`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`__________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`__________________________________________________________________
`
`
`APPLE INC.,
`
`Petitioner,
`
`v.
`
`RFCYBER CORP.,
`
`Patent Owner.
`
`
`Patent No. 9,240,009
`Filing Date: January 16, 2012
`Issue Date: January 19, 2016
`
`Inventors: Liang Seng Koh, Hsin Pan, and Xiangzhen Xie
`Title: MOBILE DEVICES FOR COMMERCE OVER
`UNSECURED NETWORKS
`
`__________________________________________________________________
`
`PATENT OWNER’S SUR-REPLY
`
`Case No. IPR2022-00413
`__________________________________________________________________
`
`
`
`
`
`
`
`
`
`TABLE OF CONTENTS
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`Page(s)
`
`B.
`
`C.
`
`INTRODUCTION ........................................................................................... 1
`ARGUMENT ................................................................................................... 2
`A.
`Patent Owner’s Proposal for the Ordinary Level of Skill is
`Correct, and Patent Owner’s Expert is Qualified .................................. 2
`A POSITA Would Not Combine Dua with GlobalPlatform
`and/or Philips ......................................................................................... 6
`Limitations of the Asserted References Do Not Disclose or
`Render Obvious a “secure element” (claims 1 and 14) ......................14
`The Asserted References Do Not Disclose or Render Obvious
`“wherein the server is configured to prepare data necessary for
`the [application/each of the modules] to function as designed on
`the mobile device” (claims 1 and 14) ..................................................16
`The Asserted References Do Not Disclose or Render Obvious
`“a display configured to display a user interface showing some
`of the modules that are still provisioned and active, each of the
`modules
`is configured
`to show another user
`interface
`particularly designed for the display of the mobile device when
`the each of the modules is activated by a user” (claim 16) .................19
`
`D.
`
`E.
`
`
`
`
`I.
`II.
`
`
`
`i
`
`
`
`
`
`TABLE OF AUTHORITIES
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
` Page(s)
`
`Cases
`Belden Inc. v. Berk-Tek LLC,
`805 F.3d 1064 (Fed. Cir. 2015) .......................................................................... 14
`Chemours Co. FC, LLC v. Daikin Indus., Ltd.,
`4 F.4th 1370 (Fed. Cir. 2021) ............................................................................... 6
`Personal Web Techs., LLC v. Apple, Inc.,
`848 F.3d 987 (Fed. Cir. 2017) ............................................................................ 13
`Samsung Elecs. Am., Inc. v. RFCyber Corp.,
`IPR2021-00979, Paper 10 (P.T.A.B. Dec. 14, 2021) ......................................... 17
`Sandbox Logistics LLC v. Proppant Express Invs. LLC,
`813 Fed. Appx. 548 (Fed. Cir. 2020) .................................................................... 8
`Sanofi-Synthelabo v. Apotex, Inc.,
`550 F.3d 1075 (Fed. Cir. 2008) .......................................................................... 13
`Trivascular, Inc. v. Samuels,
`812 F.3d 1056 (Fed. Cir. 2016) ............................................................................ 6
`Statutes
`35 U.S.C. 324 ............................................................................................................. 4
`Other Authorities
`37 C.F.R. § 42.207 ..................................................................................................... 5
`
`
`
`
`
`ii
`
`
`
`
`I.
`
`INTRODUCTION
`Apple Inc. (“Petitioner” or “Apple”) has failed to show that claims 1-17
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`(“challenged claims”) of the ’009 Patent are invalid and, on Reply, fails to rebut
`
`Patent Owner’s arguments. The Board should issue a Final Written Decision finding
`
`all of the Challenged Claims not unpatentable for the reasons set forth below and in
`
`Patent Owner’s Response (the “POR”).
`
`First, Apple fails to rebut that a POSITA would not have any reason or
`
`motivation to combine Dua with GlobalPlatform. Apple does not substantively
`
`address its own expert’s admissions that he does not have any expertise in network
`
`protocols, a central feature of his alleged motivation to combine, that the field of the
`
`invention was unpredictable, and that there were no obvious solutions. Nor does
`
`Apple identify any deficiencies in Dua, or any benefit that would supply a reason
`
`and/or motivation to replace or modify Dua’s SIP-based protocols with
`
`GlobalPlatform. Instead Apple introduces a supplemental declaration and raises
`
`wholesale new arguments alleging that it is (somehow) possible to add
`
`GlobalPlatform without entirely replacing SIP entirely. This is inconsistent with
`
`Apple’s own arguments in the Petition and, in any case, does not cure Apple’s failure
`
`to provide a justification defeating Dua’s aim of leveraging existing channels (such
`
`as SIP) by importing GlobalPlatform. Finally, Apple resorts to baseless mudslinging
`
`against the qualifications of Patent Owner’s expert, Mr. Gomez. But as discussed
`
`1
`
`
`
`
`below infra Section II.A., Apple’s arguments are premised on an unduly narrow
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`formulation of the level of ordinary skill in the art and, Mr. Gomez is qualified under
`
`both parties’ proposals. Apple’s combination fails on this basis.
`
`Second, despite raising a slew of new arguments, Apple fails to show that its
`
`combination discloses or renders obvious a “secure element,” any “server configured
`
`to prepare data necessary” for applications or modules to function, or any display
`
`with a user interface configured to show “another user interface . . . when each of
`
`the modules is activated by a user.” Apple’s arguments rely on the false premise that
`
`its own expert is credible (despite his admissions to the contrary), while the
`
`testimony of Patent Owner’s expert should be discounted entirely. But as set forth
`
`below infra Section II, Apple fails to show that any of these limitations are disclosed
`
`or rendered obvious, and the Board should further find that the challenged claims
`
`are not unpatentable on this basis.
`
`II. ARGUMENT
`Patent Owner’s Proposal for the Ordinary Level of Skill is
`A.
`Correct, and Patent Owner’s Expert is Qualified
`Patent Owner’s proposed level of ordinary skill in the art is correct, and its
`
`expert is qualified, irrespective of which proposed level of skill in the art is applied.
`
`Petitioner’s reply argues from the false premise that Patent Owner’s expert is
`
`somehow unqualified and repeatedly relies on this assertion. To reach this
`
`conclusion, Petitioner (1) wrongly suggests that a POSITA need have direct
`
`2
`
`
`
`
`experience with “payments” (without exception) and (2) wrongly asserts that
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`Mr. Gomez does not have relevant experience.
`
`First, Patent Owner’s proposed level of ordinary skill is correct. Patent Owner
`
`proposes that “[a] person of ordinary skill in the art would have a Bachelor’s degree
`
`in Computer Science, Computer Engineering, or Applied Mathematics, with 2 or
`
`more years of academic or industry experience in computer security, network
`
`security or mobile payment technology.” POR at 7. (emphasis added). Petitioner
`
`proposed that “a POSITA would have had at least a bachelor’s degree in computer
`
`science, computer engineering, electrical engineering or an equivalent, and about
`
`one year of professional experience relating to mobile payment technology.” Pet.
`
`at 9. (emphasis added). Patent Owner’s proposal, which has a greater experience
`
`requirement than Petitioner’s, addresses that the claimed arrangement of security
`
`features, such as “device information of a secure element” and “secured channel[s]
`
`between the secure element and the server using a key set installed on the secure
`
`element,” among others. The ’009 Patent also highlights the importance of
`
`“authentic and secured transactions” (Ex. 1001 at Abstract) and teaches that
`
`“[e]qually important to these entities or players, is the need for ongoing security and
`
`confidentiality of sensitive applications and data downloaded to and stored on an
`
`NFC enabled handset.” Id. at 6:26-32. Petitioner’s own expert acknowledges that
`
`education related to “secure communications, secure memory devices, and
`
`3
`
`
`
`
`potentially smart cards” is relevant to the level of ordinary skill. Ex. 1003, ¶ 28.
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`Patent Owner’s proposal acknowledging that a range of experience related to
`
`security computer and network security is relevant to the invention is therefore
`
`correct.
`
`Without identifying any support in the ’009 Patent, Petitioner seeks to limit
`
`the field of relevant experience exclusively to “mobile payment technology.” Reply
`
`at 2-3. This formulation is unduly narrow and ignores both the majority of the
`
`claimed limitations (which relate to computer or network security) and its own
`
`expert’s admissions, as noted above. The fact that the invention of the ’009 Patent is
`
`generally related to “commerce over networks” is not a basis for limiting the level
`
`of ordinary skill to “professional experience in mobile payments.” Ex. 1001 at 1:18-
`
`21. Indeed, Petitioner does not substantively address the ’009 Patent’s “technical
`
`field” or “description of the related art.” Instead, Petitioner wrongly asserts that
`
`“removed a requirement” and relies on the fact that Patent Owner did not dispute the
`
`level of ordinary skill of the art solely for purposes of its POPR, baselessly
`
`suggesting that Patent Owner is now required to provide justification for any
`
`departure from that formulation. Reply at 2-3. This boils down to an assertion that
`
`Patent Owner agreed to any argument not disputed in its POPR, which is contrary to
`
`the law. A patent owner’s preliminary response is “limited to setting forth the
`
`reasons why no post-grant review should be instituted under 35 U.S.C. 324” and
`
`4
`
`
`
`
`Patent Owner’s Response is not limited to the arguments presented in its preliminary
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`response, and a decision not to contest an argument solely for the purposes of a
`
`preliminary response is not an agreement. 37 C.F.R. § 42.207.
`
`Second, Mr. Gomez is well qualified under both proposed levels of ordinary
`
`skill. Petitioner does not dispute that Mr. Gomez has great experience in computer
`
`and network security. Instead, Petitioner conclusorily asserts that he lacks
`
`experience in “mobile payments,” by citing to deposition questions regarding
`
`whether he “worked on any e-purses specifically” and other similarly narrow
`
`questions. Reply at 2-3. To the contrary, Mr. Gomez has extensive experience with
`
`online and mobile commerce based on his professional experience developing
`
`hardware, software, and protocols used in online and mobile commerce. See e.g. Ex.
`
`1045 at 14:1-6 (“I’ve worked on all of the systems that the mobile commerce leans
`
`on in order to be able to communicate the -- you know, secure elements -- secure
`
`data across a network.”). As just one example, Mr. Gomez worked with Philips
`
`Semiconductors developing early smart cards. See id. at 14:7-24 (“I did have a period
`
`of time at Philips . . . where I did actually work on peripherals used for
`
`microprocessors. And those [] did include very early storage elements that some
`
`today would be considered to be smart cards.”) This, along with Mr. Gomez’s other
`
`work with communications protocols, is “professional experience relating to mobile
`
`payment technology.” Petitioner’s suggestion that Mr. Gomez needs direct
`
`5
`
`
`
`
`experience working on “financial transactions” or “specifically” working on an e-
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`purse in order to have experience with “mobile payments” is baseless.
`
`Patent Owner’s proposed level of ordinary skill in the art is correct, and
`
`Mr. Gomez is qualified under either party’s proposal.
`
`B. A POSITA Would Not Combine Dua with GlobalPlatform
`and/or Philips
`Apple’s petition does not identify any deficiencies in Dua that would motivate
`
`a POSITA to import GlobalPlatform. To the contrary, importing GlobalPlatform
`
`would defeat Dua’s aim to leverage an existing channel (such as SIP) to download
`
`SVCEs. See Trivascular, Inc. v. Samuels, 812 F.3d 1056, 1068 (Fed. Cir. 2016)
`
`(holding that it is not obvious to “destroy the basic objective” of the prior art
`
`reference); Chemours Co. FC, LLC v. Daikin Indus., Ltd., 4 F.4th 1370, 1376-77
`
`(Fed. Cir. 2021). On Reply, Apple fails to remedy these and other deficiencies.
`
`First, rather than address the substance of Patent Owner’s arguments now
`
`before the Board, Apple merely restates cherry-picked portions of the Board’s
`
`institution decision in the Samsung IPR based on which Apple filed a copy-cat
`
`Petition. Apple’s straw man argument miscasts both the record, and Patent Owner’s
`
`arguments, as identical to the preliminary record in the Samsung IPR. Apple ignores
`
`that those findings were based on the preliminary record before the Board in the
`
`Samsung IPR and based on (among other things) the then-uncontroverted testimony
`
`6
`
`
`
`
`of Mr. Smith. But Mr. Smith’s admissions, and Mr. Gomez’s considered opinions,
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`weigh against those findings, as do the totality of Dua and GlobalPlatform’s
`
`teachings.
`
`As set forth in the POR at length, Dua explains that “[t]he use of SIP for
`
`transmitting and managing credentials on wireless device 200 is preferred as mobile
`
`operators and fixed line operators are moving towards a SIP-based architecture for
`
`voice and other multimedia services. It is envisioned that the use of SIP for
`
`communication between a credential issuer and a wallet application resident on
`
`wireless device 200 could leverage the same SIP registrar, proxy, and presence
`
`servers used to deliver real-time interactive converged communication services
`
`within a mobile operator's network.” Ex. 1004, Dua, ¶ [0051]. Thus, “[t]he use of a
`
`SIP architecture to locate a mobile end-user and to establish direct communication
`
`between the end-points (WCM and wallet application) for the purpose of transferring
`
`confidential information (e.g. credentials) is an important aspect of the present
`
`invention.” Id., ¶ [0178] (emphasis added). Mr. Gomez explains at length that a
`
`POSITA would understand that Dua aims to leverage a SIP API framework to
`
`“allow[] for multiple SIP-based applications, such as the wallet application.” Ex.
`
`2007, Gomez Decl., ¶¶ 50-53 (citing Dua, [0042], [0050]-[0051], and [0178]. While
`
`Dua’s specification includes boilerplate language that different existing network
`
`protocols may be used to implement Dua’s invention, that is not a suggestion to
`
`7
`
`
`
`
`implement an entirely new system layered on Dua, as Apple argues. See Sandbox
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`Logistics LLC v. Proppant Express Invs. LLC, 813 Fed. Appx. 548, 553 n.8 (Fed.
`
`Cir. 2020) (non-precedential) (“[B]oilerplate language, without more, is not
`
`sufficient to overcome the explicit description of the ’present invention.’”).
`
`Moreover, Apple relies extensively on Mr. Smith’s declaration in arguing for
`
`the addition of GlobalPlatform to Dua’s network protocols. But Mr. Smith now
`
`admits his expertise has nothing to do with network protocols, and his declaration is
`
`not credible evidence to support Apple’s argument that Dua’s SIP-based S/MIME
`
`and TLS security could be supplanted with GlobalPlatform. Ex. 2009, Smith Dep.
`
`Tr. at 42:21-43:3 (“I am not a network protocol expert.”). Mr. Smith further admitted
`
`that he does “not have an appreciation for [SIP] other than [] I have an awareness.
`
`To me, it’s a way of making a pipe . . . between . . . the network and handset.” Id. at
`
`43:4-15; see also 43:25-44:13 (“Q: In terms of making a pipe, so to speak, in 3G or
`
`4G over the internet for some kind of communication, that’s not [] your main area
`
`of expertise, right? A: That’s correct, Vincent.”). Mr. Smith also admitted that the
`
`field at the time of the invention was extremely unpredictable and that no solutions
`
`were obvious. Id. at 93:8-23 (“But yeah [] the summary is the handsets were
`
`maturing, smart card technology which was always considered a European-founded
`
`technology, the French claimed it, although the Japanese claimed it also at the same
`
`time . . . I wouldn’t say that we didn’t have the expertise [] but it wasn’t tempered
`
`8
`
`
`
`
`by the experience needed to really stand up robust saleable solutions. That’s my
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`experience from let’s say the late ‘90s up into 2006.”) (emphasis added). Apple’s
`
`cherry-picked citations to the Samsung IPR (before Mr. Smith’s admissions entered
`
`the record) do nothing to address this evidence.
`
`Second, Apple fails to substantively address that a POSITA would not see any
`
`advantage in adding GlobalPlatform to Dua. Rather than address these arguments,
`
`Apple attempts to mischaracterize them as solely demanding a “flaw” in Dua. Reply
`
`at 5. But as Mr. Gomez explains, “a POSITA would not be motivated to combine
`
`GlobalPlatform with Dua because Dua already provides security through its use of
`
`SIP, TLS, and S/MIME. In my opinion, a POSITA would not seek to include
`
`GlobalPlatform’s functionality that would duplicate that already in Dua.” Ex. 2007,
`
`¶ 58. Apple bears the burden to identify some reason or motivation for a POSITA to
`
`overlay GlobalPlatform onto Dua, which would involve the wholesale replacement
`
`of many network protocols in Dua. It cannot.
`
`Apple also raises new arguments wrongly suggesting that its combination
`
`replacing Dua’s SIP-based network protocol with GlobalPlatform would somehow
`
`not involve discarding SIP. Reply at 5. Apple relies on a supplemental declaration
`
`from Mr. Smith, who is admittedly not an expert in this area, to suggest that
`
`GlobalPlatform’s personalization techniques would somehow not replace the
`
`entirety of the SIP network protocol contemplated in Dua. Reply at 6. As an initial
`
`9
`
`
`
`
`matter, Apple does not even dispute that the combination would involve replacing
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`the entirety of the SIP-based personalization contemplated in Dua with that of
`
`GlobalPlatform, instead pointing to ancillary portions of Dua’s SIP sessions which
`
`it says would remain. Id. The remainder of Apple’s argument does nothing more
`
`than pay lip service to Dua’s SIP-based connections based on phone numbers (which
`
`Apple now refers to as “pipes”), ignoring that its own petition already relied on
`
`distinct and incompatible GlobalPlatform security domains to form those
`
`connections. See Pet. at 21 (relying on GlobalPlatform “application provider security
`
`domain” to “establish a secure channel, for installing an application”); id. at 22
`
`(relying on GlobalPlatform Issuer Security Domain to install an application in Dua’s
`
`smart card as modified); id. at 24-25 (relying on “GlobalPlatform’s Issuer Security
`
`Domain and a key set installed on the secure element” for limitation requiring
`
`“establishing a secured channel. . .” limitation). Apple cannot have it both ways; a
`
`channel is either established with a GlobalPlatform security domain and key set, or
`
`Dua’s SIP sessions based on a user’s phone number. Apple’s attorney argument that
`
`a GlobalPlatform receipt may (somehow) be transmitted “via the wireless SIP
`
`session” does nothing to remedy this incompatibility, nor to identify any manner in
`
`which a POSITA would understand that they could both be used simultaneously.
`
`Fourth, Apple’s reliance on Dua’s statement that “MasterCard and Visa have
`
`also been working jointly over the last few years to develop specifications that define
`
`10
`
`
`
`
`a set of requirements for security and interoperability between chip cards and
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`terminals on a global basis, regardless of the manufacturer, the financial institution,
`
`or where the card is used,” remains misplaced. The specifications referred to are the
`
`EMV Chip Specifications which, as EMVco explains, are “global payment industry
`
`specifications that describe the requirements for interoperability between chip-
`
`based payment applications and acceptance terminals to enable payment.” Ex.
`
`2003 at 5 (emphasis added and footnote omitted). Dua refers to such EMVco
`
`specifications
`
`repeatedly. Moreover, a POSITA would understand
`
`that
`
`GlobalPlatform purports to provide a card management architecture. Pet. at 11
`
`(quoting Ex. 1006, p. 16). It does not relate to interoperability between chip cards
`
`and terminals, or even to payments, at all. Ex. 2007, ¶¶ 59-65.
`
`Apple fails to identify any disclosure within GlobalPlatform related to
`
`payments, or interoperability between chip cards and terminals; it cannot, because
`
`none exists. Instead, Apple argues that GlobalPlatform is somehow a “payments
`
`organization” based on the fact that its founders are companies within the payments
`
`space. But whether or not GlobalPlatform was founded by payments companies is
`
`irrelevant to the scope of the standard and does not somehow render that standard
`
`relevant to “security and interoperability between chip cards and terminals.” Apple
`
`notably fails to identify any content of GlobalPlatform relevant to interoperability
`
`between chip cards and terminals, or to payments at all.
`
`11
`
`
`
`Apple also relies on Dua’s statement that a “wallet application should meet
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`
`
`standards defined by card organizations.” Pet., 15 (quoting Dua, ¶ [0525]). Apple
`
`does not substantively address that it selectively quoted this sentence out of context,
`
`as the full statement is “EMV-Compliant—The wallet application should meet
`
`standards defined by card organizations.” Dua, ¶ [0525] (emphasis added). Apple
`
`instead takes issue with the statement that GlobalPlatform is not a “card
`
`organization,” while ignoring the distinction that GlobalPlatform provides a security
`
`architecture for smart card management, unlike EMV which describes requirements
`
`for chip cards themselves. A POSITA, reading Dua, would not look to
`
`GlobalPlatform based on Dua’s general reference to “card organizations,” when Dua
`
`specifies that it means EMV. Ex. 2007, ¶¶ 59-65.
`
`Finally, Apple resorts to mudslinging against Patent Owner’s expert in an
`
`apparent attempt to compensate for Mr. Smith’s admissions that he does not have
`
`any expertise in network protocols. Reply at 7-9. But as discussed supra Section
`
`II.A, Mr. Gomez is well qualified under either party’s proposed level of skill in the
`
`art. Apple also attempts to explain away Mr. Smith’s clear testimony that (1) he is
`
`“not a network protocol expert,” does “not have an appreciation for [SIP] other than
`
`[] I have an awareness. To me, it’s a way of making a pipe . . . between . . . the
`
`network and handset,” and that “[a]gain, this is my -- this is an area that was a little
`
`on the edge for me, as I don't know network protocols real well but I do know
`
`12
`
`
`
`
`components and that sort of thing,” (Ex. 2009 at 42:24-25, 43:4-15, 65:2-10); and
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`(2) that the relevant field at the time of the invention was extremely unpredictable
`
`and that no solutions were obvious (Id. at 93:8-23, “But yeah [] the summary is the
`
`handsets were maturing, smart card technology which was always considered a
`
`European-founded technology, the French claimed it, although the Japanese claimed
`
`it also at the same time . . . I wouldn’t say that we didn’t have the expertise [] but it
`
`wasn’t tempered by the experience needed to really stand up robust saleable
`
`solutions. That’s my experience from let’s say the late ‘90s up into 2006.” (emphasis
`
`added); see also id. at 96:13-97:13, “Q: At least as of the 2006 timeframe [] things
`
`weren’t set in stone for how to do mobile payments just yet, right, in the United
`
`States? A: I would have to say that’s true…” (emphasis added)). Apple cannot
`
`plausibly dispute that a POSITA’s expertise in network protocols is relevant to
`
`whether they would attempt to replace or modify one protocol (such as SIP) with
`
`another (such as GlobalPlatform). Nor can Apple plausibly dispute that Mr. Smith’s
`
`testimony establishes that the field was unsettled and unpredictable, weighing
`
`against obviousness. Sanofi-Synthelabo v. Apotex, Inc., 550 F.3d 1075, 1088, 1090
`
`(Fed. Cir. 2008).
`
`In sum, Petitioner has not shown a motivation to combine Dua with
`
`GlobalPlatform. At most, Petitioner has shown that GlobalPlatform existed at the
`
`time; but the mere existence of a reference is not a motivation to combine. Personal
`
`13
`
`
`
`
`Web Techs., LLC v. Apple, Inc., 848 F.3d 987, 993-94 (Fed. Cir. 2017) (holding that
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`testimony that references could be combined was “not enough: it does not imply a
`
`motivation to pick out those two references and combine them to arrive at the
`
`claimed invention”); Belden Inc. v. Berk-Tek LLC, 805 F.3d 1064, 1073 (Fed. Cir.
`
`2015) (“[O]bviousness concerns whether a skilled artisan not only could have made
`
`but would have been motivated to make the combinations or modifications of prior
`
`art to arrive at the claimed invention.”).
`
`C. Limitations of the Asserted References Do Not Disclose or
`Render Obvious a “secure element” (claims 1 and 14)
`None of the asserted references, alone or in combination, disclose a secure
`
`element. While a secure element may be a smart card, not all smart cards are secure
`
`elements. Ex. 2007, ¶ 71. In its Petition, Apple relied on Dua’s discussion of smart
`
`cards, and argued that “it would have been obvious to implement Dua’s smart card
`
`as a ‘secure element’ using GlobalPlatform to secure the ‘embedded smart card.’”
`
`Pet. at 17. But Apple made no showing that all smart cards are “secure elements,”
`
`nor did Apple cite any support for the proposition that a smart card with
`
`GlobalPlatform somehow becomes a secure element. See id. A POSITA would
`
`understand that a smart card may be a secure element only if it provides the necessary
`
`security, such as by being tamper resistant. Ex. 2007, ¶¶ 72-75.
`
`14
`
`
`
`On Reply, Apple raises the new argument that every “GlobalPlatform-
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`
`
`compliant smart card” is a secure element, on the basis that it would be “secured
`
`with key-based encryption.” Reply at 16. But Apple fails to show how any smart
`
`card that includes a key set has the necessary security, such as by being tamper-
`
`resistant, that a POSITA would recognize it to be a secure element – they would not.
`
`As Mr. Gomez noted, a “secure element is a security device that has a very high
`
`degree of security. And it has a heightened level of security over most other devices
`
`out there, such as smart cards . . . both technologies have progressed and, as often
`
`happens, converged. But at the time, they were distinctly different” Ex. 1045 at
`
`52:21-53:22. Mr. Gomez further noted that a POSITA would have been aware of
`
`differences in the costs of secure elements and smart cards (Id. at 54:2-15), and that
`
`smart cards and secure elements were both terms of arts that were marketed
`
`differently. Id. at 65:8-66:22. Apple’s suggestion that a smart card can become a
`
`secure element merely with the addition of a key set does not address how that would
`
`make the chip itself more secure or tamper resistant and does not address that a
`
`POSITA would recognize a secure element to refer to a different class of chip that
`
`offers more security than a smart card (at a greater price).
`
`Apple’s new argument is also at odds with the claim language itself. The
`
`independent claims of the ’009 Patent distinctly recite “a key set installed on the
`
`secure element.” Apple’s argument would render the recitation of “the secure
`
`15
`
`
`
`
`element” in this context superfluous, as (under Apple’s reasoning) any chip with a
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`key set becomes tamper-resistant such that it is a secure element. This was clearly
`
`not the intent of the patentee in claiming a secure element. Apple also fails to address
`
`the patentee’s decision to claim a secure element, rather than the “smart card.”
`
`Apple has failed to show that its combination, discloses or renders obvious
`
`“an interface to receive a secure element” or “a secure element.”
`
`D. The Asserted References Do Not Disclose or Render
`Obvious “wherein the server is configured to prepare data
`necessary for the [application/each of the modules] to
`function as designed on the mobile device” (claims 1 and
`14)
`Apple’s Petition identifies Dua’s WCM as the “server” of the claims. But the
`
`WCM does not, even in Apple’s combination, “prepare data necessary for”
`
`applications or modules to function. Dua is clear that its WCM merely receives a
`
`personalization file from a separate ICMS or personalization server and forwards it
`
`to a user device. Dua at [0057]. Even if modified with a GlobalPlatform INSTALL
`
`command, according to Apple’s combination, Dua’s WCM merely transmits or
`
`forwards data – it does not generate the data itself. But Mr. Gomez explains that a
`
`POSITA would recognize that the claimed preparation of data requires generation,
`
`rather than mere transmission. Ex. 2007, ¶ 77. This is consistent with the
`
`specification of the ’009 Patent, which describes “data preparation” as requiring an
`
`16
`
`
`
`
`active role in generating or obtaining the application keys. ’009 Patent, 13:25-34;
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`see also id. POR at 21-23.
`
`Apple’s combination of Dua’s WCM with GlobalPlatform also remains
`
`internally inconsistent. Apple’s Petition cites to no evidence that keys or Cardholder-
`
`specific data would be prepared by the WCM, even under its combination, and that
`
`interpretation is counter to GlobalPlatform’s “delegated installation process” in
`
`which an Application Provider, not the Card Issuer establishes a secure channel. See
`
`POR at 22-23. Apple relies on Dua’s WCM for a GlobalPlatform Card Issuer and
`
`shows no reason or motivation to further modify Dua’s WCM to stand in for an
`
`Application Provider. See e.g. Pet. at 27. In the absence of even an asserted reason
`
`or motivation to combine, Apple cannot modify Dua’s WCM with the functionality
`
`of a GlobalPlatform Card Issuer; the Board has rejected similar attempts to relocate
`
`functionality of other servers to Dua’s WCM in Petitions against related patents. See
`
`Samsung Elecs. Am., Inc. v. RFCyber Corp., IPR2021-00979, Paper 10 at 15
`
`(P.T.A.B. Dec. 14, 2021) (“Furthermore, neither the Petition nor Mr. Smith explains
`
`sufficiently how either of these passages would have caused one of ordinary skill in
`
`the art to reconfigure Dua to relocate the download functionality from the WCM to
`
`the ICMS and also consider establishing communication between Dua’s ICMS and
`
`the smart card while Dua’s extension was being downloaded for the purpose of
`
`verifying installation.”)
`
`17
`
`
`
`On Reply, Apple raises the new argument that Dua’s WCM “would have been
`
`IPR2022-00413
`PATENT NO. 9,240,009
`
`
`
`considered a ‘Host,’ which is an off-card entity that performs functions like ‘Post-
`
`Issuance application code and data downloading.” Reply at 20 (citing Pet. at 19).
`
`While Apple wrongly suggests that it presented this argument on page 19 of the
`
`Petition, the cited portion of the Petition only generally refers to a “host” in relation
`
`to Dua’s smart card – it does not attempt to identify Dua’s WCM server as a host, or
`
`even refer to the WCM server at all. Pet. at 19. In any case, this new argument
`
`amounts to an assertion that a POSITA would find it obvious to add functionality
`
`from another distinct GlobalPlatform entity to Dua’s WCM. In addition to the
`
`deficiencies already discussed, Apple fails to advance any evidence that a POSITA
`
`would have any reason or motivation to further modify GlobalPlatform by collapsing
`
`functionality from distinct entities (an Application Provider and a Host) onto Dua’s
`
`WCM server.
`
`Apple also raises a new argument that Dua’s WCM can “prepare” data based
`
`on Dua’s statement that the WCM “can perform basic formatting on phone numbers
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
