IPR2022-00412
`PATENT NO.9,218,787
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLEINC.,
`
`Petitioner,
`
`V.
`
`RFCYBER CORP.,
`
`Patent Owner.
`
`Patent No. 9,189,787
`Filing Date: May 28, 2013
`Issue Date: November 17, 2015
`
`Inventors: Liang Seng Koh, Futong Cho, Hsin Pan, and Fuliang Cho
`Title: METHOD AND APPARATUS FOR CONDUCTING
`E-COMMENCE AND M-COMMENCE
`
`DECLARATION OF MIGUEL GOMEZ
`
`Case No. IPR2022-00412
`
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 001
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 001
`
`
`PATENT NO.9,218,787
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLEINC.,
`
`Petitioner,
`
`V.
`
`RFCYBER CORP.,
`
`Patent Owner.
`
`Patent No. 9,189,787
`Filing Date: May 28, 2013
`Issue Date: November 17, 2015
`
`Inventors: Liang Seng Koh, Futong Cho, Hsin Pan, and Fuliang Cho
`Title: METHOD AND APPARATUS FOR CONDUCTING
`E-COMMENCE AND M-COMMENCE
`
`DECLARATION OF MIGUEL GOMEZ
`
`Case No. IPR2022-00412
`
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 001
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 001
`
`
`
`I, Miguel Gomez, declare as follows:
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`1.|[ have been asked by counsel for Patent Owner RFCyber Corp.
`
`(“RFCyber”or “Patent Owner”) to review U.S. Patent No. 9,189,787 (the “787
`
`Patent”) entitled PROCESSING WITH COMPACT ARITHMETIC
`
`PROCESSING ELEMENT,and to provide my technical review, analysis, insights,
`
`and opinions regarding the ’787 Patent in view ofthe prior art cited by Petitioner
`
`Apple Inc. (““Apple”or “Petitioner’”’).
`
`I submit this declaration in support of Patent
`
`Owner’s Responsein this IPR proceeding. I have personal knowledge ofthe
`
`matters stated herein and would be competentto testify to them if required.
`
`2.
`
`[have been retained on behalf of RFCyber Corp. for the above-
`
`captioned inter partes review proceeding. I understand that the ’787 Patentis
`
`currently assigned to RFCyber Corp.
`
`3.
`
`Lam over 18 years of age. I have personal knowledge of the facts
`
`stated in this Declaration and could testify competently if asked to do so.
`
`I.
`
`INTRODUCTION
`
`A.
`
`4.
`
`Background and Qualifications
`
`[have reviewed and am familiar with the specification of the *787
`
`Patent. I understand that the ’787 Patent has been provided as Exhibit 1001. I will
`
`cite to the specification using the following format: °787 Patentat col.:line.
`
`1.
`
`Research and Professional Experience
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 002
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 002
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`5.|My CVisbeing submitted simultaneously herewith as Exhibit 2008.
`
`6.
`
`I received a Bachelor ofScience in Electrical Engineering degree
`
`from Yale University in 1983. I have overforty years of experience developing
`
`hardware and software technology used in computer systems, communications
`
`systems, networking, storage infrastructure, and database systems. My experience
`
`includes extensive knowledge of computer operating systems, computer protocols,
`
`and programming languagesusedin both fixed and mobile applications. I am also
`
`highly skilled in the use ofmicroelectronics simulation software, ASIC and FPGA
`
`development and the languages thereof such as Verilog and VHDL. I’m also
`
`skilled at programming in C , C++ , and Python and C#.
`
`7.
`
`From August 2006 to March 2009, I was VP of engineering for
`
`ActSolar. ActSolar developed solar power conversion systemsthat included power
`
`efficiency and cost analysis tools.
`
`8.
`
`In 2006, ActSolar was sold to National Semiconductor. The transfer
`
`oftechnology included the wireless interface for data collection, the inverter and a
`
`variant of the power converter hardware that performed shading compensation.
`
`9.
`
`From September 2004 to August 2005, I was a consultant for
`
`BridgeWave Inc. Bridgewave was a microwave connection companyto wirelessly
`
`transmit Ethernet packets for long haul telephony networks. The equipment was
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 003
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 003
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`mostly intended for international markets where copper wire installations is
`
`prohibitively expensive.
`
`10.
`
`From September 2003 to March 2004,I was a consultant for PA
`
`Consulting Group.
`
`I provided hardware and software evaluation services for
`
`corporate mergers and acquisitions. These services included system reviewsin the
`
`following areas: (1) Analysis of system cost to performanceratios; (2) Review of
`
`the hardware and software code implementations, documentation and development
`
`strategies; (3) compilation processes, simulation, test coverage, bug tracking and
`
`source code control; (4) Tool chain managementanalysis; (5) Circuit board design
`
`and layout design rules for production environments; (6) Circuit board certification
`
`testing for FCC, UL, and Environmentaltests; (7) Review of productionline
`
`managementincluding assembly andtest processes; and (8) Review of hardware
`
`code for copyrightor license violations.
`
`11.
`
`From January 2003 to May 2003, I was a consultant for Santel
`
`Networks. Santle Networks wasa high speed fiber optics supplier to the telecom
`
`industry. Here I developed an optical duo-binary (ODB) encoder that operated at
`
`10.7 Giga bits per second (GBps), Several patents were applied for and the board
`
`was shown at the Optical Fiber Communication Conference & Exposition in
`
`March of 2003.
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 004
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 004
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`12.
`
`From March 2001 to December 2002,I was Director of Hardware,
`
`Content Networking Division for Extreme Networks, Inc. I manageda team of
`
`hardware and software engineers that developed and maintained a Layer 2-5
`
`Content Addressable Switch. The switch was capable ofL2, L3, L4 switching as
`
`well as L5 switching based on packet content. Security was provided through
`
`Secure Sockets and DESencryptionlayers.
`
`13.
`
`From January 2000 to March 2001, I was Director of Hardware for
`
`Webstacks, Inc. (now Extreme Networks, Inc.). At Webstacks I assembled a team
`
`to build the Content Addressable Switch later sold to Extreme Networks. This
`
`switch provided L2-5 load balancing services for routing via MAC, IP and HTTP
`
`content based routing mechanisms. The system includedfirewall and security
`
`capabilities utilizing Secure Sockets Layers (SSL). My responsibilities were to
`
`design theinitial system architecture as well as to hire and manage the hardware
`
`and software implementation teams. Product development time was 16 months
`
`after which we were acquired by Extreme Networks for $68MM cash andstock.
`
`14.
`
`From February 1997 to December 1999, as consultant for Philips
`
`Semiconductor I developed thecertification environment used by Microsoft to
`
`validate Windows CE onthe Philips' Poseidon handheld chipset.
`
`15.
`
`From September 1994 to January 1997, I was President and Founder
`
`of Minden Group, Inc. The Minden Group developed andsold several types of
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 005
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 005
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`memory adapters and a video conferencing system. The memory adapters
`
`provided a cost effective memory expansion solution for personal computerusers.
`
`Both the adapters and the video conferencing system were sold through retail
`
`stores throughout the United States and Canada. Over 350,000 memory adapters
`
`were soldat stores such as Fry's, CompUSA, Computer City and Future Shop.
`
`After developing these products, I organized and managed a team of10 to 15
`
`employees focused on sales, marketing, finance and production.
`
`16.
`
`From August 1992 to September 1994, I was Senior Hardware
`
`Manager of RAID Product Development for MTI,Inc. In this capacity, I was
`
`responsible for architectural development of the next generation RAID 1-5 systems
`
`and for managing the product developmentgroup.
`
`17.
`
`From April 1989 to August 1992, I was Founder and President of
`
`Spectrum Analysis, Inc., a consulting services company. I founded and operated
`
`Spectrum Analysis, Inc. with three other partners. Spectrum Analysis, Inc.
`
`specialized in electrical circuit design with emphasis on FPGA and ASIC
`
`emulation and complex PCB level designs.
`
`18.
`
`From September 1988 to March 1989, I was Applications Manager
`
`for Quickturn Systems, Inc. Quickturn developed an ASIC emulator using Xilinx
`
`FPGAs. I developed the methodology of adapting ASIC designs to the emulator
`
`and implementing DRAM memory forstorage.
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 006
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 006
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`From July 1987 to August 1988, I was an Applications Engineer for
`
`19.
`
`Telestream Corporation and was responsible for demonstration system
`
`development, training and sales support for a software based communications
`
`protocol converter product.
`
`20.
`
`From June 1983 to March 1985, I was a Design Engineer for ROLM
`
`Corporation. I was responsible for the developmentof the bus management
`
`protocols used in the ROLM BUS295telephone switch.
`
`2.
`
`Education
`
`21. Yale University, 1983. Bachelor of Science, Electrical Engineering
`
`i
`
`Patents
`
`22.
`
`[am anamedinventor on the following patents:
`
`a. US7,814,204 — Method and system for analyzing the content of
`
`resource requests
`
`b. US8,412,838 — Method and system for analyzing the content of
`
`resource requests
`
`c. US7,447,777 — Switching System
`
`d. US7,298,746 — Method and system for reassembling and parsing
`
`packets in a network environment
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 007
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 007
`
`
`
`e. W0O2009140548A2 — System and method for an array of
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`intelligent inverters
`
`Il.
`
`COMPENSATION
`
`23. Mycompensation for time worked on this proceeding is not
`
`dependenton any issuesrelated to the ’787 Patent, the outcome ofthis proceeding,
`
`or the substance of my opinions. My compensation for time worked on this
`
`proceeding is at my customary rate of $550/hour. I have nofinancial interest in, or
`
`affiliation with, the Patent Owneror any ofthereal partiesin interest.
`
`Ill. MATERIALS CONSIDERED
`
`24.
`
`In providing my technical review, analysis, insights, and opinions,I
`
`have considered the ’787 Patent and its prosecutionhistory.
`
`25.
`
`Ihave also considered the Petition filed by the Petitionerin this
`
`proceeding andthe relevant exhibits relied on by Petitioner, including the expert
`
`declaration submitted by Gerald Smith.
`
`26.
`
`Ihave also considered my own experience and knowledge,as
`
`discussed above and described morefully in my CV,in the areas including
`
`software design, hardware design, computer security, and secure networks.
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 008
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 008
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`IV. LEGAL PRINCIPLES
`
`27.
`
`[understandthata patent claim is unpatentable as “obvious”if the
`
`subject matter ofthe claim as a whole would have been obviousto a person of
`
`ordinary skill in the art (POSA)as ofthe timeofthe inventionatissue.
`
`28.
`
`[understand that the use of“the person ofordinary skill” rubric is to
`
`prevent one from improperly, in the present day, using hindsight to decide whether
`
`a claim is obvious.
`
`29.
`
`Iunderstand that the following factors must be evaluated to determine
`
`whether the claimed subject matter is obvious: (1) the scope and contentofthe
`
`priorart; (2) the difference or differences, if any, between the scope ofthe patent
`
`claim and the scopeofthe prior art; and (3) the level of ordinary skill in the art at
`
`the time of the invention.
`
`30.
`
`understand that certain secondary considerations, such as
`
`commercial success, skepticism of experts, surprise, and copying, may provide
`
`evidence of non-obviousness.
`
`I further understand that such considerations are
`
`often the most probative and determinative of obviousness or non-obviousness.
`
`31.
`
`Iunderstand that I must construe a claim in accordance with the
`
`ordinary and customary meaning ofthe language of such claim as understood by
`
`one of ordinary skill in the art and the prosecution history pertaining to the patent.
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 009
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 009
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`A.
`
`32.
`
`Level of Skill In the Art
`
`Lunderstand that I should perform myanalysis from the viewpoint of
`
`a personofordinary skill in the art. I understand thatthis hypothetical person of
`
`ordinary skill in the art is considered to have the normal skills of a person in a
`
`certain technical field. I understand that factors that may be considered in
`
`determining the level of ordinary skill in the art include: (1) the education level of
`
`the inventor; (2) the types of problems encounteredin the art; (3) the prior art
`
`solutions to those problems; (4) rapidity with which innovations are made; (5) the
`
`sophistication ofthe technology; and (6) the education level of active workersin
`
`the field.
`
`33.
`
`In myopinion, a person of ordinary skill in the art would have a
`
`Bachelor’s degree in Computer Science, Computer Engineering, or Applied
`
`Mathematics, with 2 or more years of academic or industry experience in computer
`
`security, network security or mobile payment technology.
`
`B.
`
`The Claimed Invention Of The ’787 Patent
`
`34.
`
`The ’787 Patent claims methods and systems for providing electronic
`
`purses (e-purses) for use in electronic and mobile commerce. °787 Patent at 1:17-
`
`21. The inventors of the ’787 Patent realized that existing contactless cards were
`
`not effective for use in electronic or mobile commerce “because stored values and
`
`transaction information are stored in data storage of each tag that is protected by a
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 010
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 010
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`set of keys.” Jd. at 1:33-37. Those keys “need to be delivered to the card for
`
`authentication before data can be accessed during a transaction.” Jd. at 1:37-39.
`
`“This constraint makes systemsusing such technologydifficult to be expandedto
`
`an open environment suchas the Internet for e-commerce and cellular networks for
`
`m-commerceas the key delivery over a public domain network causes security
`
`concerns.” Jd. at 1:39-43.
`
`35.
`
`To solve these problems, the inventors of the °787 Patent developed a
`
`system for personalizing a card stored in a portable device. The system makes use
`
`of a midletthat facilitates communication between the securely stored applets and
`
`paymentservers over a wireless network:
`
`10
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 011
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 011
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`Existing hardware for
`land-based commerce
`(¢.g., Stores or
`
`transportation)in FIG. 2
`
`Cell phone with
`smart card
`module
`
`202
`
`°787 Patent, Fig. 2 (showing midlet (in yellow), and applet (in green)).
`
`11
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 012
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 012
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`
`
`FIG. 3B
`
`°787 Patent, Fig. 3B (annotations added).
`
`36.
`
`The midlet facilitates this communication, for example, while the card
`
`is being personalized. The entire process is protected by a three-tier security
`
`12
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 013
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 013
`
`
`
`model:
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`100
`
`Card Managersecurity
`
`106
`
`102
`
`E-Purse security
`
`104
`
`Physical security
`
`*787 Patent, Fig. 1A
`
`37:
`
`“The three-tier security model 100 includes physical security
`
`102, e-purse security 104 and card managersecurity 106.” °787 Patent at 3:58-60.
`
`The physical security “refers to a security mechanism providedbya single
`
`functional card to protect data stored on the card. The card may be hardware
`
`implemented or software emulated running on a type of media.” Jd. at 3:61-64. E-
`
`purse security “defines a set of protocols that enable micro paymenttransactions to
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 014
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 014
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`be carried out in both wired and wireless environments.” Jd. at 4:4-6. “During a
`
`transaction, the purse usesa set of respective keys for encryption and MAC
`
`computation in order to secure the message channel betweenthe purse andthe
`
`SAM or backendservers.” Jd. at 4:9-13. “Card Manager Security 106, referring to
`
`a general security frameworkofa preload operating system in a Smart card,
`
`providesa platform for PIN managementand security channels (security domains)
`
`for card personalization. This platform via a card manager can be used to
`
`personalize a purse in one embodiment.” Jd. at 4:19-24.
`
`38.
`
`A device that has been personalized using the three-tier security
`
`as above can then perform e-commerce and m-commerce using an emulator, and
`
`NFCinterface for e-commerce, and a secondinterface for m-commerce. Jd. at
`
`2:36-52, 5:1-15, Fig.2.
`
`Vv.
`
`THE ALLEGED PRIOR ART
`
`A.
`
`39.
`
`Dua (U.S. Patent App. Pub. No. 2006/0165060)
`
`Ihave reviewed U.S. Pat. Publ. 2006/0165060 (Ex. 1004, “Dua”).
`
`Duais directed to a system for “managing credentials through a wireless
`
`network.”! Duawas filed on January 21, 2005 and published on July 27, 2006.”
`
`Dua sought to solve difficulties with inputting credentials into a wireless device.?
`
`! Dua atTitle, Abstract.
`? Dua.
`3 Dua at [0019].
`
`14
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 015
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 015
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`Dua contemplates a system “through which credential issuers can securely and
`
`rapidly target specific wireless devices for the distribution ofthe appropriate
`
`credentials.”*
`
`40. Duacontemplates a communications scheme using the Session
`
`Initiation Protocol (SIP).*> Each device in the Dua system, such as a portable
`
`phone, contains a wallet application.® The device further is assigned an “E.164
`
`phone number, Uniform Resource Identifier (URI) or other type of unique address
`
`that can be resolved overthe Internet” for use with SIP.’ Dua’s system also makes
`
`use of a Wireless Credential Manager (WCM)that “maintains, controls and
`
`distributes credentials.”® Credentials are provided to the wireless device when a
`
`card issuer sends a personalization file to the WCM,along with the device’s phone
`
`numberor other uniqueidentifier.” Using the identifier, such as a phone number,
`
`the WCM connects to the specified device using SIP.!° If security is desired, the
`
`communication may be encrypted using SIPS/TLSor another method.'! The
`
`WCMthen forwardsthe credentials to the wireless device.” Using SIP to
`
`* Dua at [0020], [0024].
`> Dua at [0042].
`6 Id.
`7 Id.
`8 Id. at [0043].
`9 Id. at [0057].
`10 fq, at [0061]-[0062], [0128]-[0182].
`11 fq, at [0131], [0180].
`12 fq, at [0180].
`
`15
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 016
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 016
`
`
`
`IPR2022-00412
`PATENTNO. 9,189,787
`“establish direct communication” between the WCM andthe deviceis “an
`
`important aspect of’ Dua.!* “Thedirect connection betweenthe end-points using
`
`SIP offers a secure method, withoutintermediary servers, by whichto transmit
`
`confidential information.”!4
`
`41.
`
`Dua’s system makesuseof a wallet application, including a
`
`wallet shell, that runs on the phone’s primary processor.'> The wallet application is
`
`augmented with “extensions”that perform specific functions, where these
`
`extensionsofthe wallet application run within the wallet application on the
`
`phone’s primary processor.'!® Dua’s extensions are intended to “‘extend’ the
`
`capability of the wallet platform by enabling a newset offeatures defined by the
`
`credential issuer.”'’ Extensionsare either preloaded or provided via the secure SIP
`
`provisioning process for credentials. '*
`
`42.
`
`Dua further discusses an embodiment where a smart card is
`
`used on the phone,but this smart card is used for storage and contactless
`
`13 fd, at [0178].
`Wid.
`
`15 {d. at [0041], [0288-89], [0294], [0311].
`16 id, at [0293].
`17 Id, at [0289].
`18 fd. at [0295], [0296].
`
`16
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 017
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 017
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`communication;it is not used to run the wallet application,the wallet shell, or the
`
`extensions.!?
`
`43. Dua doesnot teach an e-purse applet on a smart card. Rather, Dua
`
`teaches a system based ona different architecture. In Dua’s system,there isa
`
`wallet application, including a wallet shell, that runs on the phone’s primary
`
`processor, not on a smart card. In Dua’s system,the wallet applicationis
`
`augmented with “extensions”that perform specific functions, where these
`
`extensionsof the wallet application run within the wallet application on the
`
`phone’s primary processor. Dua teaches an embodiment where a smart card is
`
`used on the phone,but this smart card is used for storage and contactless
`
`communication; it is not used to run the wallet application, the wallet shell, or the
`
`extensions. Dua’s system teaches a SIP based, secure communication schemethat
`
`is used in multiple aspects of Dua’s system. Dua’s choice and useofSIP is not
`
`merely a case of making one design choice among many; Dua provides an
`
`extensive description of the advantages of SIP as well as details of its use of SIP;
`
`for example, Duaindicates an advantage due to SIP’s use in telephony to use
`
`phone numbers (aka E.164) as a means of addressing the mobile phonesthat are
`
`the focus of Dua. Dua’s architecture is designed to leverage the same SIP-based
`
`19 Id. at [0295].
`
`Li
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 018
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 018
`
`
`
`IPR2022-00412
`PATENT NO, 9,189,787
`architecture used for telephony. Dua teachesthat SIP is particularly appropriate
`
`for the wallet application. Further details of Dua are addressed below.
`
`B.
`
`GlobalPlatform
`
`44.
`
`Ihave reviewed GlobalPlatform Card Specification Version 2.1.1 (Ex.
`
`1006, “GlobalPlatform”).
`
`45. GlobalPlatform describes a security architecture and commandsfor
`
`use in installing and developing applications for use on GlobalPlatform cards.”°
`
`46.
`
`“The GlobalPlatform card architecture is comprised of a number of
`
`components that ensure hardware and vendor-neutral interfaces to Applications
`
`and off-card management systems.”?!
`
`20 GlobalPlatform at 65-67, 88-90.
`21 GlobalPlatform at 28.
`
`18
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 019
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 019
`
`
`
`IPR2022-00412
`
`PATENT NO. 9,189,787
`
`GlobalPlatform at 28.
`
`C.
`
`Philips
`
`47.
`
`Ihave reviewed Philips (Ex. 1012). Philips has a revision date of
`
`October 2004 and describe a Philips Semiconductor P5CT072 Secure Dual
`
`Interface PKI Smart Card Controller.
`
`48.
`
`In my experience, a datasheetlike Philips would normally only be
`
`distributed under an NDA. Philips contains numerousproprietary details, such as a
`
`detailed block diagram (Ex. 1012 at 9), mapping of contacts and pinouts (id.) and
`
`other details that are not normally made public.
`
`19
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 020
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 020
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`VI. CLAIM CONSTRUCTION
`
`49.
`
`In my opinion, claim construction is not required to resolve any issues
`
`in this proceeding.
`
`VII. GROUND1: CLAIMS1-19 ARE NOT OBVIOUS OVER DUA
`IN VIEW OF GLOBALPLATFORM AND PHILIPS
`
`50.
`
`In my opinion, the combination ofDua, GlobalPlatform, and Philips
`
`does not render any of claims 1-19 obvious.
`
`A.
`
`A POSITA Would Not Be Motivated to Combine Dua
`With GlobalPlatform and Philips
`
`51.
`
`[understand that Petitioner’s obviousness arguments require
`
`combining Dua with GlobalPlatform and Philips. In my opinion, a POSITA would
`
`not be motivated to make such a combination for the reasons set forth below.
`
`52. Dua explains that its aim to leverage the use of existing channels to
`
`provide the capability “through which credential issuers can securely and rapidly
`
`target specific wireless devices for the distribution of the appropriate credentials
`
`over public and private networks.” Dua, § [0020]. Accordingly, “wireless
`
`device 200 also has a Session Initiation Protocol (SIP) Application Programming
`
`Interface (API) framework embedded in or running on top of a resident operating
`
`system, which allows for multiple SIP-based applications, such as the wallet
`
`application discussed herein, to function.” Dua, J [0042]. At the time of the ’787
`
`Patent’s invention, SIP was the predominant method oftransmitting data to a mobile
`
`20
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 021
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 021
`
`
`
`IPR2022-00412
`PATENT NO. 9,189,787
`
`device, such as a cellular phone. Thus, a POSITA would understand that the use of
`
`SIP would leverage a device’s already-existing functionality.
`
`53.
`
`Indeed, Dua explains that “The use of SIP for transmitting and
`
`managing credentials on wireless device 200 is preferred as mobile operators and
`
`fixed line operators are moving towards a SIP-basedarchitecture for voice and other
`
`multimedia services. It is envisioned that the use of SIP for communication between
`
`a credential issuer and a wallet application resident on wireless device 200 could
`
`leverage the same SIP registrar, proxy, and presence servers used to deliverreal-
`
`time interactive converged communication services within a mobile operator's
`
`network.” Dua, § [0051].
`
`54. Accordingly, a POSITA would read Dua’s statement that “The use of a
`
`SIP architecture to locate a mobile end-user and to establish direct communication
`
`between the end-points (WCMandwallet application) for the purpose oftransferring
`
`confidential information (e.g. credentials) is an important aspect of the present
`
`invention”( Dua, { [0178] (emphasis added)) to understand that the SIP-based
`
`architecture, even if implemented using a different protocol, is necessary to use
`
`Dua’s invention. All secure communications within Dua, including downloading
`
`and installing its extensions, are done by making a SIP connection between the
`
`WCM and the mobile device. Jd., F¥ [0296], [0311], Figs. 1, 3, 8.
`
`21
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 022
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 022
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`55. Dua briefly mentions “While the use of SIP for such purposes is
`
`preferred, alternative application protocols may be usedin lieu of SIP whilestill
`
`remaining within the spirit and scope of the present invention.” Dua, [0050]. A
`
`POSITAwould notunderstand this statement to encourage layering another system
`
`such as GlobalPlatform onto Dua.
`
`56.
`
`In my opinion, a POSITA reading Duaat [0050] would understand
`
`that while SIP was becoming the predominantstandard for mobile communications
`
`at the time, older equipment possessed similar functionality. A POSITA would
`
`thus understand that while SIP-like functionality was keyto the invention, other
`
`protocols that provided similar functionality were acceptable. For example,other
`
`prior examples are H.323, MGCP, MEGACo whichis also H248.
`
`57. Dua’s disclosure make this further clear. All communications within
`
`DUAare accomplished through SIP. E.g., Dua, J¥ [0042], [0051], [00178],
`
`[0296], [0311]; Figs. 1, 3, 8. And the only security disclosed within Duais using
`
`SIP with S/MIME and TLS. See generally Dua.
`
`58. Dua’s use of SIP allowsfor specific targeting of a particular device
`
`and secure end-to-end communication, much like being able to call a particular
`
`phone. Jd., [0020]. I disagree that a POSITA would have been motivated to
`
`discard Dua’s use of SIP and to instead import GlobalPlatform. GlobalPlatform
`
`doesnot allow for targeting and server-side initiation of communications to
`
`22
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 023
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 023
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`specific devices by looking up that device’s phone number, as Dua teaches. Dua,
`
`[0131].
`
`59.
`
`I note that Apple does not explain any method under GlobalPlatform
`
`where a card issueror application provider could proactively target and contact a
`
`particular device (or even a smart card). This is logical, as the device containing
`
`the smart card would haveto create a connection to a remote server before the
`
`smart card could communicate with that server.
`
`60.
`
`Finally, a POSITA would not be motivated to combine
`
`GlobalPlatform with Dua because Duaalready provides security through its use of
`
`SIP, TLS, and S/MIME.In my opinion, a POSITA would not seek to include
`
`GlobalPlatform’s functionality that would duplicate that already in Dua.
`
`61. Apple and Mr. Smith states that a POSITA would combine Dua with
`
`GlobalPlatform and Philips because Dua states that “MasterCard and Visa have
`
`also been working jointly over the last few years to develop specifications that
`
`define a set of requirements for security and interoperability between chip cards
`
`andterminals on a globalbasis, regardless of the manufacturer, the financial
`
`23
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 024
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 024
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`institution, or where the card is used.” Pet. at 16 (quoting Duaat [0013])
`
`(emphasis added).”* I disagree.
`
`62. A POSITA would understandthat the specifications referred to are the
`
`EMV Chip Specifications.**7 As EMVCo.explains, “The EMV Chip Specifications
`
`... are global paymentindustry specifications that describe the requirements for
`
`interoperability between chip-based paymentapplications and acceptance
`
`terminals to enable payment.” Ex. 2003 at 5 (emphasis added). Indeed, Dua refers
`
`numerous times to EMV for payment applications. E.g., Dua, at [0013]
`
`(“American Express, MasterCard, and Visa have agreed onasingle contactless
`
`paymentstandard in the United States, ISO/IEC 14443, and are implementing a
`
`contactless payment approach that leverages the existing payments
`
`infrastructure.”);”* [0398] (Presently, with various bank card transactions, PINs
`
`are verified either online with a bank host computer system,or verified offline
`
`against security data onboard the card as in EMV ‘chip & PIN’transactions.”);
`
`[0525] (“EMV-Compliant—Thewallet application should meet standards defined
`
`by card organizations.”). Based on these statements, a POSITA would understand
`
`*2 The Petition cites to Dua, [0014], but that paragraph relates to smart cards
`becoming the “dominant technology for conducting financial transactions. Dua,
`[0014]. It does not discuss “credit card organizations ‘workingjointly.’”
`?3 EMV stands for Europay, Mastercard and Visa (Ex. 2003 at 5.)
`*4 GlobalPlatform makes no reference to ISO/IEC 144433. See generally Ex. 1006.
`
`24
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 025
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 025
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`
`that Duais referring to specifications relating to “interoperability between chip-
`
`based paymentapplications and acceptanceterminals.”
`
`63. A POSITA would understand that GlobalPlatform is not related to
`
`interoperability between chip cards and terminals.Instead,it aims to provide a
`
`“card managementarchitecture.” Ex. 1006, p. 16. A POSITA would recognizethat
`
`card managementis internal to the smart card itself, and does not relate to
`
`interoperability between chip cards and terminals.
`
`64. GlobalPlatform similarly states that it provides a “card management
`
`specification.” Ex. 1006, p. 16. A POSITA would not understand the card
`
`managementspecification to relate to interoperability either. Instead, even to the
`
`extent it has to do with security, it relates to the security of internal components of
`
`the smart card. Ex. 1006, p. 32. (“The primary goal of the GlobalPlatform is to
`
`ensure the security and integrity ofthe card's componentsfor thelife of the card.”).
`
`See also id. (“These componentsare the runtime environment, the OPEN,the
`
`Issuer Security Domain, the Security Domains, the Applications.”); see also id.,
`
`pp. 29-30.
`
`65.
`
`I further disagree that a POSITA would have been motivated by Dua’s
`
`statement
`
`that a “wallet application should meet standards defined by card
`
`organizations.” Dua, J [0525]. As I note above,
`
`the full statement
`
`is “EMV-
`
`Compliant—The wallet application should meet standards defined by card
`
`25
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 026
`
`RFCyber's Exhibit No. 2007, IPR2022-00412
`Page 026
`
`
`
`IPR2022-00412
`PATENT NO.9,189,787
`organizations.” Dua, § [0525]. In other words, a POSITA would recognize that the
`
`wallet application should meet the EMV standard.
`
`66. A POSITA would not understand GlobalPlatform to be a “card
`
`organization.” GlobalPlatform is not a card organization;
`
`instead it
`
`is “an
`
`organization that has beenestablished by leading companies from the payments and
`
`communicationsindustries, the government sector and the vendor community, and
`
`is the first to promote a global infrastructure for smart card implementation across
`
`multiple industries.” Ex. 1006, p. 16. GlobalPlatform therefore is not payment-
`
`related,
`
`it
`
`is
`
`inste
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
