`Filed: July 3, 2018
`
`Filed on behalf of: Visa Inc. and Visa USA Inc.
`By: Matthew A. Argenti
`
`Michael T. Rosato
`WILSON SONSINI GOODRICH & ROSATI
`
`
`650 Page Mill Road
`
`Palo Alto, CA 94304-1050
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`_____________________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`_____________________________
`
`VISA INC. and VISA U.S.A. INC.,
`Petitioners,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC,
`Patent Owner.
`_____________________________
`
`Case No. IPR2018-01351
`Patent No. 8,856,539
`_____________________________
`
`
`PETITION FOR INTER PARTES REVIEW OF
`U.S. PATENT NO. 8,856,539
`
`
`
`
`
`TABLE OF CONTENTS
`
`Page
`
`I.
`
`INTRODUCTION .............................................................................................. 1
`A.
`Brief Overview of the ’539 Patent....................................................... 2
`B.
`Brief Overview of the Prosecution History ......................................... 6
`C.
`Brief Overview of the Scope and Content of the Prior Art .................. 7
`D.
`Level of Skill in the Art .................................................................... 12
`II.
`GROUNDS FOR STANDING ............................................................................. 12
`III. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8 ........................................... 12
`IV. STATEMENT OF THE PRECISE RELIEF REQUESTED FOR EACH CLAIM
`CHALLENGED .............................................................................................. 13
`V.
`CLAIM CONSTRUCTION ................................................................................ 14
`VI. DETAILED EXPLANATION OF GROUNDS FOR UNPATENTABILITY BASED
`ON JUNDA AND BRODY ................................................................................. 18
`i.
`Independent claim 1 ................................................................ 22
`ii.
`Independent claims 22, 37, and 38 .......................................... 41
`iii. Dependent claims .................................................................... 47
`iv.
`Rationale to Combine ............................................................. 57
`VII. CONCLUSION ............................................................................................... 61
`VIII. CERTIFICATE OF COMPLIANCE ...................................................................... 62
`IX. PAYMENT OF FEES UNDER 37 C.F.R. §§ 42.15(A) AND 42.103 ...................... 63
`X. APPENDIX – LIST OF EXHIBITS...................................................................... 64
`
`-i-
`
`
`
`
`
`I.
`
`INTRODUCTION
`
`Visa Inc. and Visa U.S.A. Inc., (together, “Petitioner”) hereby request
`
`review of U.S. Patent No. 8,856,539 to Weiss et al. (hereinafter “the ’539 patent,”
`
`Ex-1001) that issued on October 7, 2014, and is currently assigned to Universal
`
`Secure Registry LLC (“Patent Owner”). This Petition demonstrates that there is a
`
`reasonable likelihood that claims 1-9, 16-31, 37, and 38 of the ’539 patent are
`
`unpatentable over the cited prior art. Thus, claims 1-9, 16-31, 37, and 38 of the
`
`’539 patent should be found unpatentable and canceled.
`
`The ’539 patent purports to be broadly directed to a “secure registry system”
`
`involving selective access to information stored in a database, and a multicharacter
`
`code corresponding to a user with information stored in the database. Ex-1001,
`
`Abstract. Embodiments of the invention disclosed by the patent involve
`
`anonymous online transactions, such as online purchases where a customer’s credit
`
`card number is disclosed to an authorizing financial institution but not the online
`
`merchant, or where the customer’s address is revealed to a shipper but not the
`
`merchant. Ex-1002, ¶16. As might be expected, the field of e-commerce was rife
`
`with disclosure of such systems prior to the March 2001 priority date. Id., ¶17.
`
`The ’539 patent’s requirement of a time-varying multicharacter code representing
`
`an identity of a user such as a customer does not convey a point of novelty. Id.
`
`The use of such time-varying multicharacter codes to identify or authenticate a
`
`-1-
`
`
`
`
`
`user was well-known, as demonstrated by the named inventor’s own prior art
`
`patent disclosures predating the ’539 patent by well over a decade as well as other
`
`prior art disclosing the use of such codes in an anonymous transaction context. Id.
`
`A. Brief Overview of the ’539 Patent
`
`The ’539 patent is entitled “Universal Secure Registry.” Ex-1001. In a
`
`general sense, the ’539 patent is directed to systems and methods for providing
`
`controlled access to secure data stored on a database using a time-varying
`
`multicharacter code. See, e.g., Ex-1001, Abstract, claim 1; Ex-1002, ¶¶14-24. The
`
`secure registry system is “used to selectively provide personal, financial or other
`
`information about a person to authorized users.” Ex-1001, 3:5-9.
`
`As the Background section of the ’539 patent states, “there are times when
`
`the individual may wish to be identified or at least verified without providing
`
`personal information.” Id., 2:17-19. Identification and authentication may occur,
`
`for example, when “a person may wish to purchase goods and/or services without
`
`publicly providing his/her credit card information for fear that the credit card
`
`information may be stolen and used fraudulently.” Id., 2:19-22; see also id., 22-27
`
`(“Likewise, the person may wish to purchase goods or order goods to be delivered
`
`to an address without revealing the address to the vendor.”); Ex-1002, ¶18.
`
`Patent Owner has characterized the ’539 patent as directed to “an
`
`anonymous identification system that allows user verification without requiring the
`
`-2-
`
`
`
`
`
`user to share personal information with
`
`whomever is requesting verification,
`
`e.g., allows a person to purchase goods
`
`without publicly providing credit card
`
`information to the merchant, for fear
`
`that the credit card information may be
`
`stolen or used fraudulently.” Ex-1014,
`
`17; see also id., 19 (describing “claim
`
`22’s innovation that allows transaction
`
`approval without providing account
`
`identifying information to the
`
`merchant.”) (emphasis original).
`
`Consistent with this description, the
`
`specification discloses “a system for
`
`facilitating purchases without providing financial information to the merchant as
`
`set forth in FIG.8.” Ex-1001, 12:19-54. As seen here in Figure 8, a user
`
`(customer) initiates a purchase and provides a code to a merchant, without
`
`providing identifying information or a credit card number. Ex-1001, 12:21-24.
`
`The merchant then sends the purchase request to the universal secure registry
`
`system (USR), which uses the secret code to determine the identity of the customer
`
`-3-
`
`
`
`
`
`and access credit card information from a database, which it then forwards to a
`
`credit card company for purchase authorization. Id., 12:24-39. The credit card
`
`company then processes the transaction by “checking the credit worthiness” of the
`
`user and notifies the USR system of the result of the transaction, which “in turn
`
`notifies the merchant of the result of the transaction.” Id., 12:40-46. In this way,
`
`“the user can use the USR system to purchase goods or services from a merchant
`
`without providing the merchant with the user’s credit card number.” Id., 12:47-50;
`
`Ex-1002, ¶19.
`
`The specification explains that the user’s secret code can vary over time.
`
`Ex-1001, 8:17-47. For example, the secret code can be derived using “a SecurID
`
`card available from RSA Security,” which mathematically combines “a secret user
`
`code and/or time varying value” and a secret personal identification code to
`
`“generate a one-time nonpredictable code” used to verify a user. Ex-1001, 8:17-
`
`35; Ex-1002, ¶20. Alternatively, the user’s computer may be programmed to
`
`execute an algorithm to generate “non-predictable, single use codes, which may or
`
`may not be time varying.” Id., 8:36-44; Ex-1002, ¶20.
`
`Claim 1 of the ’539 patent is representative of the claims at issue (additional
`
`line breaks added for readability):
`
`A secure registry system for providing information to a provider to
`
`enable transactions between the provider and entities with secure
`
`-4-
`
`
`
`
`
`data stored in the registry system, the secure registry system
`
`comprising:
`
`a database including secure data for each entity, wherein each entity is
`
`associated with a time-varying multicharacter code for each entity
`
`having secure data in the secure registry system, respectively, each
`
`time-varying multicharacter code representing an identity of one of
`
`the respective entities; and
`
`a processor configured
`
`to receive a transaction request including at least the time-varying
`
`multicharacter code for the entity on whose behalf a transaction
`
`is to be performed and an indication of the provider requesting
`
`the transaction,
`
`to map the time-varying multicharacter code to the identity of the
`
`entity using the time-varying multicharacter code,
`
`to execute a restriction mechanism to determine compliance with
`
`any access restrictions for the provider to secure data of the
`
`entity for completing the transaction based at least in part on the
`
`indication of the provider and the time-varying multicharacter
`
`code of the transaction request,
`
`and to allow or not allow access to the secure data associated with
`
`the entity including information required to enable the
`
`transaction based on the determined compliance with any
`
`access restrictions for the provider, the information including
`
`account identifying information,
`
`wherein the account identifying information is not provided to the
`
`provider and the account identifying is provided to a third party
`
`-5-
`
`
`
`
`
`to enable or deny the transaction with the provider without
`
`providing the account identifying information to the provider.
`
`See Ex-1002, ¶21.
`
`The requirement “to receive a transaction request” of claim 1 relates to a
`
`central concept of the ’539 patent: receiving a transaction request with a time-
`
`varying multicharacter code corresponding to the entity on whose behalf the
`
`transaction is to be performed. Ex-1002, ¶22. The secure registry processes the
`
`transaction request received from the provider by “mapping the time-varying
`
`multicharacter code to an identity of the entity using the time-varying
`
`multicharacter code” and “determining compliance with any access restrictions for
`
`the provider to secure data of the entity for completing the transaction based at
`
`least in part on the indication of the provider and the time-varying multicharacter
`
`code of the transaction request.” Ex-1001, cl. 1. As discussed in more detail
`
`below, both the mapping of an identity to a multicharacter code and determining
`
`compliance with access restrictions to maintain anonymity during a transaction as
`
`claimed by the ’539 patent were well-known concepts prior to the ’539 patent. Ex-
`
`1002, ¶¶23-24.
`
`B.
`
`Brief Overview of the Prosecution History
`
`Application No. 11/768,729 was filed on June 26, 2007, and issued on
`
`October 7, 2014, as the ’539 patent. The ’539 patent is a continuation claiming
`
`priority benefit back to U.S. Patent Application No. 09/810,703, filed on March 16,
`
`-6-
`
`
`
`
`
`2001, and now U.S. Patent No. 7,237,117. While the Weiss reference discussed
`
`below was disclosed to the Patent Office in an IDS during prosecution, none of the
`
`prior art references relied upon in this petition was the basis for any rejection by
`
`the Examiner.
`
`C. Brief Overview of the Scope and Content of the Prior Art
`
`This petition is supported by the expert declaration of Dr. Justin Douglas
`
`Tygar, a professor of computer science with extensive experience in the areas of
`
`computer security and electronic commerce. Ex-1002, ¶¶1-13. As explained in
`
`detail in Dr. Tygar’s declaration and addressed in further detail below, anonymous
`
`transactions using multicharacter codes in place of the customer’s real information
`
`were well-known prior to the alleged invention of the ’539 patent, as was the use
`
`of time-varying multicharacter codes to identify or authenticate a user. Id., ¶¶31-
`
`40. This is illustrated in the prior art on which the current challenge is based and
`
`includes the references briefly discussed below and in further detail in Section VI.
`
`As Dr. Tygar explains, the rise of Internet-based e-commerce in the late
`
`1990s resulted in a particular focus on earning consumer trust. Ex-1002, ¶32.
`
`Merchants and financial institutions had to convince customers that they could
`
`safely use their credit cards and other sensitive data for online purchases without it
`
`being intercepted or misused. Id. As a result, numerous systems for anonymous
`
`online transactions were known prior to March 2001, many of which involved
`
`-7-
`
`
`
`
`
`storing a customer’s secure data in a remote database and selectively allowing
`
`access to complete a transaction based on a multicharacter code associated with the
`
`user. Id.
`
`For example, International Application Number International PCT
`
`Application WO 00/14648 to Brener (“Brener,” submitted as Ex-1005), entitled
`
`“Electronic Commerce with Anonymous Shopping and Anonymous Vendor
`
`Shipping,” discloses a computer-implemented method for delivering goods
`
`purchased from a vendor web site without revealing the customer’s identity or
`
`physical shipping address to the vendor computer. Ex-1005, Abstract; Ex-1002,
`
`¶33. As explained in Brener, “[t]he method includes associating the identity and
`
`physical location of each customer with computer (100) linking information which
`
`is stored at a secure computer such as a secure provider computer (110) or banking
`
`computer (150). The customer computer (100) anonymously connects to the
`
`vendor web site (140) and orders goods without revealing his actual identity or
`
`physical location.” Ex-1005, Abstract.
`
`Another example of using a remote database for maintaining secure data and
`
`controlling access to personal information for anonymous shopping was seen in
`
`International PCT Application WO 01/13275 to Junda et al (“Junda,” submitted as
`
`Ex-1008), entitled “Proxy System for Customer Confidentiality.” Junda discloses
`
`“a system and a method for enabling a customer (referred to herein as a ‘user’) to
`
`-8-
`
`
`
`
`
`make purchases and take delivery of goods or services while keeping some or all
`
`of the user's personal information confidential and secure throughout the purchase
`
`and delivery transactions.” Ex-1008, 3:27-31.The system and method described in
`
`Junda includes, for example, “generating proxy delivery data corresponding with
`
`the real delivery data [and] maintaining a database including the real delivery data
`
`and the corresponding proxy delivery data for use in translating the proxy delivery
`
`data into the corresponding real delivery data.” Id., 7:11-14; Ex-1002, ¶34.
`
`It was also known to utilize a dynamic, time-varying multicharacter code to
`
`control access to data, as evidenced by U.S. Patent No. 4,885,778 to Weiss
`
`(“Weiss,” submitted as Ex-1006), entitled “Method and Apparatus for
`
`Synchronizing Generation of Separate, Free Running, Time Dependent
`
`Equipment.” Weiss and the ’539 patent share the same named inventor (Kenneth
`
`Weiss). Weiss is one of a number of patents directed to aspects of the well-known
`
`SecurID authentication scheme. See, e.g., id., FIG. 2; Ex-1002, ¶35. The
`
`apparatus and method described in Weiss “eliminates the relatively easy access
`
`afforded to someone who copies or otherwise misappropriates a secret ‘fixed’ code
`
`by periodically generating identification codes by using fixed codes, variable data,
`
`and a predetermined algorithm which is unknown in advance and unknowable
`
`outside the administration of the security system even to authorized users of the
`
`apparatus utilizing the fixed secret code.” Ex-1006, 1:55-62; Ex-1002, ¶35 These
`
`-9-
`
`
`
`
`
`dynamic, time-varying codes were used to replace typical instances of fixed codes
`
`including card numbers, user numbers or passwords issued to customers of
`
`computer data retrieval services.” Ex-1006, 1:36-40; Ex-1002, ¶35.
`
`Moreover, it was known prior to March 2001 that such a time-varying
`
`multicharacter code could be applied in the context of an anonymous transaction
`
`system like the ones disclosed in Brener and Junda, as evidenced by U.S. Patent
`
`Application No. 09/786,719 to Brody et al. (“Brody,” submitted as Ex-1009,),
`
`entitled “Systems and Methods Enabling Anonymous Credit Transactions.” See
`
`Ex-1002, ¶36. Brody discloses a system and method for anonymous merchant
`
`transactions by “creat[ing] dynamic mappings of the card numbers to account
`
`numbers or other card numbers, such as pseudo-random credit card numbers.” Ex-
`
`1009, [0009]; Ex-1002, ¶¶36-37. The pseudo-random attributes are used by
`
`consumers in place of the consumer's credit card. Id. As explained by Brody,
`
`“Because pseudo-random attributes are transmitted to the merchant, the transaction
`
`between the consumer and merchant will be anonymous.” Ex-1009, [0009]. The
`
`dynamic, pseudo-random attributes correspond to the customer’s credit card
`
`number and other personal information, and “can be used by an authentication
`
`server to authenticate a transaction according to consumer preferences.” Id.; Ex-
`
`1002, ¶37.
`
`-10-
`
`
`
`
`
`Finally, it was also known prior to the ’539 patent that a remote database
`
`could selectively grant access to personal information for online purchase
`
`transactions based on the identity of the customer and the merchant. Ex-1002, ¶38.
`
`For example, U.S. Patent Application No. 6,820,204B1 to Desai et al. (“Desai”,”
`
`submitted as Ex-1007), entitled “System and Method for Selective Information
`
`Exchange” discloses “a system and method for information exchange that provides
`
`control over the content of stored information, as well as control over the access to
`
`the stored information.” Ex-1007, 3:34-37; Ex-1002, ¶38. Desai discloses an
`
`information exchange system including facilities that allow a registered user to
`
`selectively grant access to this stored profile data to one or more third parties on an
`
`element-by-element basis. Ex-1007, 9:10-14. For example, a registered user can
`
`grant access to its telephone number, street address, and credit card number to an
`
`online vendor while only granting its telephone number to a mere business contact.
`
`Id., 9:14-18; see also Ex-1002, ¶38. Junda similarly discloses that “the user may
`
`select beforehand the real personal information that he or she desires to be
`
`concealed from the merchant when using the proxy credit or debit card.” Ex-1008,
`
`4:28-33; Ex-1002, ¶38.
`
`Other aspects and features as claimed by the ’539 patent, such as providing
`
`anonymous delivery, providing bank card or credit card authorization, and using
`
`secure transmission device and encryption were also known before the ’539 patent.
`
`-11-
`
`
`
`
`
`See, e.g., Ex-1005, 2:19-3:11 (describing anonymous shipping), 8:30-9:11 (using
`
`virtual personal network protocols), 15:25-16:6 (using encryption); Ex-1008, 9:5-
`
`11 (describing providing bank or credit card authorization); Ex-1002, ¶39.
`
`D. Level of Skill in the Art
`
`As Dr. Tygar explains, a person of ordinary skill in the relevant field prior to
`
`March 16, 2001, would include someone who had, through education or practical
`
`experience, the equivalent of a bachelor’s degree in computer science or computer
`
`engineering or a related field and at least an additional two years of work in the
`
`computer science field including, for example, network security systems, database
`
`management, and secure transaction systems. Ex-1002, ¶¶41-46.
`
`II. GROUNDS FOR STANDING
`
`Petitioner certifies that, under 37 C.F.R. § 42.104(a), the ’539 patent is
`
`available for inter partes review, and Petitioner is not barred or estopped from
`
`requesting inter partes review of the ’539 patent on the grounds identified.
`
`III. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8
`
`Real Party-in-Interest (37 C.F.R. § 42.8(b)(1)): Visa Inc. and Visa U.S.A.
`
`Inc. are the real parties-in-interest.
`
`Related Matters (37 C.F.R. § 42.8(b)(2)): Petitioner is aware of the
`
`following matter in which the ’539 patent has been asserted: Universal Secure
`
`Registry LLC v. Apple Inc., Visa Inc., and Visa U.S.A. Inc., Case No. 17-cv-00585-
`
`VAC-MPT (D. Del. May 21, 2017). The complaint was served on Petitioner on
`
`-12-
`
`
`
`
`
`July 5, 2017. Apple Inc. has filed the following petitions for CBM/IPR with
`
`respect to the ’539 patent on April 12, 2018: CBM2018-00023, IPR2018-00811,
`
`and IPR2018-00812. In addition, Petitioner is concurrently filing a second IPR
`
`petition (IPR2018-01350) based on a different prior art combination than is raised
`
`herein.
`
`Lead and Back-Up Counsel (37 C.F.R. § 42.8(b)(3))
`
`Lead Counsel: Matthew A. Argenti (Reg. No. 61,836)
`
`Back-Up Counsel: Michael T. Rosato (Reg. No. 52,182)
`
`Service Information – 37 C.F.R. § 42.8(b)(4). Petitioners hereby consent to
`
`electronic service.
`
`Email: margenti@wsgr.com; mrosato@wsgr.com;
`
`Post: WILSON SONSINI GOODRICH & ROSATI,
`
`650 Page Mill Road,
`
`
`
`Palo Alto, CA 94304-1050
`
`Tel.: 650-493-9300
`
`
`
`Fax: 650-493-6811
`
`IV. STATEMENT OF THE PRECISE RELIEF REQUESTED FOR EACH
`CLAIM CHALLENGED
`
`Petitioners request review of claims 1-9, 14, 16-31, 37, and 38 of the ’539
`
`patent under 35 U.S.C. § 311 and AIA § 6. The specific grounds for relief are as
`
`follows:
`
`-13-
`
`
`
`
`
`Ground
`
`Claims
`
`Description
`
`1
`
`claims 1-9, 16-
`
`Obvious under 35 U.S.C. § 103 over Junda and Brody
`
`31, 37, and 38
`
`V. CLAIM CONSTRUCTION
`
`A claim subject to inter partes review receives the broadest reasonable
`
`construction or interpretation in light of the specification of the patent in which it
`
`appears, because among other reasons, the patent owner has an opportunity to
`
`amend the claims. See 37 C.F.R. § 42.100(b); Cuozzo Speed Techs., LLC. v. Lee,
`
`136 S. Ct. 2131, 2142-45 (2016). However, the analysis presented herein is not
`
`dependent on the broadest reasonable interpretation standard, and the bases of
`
`unpatentability presented in this petition would be equally applicable under the
`
`claim construction standard set forth in Phillips v. AWH Corp., 415 F.3d 1303
`
`(Fed. Cir. 2005). A few terms that warrant discussion are identified and discussed
`
`below.
`
`“entity”: Each of the independent claims of the ’539 patent require that
`
`entities who have secure data stored in a secure registry in which each entity is
`
`identified by a time-varying multicharacter code . Ex-1001, claims 1, 22, 37, 38;
`
`Ex-1002, ¶¶48-49. In the context of the ’539 patent, the term “entity” means
`
`“purchasing party to a transaction who has data stored in the secure registry.” This
`
`construction is consistent with the claim language, which describes the “entity” as
`
`-14-
`
`
`
`
`
`the party to a transaction with “secure data stored in a secure registry,” such as a
`
`credit card number. This construction is further supported by the ’539 patent
`
`specification, which describes an “entity” as a user, a person, or a company with
`
`information stored in the secure database. See, e.g., Ex 1001, Abstract (“A secure
`
`registry system … which permits secure access to a database containing selected
`
`data on a plurality of entities....”); see also id., 2:28-31, 7:30-39, 7:63-67. The
`
`patent further uses the term “entity” to refer to the person requiring identification.
`
`Id., 3:24-27; see also id., 7:30-36; Ex-1002, ¶49.
`
`“based at least in part on the indication of the provider and the time-
`
`varying multicharacter code of the transaction request”: Independent claims 1
`
`and 22 of the ’539 patent require “determin[ing] compliance with access
`
`restrictions for the provider to secure data of the entity for completing the
`
`transaction based at least in part on the indication of the provider and the time-
`
`varying multicharacter code of the transaction request.” Ex-1001, claims 1, 22;
`
`Ex-1002, ¶50. The inclusion of the phrase “based at least in part on the indication
`
`of the provider and the time-varying multicharacter code of the transaction
`
`request” as a modifier could be read to modify either “access restrictions for the
`
`provider” or “completing the transaction.” Ex-1002, ¶51. As explained in further
`
`detail herein, whether the “access restrictions” must be based on an indication of
`
`the provider and the time-varying multicharacter code or whether the claim is
`
`-15-
`
`
`
`
`
`satisfied if “completing the transaction” is based on the indication and the code are
`
`both addressed in the present petition. Id.
`
`The specification only refers to an “access restriction” once, to describe an
`
`access restriction for each type of data entered. Ex-1001, 10:22-27 (“For each
`
`type of data entered, the person is asked to specify the type of access restrictions
`
`and/or whom should be allowed to access the advanced personal data.”); Ex-1002,
`
`¶52. However, the claims do not recite access restrictions “for each type of data
`
`entered.” Id. The specification continues by describing “determining the
`
`requestor’s rights,” which “typically involves validating the requestor’s identity
`
`and correlating the identity, the requested information and the access information
`
`34 provided by the person to the USR database during the training process
`
`described above with respect to FIG. 5.” Id., 10:43-48. The specification explains
`
`that subsequent access to the information may involve “validating the requestor’s
`
`identity and correlating the identity, the requested information and the access
`
`information provided by the person to the USR database during the training
`
`process.” Id., 10:40-48; Ex-1002, ¶52.
`
`The ’539 patent also goes on to describe embodiments in which application
`
`of the access restrictions does not involve consideration of access information
`
`provided during the training process (i.e., a designation by the user as to which
`
`parties may access specific types of information). See Ex-1002, ¶53. For example,
`
`-16-
`
`
`
`
`
`the specification discloses that a merchant may send “(1) the code from the
`
`electronic ID, (2) the store number, and (3) the amount of the purchase” to the
`
`universal secure registry system, which when provides access to the relevant credit
`
`card number based solely on a determination whether “the [electronic ID] code is
`
`valid.” Id., 12:19-31; see also id., 11:49-65, 12:55-13:8, 13:35-57 (describing
`
`various types of transactions, each basing access to information on determination
`
`whether user’s ID code is valid); Ex-1002, ¶53.
`
`In view of the various embodiments disclosed by the ’539 patent, as well as
`
`the plain language of the claim itself, the “based at least in part on an indication of
`
`the provider and the time-varying multicharacter code of the transaction request”
`
`clause should be read to modify the element that immediately precedes it:
`
`“completing the transaction,” i.e., that completion of the transaction is based on the
`
`indication and time-varying multicharacter code. See Ex-1002, ¶54. However, to
`
`the extent Patent Owner argues the access restrictions themselves must be based on
`
`the indication of the provider and the time-varying multicharacter code, the
`
`petition demonstrates that this too would have been obvious in view of the prior
`
`art. As discussed in more detail below, the challenged claims are unpatentable
`
`under either interpretation of this limitation. Id.
`
`-17-
`
`
`
`
`
`VI. DETAILED EXPLANATION OF GROUNDS FOR
`UNPATENTABILITY BASED ON JUNDA AND BRODY
`
`Each and every feature of claims 1-9, 16-31, 37, and 38 of the ’539 patent
`
`would have been obvious to a person of ordinary skill in the art in view of Junda
`
`and Brody. Ex-1002, ¶¶180-303. Junda, published on February 22, 2001, filed
`
`August 10, 2000, and claiming priority to an application filed on August 13, 1999,
`
`is qualified as a prior art printed publication under 35 U.S.C. §§ 102(a) and 102(e).
`
`Brody, published on October 11, 2001, filed on February 28, 2001, and claiming
`
`priority to U.S. Provisional Application 60/186,166, filed on February 29, 2000, is
`
`qualified as a prior art printed publication under 35 U.S.C. § 102(e). In addition to
`
`qualifying as prior art by virtue of its February 28, 2001 filing date, Brody is
`
`entitled to claim the benefit of the February 29, 2000 filing date of its provisional
`
`application because the disclosure of the provisional application provides support
`
`for at least claim 1 of Brody in compliance with 35 U.S.C. § 112. See Ex-1002,
`
`¶186.
`
`Junda discloses “a system and a method for enabling a customer (referred to
`
`herein as a ‘user’) to make purchases and take delivery of goods or services while
`
`keeping some or all of the user’s personal information confidential and secure
`
`throughout the purchase and delivery transactions.” Ex-1008, 3:27-31; Ex-1002,
`
`¶183. As disclosed by Junda, “[t]he user’s personal information may include, but
`
`is not limited to, the user's real name, real residential or shipping address, real e-
`
`-18-
`
`
`
`
`
`mail address, and real credit or debit card account number.” Id., 3:31-33; Ex-1002,
`
`¶183. “Before making purchases and/or taking delivery of goods or services, the
`
`user obtains proxy personal information for use in place of the user’s real personal
`
`information during the purchase and/ or delivery transactions.” Id., 3:33-36.
`
`Junda discloses that this is done through a “proxy agent site 142 [that] includes at
`
`least one user database 144 for storing not only the user's personal information
`
`such as his or her real name, real shipping address, real e-mail address and real
`
`credit or debit card account number, but also corresponding proxy data such as a
`
`proxy name, a proxy shipping address, a proxy e-mail address, and a proxy credit
`
`or debit card account number.” Id., 10:30-35; Ex-1002, ¶183. Junda discloses “the
`
`steps of generating proxy user data corresponding with the selected real user data,
`
`maintaining a database including the selected real user data and the corresponding
`
`proxy user data for use in translating the selected real user data into the
`
`corresponding proxy user data, and in translating the proxy user data into the
`
`corresponding selected real user data, and, routing purchase authorization requests
`
`and replies between the merchant and a purchase authorization entity using the
`
`selected real user data and the corresponding proxy user data in the database,
`
`wherein the requests routed to the purchase authorization entity include the
`
`selected real user data, and the replies routed to the merchant include the
`
`corresponding proxy user data and do not include the selected real user data.” Id.,
`
`-19-
`
`
`
`
`
`5:20-30; Ex-1002, ¶183. As explained by Junda, “[b]y utilizing the proxy personal
`
`information when making purchases, the user can obtain virtually the same level of
`
`anonymity that cash-paying customers normally enjoy.” Id., 3:7-10; Ex-1002,
`
`¶183.
`
`Junda discloses that the proxy data has time-based attributes. Ex-1002, ¶184.
`
`For example, “the user may also select a specific number of purchases that can be
`
`made using the proxy personal information [and] an expiration date for the proxy
`
`personal information.” Ex-1008, 4:37-5:4. More specifically, Junda provides that
`
`“[t]he proxy user data is … valid not only for a limited number of purchases, but
`
`also for a limited period of time, e.g., one to twenty-four hours.” Id., 19:36-20:1;
`
`Ex-1002, ¶184.
`
`Junda does not expressly disclose proxy data that is time-varying, but this
`
`aspect of the ’539 claims is taught by Brody. Ex-1002, ¶185. Brody is directed to
`
`creating “dynamic mappings of the card numbers to account numbers or other card
`
`numbers, such as pseudo-random credit card numbers,” which are used in place of
`
`the consumer’s credit card. Ex-1009, [0009]; see also id., [0010]. [0049-50]; Ex-
`
`1002, ¶186. Consistent with both the understanding of a person of ordinary skill as
`
`well as the plain and ordinary meaning of the term, in disclosing “dynamic”
`
`mappings between the actual card numbers and the corresponding pseudo-random
`
`card numbers Brody teaches that its pseudo-random numbers are time-varying.
`
`-20-
`
`
`
`
`
`See, e.g., Ex-1011 [Random House] (defining “dynamic” in computer context to
`
`mean “affected by the passage of time”); Ex-1012 [A