Filed on behalf of: Visa Inc. and Visa USA Inc.
`By: Matthew A. Argenti
`
`Michael T. Rosato
`WILSON SONSINI GOODRICH & ROSATI
`650 Page Mill Road
`Palo Alto, CA 94304-1050
`
`
`
`
`
`
`
`
`
`Paper No. ____
`Filed: August 12, 2019
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`_____________________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`_____________________________
`
`VISA INC. and VISA U.S.A. INC.,
`Petitioners,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC,
`Patent Owner.
`_____________________________
`
`Case No. IPR2018-01350
`Patent No. 8,856,539
`_____________________________
`
`
`PETITIONERS’ OPPOSITION TO PATENT OWNER’S
`CONDITIONAL MOTION TO AMEND
`
`

`

`
`
`TABLE OF CONTENTS
`
`Page
`
`I. 
`
`II. 
`
`III. 
`
`PO SEEKS TO DOUBLE THE NUMBER OF SUBSTITUTE
`CLAIMS AND PRESENTS IRRECONCILABLE CONFLICT WITH
`A PARALLEL IPR PROCEEDING ................................................................ 1 
`PO IMPROPERLY REINTRODUCES DISCLAIMED SUBJECT
`MATTER TO AMEND SUBSTITUTE CLAIM 52 ........................................ 2 
`PO’S PROPOSED SUBSTITUTE CLAIMS LACK WRITTEN
`DESCRIPTION SUPPORT ............................................................................. 3 
`A. 
`PO’s proposed limitations 39[c], 48[a], 51[d], and 52[pre] lack
`written description support for a lack of communication
`between the secure registry system and the entity ................................ 3 
`PO’s proposed limitations 46[b] and 52[c] lack written
`description support for an entity having been verified using a
`biometric ................................................................................................ 5 
`PO’s proposed limitations 40[b] and 46[d] lack written
`description support for mapping the time-varying
`multicharacter code to an identity of the entity using the time
`value ...................................................................................................... 7 
`PO’s proposed limitation 51[b] lack written description support
`for a training process involving multiple entities .................................. 7 
`IV.  THE SUBSTITUTE CLAIMS ARE OBVIOUS IN VIEW OF THE
`PRIOR ART ..................................................................................................... 8 
`A. 
`Brener discloses claim limitations 39[b], 46[a], 51[c], and 52[b] ........ 8 
`B. 
`Brener and Desai disclose claim limitations 39[c], 48[a], 51[d],
`and 52[pre] ............................................................................................ 9 
`Desai and Pare disclose claim limitations 39[e] and 47[b] ................. 10 
`Pare discloses claim limitations 39[h], 46[b], and 52[c] ..................... 11 
`The combination of Brener and Schneier discloses claim
`limitations 40[b] and 46[c] .................................................................. 11 
`-i-
`
`B. 
`
`C. 
`
`D. 
`
`C. 
`D. 
`E. 
`
`

`

`
`
`F. 
`
`V. 
`
`G. 
`H. 
`I. 
`
`The combination of Brener and Schneier discloses claim
`limitations 40[b] and 46[d] .................................................................. 13 
`Brener discloses claim limitation 51[b] .............................................. 14 
`Brener discloses claim limitation 52[f] and 52[g] .............................. 14 
`Substitute claim 51 is obvious in view of Brener, Desai, and
`Weiss ................................................................................................... 15 
`Substitute claims 39, 41-45, and 52 are obvious in view of
`Brener, Desai, Weiss, and Pare ........................................................... 17 
`Substitute claims 39, 40 and 46-50 are obvious in view of
`Brener, Desai, Schneier, and Pare ....................................................... 19 
`THE SUBSTITUTE CLAIMS DO NOT RECITE PATENT-
`ELIGIBLE SUBJECT MATTER .................................................................. 21 
`A. 
`Alice Step 1: The substitute claims are directed to an abstract
`idea ...................................................................................................... 21 
`Alice Step 2: The remaining limitations of the substitute claims
`add nothing inventive to the abstract idea ........................................... 23 
`VI.  THE PROPOSED SUBSTITUTE CLAIMS ARE INDEFINITE ................. 24 
`A. 
`The phrase “for providing information to a provider…without
`providing account identifying information to the provider” is
`indefinite .............................................................................................. 24 
`The added limitations “validate” and “verify” are indefinite ............. 25 
`B. 
`VII.  CONCLUSION .............................................................................................. 25 
`VIII.  APPENDIX – LIST OF EXHIBITS .............................................................. 26 
`
`J. 
`
`K. 
`
`B. 
`
`-ii-
`
`

`

`
`
`Visa Inc. and Visa U.S.A. Inc., (together, “Petitioner”) hereby oppose Patent
`
`Owner Universal Secure Registry LLC’s (“PO”) Conditional Motion to Amend
`
`(“CMTA,” Paper 13). PO fails to meet its burden to show that it proposes a
`
`reasonable number of substitute claims and that the proposed amendments are
`
`supported by the specification, and fails to satisfy its duty of candor in seeking to
`
`recapture disclaimed subject matter. Moreover, PO’s amendments do not avoid
`
`unpatentability. The substitute claims are obvious, directed to ineligible subject
`
`matter, and indefinite.
`
`I.
`
`PO SEEKS TO DOUBLE THE NUMBER OF SUBSTITUTE CLAIMS
`AND PRESENTS IRRECONCILABLE CONFLICT WITH A
`PARALLEL IPR PROCEEDING
`PO’s CMTA proposes an unreasonable number of substitute claims in light
`
`of PO’s pending Conditional Motion to Amend in IPR2018-00812, initiated by
`
`Apple Inc. (“Apple CMTA,” Paper 21), in which PO requests substitutes for
`
`original claims 1-3, 16, 21-24, and 38. PO must limit amendments to “a reasonable
`
`number of substitute claims.” 35 U.S.C. §316(d); 37 C.F.R. § 42.121(a)(3). Yet
`
`PO’s present CMTA requests substitutes for original claims 1-4, 9, 16, 21-25, 31,
`
`37, and 38, resulting in at least two substitute claims for original claims 1-3, 16,
`
`21-24, and 38. Petitioner is prejudiced by PO’s attempt to circumvent this
`
`proceeding by requesting amendment of challenged claims in another proceeding
`
`in which Petitioner is unable to respond.
`
`
`
`-1-
`
`

`

`
`
`PO’s CMTA entirely disregards its proposed amendments in the Apple
`
`CMTA, failing to explain how the Board can resolve this motion in PO’s favor
`
`without creating an irreconcilable conflict with the parallel proceeding. If the
`
`Board grants PO’s Apple CMTA prior to a decision on PO’s present CMTA, then
`
`PO’s present CMTA must be denied as moot, and Visa will have had no
`
`opportunity to be heard. However, if the Board denies PO’s Apple CMTA, PO will
`
`be precluded from obtaining “a claim that is not patentably distinct.” 37 C.F.R.
`
`§ 42.73(d)(3)(i). PO’s motion makes no effort to explain whether the requested
`
`amendments are patentably distinct from those sought in the Apple CMTA.
`
`II.
`
`PO IMPROPERLY REINTRODUCES DISCLAIMED SUBJECT
`MATTER TO AMEND SUBSTITUTE CLAIM 52
`“[W]here a party assumes a certain position in a legal proceeding, … he may
`
`not thereafter, simply because his interests have changed, assume a contrary
`
`position.” New Hampshire v. Maine, 532 U.S. 742, 749 (2001) (citation omitted).
`
`In CBM2018-00023, PO avoided institution by disclaiming claims 5-8, 17-20, and
`
`26-30 of the ’539 patent. Apple Inc. v. USR, LLC, CBM2018-00023, Paper 10,
`
`(Sept. 13, 2018). Yet now PO improperly seeks to reintroduce subject matter
`
`plainly directed to covered business methods it disclaimed in CBM2018-00023.
`
`PO’s substitute limitations 52[f] and 52[g] recite “a public ID code that identifies a
`
`financial account number” and that can be used “to obtain the financial account
`
`number associated with the entity.” PO also disclaimed a nearly identical “public
`
`-2-
`
`

`

`
`
`ID code” limitation in related proceedings for U.S. Patent No. 9,530,137. See
`
`IPR2018-00809, Ex-2003; CBM2018-00022, Ex-2001.
`
`Despite reintroducing disclaimed subject matter, PO’s CMTA fails to
`
`disclose its prior disclaimers. By reintroducing these limitations now, PO has
`
`effected an end-run around the CBM review process. Though PO owed a duty of
`
`candor in its CMTA, it failed to disclose its prior inconsistent positions before the
`
`Board. See 37 C.F.R. §42.11; Lectrosonics, Inc. v. Zaxcom, Inc., IPR2018-01129,
`
`Paper No. 15, 9-10 (Feb. 25, 2019) (precedential). Accordingly, the Board should
`
`dismiss PO’s CMTA because PO violated its duty of candor.
`
`PO is also estopped from amending its claims to incorporate the subject
`
`matter of the disclaimed claims because its current position is inconsistent with its
`
`earlier positions. See New Hampshire, 532 U.S. at 750. PO would derive an unfair
`
`advantage if not estopped because it avoided institution of the -023 CBM
`
`altogether based on its disclaimer. See id., 751. Thus, the Board should not permit
`
`PO to reap the benefit of its inconsistent and misleading positions.
`
`III. PO’S PROPOSED SUBSTITUTE CLAIMS LACK WRITTEN
`DESCRIPTION SUPPORT
`A.
`PO’s proposed limitations 39[c], 48[a], 51[d], and 52[pre] lack
`written description support for a lack of communication between
`the secure registry system and the entity
`
`PO’s proposed limitations 39[c], 48[a], 51[d], and 52[pre] require that the
`
`transaction request be received by the universal secure registry (“USR”) system
`
`-3-
`
`

`

`
`
`without communications, terminating communications, or without
`
`establishing/maintaining communications between the USR system and the entity.
`
`PO fails to establish that these limitations are supported by the cited priority
`
`documents. Ex-1021, ¶¶21-30.
`
`The specifications do not describe or require a lack of communications
`
`between the USR system and the entity while receiving the transaction request or
`
`enabling the transaction as required by proposed limitations 39[c], 48[a], 51[d],
`
`and 52[pre]. Ex-1021, ¶22; see also Ex-1001; Ex-2008; Ex-2009.
`
`Although Dr. Jakobsson asserts that “the secure registry system does not
`
`communicate with the entity on whose behalf a transaction is being performed,” he
`
`provides no support. Ex-1021, ¶23; see also Ex-2010, ¶38. Instead, he broadly cites
`
`to Ex-2008, 16:28-20:15, Figs. 7-10, none of which states or discloses that no
`
`communications take place between the entity and the USR system. Id.
`
`In fact, instead of teaching a lack of communications between the USR
`
`system and the entity, the specification teaches at least two ways in which the
`
`entity communicates with the USR system before and during the transaction
`
`process. Ex-1021, ¶24.
`
`First, the specification explains that the user communicates with the USR
`
`system during the training process when the user enters data into the USR database
`
`and specifies access restrictions. Ex-1021, ¶¶25-26; Ex-2008, 15:1-4 (“For each
`
`-4-
`
`

`

`
`
`type of data entered, the person is asked to specify the type of access restrictions
`
`and/or whom should be allowed to access the advanced personal data (510).”),
`
`14:20-21, Fig. 5, 14:29-15; Ex-2009, 15:11-12, 15:20-26.
`
`Second, the user communicates with the USR system when it verifies its
`
`identity. Ex-1021, ¶27. The specifications explain that the user verifies its identity
`
`using a biometric via the user’s device. Ex-2008, 5:16-19; Ex-2009, 5:31-6:5. The
`
`user’s device must thus communicate with the USR because the biometric
`
`verification information is stored in the USR database. Ex-2008, 12:20-24; Ex-
`
`2009, 13:7-11. Similarly, the user generates and communicates its time-varying
`
`code to the USR system during the transaction to identify itself. Ex-2008, 17:4-13;
`
`Ex-2009, 17:29-18:8; see also Ex-2008, 17:28-18:9; Ex-2009, 18:23-19:5.
`
`As acknowledged by PO, communications with the USR system may be
`
`either direct or indirect. CMTA, 4-5 (“[A] merchant … communicates with the
`
`secure registry system either directly or indirectly through a third party.”)
`
`(emphasis added). Thus, even where the user communicates with the USR system
`
`indirectly via the merchant, it is still actively communicating with the USR system.
`
`Ex-1021, ¶29.
`
`B.
`
`PO’s proposed limitations 46[b] and 52[c] lack written description
`support for an entity having been verified using a biometric
`
`Claim limitations 46[b] and 52[c] lack written support for an identity of the
`
`entity having been verified using a biometric. Neither the cited priority documents
`
`-5-
`
`

`

`
`
`nor the ’539 patent contemplate the entity “having been verified” or “having had
`
`its identity verified” using a biometric prior to the USR system receiving the
`
`transaction request. See Ex-2008; Ex-2009; Ex-1021, ¶¶31-36.
`
`The specification contains no express disclosure regarding the timing of the
`
`biometric verification of the user. See Ex-2008; Ex-2009; Ex-1021, ¶32. Although
`
`Dr. Jakobsson discusses verifying an identity of an entity, he does not discuss the
`
`timing of verification in relation to the timing of the USR system receiving the
`
`transaction request. Ex-1021, ¶33; Ex-2010, ¶¶36, 48, 65, 94.
`
`Moreover, a POSITA would understand that the verification using a
`
`biometric would be performed during and not before the transaction, as is done for
`
`the verification performed using the time-varying multicharacter code. Ex-2008,
`
`11:25-29, 12:20-22; Ex-2009, 12:11-15, 13:7-9; see also Ex-2008, 12:6-9; Ex-
`
`2009, 12:23-26. Ex-1021, ¶34. As explained in the specification, the user’s device
`
`sends the generated time-varying multicharacter code after it initiates the
`
`transaction. Ex-2008, 17:4-13; Ex-2009, 17:29-18:8 (same). Although the timing
`
`of the biometric verification is not specifically disclosed, a POSITA would have
`
`more reasonably understood that the verification using a biometric would likewise
`
`be performed after the user initiates the transaction and the USR system receives
`
`the transaction request, as is done with verification using the time-varying
`
`multicharacter code. Ex-1021, ¶35.
`
`-6-
`
`

`

`
`
`C.
`
`PO’s proposed limitations 40[b] and 46[d] lack written
`description support for mapping the time-varying multicharacter
`code to an identity of the entity using the time value
`
`PO does not establish that the cited priority documents disclose limitations
`
`40[b] and 46[d] for “mapping the time-varying multicharacter code to an identity
`
`of the entity using the time-varying multicharacter code and the time value.” Ex-
`
`1021, ¶¶37-41. The only references to a “time value” are when the merchant
`
`transmits the time of receipt of the code or when the USR system extracts a time
`
`value. See, e.g., 17:7-11, 19:28-29, 19:29-31; Ex-2009, 19:1-5, 20:26-27, 20:27-
`
`29. But the applications are silent on any use of the time value after receipt and
`
`extraction. See id.; see also generally Ex-2008; Ex-2009.
`
`While no purpose for the time value is expressly described in the
`
`specifications, to the extent USR argues a purpose is implicit, a POSITA would not
`
`have understood it to be mapping to the user’s identity. Ex-1021, ¶40. A more
`
`plausible purpose would be to determine if the code is expired. Confirming that the
`
`code is not expired by comparing the extracted time value to the current time does
`
`not constitute mapping to the identity of the entity. Ex-1021, ¶40.
`
`D.
`
`PO’s proposed limitation 51[b] lack written description support
`for a training process involving multiple entities
`
`The specifications do not disclose proposed claim limitation 51[b], which
`
`requires “a training process by establishing communications between the secure
`
`registry system and the entities.” See Ex-2008; Ex-2009; Ex-1021, ¶¶42-47.
`
`-7-
`
`

`

`
`
`Although Dr. Jakobsson discusses a single training process between the secure
`
`registry and a single entity, he does not cite a single training process between the
`
`secure registry and multiple entities as the substitute claim requires. See, e.g., Ex-
`
`2010, ¶38 (“[T]he ’729 Application describes a training process where a person,
`
`such as the entity for whom a transaction may later be performed….”) (emphasis
`
`added), ¶83; see also Ex-1021, ¶44;. The specifications do not describe a training
`
`process involving multiple entities, rather they merely teach individual training by
`
`an individual entity. Ex-1021, ¶45; Ex-2008, 14:1-2 (“As shown in Fig. 5, the USR
`
`software 18 first validates the person’s identification (500).”); see also id. 14:20-
`
`21, 14:24-26, 15:1-4; Ex-2009, 14:22-24, 15:15-17, 15:23-26.
`
`IV. THE SUBSTITUTE CLAIMS ARE OBVIOUS IN VIEW OF THE
`PRIOR ART
`A. Brener discloses claim limitations 39[b], 46[a], 51[c], and 52[b]
`
`The addition of “from the provider” in proposed claim limitations 39[b],
`
`46[a], 51[c] and 52[b] does not make the claims non-obvious. Ex-1021, ¶¶52-55.
`
`Brener discloses that the secure provider computer (i.e., secure registry) receives a
`
`transaction request and the customer object from the vendor (i.e., provider) once
`
`the customer is orders goods at the vendor web site. Ex-1021, ¶54; Ex-1005, 2:19-
`
`3:11 (“…sending the transaction identifier together with the customer object to the
`
`secure computer by the vendor computer….”) (emphasis added), 14:5-22.
`
`-8-
`
`

`

`
`
`B.
`
`Brener and Desai disclose claim limitations 39[c], 48[a], 51[d], and
`52[pre]
`
`Brener and Desai render obvious substitute limitations 39[c], 48[a], 51[d],
`
`and 52[pre]. Ex-1021, ¶¶56-60. As discussed above, the ’539 patent does not
`
`provide written description support for the USR system receiving the transaction
`
`request without the USR system communicating with the entity. See discussion
`
`supra Section III.B. However, to the extent the ’539 patent is deemed to support
`
`this limitation despite its disclosure of (1) a pre-transaction training process in
`
`which the user communicates directly with the secure registry, and (2) the user
`
`sending verification information through the vendor to the secure registry when
`
`requesting a transaction, then Brener likewise discloses this limitation. Ex-1021,
`
`¶57.
`
`Brener discloses that the transaction identifier and the customer object are
`
`sent to the secure provider by the vendor. Ex-1021, ¶58; Ex-1005, 2:19-3:11
`
`(“…sending the transaction identifier together with the customer object to the
`
`secure computer by the vendor computer….”). Because Brener discloses sending
`
`the transaction request information to the secure computer by the vendor, rather
`
`than the customer, Brener discloses this limitation. Ex-1021, ¶59.
`
`Desai also discloses that a request from the third party, such as a merchant,
`
`is received by the information exchange system without communications between
`
`the information exchange system and the registered user. Ex-1021, ¶59. For
`
`-9-
`
`

`

`
`
`example, the merchant may send the request for access directly to the information
`
`exchange system. Id.; Ex-1007, 14:56-64 (“[T]he third party user, such as the
`
`merchant 180, requests access to a data element of the registered user’s stored
`
`profile information.”), Fig. 10, 15:16-26.
`
`C. Desai and Pare disclose claim limitations 39[e] and 47[b]
`
`Desai alone in combination with International Publication Number WO
`
`98/04996 (“Pare,” Ex-1022) (published on February 5, 1998 and thus qualified as
`
`prior art under 35 U.S.C. § 102(b)) discloses validating an identity of the provider
`
`or merchant. Ex-1021, ¶¶61-63. Desai teaches that “[e]ach registered user may
`
`selectively control the granting and denying of access to each of its associated data
`
`elements by other respective users, on an element-by-element, and user-by-user
`
`basis.” Id.; Ex-1007, 3:37-41, 9:1-10:16, Fig. 2. Even users who access
`
`information (rather than storing it), such as merchants, are registered with their
`
`own profiles in the database. Ex-1021, ¶61, Ex-1007, 13:28-30. Each user is
`
`validated using, for example, cookies or other electronic data transfer protocols.
`
`Ex-1021, ¶61; Ex-1007, 18:63-64. Thus, Desai teaches validating provider identity.
`
`Ex-1021, ¶61.
`
`Pare also discloses merchant validation in its teaching of “cross-checking the
`
`merchant code…in the VAD [Valid Apparatus Database] record with the merchant
`
`code added to the transaction request….” Ex-1021, ¶62. Ex-1022, 30:21-25.
`
`-10-
`
`

`

`
`
`D.
`
`Pare discloses claim limitations 39[h], 46[b], and 52[c]
`
`Pare discloses the identity of the entity being verified using a biometric. Ex-
`
`1021, ¶¶64-69. As discussed above in Section III.B, the ’539 patent does not
`
`provide written description support for the secure registry system having verified
`
`the entity’s identity using a biometric prior to receiving the transaction request.
`
`However, to the extent the ’539 patent is deemed to support this limitation despite
`
`its lack of disclosure, then Pare likewise discloses this limitation. Ex-1021, ¶65.
`
`Pare discloses that the identity of the entity is verified using a biometric,
`
`such as a fingerprint. Ex-1021, ¶¶66-68; Ex-1022, 5:13-17 (“The computer system
`
`compares the biometric samples and the PIN added by the buyer to the transaction
`
`agreement …. If a match is found, the buyer is identified successfully.”), see also
`
`id., 53:1-6; 53:34-36, 54:11-15, 11:42-43, 26:15-18, 27:30-2, 53:1-2. Pare further
`
`discloses using the biometric information of the identified individual against an
`
`“Authorized Individual Database” to determine whether the individual is
`
`authorized to use the device. Ex-1021, ¶69; Ex-1022, 81:20-21, 54:12-15.
`
`E.
`
`The combination of Brener and Schneier discloses claim
`limitations 40[b] and 46[c]
`
`The combination of Brener and Applied Cryptography, (“Schneier,” Ex-
`
`1016) (published in 1990 and thus qualified as a prior art printed publication under
`
`35 U.S.C. § 102(b)) discloses a transaction request including a time value
`
`-11-
`
`

`

`
`
`representative of when the time-varying multicharacter code was generated, and
`
`extracting the time value from the transaction request. Ex-1021, ¶¶70-73.
`
`Brener discloses that the transaction request with the transaction identifier
`
`and the customer object are sent by the vendor to the secure provider and that the
`
`customer object may include a digital signature and certification information. Ex-
`
`1021, ¶71; Ex-1005, 2:19-3:11, 13:6-10. While Brener does not expressly disclose
`
`that the multicharacter code representing an identity of an entity is time-varying or
`
`includes a time value that can be extracted, Schneier discloses this aspect of the
`
`claim limitation. Ex-1021, ¶72.
`
`Schneier discloses that “[d]igital signatures often include timestamps” where
`
`“[t]he date and time of the signature are attached to the message and signed along
`
`with the rest of the message.” Id., Ex-1016, 38. Once the recipient receives the
`
`signed message, the recipient can decrypt the signed message using the public key.
`
`Ex-1021, ¶72; Ex-1016, 37. In doing so, the timestamp is decrypted and therefore
`
`extracted from the time-varying multicharacter code. Ex-1021, ¶72. As discussed
`
`below with respect to rationale to combine, when combined with Brener these
`
`teachings of Schneier would result in the time value of the signature being
`
`extracted from the signed portion of the customer object by decrypting that signed
`
`portion. Id.
`
`-12-
`
`

`

`
`
`F.
`
`The combination of Brener and Schneier discloses claim
`limitations 40[b] and 46[d]
`
`The combination of Brener and Schneier discloses mapping the time-varying
`
`multicharacter code to an identity of the entity using the time-varying
`
`multicharacter code and the time value. Ex-1021, ¶¶74-78. The original claim
`
`limitations [1.3], [21], [22.2], [31], [37.4], and [38.3] of the ’539 patent are
`
`obvious in view of Brener. Ex-1021, ¶75; Ex-1002, ¶¶83-85, 142, 158, 165, 174-
`
`175. As discussed below, the addition of “and time value” does not make the claim
`
`limitations non-obvious in view of Brener and Schneier. Id.
`
`Brener discloses that the secure provider computer maps the customer object
`
`to the identity of the customer using a linking table. Ex-1021, ¶¶76, Ex-1005, 8:11-
`
`20; 2:19-3:7, 10:14-17, 3:30-42. To the extent Brener does not disclose using both
`
`the time-varying multicharacter code and the time value to map to an identity of
`
`the entity, this would have been obvious in view of Schneier. Ex-1021, ¶77; Ex-
`
`1016, 37-38. In particular, Schneier discloses that “digital signatures often include
`
`timestamps.” Ex-1021, ¶77; Ex-1016, 38. In addition, Schneier further discloses
`
`that “digital signature protocols are often implemented with one-way hash
`
`functions.” Id. Combining these teachings results in a one-way hash function
`
`performed with the time value as part of the digital signature protocol. Id. Thus, the
`
`receiving party, such as the secure provider, would receive the customer object that
`
`was digitally signed by the customer and extract the timestamp to apply the same
`
`-13-
`
`

`

`
`
`one-way hash function. Id. By comparing or mapping the hash it received with the
`
`hash it generated, the secure provider could verify the identity of the entity. Id.
`
`G. Brener discloses claim limitation 51[b]
`
`As discussed above in Section III.D, the ’539 patent does not support claim
`
`limitation 51[b] requiring “the secure data stored at the database during a training
`
`process by establishing communications between the secure registry system and
`
`the entities.” However, to the extent the ’539 patent is deemed to support this
`
`limitation, Brener also discloses it. Ex-1021, ¶¶79-82. Brener explains that the
`
`secure data is entered into the database when the customer logs into the secure
`
`provider’s website to fill out a form. Ex-1021, ¶81; Ex-1005, 10:22-27, 11:11-22.
`
`H. Brener discloses claim limitation 52[f] and 52[g]
`
`Brener discloses providing the account identifying information to a third
`
`party that uses the public ID code to obtain the financial account number
`
`associated with the entity to enable or deny the transaction without providing the
`
`account identifying information to the provider. Ex-1021, ¶¶83-87.
`
`Brener teaches using linking information to access the customer’s
`
`information by the bank but not allowing access to such personal information by
`
`the vendor. Ex-1021, ¶85. Brener discloses that the linking information is stored in
`
`the secure provider database. Id., Ex-1005, 8:11-14. Brener further discloses that
`
`“[t]he linking table is ultimately used to provide the bank computer with the
`
`-14-
`
`

`

`
`
`account number or private key authorization of the customer and to provide the
`
`third party carriers with the actual name and address of a customer…” Ex-1021,
`
`¶86; Ex-1005, 11:6-10, 9:24-26, 9:19-10:2. Because the linking information is data
`
`that can be provided by the secure provider to allow the bank to look up the
`
`corresponding customer account number in its own database, it serves as the
`
`claimed “public ID code that identifies a financial account number associated with
`
`the entity.” Ex-1021, ¶86; Ex-1005, 9:19-10:2.
`
`I.
`
`Substitute claim 51 is obvious in view of Brener, Desai, and Weiss
`
`As explained by Dr. Tygar, substitute claim 51 would have been obvious in
`
`view of the combination of Brener, Desai, and Weiss. Ex-1021, ¶¶88-93. The
`
`disclosure relied upon from Brener, Desai, and Weiss is the same as cited in
`
`Ground 1 of the petition, along with disclosures from Brener for the newly added
`
`limitations 51[b], 51[c], and 51[d]. Ex-1021, ¶89. As discussed above in Sections
`
`IV.A, IV.B, and IV.G and further below, newly added limitations 51[b], 51[c], and
`
`51[d] do not avoid unpatentability because Brener discloses these limitations. Id.
`
`A POSITA would have had good reason to combine the teachings of Brener,
`
`Weiss, and Desai, to predictably achieve an anonymous transaction system
`
`utilizing a time-varying multicharacter code to identify a user and user-determined
`
`access restrictions to limit vendors’ access to sensitive information. Ex-1021, ¶89;
`
`see also Ex-1002, ¶¶62-65. A POSITA would have been motivated to utilize a
`
`-15-
`
`

`

`
`
`time-varying multicharacter code—as taught by Weiss—to identify and
`
`authenticate a user of an anonymous transaction system like the one in Brener. Id.,
`
`¶90; see also Ex-1002, ¶¶62-65. Additionally, a POSITA would have had good
`
`reason to provide restricted access to sensitive user information on a vendor-by-
`
`vendor basis as selected by the user—as taught by Desai—in addition to the role-
`
`based access restrictions disclosed in Brener. Id.; see also Ex-1002, ¶¶65-68.
`
`Incorporation of the claimed transaction request sent by the provider
`
`(limitation 51[c]) and training process (limitation 51[b]) would have been obvious
`
`in view of Brener, which teaches those elements as features of its anonymous
`
`transaction system. Ex-1021, ¶¶52-55, 91; Ex-1005, 2:19-3:11, 14:5-15.
`
`Finally, as disclosed by Brener alone, or Brener in view of Desai, the
`
`transaction request is sent to the secure provider by the merchant, or the merchant
`
`requests access, without communications between the secure provider and the
`
`customer (limitation 51[d]). Ex-1021, ¶91; Ex-1005, 2:19-3:11; Ex-1007, 14:56-64,
`
`Fig. 10, 15:16-26. Thus, the additional limitations presented in substitute claim 51
`
`do not alter the reasons previously provided by Dr. Tygar for combining the
`
`teachings of Brener, Desai, and Weiss. Ex-1021, ¶¶88-93; see also Ex-1002, ¶¶57-
`
`69. Accordingly, claim 51 would have been obvious in view of the combination of
`
`Brener, Desai, and Weiss. Ex-1021, ¶¶88-93.
`
`-16-
`
`

`

`
`
`J.
`
`Substitute claims 39, 41-45, and 52 are obvious in view of Brener,
`Desai, Weiss, and Pare
`
`Substitute claims 39, 41-45, and 52 would have been obvious in view of the
`
`combination of Brener, Desai, Weiss, and Pare. Ex-1021, ¶¶94-101. The disclosure
`
`relied upon from Brener, Desai, and Weiss is the same as cited in Ground 1 of the
`
`petition, along with further Brener and Desai disclosures for the newly added
`
`limitations 39[b] and 52[b] discussed in Section IV.A, limitations 39[c] and
`
`52[pre] in Section IV.B, limitation 39[e] in Section IV.C, and limitation 52[f] and
`
`52[g] in Section IV.G. Ex-1021, ¶95. In addition, Pare discloses limitations 39[h]
`
`and 52[c] as discussed in Section IV.D. Id.
`
`Merchant validation is described in Desai as a means for accomplishing the
`
`granular access controls. Therefore, it would have been readily apparent that when
`
`incorporating Desai’s granular access control, merchant validation was an optimal
`
`way of doing this. Ex-1021, ¶96; Ex-1007, 3:27-41, Fig. 2. Additionally, as
`
`described in Brener, using a public ID code by the third party to identify or obtain
`
`a financial account number as a means for accomplishing the access of the
`
`customer’s personal information by means of linking information would have been
`
`readily apparent when incorporating Brener’s secure provider. Ex-1021, ¶96; Ex-
`
`1005, 8:11-14, 9:19-10:2, 11:6-10. The linking information was an optimal way of
`
`doing this, consistent with Brener’s teachings. Id.
`
`A POSITA would further have found it beneficial to provide biometric
`
`-17-
`
`

`

`
`
`identification and authentication—as taught by Pare— to identify and authenticate
`
`a user of the combined anonymous transaction system of Brener, Desai, and Weiss
`
`described above. Ex-1021, ¶97. Pare and Brener are similarly directed to shielding
`
`account identifying information and instead using a biometric or identification
`
`code to gain access rather than using, for example, the user’s real identity. Id.; Ex-
`
`1005, 9:9-11, Ex-1022, 42:30-34, 4:3-6. Pare explains a benefit of biometric
`
`authentication is that “the biometrics are uniquely personal to the user and because
`
`the act of physically entering the biometrics are virtually irreproducible, a match is
`
`putative of actual identity, thereby decreasing the risk of fraud.” Ex-1021, ¶98; Ex-
`
`1022, 4:6-9. Pare further explains that this biometric authentication is provided by
`
`a biometric input apparatus that collects biometric identity information, encodes
`
`and encrypts it, and makes it available for authorizations” and that such apparatus
`
`“[c]omes in different hardware models and software version.” Ex-1021, ¶98; Ex-
`
`1022, 102:13-15; see also id. 11:41-45, 11:18-22, 29:11-14. A POSITA would
`
`have found this a natural extension of the “secure protocols, such as digital
`
`signature and digital certificates,” already present in the combination of Brener,
`
`Desai, and Weiss. Ex-1021, ¶98; see Ex-1005, 13:6-8.
`
`The teachings of Pare could be added to the combination of Brener, Desai,