UNITED STATES PATENT AND TRADEMARK OFFICE
`____________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`____________________
`
`APPLE INC.,
`Petitioner,
`v.
`PROXENSE, LLC,
`Patent Owner.
`
`____________________
`Case No. IPR2024-01334
`U.S. Patent No. 8,886,954
`____________________
`
`PETITION FOR INTER PARTES REVIEW
`
`
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`TABLE OF CONTENTS
`
`I. 
`II. 
`
`Page
`Relief Requested .............................................................................................. 1 
`The ‘954 Patent ................................................................................................ 1 
`A.  Overview ............................................................................................... 1 
`III.  Claim Construction .......................................................................................... 3 
`IV.  Level of Ordinary Skill .................................................................................... 4 
`V.  Ground 1: Claims 1, 2, 4-7, 10, 12, 13, 15, 16, 18, 19 and 22-27 Are
`Obvious Over Ludtke. ..................................................................................... 4 
`A.  Overview of Prior Art Ludtke ............................................................... 4 
`B. 
`Claims .................................................................................................... 8 
`1. 
`Independent claim 1 .................................................................... 8 
`a. 
`[1preamble]: “A method comprising:” ............................. 8 
`b. 
`[1ai]: “persistently storing biometric data of a user
`[in a tamper proof format written to a storage
`element on the integrated device that is unable to
`be subsequently altered] and” ........................................... 8 
`[1aii]: “[persistently storing] a plurality of codes
`and other data values comprising a device ID code
`uniquely identifying an integrated device [in a
`tamper proof format written to a storage element
`on the integrated device that is unable to be
`subsequently altered] and” .............................................. 11 
`[1aiii]: “[persistently storing] a secret decryption
`value in a tamper proof format written to a storage
`element on the integrated device that is unable to
`be subsequently altered;” ................................................ 14 
`
`c. 
`
`d. 
`
`
`
`i
`
`

`

`
`
`
`
`2. 
`
`3. 
`
`4. 
`
`5. 
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`e. 
`
`f. 
`
`g. 
`
`h. 
`
`[1b]: “responsive to receiving a request for a
`biometric verification of the user, receiving scan
`data from a biometric scan;” ........................................... 21 
`[1c]: “comparing the scan data to the biometric
`data to determine whether the scan data matches
`the biometric data;”......................................................... 22 
`[1d]: “responsive to a determination that the scan
`data matches the biometric data, wirelessly
`sending one or more codes from the plurality of
`codes and the other data values for authentication
`to a third party that operates a trusted authority,
`wherein the one or more codes and other data
`values includes the device ID code; and” ....................... 22 
`[1e]: “receiving, at an application, an access
`message from the trusted authority indicating that
`the trusted authority successfully authenticated the
`one or more codes and other data values sent to the
`third party and allowing the user access to the
`application.” .................................................................... 28 
`Claim 2: “The method of claim 1, wherein the one or
`more codes and the other data values are transmitted to
`the trusted authority over a network.” ...................................... 31 
`Claim 4: “The method of claim 1, wherein the one or
`more codes and the other data values indicate that the
`biometric verification was successful.” .................................... 32 
`Claim 5: “The method of claim 1, wherein the biometric
`data includes one or more of a fingerprint, palm print, a
`retinal scan, an iris scan, a hand geometry, a facial
`recognition, a signature recognition and a voice
`recognition.” .............................................................................. 34 
`Claim 6: “The method of claim 1, wherein the integrated
`device comprises one or more of a mobile phone, tablet,
`laptop, mp3 player, mobile gaming device, watch and a
`key fob.” .................................................................................... 34 
`
`ii
`
`

`

`6. 
`
`7. 
`
`8. 
`
`
`
`
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`c. 
`
`d. 
`
`Claim 7: “The method of claim 1, wherein the
`application includes one or more of a casino machine, a
`keyless lock, a garage door opener, an ATM machine, a
`hard drive, computer software, a web site, a file and a
`financial account.” .................................................................... 36 
`Claim 10: “The method of claim 1, further comprising:
`establishing a secure communication channel prior to
`sending the one or more codes and the other data values
`for authentication” ..................................................................... 37 
`Independent Claim 12 ............................................................... 37 
`a. 
`[12preamble]: “An integrated device comprising:” ....... 37 
`b. 
`[12ai]: “a persistent storage media that stores
`biometric data of a user, and” ......................................... 37 
`[12aii]: “a plurality of codes and other data values
`comprising a device ID code uniquely identifying
`the integrated device, and” ............................................. 37 
`[12aiii]: “a secret decryption value in a tamper
`proof format written to the memory that is unable
`to be subsequently altered;” ............................................ 38 
`[12b]: “a validation module, coupled to
`communicate with the persistent storage media,
`that receives scan data from a biometric scan for
`comparison against the biometric data, and that
`sends one or more codes and other data values
`from the plurality of codes and other data values
`for authentication by a third party that operates a
`trusted authority, wherein the one or more codes
`and other data values includes the device ID code;
`and” ................................................................................. 38 
`[12c]: “a radio frequency communication module
`that receives an access message from the trusted
`authority indicating that the trusted authority
`successfully authenticated the one or more codes
`
`e. 
`
`f. 
`
`iii
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`9. 
`
`11. 
`
`b. 
`
`and other data values to the third party and
`allowing the user access to an application.” ................... 40 
`Claim 13: “The integrated device of claim 12, wherein
`the one or more codes and the other data values are
`transmitted to the trusted authority over a network.” ............... 41 
`10.  Claim 15: “The integrated device of claim 12
`comprising: an LED to be activated for requesting the
`biometric scan.” ........................................................................ 41 
`Independent Claim 16 ............................................................... 44 
`a. 
`[16preamble]: “A method for authenticating a
`verified user using a computer processor
`configured to execute method steps, comprising:” ........ 44 
`[16a]: “wirelessly receiving one or more codes and
`other data values from a plurality of codes and
`other data values including a device ID code,
`wherein the plurality of codes and other data
`values comprises the device ID code uniquely
`identifying an integrated device associated with a
`biometrically verified user, the device ID code
`being registered with a trusted authority for
`authentication, the trusted authority operated by a
`third party” ...................................................................... 45 
`[16b]: “requesting authentication of the integrated
`device using the one or more codes and other data
`values by the trusted authority;” ..................................... 48 
`[16c]: “receiving, at an application, an access
`message from the trusted authority indicating that
`the trusted authority successfully authenticated the
`one or more codes and other data values to the
`third party; and” .............................................................. 48 
`[16d]: “in response to receiving the access
`message, allowing the biometrically verified user
`access to the application.” .............................................. 49 
`
`c. 
`
`d. 
`
`e. 
`
`iv
`
`
`
`
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`14. 
`
`c. 
`
`d. 
`
`12.  Claim 18: “The method of claim 16, further comprising:
`establishing a secure communications channel with the
`integrated device, wherein the one or more codes and
`other data values associated with the biometrically
`verified user is received from the integrated device. ................ 49 
`13.  Claim 19: “The method of claim 16, wherein the
`application includes one or more of a casino machine, a
`keyless lock, a garage door opener, an ATM machine, a
`hard drive, computer software, a web site, a file and a
`financial account.” .................................................................... 49 
`Independent claim 22 ................................................................ 49 
`a. 
`[22preamble]: “A system, comprising:” ......................... 49 
`b. 
`[22ai]: “an integrated hardware device that stores
`biometric data of a user” ................................................. 50 
`[22aii]: “and a plurality of codes and other data
`values comprising a device ID code uniquely
`identifying the integrated hardware device” ................... 50 
`[22aiii]: “and a secret decryption value in a tamper
`proof format written to a storage element in the
`integrated hardware device that is not capable of
`being subsequently altered,” ........................................... 51 
`[22aiv]: “and that wirelessly sends one or more
`codes and other data values from the plurality of
`codes and other data values, wherein the one or
`more codes and other data values include the
`device ID code; and” ...................................................... 51 
`[22b]: “an authentication circuit that receives the
`one or more codes and other data values and sends
`the one or more codes and other data values to a
`third party that operates a trusted authority for
`authentication, and that receives an access message
`from the trusted authority indicating that the
`trusted authority successfully authenticated the one
`
`e. 
`
`f. 
`
`v
`
`
`
`
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`or more codes and other data values to the third
`party and allows the user to access an application.” ...... 52 
`15.  Claim 23: “The system of claim 22, wherein the
`integrated hardware device receives an authentication
`request from the authentication circuit, and in response,
`requests a biometric scan from the user to generate scan
`data.” ......................................................................................... 53 
`16.  Claim 24: “The system of claim 22, wherein when the
`integrated hardware device cannot verify scan data as
`being from the user, the integrated hardware device does
`not send the one or more codes and other data values.” ........... 55 
`17.  Claim 25: “The method of claim 1, wherein the
`integrated device comprises one or more of a mobile
`phone, tablet, laptop, mp3 player, mobile gaming device,
`watch and a key fob.” ................................................................ 57 
`18.  Claim 26: “The method of claim 1, wherein the biometric
`data includes one or more of a fingerprint, palm print, a
`retinal scan, an iris scan, a hand geometry, a facial
`recognition, a signature recognition and a voice
`recognition.” .............................................................................. 57 
`19.  Claim 27: “The method of claim 1, wherein the
`application includes one or more of a casino machine, a
`keyless lock, a garage door opener, an ATM machine, a
`hard drive, computer software, a web site, a file and a
`financial account.” .................................................................... 57 
`VI.  Ground 2: Claims 3, 14, and 17 are Obvious Over Ludtke and Kon. ........... 57 
`A.  Kon ...................................................................................................... 57 
`B. 
`Claims .................................................................................................. 62 
`1. 
`Claim 3: “The method of claim 1, further comprising:
`registering an age verification for the user in association
`with the device ID code.” .......................................................... 62 
`
`
`
`vi
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`2. 
`
`3. 
`
`Claim 14: “The integrated device of claim 12, wherein an
`age verification is registered in association with the
`device ID code.” ........................................................................ 67 
`Claim 17: “The method of claim 16, further comprising:
`registering a date of birth or age with the agent.” ..................... 67 
`VII.  Discretionary Denial Is Not Warranted ......................................................... 67 
`A.  Discretionary Denial is Not Warranted under § 325(d). ..................... 67 
`B. 
`Discretionary Denial Is Not Warranted Under Fintiv ......................... 68 
`VIII.  Mandatory Notices ......................................................................................... 69 
`A. 
`Real Parties-in-Interest Under 37 C.F.R. § 42.8(b)(1) ........................ 69 
`B. 
`Related Matters Under 37 C.F.R. § 42.8(b)(2) ................................... 69 
`C. 
`Lead and Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ................ 70 
`D. 
`Service Information Under 37 C.F.R. § 42.8(b)(4) ............................. 70 
`IX.  Standing ......................................................................................................... 71 
`X. 
`Conclusion ..................................................................................................... 71 
`
`
`
`
`
`
`
`
`vii
`
`

`

`
`
`TABLE OF AUTHORITIES
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`Cases
`Realtime Data, LLC v. Iancu, 912 F.3d 1368 (Fed. Cir. 2019) ................................. 4
`Federal Statutes
`35 U.S.C. § 102(b) ............................................................................................. 56-57
`35 U.S.C. § 102(e) ................................................................................................. 4-7
`35 U.S.C. § 103 .......................................................................................................... 1
`35 U.S.C. § 325(d) ................................................................................................... 66
`Regulations
`37 C.F.R. § 42.8(b)(1) .............................................................................................. 68
`37 C.F.R. § 42.8(b)(2) .............................................................................................. 68
`37 C.F.R. § 42.8(b)(3) .............................................................................................. 68
`37 C.F.R. § 42.8(b)(4) .............................................................................................. 69
`
`
`
`
`
`viii
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`LIST OF EXHIBITS
`
`Ex. 1007
`
`Description
`Exhibit
`Ex. 1001 U.S. Patent No. 8,886,954 (“the ‘954 patent”)
`Ex. 1002
`File History of U.S. Patent No. 8,886,954
`Ex. 1003 Declaration of Stephen Gray (Decl.)
`Ex. 1004 Curriculum Vitae of Stephen Gray
`Ex. 1005 U.S. Patent No. 7,188,110 to Ludtke (“Ludtke”)
`Ex. 1006 U.S. Patent Application Publication No. 2002/0046336 to Kon et al.
`(“Kon”)
`Samsung Electronics America, Inc. v. Proxense, LLC, IPR2021-
`01444, Paper 11 (PTAB Feb. 28, 2022).
`Ex. 1008 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`31, Scheduling Order (W.D. Tex Aug. 18, 2023)
`Ex. 1009 Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-21-cv-
`00210, Dkt. No. 43, Claim Construction Order (W.D. Tex. Jan. 18,
`2022).
`Ex. 1010 Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-21-cv-
`00210, Dkt. No. 149, Memorandum in Support of Claim
`Construction Order (W.D. Tex. Dec. 28, 2022).
`Ex. 1011 U.S. Patent Application Publication No. 2003/0023882 to Udom
`(“Udom”)
`Ex. 1012 U.S. Patent Application Publication No. 2002/0019811 to Lapsley et.
`al (“Lapsley”)
`Ex. 1013 Proxense, LLC v. Google LLC, Case No. 6-23-cv-00320, Dkt. No. 1,
`Complaint (W.D. Tex. May 2, 20223).
`Preliminary infringement contentions for Proxense, LLC v. Google
`LLC, Case No. 6-23-cv-00320.
`
`Ex. 1014
`
`ix
`
`
`
`
`
`

`

`IPR2024-01334
`U.S. Patent 8,886,954
`
`Description
`Exhibit
`Ex. 1015 CERTIFICATION REPORT No. P165: Sony FeliCa Contactless
`Smart Card RC-S860, UK IT Security Evaluation and Certification
`Scheme (March 2002)
`Ex. 1016 U.S. Patent Application Publication No. 2002/0049806 to Gatz et al.
`(“Gatz”)
`Ex. 1017 U.S. Patent Application Publication No. 2006/0034492 to Siegel et
`al. (“Siegel”)
`Ex. 1018 U.S. Patent Application Publication No. 2001/0036297 to Ikegami et
`al. (“Ikegami”)
`Ex. 1019 Proxense, LLC v. Google LLC, Case No. 6-23-cv-00320, Dkt. No.
`45, Proxense’s Responsive Claim Construction Brief (W.D. Tex.
`Dec. 1, 2023).
`Ex. 1020 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`45, Proxense’s Expert Transcript (W.D. Tex. Dec. 18, 2023).
`Ex. 1021 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`50, Proxense’s Sur-Reply Claim Construction Brief (W.D. Tex. Jan.
`5, 2023).
`Ex. 1022 U.S. District Courts—National Judicial Caseload Profile, available
`at
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_dis
`tcomparison0930.2023.pdf (retrieved Jan. 15, 2024).
`Ex. 1023 RESERVED
`Ex. 1024
`Final Rejection, Ex Parte Reexamination No. 90/015,053 (Mar. 4,
`2024).
`Ex. 1025 Correspondence to Proxense, dated May 20, 2024
`Ex. 1026 Applications and Ex Parte Reexamination related to the ’954 Patent
`
`EX. 1027
`
`Proxense, LLC v. Apple, Inc., Case No. 6-24-cv-00143, Dkt. 29,
`Scheduling Order (W.D. Tex)
`
`x
`
`
`
`
`
`

`

`
`
`Exhibit
`
`Description
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`EX. 1028 U.S. District Courts—National Judicial Caseload Profile,
`available at:
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_
`distprofile0630.2024.pdf (retrieved Aug. 20, 2024).
`
`EX. 1029 Docket Sheet for Proxense, LLC v. Apple, Inc., Case No. 6-24-cv-
`00143 (W.D. Tex) (pulled Aug. 20, 2024)
`
`EX. 1030 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`59, Claim Construction Order (W.D. Tex. Jan. 23, 2024)
`
`EX. 1031
`
`Proxense, LLC v. Microsoft Corp., Case No. 6:23-cv-00319, Dkt.
`No. 66, Claim Construction Order (W.D. Tex. May 24, 2024)
`
`
`
`xi
`
`

`

`Relief Requested
`Apple Inc. (Petitioner) requests inter partes review of claims 1-7, 10, 1219,
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`I.
`
`and 22-27 of U.S. Patent No. 8,886,954 (“the ’954 patent”) based on the following
`
`grounds (Decl., 69-70):
`
`Ground
`
`1
`
`2
`
`Claim(s) Challenged
`1, 2, 4-7, 10, 12, 13, 15, 16,
`
`18, 19, and 22-27
`
`3, 14, 17
`
`35 U.S.C. §
`
`Reference(s)
`
`103
`
`103
`
`Ludtke
`
`Ludtke and Kon
`
`
`II. The ‘954 Patent
`A. Overview
`The ‘954 patent was filed on December 10, 2012 and claims priority to
`
`provisional applications filed on December 20, 2004 and February 14, 2005. Ex.
`
`1001, cover page. The ‘954 patent generally relates to “authentication responsive
`
`to biometric verification.” Ex. 1001, 1:19-22.
`
`Figure 6 illustrates a process for “verifying a subject” using a biometric key.
`
`Ex. 1001, 7:60-62, FIG. 6. As shown in Figure 6, the device receives biometric
`
`scan data, such as a fingerprint scan, from the user (step 620). Ex. 1001, Fig. 6. If
`
`the scan data matches “previously-stored biometric data,” (step 630), the user is
`
`“verified” (step 640), at which point a “code” is sent to a trusted key authority
`
`(step 650). Ex. 1001, 7:64-8:4, FIG. 6. Ex. 1001, FIG. 6.
`
`1
`
`

`

`
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`Ex. 1001, FIG. 6.
`
`Once the code is received, as illustrated in Figure 7, the trusted key authority
`
`determines whether the code is “authentic” (step 730). Ex. 1001, 8:5-12, FIG. 7. “If
`
`authentication is successful, the trusted key authority sends an access message to
`
`[an] application to allow user access and/or provide additional information from
`
`the profile” (step 740). Ex. 1001, 8:12-15, FIG. 7. If authentication is not
`
`successful, authentication fails (step 750) and “the message to the application
`
`
`
`2
`
`

`

`
`indicates that the user should be denied access.” Ex. 1001, 8:15-17, FIG. 7; Decl.,
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`46-48.
`
`
`
`Ex. 1001, FIG. 7.
`
`III. Claim Construction
`In a previous district court litigation, Proxense, LLC v. Samsung Electronics
`
`Co., Ltd., Case No. 6-21-cv-00210, two terms from the ‘730 patent, to which the
`
`954 patent claims benefit, were construed by the court (Exs. 1009-1010):
`
`
`
`Device ID Code – “[a] unique code identifying a device;” and
`
`
`
`3
`
`

`

`
`
`Access Message – “[a] signal or notification enabling or announcing
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`access.”
`
`Ex. 1009, 3; Ex. 1010, 15, 20; Decl., 49-52.
`
`Because the prior art in this Petition discloses each of these prior
`
`constructions, and the plain and ordinary meaning of all terms, Petitioner submits
`
`that no claim terms need to be construed to resolve unpatentability in this Petition.
`
`Realtime Data, LLC v. Iancu, 912 F.3d 1368, 1375 (Fed. Cir. 2019).
`
`IV. Level of Ordinary Skill
`A person of ordinary skill in the art (“POSITA”) at the time of the purported
`
`invention would have had at least a bachelor’s degree in Computer or Electrical
`
`Engineering or an equivalent engineering discipline, and at least three years of
`
`experience in the field of encryption and security, or the equivalent. Decl., 31-32,
`
`53-55. Additional education could substitute for professional experience, and
`
`significant work experience could substitute for formal education. Decl., 54.
`
`V. Ground 1: Claims 1, 2, 4-7, 10, 12, 13, 15, 16, 18, 19 and 22-27 Are
`Obvious Over Ludtke.
`A. Overview of Prior Art Ludtke
`Ludtke, filed December 11, 2000, is prior art under at least 35 U.S.C.
`
`§ 102(e). Ludtke, cover page. Ludtke discloses systems and methods of authorizing
`
`a user to conduct a transaction using a “biometric device” (also called a
`
`“transaction device”) such as a privacy card and/or digital wallet. Ludtke, Abstract,
`
`
`
`4
`
`

`

`
`3:32-36, 6:36-44. The transaction device includes a processor, memory, and
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`fingerprint recognition technology. Ludtke, 5:60-64, FIG. 7A. Ludtke stores
`
`“authorized fingerprint recognition samples,” a device ID corresponding to the
`
`privacy card, and a public key infrastructure (“PKI”) on the transaction device.
`
`Ludtke, 11:66-12:7, 14:19-21, 38:26-29. Ludtke also indicates that the biometric
`
`device can use other techniques, such as a “retinal scan, voice, DNA, hand profile,
`
`face recognition, etc.,” instead of or in addition to fingerprints. Ludtke, 35:61-64.
`
`When an authorized user attempts to use the transaction device, e.g., at a
`
`point of sale (“POS”) terminal, or other “service,” the user is “prompted to supply
`
`a fingerprint recognition sample,” as an initial security measure. Ludtke, 1:22-31,
`
`1:37-38, 14:33-42, 18:45-50, 18:52-55. The sample is compared to stored
`
`fingerprints and if the sample is recognized, the user is authorized. Ludtke, 14:40-
`
`46.
`
`In one embodiment, “the transaction device is used to trigger shopping
`
`activity” such as a “web-based transaction using a transaction device such as a
`
`privacy card and/or digital wallet and a personal POS terminal” by “clicking on a
`
`‘Buy’ or similar button in the web browser.” Ludtke, 28:15-18, 28:26-40. The POS
`
`asks the transaction device to “validate the user” and the user is “prompted to
`
`supply a fingerprint recognition sample,” as an initial security measure. Ludtke,
`
`1:22-31, 1:37-38, 14:33-42, 18:45-50, 18:52-55, 28:57-62. The sample is compared
`
`
`
`5
`
`

`

`
`to stored fingerprints and if the sample is recognized, the user is authorized.
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`Ludtke, 14:41-46. Once the transaction device authorizes the user based on the
`
`matching biometric information, the personal POS terminal “opens a secure
`
`communications session to the TPCH, requesting a transaction” and “provides the
`
`transaction record that it received from the web browser and the unique ID of the
`
`transaction device.” Ludtke, 29:5-12 (emphasis added); see also Ludtke, 27:12-13
`
`(“Privacy card information is provided to TPCH, step 1510.”), 34:25-27
`
`(explaining that “necessary secure transaction communication with the TPCH
`
`[includes] providing the transaction data and its device ID.” (emphasis added)).
`
`The TPCH is a trusted third-party agent, separate from the transaction device,
`
`personal POS terminal and the back-end transacting entity (e.g., vendor). Ludtke,
`
`7:42-48, 9:26-34, FIG. 6.
`
`Ludtke also discloses an alternate embodiment in which the POS
`
`“functionality of providing secure communication and transactions with the
`
`Transaction Privacy Clearing House (TPCH)” described above “can be integrated
`
`into the digital wallet directly.” Ludtke, 28:41-45. Thus, Ludtke also discloses
`
`communicating the device ID directly from the transaction device to the TPCH
`
`responsive to a “match” between the scanned biometric data (fingerprint) and
`
`stored data.
`
`
`
`6
`
`

`

`Next, “[t]he TPCH uses the unique ID of the transaction device to process
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`the transaction. After validating that the transaction device is in good standing and
`
`that the selected account has sufficient funds for the transaction, the TPCH issues a
`
`transaction confirmation back to the personal POS terminal” that “reflects the
`
`transaction confirmation back to . . . the transaction device. The transaction device
`
`may display a transaction confirmation to the user and may additionally record the
`
`transaction in its local storage.” Ludtke, 29: 12-23, FIG. 15.
`
`Ludtke, FIG. 15.
`
`
`
`Ludtke is analogous art to the ‘954 patent because it is directed to the same
`
`technical field: user authentication methods and systems. Compare Ex. 1001, 1:19-
`
`21, with Ludtke, 1:59-61. Decl., 33, 56-63.
`
`
`
`7
`
`

`

`
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`B. Claims
`1.
`Independent claim 1
`a.
`[1preamble]: “A method comprising:”
`To the extent limiting, Ludtke discloses [1preamble] because Ludtke
`
`discloses “[a] method of identifying an authorized user with a biometric device and
`
`enabling the authorized user to access private information” using a “transaction
`
`device” such as a privacy card and/or digital wallet (integrated device). Ludtke,
`
`Abstract, 3:32-36; Decl., 71-72.
`
`Ludtke explains that “[t]he user connects to and performs transactions with
`
`[an] eCommerce system through a transaction device which has a unique identifier
`
`(ID)” such as “a privacy card is used” or “a digital wallet” (integrated devices).
`Ludtke, 3:32-36; Decl., 72.
`b.
`[1ai]: “persistently storing biometric data of a user [in
`a tamper proof format written to a storage element on
`the integrated device that is unable to be subsequently
`altered] and”
`Ludtke discloses [1ai] because its transaction device, like a privacy card
`
`and/or digital wallet (integrated device), stores “authorized fingerprint recognition
`
`samples” (biometric data of the user) in a “user identity/account information block
`
`760” or “write-once memory” (persistent storage). Ludtke, 13:27-29, 14:19-21,
`
`19:9-14, 19:29-40, FIGS. 7B-7C. Decl., 73-77.
`
`
`
`8
`
`

`

`The ‘954 patent defines “integrated device” as a device, such as a “mobile
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`phone (e.g. a cellular phone or Smartphone), tablet, laptop, mp3 player, mobile
`
`gaming device, watch, key fob or other mobile device” “having an integrated
`
`biometric key.” Ex. 1001, 2:41-48, 4:6-14 (emphasis added). The ‘954 patent
`
`further describes a “biometric key” as including the elements illustrated in Figure
`
`2, including a biometric module, a control module, and an RF module. Ex. 1001,
`
`FIG. 2, 4:40-5:62. Ludtke’s transaction device (such as a digital wallet or privacy
`
`card) likewise includes a biometric key and constitutes an integrated device
`
`consistent with this construction, as explained below. Decl., 74.
`
`Ludtke’s privacy card (integrated device) has a “user identity/account
`
`information block 760 [that] stores data about the user and accounts that are
`
`accessed by the card” including “the authorized fingerprint recognition samples.”
`
`Ludtke, 13:27-29, 14:19-21, 14:13-18 (emphasis added) (explaining that the
`
`privacy card embodied in Figure 7C “may include those functions set forth in FIG.
`
`7b, referred to herein as first generation privacy card technology block 775 and
`
`FeliCa1 Technology block 774.”); Decl., 75.
`
`
`1 FeliCa is a “contactless (wireless) card execution platform.” Ludtke, 11:1-5.
`
`
`
`9
`
`

`

`Ludtke explains that “[t]he fingerprint data entry process may be performed
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`at least twice, to confirm that the user has entered the correct data (using the
`
`correct fingerprint). If confirmation succeeds, “the device writes the fingerprint
`
`image data into write-once memory” (persistent storage). Ludtke, 19:9-14, 19:29-
`
`40 (emphasis added); Decl., 76.
`
`
`
`Ludtke, FIG. 7 (annotated).
`
`A POSITA would have understood that Ludtke’s fingerprint data is
`
`persistently stored in a tamper-proof format that is unable to be subsequently
`
`altered because it is stored in “write-once memory.” Ludtke, 19:9-14, 19:29-40;
`
`Decl., 77. This is consistent with the ‘954 patent which explains that “at least some
`
`
`
`10
`
`

`

`
`of persistent storage 226 is a memory element that can be written to once but
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`cannot subsequently be altered. Persistent storage 226 can include, for example, a
`
`ROM element, a flash memory element, or any other type of non-volatile storage
`
`element. Persistent storage 226 is itself, and stores data in, a tamper-proof format
`
`to prevent any changes to the stored data. Tamper-proofing increases reliability of
`
`authentication because it does not allow any changes to biometric data (i.e., allows
`
`reads of stored data, but not writes to store new data or modify existing data).” Ex.
`
`1001, 5:22-34 (emphasis added). Decl., 77.
`
`c.
`
`[1aii]: “[persistently storing] a plurality of codes and
`other data values comprising a device ID code
`uniquely identifying an integrated device [in a tamper
`proof format written to a storage element on the
`integrated device that is unable to be subsequently
`altered] and”
`Ludtke discloses and renders obvious [1aii] because its transaction device
`
`(integrated device) stores a “unique transaction device ID value[]” (device ID
`
`code) in its “permanent memory” (persistent storage). Ludtke, 30:20-23; Decl., 78-
`
`81.2
`
`
`2 Patent Owner indicated in its Sur-reply Claim Construction Brief that “the plain
`
`and ordinary meaning of the claim term, that within this stored area are (1) codes
`
`and values uniquely identifying an integrated device or biometric key; and (2) a
`
`
`
`11
`
`

`

`Ludtke’s stored device ID, like “globally unique silicon ID (GUID) 764[,] is
`
`IPR2024-01334
`U.S. Patent 8,886,954
`
`
`
`used to identify the privacy card among other existing transaction cards,” and thus
`
`uniquely identifies the privacy card (integrated device). Ludtke, 13:39-41. Even if
`
`the claim language is interpreted to require storing additional codes besides the
`
`“device ID code,” Ludtke discloses that the device ID is stored along with other
`
`codes and data values, e.g., magnetic stripe and bar codes, that allow the
`
`transaction device to interface with a POS terminal. Ludtke, 8:63-67, 9:18-24,
`
`23:11-19; Decl., 79.
`
`A POSITA would have understood that the transaction device ID is stored in
`
`a tamper-proof format unable to be subsequently altered because it is intended to
`
`uniquely identify the corresponding device and “contain[s] an identification that
`
`maintains the confidentiality of the user’s identity” Ludtke, 10:64-67, 30:20-23;
`
`Decl., 80. Storing the device ID in a tamper proof format unable to be subsequently
`
`altered would have comported with Ludtke’s goal of ensuring that the device is
`
`authorized to perform certain transactions and ensuring the i