markus Jakobsson ISO
`Patent Owner’s Response.
`
`Curriculum Vitae of Dr. Markus Jakobsson.
`
`Transcript of December 14, 2018 Deposition of Dr.
`Victor John Shoup.
`
`N. Asokan, et. al, The State of the Art in Electronic
`Payment Systems, IEEE Computer, Vol. 30, No. 9, pp.
`28-35 (IEEE Computer Society Press, Sept. 1997).
`
`M. Baddeley, Using E-Cash in the New Economy: An
`Economic Analysis of Micropayment Systems, J.
`Electronic Commerce Research, Vol. 5, No. 4, pp. 239-
`253 (Nov. 2004).
`
`U.S. Application No. 14/027,860.
`
`U.S. Application No. 11/677,490.
`
`U.S. Provisional Application No. 60/775,046.
`
`U.S. Provisional Application No. 60/812,279.
`
`U.S. Provisional Application No. 60/859,235.
`
`Declaration by Dr. Markus Jakobsson ISO Motion to
`Amend.
`
`U.S. District Court for Delaware Report and
`Recommendation.
`
`ii
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Ex. 2113
`
`Ex. 2114
`Ex. 2115
`
`Ex. 2116
`
`Declaration by Dr. Markus Jakobsson ISO Reply to
`MTA Opposition.
`
`Rough transcript of deposition of Dr. Ari Juels.
`Juels and Hubaux, “Privacy Is Dead; Long Live
`Privacy,” Communications of the ACM, Vol. 59, No. 6
`(June 2016))
`Brainard, Juels, et. al., A New Two-Server Approach for
`Authentication with Short Secrets (Apr. 9, 2003).
`
`iii
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Patent Owner Universal Secure Registry, L.L.C. (“PO”) submits this Sur-
`
`Reply in opposition to Apple Inc.’s (“Petitioner”) Reply (Paper 24, “Reply”) to
`
`PO’s Response (Paper 18, “Response”). Petitioner has failed to prove the
`
`challenged claims are invalid for at least four reasons.
`
`First, Petitioner has failed to demonstrate International Patent Application
`
`Publication No. WO 2004/051585 (“Jakobsson”) (Ex-1104) discloses “retrieves or
`
`receives” second authentication information (claims 1-20) because Jakobsson
`
`neither receives nor retrieves second authentication information; rather, it creates
`
`such information. “Creating” is a fundamentally different concept from “receiving
`
`or retrieving,” and Petitioner effectively asks the Board to rewrite the claim
`
`language (“retrieves or receives or creates”) to make up for Jakobsson’s
`
`shortcoming. It should decline to do so.
`
`Second, Petitioner has failed to prove Jakobsson in view of U.S. Patent
`
`Application Publication No. 2004/0236632 (“Maritzen”) (Ex-1105) disclose the
`
`limitation of enabling or disabling (cl. 7, 14, 26 and 24), or that a POSITA would
`
`be motivated to make such a combination. Further, Petitioner has failed to prove
`
`Jakobsson discloses “compar[ing]” stored authentication information, or that a
`
`POSITA would combine Jakobsson with International Patent Application
`
`Publication No. WO 2005/001751 (“Verbauwhede”) (Ex-1107).
`
`1
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Third, Petitioner has failed to prove U.S. Patent No. 5,280,527 (“Gullman”)
`
`(Ex-1106) discloses “[a first device] configured to store respective biometric
`
`information for a second plurality of users” (cl. 8, 15), or that a POSITA would
`
`combine Gullman with Jakobsson.
`
`Finally, the Reply has not rebutted PO’s strong evidence of secondary
`
`considerations of non-obviousness.
`
`I.
`
`PETITIONER FAILS TO PROVE JAKOBSSON DISCLOSES
`“RETRIEVES OR RECEIVES” SECOND AUTHENTICATION
`INFORMATION (CLAIMS 1-20)
`Claims 1 and 10 require a second device that retrieves or receives second
`
`authentication information. See ’826 Patent, cl. 1, 10. While Petitioner contends
`
`Jakobsson discloses this limitation, Petitioner’s arguments and citations on Reply
`
`continue to fail to meet the required burden of proof. See Reply, 5-9.
`
`As explained in the Response, Jakobsson’s second device (verifier) neither
`
`receives nor retrieves second authentication information; rather, it creates second
`
`authentication
`
`information
`
`to which
`
`it compares
`
`the first authentication
`
`information. These are fundamentally different processes in computer science.
`
`See Jakobsson [0118], [0050]; see also Ex-2101, Decl. of Dr. Markus Jakobsson
`
`ISO Response (“Markus Decl.”), ¶¶54-58. Among other things, a POSITA would
`
`understand the claimed “receiving” or “retrieving” to be from long-term
`
`2
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`memory/storage (such as RAM), and a POSITA would know there is no reason for
`
`Jakobsson’s verifier
`
`to store
`
`intermediate
`
`results
`
`(the accused second
`
`authentication code) in RAM or other related storage. Jakobsson only stores the
`
`created value within registers in the CPU, thus, not meeting the limitation. See
`
`Markus Decl., ¶¶57-58.
`
`In Reply, Petitioner proffers several flawed arguments. First, the Reply
`
`argues it is irrelevant whether Jakobsson’s data is stored in registers as it must be
`
`“retrieve[d] or receive[d]” to perform the authentication. Reply, 6. Relatedly,
`
`Petitioner contends there is no distinction between “retrieval or receipt” from long
`
`term memory such as RAM, and CPU registers—either technically or as required
`
`by the ’826 patent. Reply, 7. These arguments are simply wrong.
`
`The limitation at issue uses the terms “retrieve” and “receive.” The plain
`
`and ordinary meaning of these words are “to come into possession of: acquire //
`
`receive a gift” (https://www.merriam-webster.com/dictionary/receive), and “to
`
`locate and bring
`
`in” (https://www.merriam-webster.com/dictionary/retrieve),
`
`respectively. Both of these suggest a transfer from outside to an entity. CPU
`
`registers are not outside the CPU (the processor), as RAM is. See Markus Decl.,
`
`¶58. Therefore, these claim terms are not used to describe activity related to CPU
`
`registers. Id.
`
`3
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Further, there are only two ways of obtaining a value using a processor: To
`
`compute it (i.e., generate or create), or to get it from another place such as memory
`
`or a third party (i.e., the claimed retrieve or receive). Following Petitioner’s
`
`reasoning, computing a value requires getting that value from memory, meaning
`
`that there is no way to claim a process that generates a value without also using
`
`RAM, etc.
`
`There is also a very good reason from a design perspective that the claimed
`
`retrieve/receive relates to storage such as RAM, but read/fetch is used for access to
`
`registers. That is because the two operations are dramatically different.
`
`Read/fetch is a direct addressing method, whereas retrieving/receiving uses a
`
`complex mapping performed by a memory management unit (MMU). Read/fetch
`
`takes a known amount of time (typically one cycle), whereas retrieve/receive
`
`involves bus activity, and therefore potential bus congestion. Read/fetch is done
`
`by micro-instructions, whereas receive/retrieve is done by instructions. There is no
`
`pipelining for read/fetch, but there is for retrieve/receive.
`
`Second, the Reply argues Jakobsson discloses authentication procedures
`
`using “RAM, ROM, CPU registers, flash memory or any other common memory
`
`device.” Reply, 8. Relatedly, Petitioner argues Jakobsson’s verifier can be
`
`implemented on a computer interacting with one or more other computer programs
`
`4
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`on the same or different computers; thus, a POSITA would purportedly have
`
`understood the verifier could be configured to “retrieve or receive” the second
`
`authentication information from the “different” program or computer or from
`
`hardware. Id., 8-9. These arguments are incorrect.
`
`The authentication code in Jakobsson is generated anew for each time
`
`period/verification. See Markus Decl., ¶57. There is never a need by one entity to
`
`generate the code twice, and nothing is later derived from it in a later time
`
`period/verification session. Therefore, there is no need to store the code, whether
`
`for the device or the verifier. Thus, since it is not desirable to store it, there is no
`
`need to retrieve/receive.
`
`Finally, Petitioner’s argument is mere speculation. There are countless ways
`
`of dividing up computation between two entities and it does not have to be done as
`
`Petitioner suggests. Indeed, Jakobsson does not make such an explicit disclosure.
`
`In fact, one can even break up the generation of the function into different parts
`
`and divide up who does what. As a concrete example, instead of a single party
`
`adding a value 8 to an input, one party can add a number 3 and a second party can
`
`add the value 5. This is known as distributed computing, and is related to so-called
`
`secret sharing, a common cryptographic construction aimed at having sensitive
`
`computation performed by two or more parties, each one of which cannot perform
`
`5
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`the full computation by itself, and neither of which will be in full possession of any
`
`sensitive information used to perform the computation. For example, Petitioner’s
`
`expert, Dr. Ari Juels, discloses two-party password verification methods (that can
`
`also be used for verification of PINs). See, e.g., John Brainard, Ari Juels, et. al., A
`
`New Two-Server Approach for Authentication with Short Secrets (Apr. 9, 2003).
`
`He also admitted neither party knows the credential using such methods. See Ex-
`
`2114, Rough Dep. Tr. of Dr. Ari Juels (“Juels Dep.”) 115:12-25; see id., 116:8-16.
`
`Thus, Petitioner’s argument has no merit.
`
`II.
`
`PETITIONER FAILS TO PROVE CLAIMS 7, 14, 26 AND 34 ARE
`INVALID
`
`As explained in the Response, claims 7, 14, 26, and 34 add limitations that
`
`the first handheld device “enable or disable use of the first handheld device based
`
`on a result of the comparison” of: stored “authentication information” with
`
`“authentication information” of the user (claims 7 and 14); or stored “biometric
`
`information” with “biometric information” provided by the user (claims 26 and
`
`34). ’826 Patent, 45:14-20, 45:60-64, 47:7-12, 48:24-28. The Reply continues to
`
`fail to prove these claims are disclosed by Jakobsson in view of Maritzen and
`
`Verbauwhede. See Reply, 9-15.
`
`6
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`A.
`
`The Reply Fails To Prove Jakobsson In View Of Maritzen
`Disclose Enabling Or Disabling
`The Reply fails to prove Maritzen discloses enabling or
`disabling
`
`1.
`
`First, Petitioner disputes PO’s construction of the claims. 1 Importantly,
`
`Petitioner does not dispute the first handheld device must be capable of both
`
`enabling use and disabling use in different situations, but disputes only what it
`
`means to “disable use” of the device. Reply, 4-5. In particular, Petitioner disputes
`
`disabling use requires a change in the state of the device effecting a “reduction in
`
`functionality.” Id. 2 Yet, Petitioner’s own argument directly supports Patent
`
`Owner’s construction. Specifically, Petitioner asserts that to “disable” means “to
`
`make ineffective or inoperative” (Id., 5), but to make a device ineffective or
`
`inoperative necessarily requires a change in state (from a first state to a second
`
`ineffective/inoperative state) with reduced functionality. In contrast, a device that
`
`1 The Reply also disputes PO’s construction of “authentication information.”
`
`Reply, 1-4. For the reasons set forth in the Response, Petitioner is wrong.
`
`2 To the extent Petitioner suggests PO’s construction requires “completely
`
`disabling the device itself (e.g., turning the phone off)” (Reply, 5), to be clear, it
`
`does not. However, PO’s construction requires the device do more than simply
`
`remain in its preexisting, pre-disabled state.
`
`7
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`remains locked has not been made (or “rendered”) “ineffective or inoperative” (id.
`
`at 4-5), it simply remains in the same locked state. A POSITA would understand
`
`that disabling use requires more. See Response, 23-27.
`
`Second, Petitioner attempts to save its contention that Maritzen’s PTD
`
`“disable[s] use” by simply remaining locked. See Reply, 9. It does not. 3
`
`Maritzen’s PTD has a “PTD disabler manager” that “disable[s] PTD 100 if an
`
`invalid transaction message is received”; in contrast, the PTD simply remains
`
`locked in the event of an unsuccessful comparison of biometric information.
`
`Maritzen, [0066]. Petitioner asserts Maritzen “makes no distinction” between
`
`disabling and remaining locked (Reply, 10)--that is plainly wrong. If there were no
`
`distinction, then Maritzen would not have devoted numerous paragraphs to explain
`
`the “PTD disabler manager” and the circumstances in which the PTD may be
`
`disabled, yet not once describe disabling the PTD in the event of an unsuccessful
`
`comparison of biometric information.
`
`In fact, there are clear distinctions between disabling and remaining locked.
`
`For example, Maritzen teaches “the invalid transaction message disables the PTD
`
`3 The Board should find Petitioner has failed to meet its burden even if it does not
`
`adopt PO’s claim construction, as long as it agrees that to “disable use” requires
`
`more than simply remaining in a locked state.
`
`8
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`100 … such that the user may not access PTD 100.” Maritzen, [0056]. Hence, at a
`
`minimum, disabling the PTD changes the PTD from an unlocked state (in which
`
`the user has access to the PTD)4 to a locked state (in which the user may not access
`
`the PTD).5 In contrast, in the event of an unsuccessful comparison of biometric
`
`information, Maritzen’s PTD begins and remains in the same locked stated through
`
`the entire process. There is no reduction in functionality. The PTD does not
`
`disable any use.
`
`2.
`
`The Reply fails to prove a POSITA would combine Jakobsson
`with Maritzen
`
`As set
`
`forth
`
`in
`
`the Response, even
`
`if Maritzen disclosed
`
`the
`
`enabling/disabling limitation, Petitioner has failed to prove a POSITA would be
`
`motivated to combine it with Jakobsson for at least three reasons: the combination
`
`would remove key components of Jakobsson; it would change the basic principles
`
`4 The PTD must be in an unlocked state in order to conduct a transaction and
`
`receive an invalid transaction message. Maritzen, [0042]-[0056], [0087]-[0104].
`
`5 Moreover, if the PTD is disabled, the user “may not access” the PTD, meaning
`
`the user cannot unlock the device, even if the correct biometric information is
`
`supplied. Maritzen, [0055]-[0056]. In contrast, if the PTD is merely locked, the
`
`user can still unlock it by supplying the correct biometric information. Id., [0044].
`
`9
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`under which Jakobsson was designed to operate; and/or it would render the
`
`reference inoperable for its intended purpose. See Markus Decl., ¶67. The Reply
`
`has failed to prove otherwise.
`
`As explained in the Response, Jakobsson improved upon the prior art “by
`
`including an indication of the occurrence of an event directly into the efficient
`
`computation of an identity authentication code,” while the device remained in a
`
`state where it can be used. See Jakobsson, [0010], [0015]; see Markus Decl., ¶69;
`
`Response, 37. Adding Maritzen’s alleged disabling function to Jakobsson would
`
`eliminate this key functionality. Markus Decl., ¶69.
`
`The Reply argues Jakobsson discloses embodiments where “the event state
`
`is not necessarily reported when local authentication fails,” and allegedly
`
`Jakobsson teaches if authentication fails, “the device can be disabled.” Reply, 10-
`
`11 (citing Jakobsson, [0015]). This corresponds to what Jakobsson refers to as
`
`overt communication (Jakobsson, [0019].) The disclosure also describes covert
`
`communication of an event state, which corresponds to situations in which an
`
`attacker cannot determine that an alert is conveyed by a compromised device. See,
`
`e.g., Jakobsson, [0019], [0088]. The background section of Jakobsson highlights
`
`the problem addressed by the disclosure, “Many tamper resistant hardware designs
`
`are available, however, new attacks are frequently developed to thwart tamper
`
`10
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`resistance. Further, current tamper resistant designs do not provide verifiers,
`
`authentication systems, system administrators, or another relevant authority with
`
`any indication that the token has been tampered with.” Id., [0008]. It is clear that
`
`if the attacker would be able to determine that a token has registered being
`
`tampered with, he can avoid conveying the corresponding authentication code to
`
`the verifier, to avoid detection. See Juels Dep., 125:8-14, 18-23, 126: 16-23.
`
`Therefore, covert communication of alerts is important in Jakobsson.
`
`Jakobsson further explains there are “funkspiel schemes whereby a device
`
`can indicate to a verifier that tampering has occurred, without revealing to an
`
`adversary whether the tampering has been detected,” but that the prior art “does
`
`not provide any method for efficiently verifying a single authentication code
`
`among those over a very long period of time, without substantial computation by
`
`the verifier.” Id., [0009]. In the very next paragraph, Jakobsson clarifies the scope
`
`of the disclosed invention: “The invention addresses these shortcomings by
`
`including an indication of the occurrence of an event directly into the efficient
`
`computation of an identity authentication code, where the verifier may efficiently
`
`verify the authentication code and identify the signaling of an event state.” Id.,
`
`[0010].
`
`11
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`A POSITA reading these paragraphs from Jakobsson would have understood
`
`the primary goal is to generate covert token codes. See id., [0019] (“Covert
`
`communication may be beneficial because it can be used to report the occurrence
`
`of an event without an attacker becoming aware of the report.”). Therefore, a
`
`POSITA would have known security sensitive event information would be
`
`intended to be conveyed covertly by Jakobsson, while non-sensitive information
`
`(e.g., battery state) could be conveyed overtly. See id., [0019] (“Overt
`
`communication may be beneficial in that it allows a general observer to become
`
`informed about state information.”). The information the Petitioner argues could
`
`be conveyed overtly, though, is sensitive, which makes no sense to do in
`
`Jakobsson, and is contrary to the very goal of the disclosure. See Juels Dep.,
`
`130:21-24 (“The protection of sensitive personal data has always been relevant to
`
`society. It’s mentioned in the Hippocratic Oath.”).
`
`The Reply further argues the references have only “superficial differences”
`
`that would not have dissuaded a POSITA from making the alleged combination.
`
`Reply, 11-15. Again, the Reply has failed to meet its burden of proof on this issue.
`
`As it did in the Petition, the Reply adopts an overbroad view of the
`
`references, alleging both “are directed toward secure financial transactions that
`
`address the issue of electronic fraud.” Id., 12. However, as explained in the
`
`12
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Response, Jakobsson and Maritzen are directed to entirely different fields and
`
`problems, and as such their structure and function are different. See Response, 39-
`
`41; Markus Decl., ¶74. Maritzen is directed at solving problems associated with
`
`“the collection of fees at vehicle-accessed payment gateways such as toll booths.”
`
`Maritzen, [0002-0003]. In contrast, Jakobsson discloses a personal (as opposed to
`
`vehicle) event detecting and alert system (as opposed to anonymous real-time
`
`settlement of financial transactions). Jakobsson, [0010-0011]; Markus Decl., ¶¶75-
`
`76.
`
`The Reply also contends the Response “misunderstand[s] that Jakobsson is
`
`the primary reference.” Reply, 12-13. There is no such misunderstanding. PO
`
`discussed the proposed combination in both the specific combination proffered
`
`(adding Maritzen’s enabling/disabling feature to Jakobsson) and in the general
`
`view of whether a POSITA would even consider looking to a reference such as
`
`Maritzen to add features to Jakobsson (e.g., consider a PIN-less vehicle payment
`
`reference to apply to an invention disclosing a personal event detection system that
`
`utilizes PIN numbers).
`
`Petitioner further disputes Maritzen’s goal of anonymity would conflict with
`
`Jakobsson’s disclosure of sharing authentication information. Id., 13-15. In
`
`particular, the Reply argues “a POSITA would understand that there are many
`
`13
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`levels of anonymity that may disclose varying levels of user information” and that
`
`“at most, Maritzen advises against sending unprotected user information, and is
`
`compatible with Jakobsson’s teachings, which disclose the encryption or
`
`obfuscation of user information.” Id., 14. Petitioner is wrong. See, e.g., Maritzen,
`
`[0044] (“The biometric information identifying the user is not transmitted at
`
`any time.”), [0090] (“No user information is transmitted”).
`
`In fact, as explained by Petitioner’s expert Dr. Juels in a 2016 publication he
`
`authored, there are substantial risks associated with conveying sensitive data:
`
`“Sensitive data might be collected by a benevolent party for a purpose that is
`
`acceptable to a user, but later fall into dangerous hands, due to political pressure, a
`
`breach, and other reasons.” Juels and Hubaux, “Privacy Is Dead; Long Live
`
`Privacy,” Communications of the ACM, Vol. 59, No. 6 (June 2016)). See also
`
`Juels, Dep., 128:17-129:11. This was also true and well understood at the time
`
`Jakobsson and Maritzen, respectively, were filed. Id., 129:24-130:12, 130:21-24.
`
`Privacy is an important aspect of Maritzen, and Maritzen protects sensitive
`
`data, such as biometric information, using a privacy card, e.g., “Privacy card 110
`
`only transmits the biometric key. The biometric information identifying the
`
`user is not transmitted at any time. The biometric key is used to unlock PTD
`
`100 and to gain authorization of the financial transaction.” Maritzen, [0044].
`
`14
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`Maritzen further states, “In one embodiment, PTD 100 transmits the
`
`transaction key via communication link 150 to VAPGT 120. PTD 100 does not
`
`transmit any user information to VAPGT 120.” Id., [0045]. And, it discloses
`
`that, “No user information is transmitted to VAPGT 120.” Id., [0090]. Also,
`
`“Thus, VAPGT 120 does not obtain information as to who the user is, who the
`
`financial processor 140 is, or the account being used. Thus the privacy of both
`
`the user and the financial processor is maintained.” Id., [0101]. In direct
`
`contrast, Jakobsson requires transmission of both an authentication code
`
`containing biometric information and a user name and/or other user identifying
`
`information, or the verifier won’t be able to authenticate the user at all. Jakobsson
`
`Tr., 103:10:19, 104:19-106:15; Jakobsson, [0004], [0021], [0097], [0112]. See
`
`Juels Dep., 128:17-129:11 (biometric information is sensitive and personal data;
`
`user address is personal information).
`
`B.
`
`The Reply Fails To Prove A POSITA Would Combine Jakobsson
`With Verbauwhede
`
`Claims 7, 14, 26 and 34 also require the first processor to “compare stored
`
`authentication information with the authentication of the user of the first handheld
`
`device” (cl. 7, 14) or to “compare stored biometric information for the first user
`
`with the first biometric information” (cl. 26, 34). Petitioner’s Reply fails to prove
`
`Jakobsson in view of Verbauwhede disclose this limitation. See Reply, 15-18.
`
`15
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`1.
`
`The Reply fails to prove Jakobsson Discloses Comparing
`
`The Reply argues Jakobsson discloses the limitation because it “expressly
`
`teaches that devices compare stored information with received information to
`
`authenticate a user . . . . and a POSITA would have understood that authenticating
`
`a user involves comparing a stored value against a received value.” Id., 16.
`
`Petitioner is incorrect.
`
`As explained
`
`in
`
`the Response, Jakobsson merely describes user
`
`authentication “based on information supplied to the authentication device 120 by
`
`the user 110.” Response, 44-45. Jakobsson does not explicitly disclose how
`
`authentication occurs, or whether the authentication mechanism compares stored
`
`authentication information with authentication information of the user, as required
`
`by the claims. Markus Decl., ¶81. Accordingly, Petitioner’s reliance upon [0005]
`
`is misplaced. Indeed, not only is that paragraph part of the background section of
`
`the reference, it specifically relates to computation performed by “a verifier,”
`
`which in the context of Jakobsson is not part of the device; therefore, this is not
`
`local authentication.
`
`While the Reply further argues that PO has failed to identify “a single viable
`
`alternative for conducting the claimed local authentication without comparing a
`
`16
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`stored value with a received value” (Reply, 16-17), that is not PO’s burden:
`
`Petitioner must show Jakobsson discloses the claimed comparison.
`
`Moreover, as noted in the Response, a device could authenticate a user in
`
`many ways depending on what type of authentication information was used.
`
`Response, 44-45. Indeed, there are various methods of performing password
`
`verification using two or more parties that do not involve comparisons. See
`
`Markus Decl., ¶81. For example, consider a situation in which the user device in
`
`Jakobsson either does not store the PIN, or only stores some parts of it (e.g., first
`
`two digits). It cannot verify the PIN by itself then. But it may be connected (e.g.,
`
`using radio such as Bluetooth or WiFi) to another device (say a phone) that stores
`
`the PIN or portions thereof. Together they can verify a received PIN. For
`
`instance, the device can verify the first two digits, then send the other two digits to
`
`the phone for comparison, and get back a yes/no. Alternatively, it can send the
`
`entire PIN and get back a yes/no. Alternatively, the phone may refuse to respond
`
`instead of saying “no.” If it responds, then the computation proceeds (without a
`
`comparison) and if there is a time-out (also not involving a comparison) then the
`
`software starts again. Yet other ways could involve performing a Zero-Knowledge
`
`protocol with another party, such as a phone, the user device and the other party
`
`determining whether the PIN is correct without either of them storing the PIN. Yet
`
`17
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`another way was published by Petitioner’s expert Dr. Juels. See Brainard, Juels, et.
`
`al., A New Two-Server Approach for Authentication with Short Secrets (Apr. 9,
`
`2003). See also Juels Dep., 116:8-16, 117:16-20, 117:25-118:3. The Reply
`
`therefore fails to prove a POSITA would combine Jakobsson with Verbauwhede.
`
`The Reply asserts Verbauwhede discloses the claimed comparison and a
`
`POSITA would combine it with Jakobsson. Reply, 17-19. As explained in the
`
`Response (45-49), Petitioner has failed to meet its burden of proof because
`
`Verbauwhede teaches away from Jakobsson. Specifically, Verbauwhede discloses
`
`a localized biometric authentication device (such as a thumbpod), “rather than a
`
`widespread distribution of biometric data to each financial institution, [which]
`
`allows for both psychological as well as cryptographic security.” Verbauwhede,
`
`[0079]. Verbauwhede describes such localization as the “unique system
`
`characteristics.” Id., [0089].
`
`In contrast, Jakobsson discloses not only
`
`transmitting biometric
`
`information to the second device but further discloses that biometric information
`
`is stored on the second device (or elsewhere) as that second device creates a
`
`second authentication code to compare to the code from the first device (i.e., a
`
`thumbpod). See Jakobsson, [0021], [0017], [0050], [0112], [0139]; see also
`
`Markus Decl., ¶¶85-86. Thus, to a POSITA, Verbauwhede’s localization of user
`
`18
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`data does not provide the same basic structure and function of Jakobsson, which
`
`uses stored user data in the second device. Id.
`
`In Reply, Petitioner argues “a POSITA would have understood that
`
`[Verbauwhede’s disclosure of comparison for local authentication] is easily
`
`separable from Verbauwhede’s remote authentication techniques.” Reply, 17.
`
`And, “USR does not, and cannot, identify any teaching that discourages the
`
`comparison of stored biometric information against received biometric information
`
`to authenticate a user. In fact, Verbauwhede, expressly advocates for it.” Id., 18.
`
`Petitioner is incorrect. A POSITA interested in password replacements, which is
`
`what Jakobsson discloses, would not have looked at Verbauwhede. See Markus
`
`Decl., ¶¶83-86. For one thing, based on the title, summary, cited prior art, etc.,
`
`there would be no reason a POSITA would have expected Verbauwhede to have a
`
`relevant answer to their question of how to improve Jakobsson. See id.
`
`III. PETITIONER FAILS TO PROVE CLAIMS 8 AND 15 ARE INVALID
`
`For claims 8 and 15, Petitioner alleges Gullman discloses “[a first device]
`
`configured to store respective biometric information for a second plurality of
`
`users.” See Reply, 19-20. However, as explained in the Response, Petitioner has
`
`failed to prove such disclosure as the limitation requires multiple distinguishable
`
`users and Gullman merely describes a token that can be used by multiple people
`
`19
`
`
`
`Case No. IPR2018-00813
`U.S. Patent No. 9,100,826
`
`having identical access to the same account. See Response, 49-51. Even
`
`assuming Gullman’s disclosure met the limitation, Petitioner has also failed to
`
`p