UNITED STATES PATENT AND TRADEMARK OFFICE
`____________________
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________________
`APPLE INC.,
`Petitioner,
` v.
`PROXENSE, LLC,
`Patent Owner.
`____________________
`Case No. IPR2024-01335
`U.S. Patent No. 9,298,905
`____________________
`PETITION FOR INTER PARTES REVIEW
`
`
`
`

`

`
`
`TABLE OF CONTENTS
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`I. 
`II. 
`
`Page
`Relief Requested .............................................................................................. 1 
`The ’905 Patent ................................................................................................ 1 
`A.  Overview ............................................................................................... 1 
`III.  Claim Construction .......................................................................................... 3 
`IV.  Level of Ordinary Skill .................................................................................... 4 
`V.  Ground 1: Claims 1, 3-7, 9, 10, and 12-18 Are Obvious Over Ludtke. .......... 5 
`A.  Overview of Prior Art Ludtke ............................................................... 5 
`B. 
`Claims .................................................................................................... 8 
`1. 
`Independent claim 1 .................................................................... 8 
`a. 
`[1preamble]: “A method comprising:” ............................. 8 
`b. 
`[1a]: “persistently storing biometric data of a
`legitimate user and an ID code on an integrated
`device” .............................................................................. 9 
`[1b]: “responsive to receiving a request for a
`biometric verification of a user, receiving, from a
`biometric sensor, scan data from a biometric scan
`performed by the biometric sensor;” .............................. 12 
`[1c]: “comparing the scan data to the biometric
`data to determine whether the scan data matches
`the biometric data;”......................................................... 13 
`[1d]: “responsive to a determination that the scan
`data matches the biometric data, wirelessly
`sending the ID code for comparison by a third-
`party trusted authority against one or more
`previously registered ID codes maintained by the
`third-party trusted authority; and” .................................. 13 
`
`c. 
`
`d. 
`
`e. 
`
`i
`
`

`

`
`
`2. 
`
`3. 
`
`4. 
`
`5. 
`
`6. 
`
`7. 
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`f. 
`
`[1e]: “responsive to receiving an access message
`from the third-party trusted authority indicating
`that the third-party trusted authority successfully
`authenticated the ID code, allowing the user to
`complete a financial transaction.” .................................. 21 
`Claim 3: “The method of claim 1, wherein an indication
`that the biometric verification was successful is sent with
`the ID code.” ............................................................................. 23 
`Claim 4: “The method of claim 1, wherein the biometric
`data includes data from one or more of a fingerprint, palm
`print, a retinal scan, an iris scan, a hand geometry, a facial
`recognition, a signature recognition and a voice
`recognition.” .............................................................................. 24 
`Claim 5: “The method of claim 1, wherein the integrated
`device comprises one or more of a mobile phone, tablet,
`laptop, mp3 player, mobile gaming device, watch and a
`key fob.” .................................................................................... 24 
`Claim 6: “The method of claim 1, wherein completing the
`financial transaction includes accessing an application”: ......... 27 
`Claim 7: “The method of claim 1, wherein completing the
`financial transaction includes accessing one or more of a
`casino machine, a keyless lock, an ATM machine, a web
`site, a file and a financial account.” .......................................... 28 
`Independent Claim 9 ................................................................. 29 
`a. 
`[9preamble]: “An integrated device comprising:” .......... 29 
`b. 
`[9a]: “a persistent storage media that persistently
`stores biometric data of a user and an ID code” ............. 29 
`[9b]: “a validation module, coupled to
`communicate with the persistent storage media,
`that receives scan data from a biometric scan for
`comparison against the biometric data, and that
`sends the ID code for comparison by a third-party
`
`c. 
`
`ii
`
`

`

`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`d. 
`
`
`
`8. 
`
`9. 
`
`10. 
`
`trusted authority against one or more previously
`registered ID codes maintained by the third-party
`trusted authority; and” .................................................... 29 
`[9c]: “a radio frequency communication module
`that receives an access message from the third-
`party trusted authority indicating that the third-
`party trusted authority successfully authenticated
`the ID code sent to the third-party trusted authority
`based on the comparison of the ID code and
`allowing the user to complete a financial
`transaction.” .................................................................... 31 
`Claim 10: “The integrated device of claim 7, wherein the
`ID code is transmitted to the third-party trusted authority
`over a network.” ........................................................................ 32 
`Claim 12: “The integrated device of claim 7, wherein the
`integrated device comprises one or more of a mobile
`phone, tablet, laptop, mp3 player, mobile gaming device,
`watch and a key fob.” ................................................................ 33 
`Independent claim 13 ................................................................ 33 
`a. 
`[13preamble]: “A system, comprising:” ......................... 33 
`b. 
`[13a]: “an integrated hardware device that
`persistently stores biometric data of a legitimate
`user and an ID code in the integrated hardware
`device, and that wirelessly sends the ID code;” ............. 35 
`[13b]: “an authentication circuit that receives the
`[I]D code and sends the ID code to a third-party
`trusted authority for authentication, and that
`receives an access message from the third-party
`trusted authority indicating that the third-party
`trusted authority successfully authenticated the ID
`code and allows the user to complete a financial
`transaction; and” ............................................................. 35 
`[13c]: “the third-party trusted authority operated
`
`c. 
`
`d. 
`
`iii
`
`

`

`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`by a third party, the third-party trusted authority
`storing a list of legitimate codes and determining
`the authentication of the ID code received based on
`a comparison of the ID code received and the
`legitimate codes included in the list of the
`legitimate codes.” ........................................................... 37 
`11.  Claim 14: “The system of claim 11 wherein the
`integrated hardware device receives an authentication
`request from the authentication circuit, and in response,
`requests a biometric scan from a user to generate scan
`data and, when the integrated hardware device cannot
`verify the scan data as being from the legitimate user, the
`integrated hardware device does not send the ID code.” .......... 37 
`12.  Claim 15: “The system of claim 11, wherein the
`integrated hardware device comprises one or more of a
`mobile phone, tablet, laptop, mp3 player, mobile gaming
`device, watch and a key fob.” ................................................... 40 
`13.  Claim 16: “The system of claim 11, wherein the
`biometric data includes data based on one or more of a
`fingerprint, palm print, a retinal scan, an iris scan, a hand
`geometry, a facial recognition, a signature recognition
`and a voice recognition.” ........................................................... 41 
`14.  Claim 17: “The system of claim 11, wherein completing
`the financial transaction includes accessing one or more
`of a casino machine, a keyless lock, an ATM machine, a
`web site, a file and a financial account.” .................................. 41 
`15.  Claim 18: “The system of claim 11, wherein completing
`the financial transaction includes accessing an
`application.” .............................................................................. 41 
`VI.  Ground 2: Claims 2 and 11 are Obvious Over Ludtke and Kon. ................... 41 
`A.  Kon ...................................................................................................... 41 
`B. 
`Claims .................................................................................................. 46 
`
`iv
`
`

`

`
`
`1. 
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`2. 
`
`Claim 2: “The method of claim 1, further comprising:
`registering an age verification for the user in association
`with the ID code.” ..................................................................... 46 
`Claim 11: “The integrated device of claim 7, wherein an
`age verification is registered in association with the ID
`code.” ........................................................................................ 51 
`VII.  Discretionary Denial Is Not Warranted ......................................................... 51 
`A.  Discretionary Denial Is Not Warranted Under Fintiv ......................... 51 
`B. 
`Discretionary Denial Is Not Warranted Under General Plastic .......... 52 
`C. 
`Discretionary Denial is Not Warranted under § 325(d). ..................... 54 
`VIII.  Mandatory Notices ......................................................................................... 58 
`A. 
`Real Parties-in-Interest Under 37 C.F.R. § 42.8(b)(1) ........................ 58 
`B. 
`Related Matters Under 37 C.F.R. § 42.8(b)(2) .................................... 58 
`C. 
`Lead and Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ................. 59 
`D. 
`Service Information Under 37 C.F.R. § 42.8(b)(4) ............................. 60 
`IX.  Standing ......................................................................................................... 60 
`X. 
`Conclusion ..................................................................................................... 60 
`
`
`
`
`
`
`v
`
`

`

`
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`TABLE OF AUTHORITIES
`
`Cases
`Code200, UAB v. Bright Data, Ltd., IPR2022-00861, Paper 18 (PTAB
`Aug. 23, 2022) .................................................................................................... 54
`Gen. Plastic Indus. Co. v. Canon Kabushiki Kaisha, IPR2016-01357,
`Paper 19 (PTAB Sept. 6, 2017) .......................................................................... 52
`Realtime Data, LLC v. Iancu, 912 F.3d 1368 (Fed. Cir. 2019) ................................. 4
`Federal Statutes
`35 U.S.C. § 102(b) ............................................................................................. 41-42
`35 U.S.C. § 102(e) ................................................................................................. 5-7
`35 U.S.C. § 103 .......................................................................................................... 1
`35 U.S.C. § 325(d) ............................................................................................. 54-56
`Regulations
`37 C.F.R. § 42.8(b)(1) .............................................................................................. 57
`37 C.F.R. § 42.8(b)(2) .............................................................................................. 57
`37 C.F.R. § 42.8(b)(3) .............................................................................................. 58
`37 C.F.R. § 42.8(b)(4) .............................................................................................. 59
`
`
`
`vi
`
`

`

`
`
`LIST OF EXHIBITS
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Ex. 1007
`
`Description
`Exhibit
`Ex. 1001 U.S. Patent No. 9,298,905 to Giobbi (“the ’905 patent”)
`Ex. 1002
`File History of U.S. Patent No. 9,298,905
`Ex. 1003 Declaration of Stephen Gray (Decl.)
`Ex. 1004 Curriculum Vitae of Stephen Gray
`Ex. 1005 U.S. Patent No. 7,188,110 to Ludtke et al. (“Ludtke”)
`Ex. 1006 U.S. Patent Application Publication No. 2002/0046336 to Kon et al.
`(“Kon”)
`Samsung Electronics America, Inc. v. Proxense, LLC, IPR2021-
`01447, Paper 12 (PTAB Feb. 28, 2022)
`Ex. 1008 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No. 31,
`Scheduling Order (W.D. Tex Aug. 18, 2023)
`Ex. 1009 Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-21-cv-
`00210, Dkt. No. 43, Claim Construction Order (W.D. Tex. Jan. 18,
`2022)
`Ex. 1010 Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-21-cv-
`00210, Dkt. No. 149, Memorandum in Support of Claim
`Construction Order (W.D. Tex. Dec. 28, 2022)
`Ex. 1011 Request for Reexamination, No. 90/015,053 (June 8, 2022)
`Ex. 1012 U.S. Patent Application Publication No. 2003/0023882 to Udom
`(“Udom”)
`Ex. 1013 U.S. Patent Application Publication No. 2002/0019811 to Lapsley et
`Al. (“Lapsley”)
`Ex. 1014 Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No. 1,
`Complaint (W.D. Tex. May 2, 2023)
`
`vii
`
`

`

`
`
`Exhibit
`
`Ex. 1015
`
`Ex. 1016
`
`Ex. 1017
`
`Ex. 1018
`
`Ex. 1019
`
`Ex. 1020
`
`Ex. 1021
`
`Ex. 1022
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Description
`
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320,
`Preliminary Infringement Contentions (W.D. Tex. July 24, 2023)
`
`U.S. Patent Application Publication No. 2002/0049806 to Gatz et al.
`(“Gatz”)
`
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`45, Proxense’s Responsive Claim Construction Brief (W.D. Tex.
`Dec. 1, 2023)
`
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`45, Proxense’s Expert Transcript (W.D. Tex. Dec. 18, 2023).
`
`Decision on Petition, Ex Parte Reexamination, No. 90/015,053
`(January 3, 2023)
`
`Order Granting Request for Ex Parte Reexamination, Ex Parte
`Reexamination No. 90/015,053 (Aug. 2, 2022)
`
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`50, Proxense’s Sur-Reply Claim Construction Brief (W.D. Tex.
`Jan. 5, 2023)
`
`U.S. District Courts—National Judicial Caseload Profile, available
`at
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_di
`s tcomparison0930.2023.pdf (retrieved Jan. 15, 2024).
`
`Ex. 1023
`
`RESERVED
`
`EX. 1024
`
`Final Rejection, Ex Parte Reexamination No. 90/015,053 (Mar. 4,
`2024).
`EX. 1025 Correspondence to Proxense, dated May 20, 2024
`
`EX. 1026 Applications and Ex Parte Reexamination related to the ’905
`
`viii
`
`

`

`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Exhibit
`
`Description
`
`Patent.
`
`EX. 1027
`
`Proxense, LLC v. Apple, Inc., Case No. 6-24-cv-00143, Dkt. 29,
`Scheduling Order (W.D. Tex.)
`
`EX. 1028 U.S. District Courts—National Judicial Caseload Profile, available
`at:
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_d
`istprofile0630.2024.pdf (retrieved Aug. 20, 2024).
`
`EX. 1029 Docket Sheet for Proxense, LLC v. Apple, Inc., Case No. 6-24-cv-
`00143 (W.D. Tex) (pulled Aug. 20, 2024)
`
`EX. 1030
`
`EX. 1031
`
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt. No.
`59, Claim Construction Order (W.D. Tex. Jan. 23, 2024)
`
`Proxense, LLC v. Microsoft Corp., Case No. 6:23-cv-00319, Dkt.
`No. 66, Claim Construction Order (W.D. Tex. May 24, 2024)
`
`
`
`
`
`
`ix
`
`

`

`Relief Requested
`Apple Inc. (Petitioner) requests inter partes review of claims 1-7 and 9-18 of
`
`IPR2024-01335
`U.S. Patent 9,298,905
`
`
`I.
`
`U.S. Patent No. 9,298,905 (“the ’905 patent”) based on the following grounds
`
`(Decl., 71-72):
`
`Ground
`1
`
`Claim(s) Challenged
`1, 3-7, 9, 10, and 12-18
`
`35 U.S.C. §
`103
`
`Reference(s)
`Ludtke
`
`2
`
`2 and 11
`
`103
`
`Ludtke and Kon
`
`II. The ’905 Patent
`A. Overview
`The ’905 patent was filed on October 23, 2014 and claims priority to
`
`provisional applications filed on December 20, 2004 and February 14, 2005.
`
`Ex. 1001, cover. The ’905 patent generally relates to “authentication responsive to
`
`biometric verification of a user being authenticated.” Ex. 1001, 1:21-24.
`
`Figure 6 illustrates a process for “verifying a subject” using a biometric key.
`
`Ex. 1001, 7:63-65. As shown in Figure 6, the integrated device receives biometric
`
`scan data, such as a fingerprint scan, from the user (step 620). Ex. 1001, FIG. 6. If
`
`the scan data matches “previously-stored biometric data,” (step 630), the user is
`
`“verified,” at which point a “code” is sent to a trusted key authority (steps 640,
`
`650). Ex. 1001, 7:67-8:2.
`
`1
`
`

`

`
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`Ex. 1001, FIG. 6.
`
`Once the code is received, as illustrated in Figure 7, the trusted key authority
`
`determines whether the code is “authentic” (step 730). Ex. 1001, 8:12-18, FIG. 7.
`
`“If authentication is successful, the trusted key authority sends an access message
`
`to [an] application to allow user access and/or provide additional information from
`
`the profile” (step 740). Ex. 1001, 8:12-18. If authentication is not successful,
`
`2
`
`

`

`
`authentication fails (step 750), and “the message to the application indicates that
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`the user should be denied access.” Ex. 1001, 8:18-20; Decl., 46-48.
`
`
`
`Ex. 1001, FIG. 7.
`
`III. Claim Construction
`In a previous institution decision, the Board “interpreted” the term “third-
`
`party trusted authority,” as recited in the ’905 patent, to mean “a trusted authority
`
`that is an entity separate from the parties to a transaction.” Ex. 1007 at 14.
`
`3
`
`

`

`In the previous district court litigation, Proxense, LLC v. Samsung
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`Electronics Co., Ltd., Case No. 6:21-cv-00210, two terms from the ’905 patent
`
`were construed by the court (Exs. 1009-1010):
`
`
`
`
`
`ID Code – “[a] unique code identifying a device”; and
`
`Access Message – “[a] signal or notification enabling or announcing
`
`access.”
`
`Ex. 1009, 3; Ex. 1010, 15, 20; Decl., 49-53.
`
`Because the prior art in this Petition discloses each of these prior
`
`constructions, and the plain and ordinary meaning of all terms, Petitioner submits
`
`that no claim terms need to be construed to resolve unpatentability in this Petition1
`
`(Realtime Data, LLC v. Iancu, 912 F.3d 1368, 1375 (Fed. Cir. 2019)).
`
`IV. Level of Ordinary Skill
`A person of ordinary skill in the art (“POSITA”) at the time of the purported
`
`invention would have had at least a bachelor’s degree in Computer or Electrical
`
`
`1 Additional claim terms were construed in other proceedings relating the ’905
`
`patent, but the Board need not resolve those terms because the Grounds relied on in
`
`this petition render the challenged claims obvious under either the plain and
`
`ordinary meaning or the alternate constructions adopted in the other proceedings.
`
`See EX. 1030, EX. 1031.
`
`4
`
`

`

`
`Engineering or an equivalent engineering discipline, and at least three years of
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`experience in the field of encryption and security, or the equivalent. Decl., 31-32,
`
`54-56. Additional education could substitute for professional experience, and
`
`significant work experience could substitute for formal education. Decl., 55.
`
`V. Ground 1: Claims 1, 3-7, 9, 10, and 12-18 Are Obvious Over Ludtke.
`A. Overview of Prior Art Ludtke
`Ludtke, filed December 11, 2000, is prior art under at least 35 U.S.C.
`
`§ 102(e). Ludtke, cover page. Ludtke discloses systems and methods of authorizing
`
`a user to conduct a transaction using a “biometric device” (also called a
`
`“transaction device”) such as a privacy card and/or digital wallet. Ludtke, Abstract,
`
`3:32-36, 6:36-44. The transaction device includes a processor, memory, and
`
`fingerprint recognition technology. Ludtke, 5:60-64, FIG. 7A. Ludtke stores
`
`“authorized fingerprint recognition samples,” a device ID corresponding to the
`
`privacy card, and a public key infrastructure (“PKI”) key on the transaction device.
`
`Ludtke, 11:66-12:7, 14:19-21, 38:26-29.
`
`When an authorized user attempts to use the transaction device, e.g., for a
`
`“shopping activity”, or other “service,” the user is “prompted to supply a
`
`fingerprint recognition sample,” as an initial security measure. Ludtke, 1:22-31,
`
`1:37-38, 14:33-40, 18:45-50, 18:52-55. The sample is compared to stored
`
`5
`
`

`

`
`fingerprints and if the sample is recognized, the user is authorized. Ludtke, 14:40-
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`46.
`
`In one embodiment, “the transaction device is used to trigger shopping
`
`activity” such as a “web-based transaction using a transaction device such as a
`
`privacy card and/or digital wallet at a personal point of sale (“POS”) terminal” by
`
`“clicking on a ‘Buy’ or similar button in the web browser.” Ludtke, 28:26-40. The
`
`POS asks the transaction device to “validate the user” and the user is “prompted to
`
`supply a fingerprint recognition sample,” as an initial security measure. Ludtke,
`
`1:22-31, 1:37-38, 14:33-42, 18:45-50, 18:52-55. The sample is compared to stored
`
`fingerprints and if the sample is recognized, the user is authorized. Ludtke, 14:41-
`
`46. Once the transaction device authorizes the user based on the matching
`
`biometric information, the personal POS terminal “opens a secure communications
`
`session to the TPCH, requesting a transaction” and “provides the transaction record
`
`that it received from the web browser and the unique ID of the transaction device.”
`
`Ludtke, 29:5-12 (emphasis added); see also Ludtke, 27:12-13 (“Privacy card
`
`information is provided to TPCH, step 1510.”), 34:25-27 (explaining that
`
`“necessary secure transaction communication with the TPCH” includes “providing
`
`the transaction data and its device ID.” (emphasis added)). The TPCH is a trusted
`
`third-party agent, separate from the transaction device, personal POS terminal, and
`
`the back-end transacting entity (e.g., vendor). Ludtke, 7:42-48, 9:26-42, FIG. 6.
`6
`
`

`

`Ludtke also discloses an alternate embodiment in which the POS
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`“functionality of providing secure communication and transactions with the
`
`Transaction Privacy Clearing House (TPCH)” described above “can be integrated
`
`into the digital wallet directly.” Ludtke, 28:41-45. Thus, Ludtke also discloses
`
`communicating the device ID directly from the transaction device to the TPCH
`
`responsive to a “match” between the scanned biometric data (fingerprint) and
`
`stored data.
`
`Next, “[t]he TPCH uses the unique ID of the transaction device to process
`
`the transaction. After validating that the transaction device is in good standing and
`
`that the selected account has sufficient funds for the transaction, the TPCH issues a
`
`transaction confirmation back to the personal POS terminal” that “reflects the
`
`transaction confirmation back to . . . the transaction device. The transaction device
`
`may display a transaction confirmation to the user and may additionally record the
`
`transaction in its local storage.” Ludtke, 29:12-24, FIG. 15.
`
`7
`
`

`

`
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Ludtke, FIG. 15.
`
`
`
`Ludtke is analogous art to the ’905 patent because it is directed to the same
`
`technical field: user authentication methods and systems. Compare Ex. 1001, 1:62-
`
`64, with Ludtke, 1:59-61. Decl., 33, 57-65.
`
`B. Claims
`1.
`Independent claim 1
`a.
`[1preamble]: “A method comprising:”
`To the extent limiting, Ludtke discloses [1preamble] because Ludtke
`
`discloses “[a] method of identifying an authorized user with a biometric device and
`
`enabling the authorized user to access private information” using a “transaction
`
`8
`
`

`

`
`device” such as a privacy card and/or digital wallet (integrated device). Ludtke,
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Abstract, 3:32-36; Decl., 73-74.
`
`Ludtke explains that “[t]he user connects to and performs transactions with
`
`[an] eCommerce system through a transaction device which has a unique identifier
`
`(ID)” such as “a privacy card is used” or “a digital wallet” (integrated devices).
`
`Ludtke, 3:32-36; Decl., 74.
`
`b.
`
`[1a]: “persistently storing biometric data of a
`legitimate user and an ID code on an integrated
`device”
`Ludtke discloses [1a] because its privacy card and/or digital wallet
`
`(integrated device) stores “authorized fingerprint recognition samples” (biometric
`
`data of the legitimate user) in a “user identity/account information block 760” or
`
`“write-once memory, or other memory that is protected from accidental
`
`modification” (persistent storage) (Ludtke, 13:27-29, 14:19-21, 19:9-14, 19:40,
`
`FIGS. 7B-7C) and a “unique transaction device ID value[]” (ID code) in its
`
`“permanent memory.” Ludtke, 30:20-23; Decl., 75-80.
`
`The ’905 defines “integrated device” as a device, such as a “mobile phone
`
`(e.g. a cellular phone or Smartphone), tablet, laptop, mp3 player, mobile gaming
`
`device, watch, key fob or other mobile device” “having an integrated biometric
`
`key.” Ex. 1001, 2:43-50, 4:10-16 (emphasis added). The ’905 patent further
`
`describes a “biometric key” as including the elements illustrated in Figure 2,
`
`9
`
`

`

`
`including a biometric module, a control module, and an RF module. Ex. 1001, FIG.
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`2, 4:42-5:64. Ludtke’s transaction devices (such as a digital wallet or privacy card)
`
`likewise includes a biometric key and constitute an integrated device consistent
`
`with this construction, as explained below. Decl., 76.
`
`Ludtke further explains that its privacy card has a “user identity/account
`
`information block 760 [that] stores data about the user and accounts that are
`
`accessed by the card” including “the authorized fingerprint recognition samples.”
`
`Ludtke, 13:27-29, 14:19-21, 14:13-18 (emphasis added) (explaining that the
`
`privacy card embodied in Figure 7C “may include those functions set forth in
`
`FIG. 7b, referred to herein as first generation privacy card technology block 775
`
`and FeliCa2 Technology block 774.”); Decl., 77.
`
`Ludtke further explains that “[t]he fingerprint data entry process may be
`
`performed at least twice, to confirm that the user has entered the correct data (using
`
`the correct fingerprint). If confirmation succeeds, “the device writes the fingerprint
`
`image data into write-once memory” (persistent storage). Ludtke, 19:9-14, 19:29-
`
`40 (emphasis added); Decl., 78.
`
`
`2 FeliCa is a “contactless (wireless) card execution platform.” Ludtke, 11:1-5.
`10
`
`

`

`
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`Ludtke, FIG. 7 (annotated).
`
`Ludtke further discloses that the transaction device (integrated device) stores
`
`a “unique transaction device ID value[]” (device ID code) in its “permanent
`
`memory” (persistent storage). Ludtke, 30:20-23; Decl., 79.
`
`Ludtke’s stored device ID, like “globally unique silicon ID (GUID) 764[,] is
`
`used to identify the privacy card among other existing transaction cards,” and thus
`
`uniquely identifies the privacy card (integrated device). Ludtke, 13:39-41. The
`
`device ID is stored along with other codes and data values, e.g., magnetic stripe
`
`11
`
`

`

`
`and bar codes, which allow the transaction device to interface with a POS terminal.
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`Ludtke, 8:63-67, 9:18-25, 23:11-19; Decl., 80.
`
`c.
`
`[1b]: “responsive to receiving a request for a
`biometric verification of a user, receiving, from a
`biometric sensor, scan data from a biometric scan
`performed by the biometric sensor;”
`Ludtke discloses [1b] because Ludtke discloses “validating that the user
`
`interacting with the device is an authorized user” by prompting the user to “supply
`
`a fingerprint recognition sample” and receiving a fingerprint sample (scan data)
`
`from a “fingerprint recognition pad” (a biometric sensor) in response to the prompt
`
`(request for biometric verification). Ludtke, 14:33-42; Decl., 81-82.
`
`In Ludtke, the privacy card user authentication1 block 777 “includes a
`
`biometric solution” such as a fingerprint recognition pad for “validating that the
`
`user interacting with the device is an authorized user.” Ludtke, 14:33-40. In
`
`operation, “the user is prompted to supply a fingerprint recognition sample,” after
`
`which the “block captures the sample, and carries out a recognition algorithm
`
`against the authorized samples that are stored in the user identity block … If a
`
`match is found, the user is authorized to access the data and functionality of the
`
`1 The authentication block performs authorization that is distinct from the
`
`authentication performed by the third-party trusted authority described in [1e]
`
`below.
`
`12
`
`

`

`
`device.” Ludtke, 14:40-46; Decl., 82; see also Ludtke, 16:47-49 (explaining that
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`the digital wallet also receives biometric scan data after prompting).
`
`d.
`
`[1c]: “comparing the scan data to the biometric data
`to determine whether the scan data matches the
`biometric data;”
`Ludtke discloses [1c] because, as explained for [1b], the transaction device
`
`uses a “recognition algorithm” to compare the fingerprint sample (scan data)
`
`“against the authorized samples that are stored in the user identity block”
`
`(biometric data) to determine “a match.” Ludtke, 14:40-46; Decl., 83.
`
`e.
`
`[1d]: “responsive to a determination that the scan
`data matches the biometric data, wirelessly sending
`the ID code for comparison by a third-party trusted
`authority against one or more previously registered
`ID codes maintained by the third-party trusted
`authority; and”
`Ludtke discloses or renders obvious [1d] because Ludtke discloses
`
`transferring (sending) the transaction device ID (ID code) to a “single trusted” and
`
`“highly secured” transaction processing clearing house (TPCH) (third-party trusted
`
`authority) for validation/confirmation using e.g. “wireless or cellular signals”
`
`(wirelessly) once a fingerprint match is identified. Ludtke, 5:63-64, 7:46-48, 9:26-
`
`30, 9:35-42, 9:51-59, 28:50-29:12, 30:23-27; Decl., 84-97.
`
`13
`
`

`

`First, Ludtke determines whether the scan data matches the biometric data
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`
`
`(as explained for [1b] and [1c]) and sends the transaction device ID to a TPCH
`
`responsive to a “match” between the scan data and stored data. Decl., 85.
`
`In one embodiment, “the transaction device is used to trigger shopping
`
`activity” such as a “web-based transaction using a transaction device such as a
`
`privacy card and/or digital wallet and a personal POS terminal,” “the user may tap
`
`on an on-screen icon being displayed by the transaction device, e.g., digital wallet;
`
`and the digital wallet transmits a signal,” which “causes” a “web browser” for
`
`purchasing desired content “to launch.” Ludtke, 28:15-18, 28:26-40. “Once a
`
`transaction has been triggered, the browser communicates with the personal POS
`
`terminal, requesting it to initiate a transaction” and “provides a transaction record,
`
`which includes all of the necessary data to support th[e] transaction, including a list
`
`of items being purchased, unit cost and quantity, the vendor who will provide the
`
`items, etc.” Ludtke, 28:13-18, 28:50-56; Decl., 86.
`
`The POS asks the transaction device to “validate the user” and the user is
`
`“prompted to supply a fingerprint recognition sample,” as an initial security
`
`measure. Ludtke, 1:22-31, 1:37-38, 14:33-42, 18:45-50, 18:52-55, 28:57-62. The
`
`sample is compared to stored fingerprints and if the sample is recognized, the user
`
`is authorized. Ludtke, 14:41-46. After the transaction device receives the
`
`fingerprint recognition sample “to confirm [an] entire transaction and that the user
`14
`
`

`

`
`is authorized,” the personal POS terminal “opens a secure communications session
`
`IPR2024-01335
`U.S. Patent No. 9,298,905
`
`to the TPCH, requesting a transaction” and “provides the transaction record that it
`
`received from the web browser and the unique ID of the transaction device.”
`
`Ludtke, 28:50-29:12 (emphases added); Decl., 87; see also Ludtke, 27:12-13
`
`(“Privacy card information is provided to TPCH, step 1510.”), 34:25-27
`
`(explaining that “necessary secure transaction communication with the TPCH,
`
`providing the transaction data and its device ID.”) (emphasis added).
`
`The “confirmation that the user is authorized” is based on the match between
`
`the scan data and stored data as explained for [1b] and [1c]. Ludtke, 14:40-46. See
`
`also Ludtke, 4:62-5:1 (“The transaction device enhances security by authenticating
`
`the user of the card prior to usage such that if a card is lost or stolen, it is useless in
`
`the hands