Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 1 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 1 of 132
`
`EXHIBIT C
`EXHIBIT C
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 2 of 132
`
`Appendix C – Claim Chart for US Patent No. 9,189,787 Against Accused Apple Products - CONFIDENTIAL
`
`Based on information presently available, RFCyber Corp. (“RFCyber”) contends that Defendant Apple Inc. (“Apple” or “Defendant”) infringes claims 1-19 (the “Asserted Claims”)
`of U.S. Patent No. 9,189,787 (the “’787 Patent”) through the Accused Products which are manufactured, sold, offered for sale, and/or used by Apple.
`
`The Accused Products include at least all iPhones and Apple watches running or containing Apple Wallet, Apple Pay and/or Apple Cash, and all supporting computer systems and/or
`servers providing functionality related thereto.
`
`For example, the Accused Products include, but are not limited to, the following Accused Devices: and all versions and variants of iPhone and Apple Watch made, sold, offered for
`sale, used, or imported in the United States since the launch of Apple Pay in October 2014, including at least all versions and variants of iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone
`6s Plus, iPhone SE (1st generation), iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XR, iPhone XS, iPhone XS Max, iPhone 11, iPhone 11 Pro, iPhone 11 Pro
`Max, iPhone SE (2nd generation), iPhone 12 mini, iPhone 12, iPhone 12 Pro, iPhone 12 Pro Max, iPhone 13 mini, iPhone 13, iPhone 13 Pro, iPhone 13 Pro Max, Apple Watch (1st
`generation), Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, Apple Watch Series 4, Apple Watch Series 5, Apple Watch SE, Apple Watch Series 6, and Apple
`Watch Series 7. RFCyber reserves the right to amend this list of Accused Devices as discovery progresses.
`
`For example, the Accused Products include, but are not limited to, the following Accused Apps: Apple Wallet, Apple Pay and/or Apple Cash and all versions and variants thereof.
`
`Apple directly infringes each of the Asserted Claims by importing, using, selling, and/or offering to sell the Accused Products in violation of 35 U.S.C. § 271(a). Accused Devices
`are preloaded with apps required to use Accused Services.
`
`Apple indirectly infringes the Asserted Claims in violation of 35 U.S.C. § 271(b) by inducing third parties, including Apple customers and end-users, to directly infringe through
`their operation and use of the Accused Products. Apple has knowingly and intentionally induced this direct infringement by, inter alia, (i) selling, importing, or otherwise providing
`the Accused Products to third parties with the intent that the Accused Products will be operated and used in a manner that practices the Asserted Claims; and (ii) marketing and
`advertising the Accused Products. Apple’s marketing and promotional materials for the Accused Products are found, for example, on Apple’s website. For example, Apple’s website
`offers customers downloadable User Manuals for the Accused Products that instruct customers to, among other things, set up, personalize, and use Apple Pay and Apple Cash. Apple
`further provides tutorials with the Accused Products that instruct customers to, among other things, use the Accused Products in an infringing manner. Apple’s website also offers
`support to customers, including instruction to, among other things, use Apple Pay and Apple Cash to perform transactions. On information and belief, Apple knows that its actions
`will result in infringement of the Asserted Claims, or subjectively believes that there is a high probability that its actions will result in infringement of the Asserted Claims but has
`taken deliberate actions to avoid learning these facts.
`
`Apple also contributorily infringes each of the Asserted Claims in violation of 35 U.S.C. § 271(c) by selling, importing, and offering for sale the Accused Products which when used
`directly infringe the Asserted Claims. The Accused Products constitute a material part of the Asserted Claims.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 3 of 132
`
`The following chart identifies specifically where each limitation of each Asserted Claim is found within the Accused Products and, in particular, the corresponding elements that
`meet the limitation in the Apple iPhone 13 Pro installed with Apple Pay. On information and belief, the Apple iPhone 13 Pro is representative of all Accused Devices which practice
`the Asserted Claims in a manner consistent with the Apple iPhone 13 Pro.
`
`RFCyber does not concede that any claims of the ʼ787 Patent that are not listed below are not infringed by the identified Accused Products. Moreover, the citations to certain
`documents and other information below are intended to be exemplary only and in no way foreclose RFCyber from citing or relying on additional documents, information, source
`code, and/or testimony at a later time. These contentions are preliminary in nature, and an analysis of Apple’s products, internal documentation, source code, and/or testimony from
`relevant witnesses may more fully and accurately describe the infringing features of its Accused Products. Accordingly, RFCyber reserves the right to supplement, correct, modify,
`and/or amend these contentions once such additional information is made available to RFCyber. Furthermore, RFCyber reserves the right to supplement, correct, modify, and/or
`amend these contentions as discovery in this case progresses; in view of the Court’s claim construction order(s); in view of any positions taken by Apple including, but not limited
`to, positions on claim construction, invalidity, and/or non-infringement; and in connection with the preparation and exchange of expert reports.
`To the extent Apple contends that any element of the Accused Products is attributable to a third party, RFCyber contends that the activities are attributable to Apple such that they
`constitute direct infringement by Apple under 271(a). The acts may be attributable to Apple because Apple directs or controls the others’ performance, and because Apple and the
`other entity form a joint enterprise. Akamai Techs., Inc. v. Limelight Networks, Inc., 797 F.3d 1020, 1022 (Fed. Cir. 2015). Additionally, Apple is vicariously liable for the activities
`of these other entities. Centillion Data Sys., LLC v. Qwest Commc'ns Int'l, Inc., 631 F.3d 1279, 1286 (Fed. Cir. 2011). Further, the activities of these entities (including manufacturers,
`distributors, and users of the Accused Products consumers), are attributable to Apple because Apple (1) conditions participation in an activity or receipt of a benefit upon others’
`performance of one or more steps of a patented method, and (2) establishes the manner or timing of that performance. Eli Lilly & Co. v. Teva Parenteral Medicines, Inc., 845 F.3d
`1357, 1365 (Fed. Cir. 2017). These acts are also attributed to Apple because it initiated the activities of its end-users. SiRF Tech., Inc. v. Int'l Trade Comm'n, 601 F.3d 1319, 1330
`(Fed. Cir. 2010).
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 4 of 132
`
`Claim
`
`1. A portable device for
`commerce, the portable
`device comprising:
`
`Apple Accused Products
`
`Every Accused Product comprises a portable device for commerce.
`
`For example, the iPhone 13 Pro includes a system for commerce, e.g. Apple Pay and/or Apple Wallet.
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 5 of 132
`
`1[a] an emulator loaded in
`a smart card module for
`storing security values and
`updated transaction logs,
`and an e-purse applet to
`cause the portable device
`to function as an electronic
`purse (e-purse),
`
`Every Accused Product comprises an emulator loaded in a smart card module for storing security values and updated transaction logs, and an e-purse applet
`to cause the portable device to function as an electronic purse (e-purse).
`
`For example, the iPhone 13 Pro includes or communicates with a smart card, such as, but not limited to, an NFC module and/or the assembly of NFC
`Module, secure element, processor, microcontroller, and/or memory. For example, the Accused iPhone 13 Pro includes or communicates with a smart card,
`such as a smart card comprising an NXP SN210, which includes an NFC controller and secure element.1
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`For example, the Accused iPhone 13 Pro further includes and/or communicates with a smart card comprising a NNXP SN210 NFC Controller and secure
`element, Flash memory (e.g. KIOXIA NAND Flash) or RAM memory (e.g. LPDDR4X SDRAM of an A15 Bionic SoC), and/or additional memory, such
`as Flash, RAM, ROM, and/or EEPROM.
`
`
`
`
`1 RFCyber uses exemplary documentation for the PN80T, PN553, and NXP SE050 Secure Element as representative of the NFC controllers and secure elements of all the Accused
`Apple Mobile Devices.
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 6 of 132
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`For example, the Accused Products further comprise a smart card such as a secure enclave:
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 7 of 132
`
`iOS Security White Paper at 9.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 8 of 132
`
`The smart card of every Accused Product (e.g. NFC Module, NFC Controller, and/or secure element) is pre-loaded with an emulator configured to execute
`a request from an e-purse applet (e.g. a payment card applet within Apple Pay) and provide a response the e-purse applet is configured to expect. For
`example, the emulator is configured to execute a request from an e-purse applet (e.g. an applet corresponding to a credit, debit, transit, or loyalty card within
`Apple Pay, and/or to Apple Cash) when making a purchase and/or personalizing the applet (e.g. by adding a new card or modifying an existing card).
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 9 of 132
`
`iOS Security White Paper at 48.
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 10 of 132
`
`https://support.apple.com/guide/security/secure-element-and-nfc-controller-seccb53a35f0/web
`See also:
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 11 of 132
`
`https://www.yumpu.com/en/document/read/54554964/an-analysis-of-apple-pay at 6-7.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 12 of 132
`
`https://support.apple.com/guide/security/apple-pay-component-security-sec2561eb018/web
`For example, the on information and belief, the SN210 of the Accused iPhone 13 Pro includes hardware and software components for emulating a payment
`card when interacting with a card reader. For example, upon information and belief, the SN210 includes substantially similar card emulation functionality to
`that of the NXP PN553, for which a datasheet is publicly available:
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 13 of 132
`
`PN553 Data sheet at 1
`
`
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 14 of 132
`
`PN553 Datasheet at 108
`
`
`PN553 Datasheet at 133.
`
`See also:
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 15 of 132
`-cv-00916-ADA-DTG Document 94-2 FI
`
`times
`
`\TURES
`> Security certified according to CC EAL5+
`>» EEPROM: 8 to 144 KB
`- Data retention time: 25 years
`- Endurance: 500 000 cycles minimum
`ROM: 160 to 264 KB
`RAM: 3.5 to 7.5 KB
`Interfaces
`- Contact interface according to ISO/IEC 7816
`- Contactless interface according to ISO/IEC 14443 A
`Voltage class: C, B, and A (1.62 to 5.5 V)
`Memory Management Unit (MMU)
`MIFARE DESFire™EV1 2K / 4K / 8K implementation
`MIFARE™Classic 1K / 4K implementation with
`MIFARE FleX™framework (configure ID, activation
`parameters, exit conditions)
`High-speed 3-DES coprocessor (64-bit parallel)
`High-speed AES coprocessor(128-bit parallel)
`PKI (RSA, ECC) coprocessor FameXE(32-bit parallel)
`Broad spectrumof delivery types
`- 150 pmand 75 » sawn wafers
`
`- Contact, dual interface and contactless chip modules down
`to 250 p width
`- Very tiny SMD packages
`
`PLICATION
`> Public Transport
`- Powerful platform for national AFC schemes and
`convergence with banking or eGov
`» eGovernment
`- ePassports, national ID cards, health and social-security
`cards, citizen cards and resident permits, driver's licenses,
`high-security physical/logical access control
`» Banking
`Debit, credit (MasterCard PayPass, VISA qVSDC),
`convergence (payment and public transportation), loyalty,
`mobile payment
`» The SmartMX Family is steadily enhanced with regard to most
`recent CMOSprocess technology generations thus always
`offering best constraints for security and optimized transaction
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 16 of 132
`
`
`
`
`For example, the memory of the Accused iPhone 13 Pro is further pre-loaded with software that emulates a payment card.
`For example, the emulator of the iPhone 13 Pro is configured to execute a request from an e-purse applet, such as a payment card applet, within an e-purse
`such as Apple Pay, and to provide a response that applet is configured to expect. For example, the emulator of the Accused iPhone 13 Pro is configured to
`execute a request from a chosen payment or loyalty card applet when making a purchase and/or personalizing the applet (e.g. by adding a new card), and is
`configured to provide a response the payment card applet is configured to expect.
`For example, this functionality is shown in log files captured from an iPhone 13 during a contactless purchase transaction:
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 17 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 17 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 18 of 132
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 19 of 132
`
`1[b] an e-purse applet to
`cause the portable device
`to function as an electronic
`purse (e-purse),
`
`Every Accused Product comprises an e-purse applet to cause the portable device to function as an electronic purse (e-purse).
`For example the iPhone 13 Pro comprises at least one card applet (e.g. an applet corresponding with a payment card such as a credit card, debit card, loyalty
`card, gift card, and/or Apple Cash), which causes the portable device (e.g. a smartphone or smartwatch) to function as an electronic purse, e.g. such that it
`can conduct transactions over NFC and/or the internet.
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 20 of 132
`
`iOS Security White Paper at 48.
`Activity while adding a card (excerpted from AP-AMEX-Add.log; see also AP-Apple-Cash-Add.log, AP-Clipper-Add-and-Fund.log):
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 21 of 132
`
`Oba
`
`Adding Card
`
`EJ Windows PowerShell
`
`PS C:\> timeclock
`2021-11-27 11:11:67.43
`
`
`
`
`TNTManele]
`A
`
`Adding to Wallet...
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 22 of 132
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 23 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 23 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 24 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 24 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 25 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 25 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 26 of 132
`
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 27 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 27 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 28 of 132
`
`
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 29 of 132
`
`1[c] wherein both of the
`emulator and e-purse
`applet are already
`personalized via a
`personalization process
`built on a first security
`channel so that the
`emulator is set to store a
`set of keys for subsequent
`data access authentication
`and the e-purse applet is
`configured to conduct a
`transaction with a network
`server over a second
`security channel;
`
`Every Accused Product comprises and emulator and e-purse applet wherein both of the emulator and e-purse applet are already personalized via a
`personalization process built on a first security channel so that the emulator is set to store a set of keys for subsequent data access authentication.
`For example, the emulator and e-purse applet are already personalized after a card is provisioned to Apple Pay.
`For example, the iPhone 13 Pro performs a personalization process (such as setting up Apple Pay) that personalizes the emulator and the e-purse applet
`(such as by adding a new card) built on first security channel (e.g. a Security Domain), between the device and an external system such as a security module
`located behind a payment server (e.g. an Apple Pay application server, TSM server, and/or TSP server). The emulator (such as the emulator on the smart
`card module) is set to store the generated keys for subsequent data access authentication in the smart card module.
` For example, the iPhone 13 Pro performs a method of personalizing the e-purse applet (e.g. an applet corresponding with a credit card, debit card, transit
`card, loyalty card, Apple Cash, or other payment card) when provisioning a card to Apple Pay and/or Apple Wallet. For example the Accused Products read
`off data from the smart card, (e.g. by reading a device account number or secure element ID (aka “SEID”) off of a secure element, or other identifier or
`certificate off of the smart card), to generate one or more operation keys, such as an SSID, Virtual Card ID, Secure Element ID, Security Domain key,
`certificate, and/or a session key, that are subsequently used to establish a secured connection between the e-purse applet and an e-purse SAM external to the
`smart card (e.g. a hardware security module, vault, and/or software security module of an Apple Pay, TSM, TSP server, issuer server, and/or a web or
`application server connected thereto).
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 30 of 132
`
`iOS Security White Paper at 48.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 31 of 132
`
`iOS Security White Paper at 49.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 32 of 132
`
`iOS Security White Paper at 49.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 33 of 132
`
`
`
`
`
`iOS Security White Paper at 49-50.
`See also:
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 34 of 132
`
`iOS Security White Paper at 15.
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 35 of 132
`
`Enrolling a card — Step |
`
`Passbook
`
`Authentication
`YoaAsls
`
`Send “card to authorise” details to apple
`Uses Secure Element Identifier and
`AppleToken for authentication
`
`and URL for the terms and conditions
`
`https://nc-pod2-smp-device.apple.com/broker/v2/devices/<selD>/cards
`
`JSON of AID, card identifier, sanitized PAN
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 36 of 132
`
`Enrolling a card — Step 4
`
`the signature
`
`Retreive the generated Passkit pass
`https://nc-pod2-smp-deviceapple.com/broker/V1/
`paymentpass.com.apple/<generateURL>
`
`Passbook
`
`Authentication
`ae
`
`Zipped package containing:
`Images, JSON containing pass details and
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 37 of 132
`
`o1@LUSINVZe
`
`Authentication
`aaa
`
`Enrolling a card — Step 5
`
`Openssl ocsp -respin <response> -text
`
`Verify certificates using OCSP
`
`hitp://ocsp.apple.com/ocsp03-wwaro2/<hash of cert>
`
`OCSP response
`(check with openssl:
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 38 of 132
`
`Enrolling a card — Step 6
`
`seld
`
`Authentication
`Server
`
`secure element.
`
`Retrieve commands to run on the Secure
`Element, contains certificates, supported
`cards and secure element Id.
`
`http://nc-pod2-smp-device.apple.com/ism/,
`<seld>/get_pending_commands
`
`List of EMV Commands to execute on the
`
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 39 of 132
`
`Enrolling a card — Step 7
`
`Passbook
`
`Authentication
`Server
`
`e.g email, SMS or phone call
`
`Retrieve a list of the authentication methods
`supported
`nc-pod2-smp-device.apple.com/broker/v2/devices
`passes/paymentpass.com.apple/<providedURL>/activationMethods
`
`JSON of authentication method data.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 40 of 132
`
`Passbook
`
`Authentication
`Server
`
`Enrolling a card — Step 8
`
`Confirm Response
`
`Send selected method identifer
`
`eeRPTcom.eo:AkeSee
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 41 of 132
`
`oie)
`
`Authentication
`Server
`
`Enrolling a card — Step 9
`
`Confirm Response
`
`Send results of EMV command execution
`from the secure element
`
`http://nc-pod2-smp-device.apple.com/tsm/
`<seld>/get_pending_commands
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 42 of 132
`
`https://www.yumpu.com/en/document/read/54554964/an-analysis-of-apple-pay at 13-25.
`See also:
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 43 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 43 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 44 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 44 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 45 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 45 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 46 of 132
`
`
`Activity during Web payment transaction (excerpted from AP-NYTimes-Amex-Subscribe.log):
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 47 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 47 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 48 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 48 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 49 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 49 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 50 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 50 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 51 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 51 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 52 of 132
`
`
`Activity during a payment transaction to fund a Clipper card (excerpted from AP-Clipper-Add-and-Fund.log):
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 53 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 53 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 54 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 54 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 55 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 55 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 56 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 56 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 57 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 57 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 58 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 58 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 59 of 132
`
`
`For example, the secure key(s) are subsequently used to establish a secured channel (e.g. a security domain, secured session, and/or other channel or session
`protected by keys) between the e-purse applet (e.g. payment card Applet) and an e-purse security authentication module external to the smart card, such as
`a SAM behind a payment server (e.g. an HSM, vault, or software-based security authentication module behind an Apple Pay, TSP, TSP, and/or issuer
`server, or application and/or web server(s) connected thereto).
`See also claim element 1[c], discussing communication facilitated between a smart-card applet and a payment server.
`For example, the NXP SE050 secure element includes MIFARE SAM functionality which, upon information and belief, is implemented in the Accused
`Products.
`
`SE050 Data Sheet at 8.
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 60 of 132
`
`1[d] a first interface
`configured to perform field
`communication (NFC)
`with a reader to perform
`electronic commerce with
`the e-purse applet against a
`fund stored in the
`emulator;
`
`Every Accused Product comprises a first interface configured to perform field communication (NFC) with a reader to perform electronic commerce with the
`e-purse applet against a fund stored in the emulator.
`
`For example, the Galaxy iPhone 13 Pro includes an NFC interface (such as the NXP PN80T) to perform electronic commerce with the e-purse applet
`against a fund stored in the emulator (e.g. a stored value, a limited use key, token, and/or other stored fund).
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 61 of 132
`
`1[e] a second interface
`configured to perform
`mobile commerce with a
`payment server via an
`application against the
`fund stored in the
`emulator; and:
`
`Every Accused Apple Mobile Device comprises a second interface configured to perform mobile commerce with a payment server via an application
`against the fund stored in the emulator.
`
`For example, the iPhone 13 Pro includes a second interface (e.g. a wireless interface such as a WIFI interface, WLAN interface, cellular network interface,
`or other network interface) configured to perform commerce with a payment server (e.g. an Apple Pay application server, TSM server, and/or TSP server)
`via an application (e.g. an e-purse applet and/or Apple Pay or Apple Cash, and/or Apple Wallet) against the fund stored in the emulator (e.g. a stored value,
`a limited use key, token, and/or other stored fund)
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`See also:
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 62 of 132
`
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 63 of 132
`
`Every Accused Product comprises a purse manager midlet being executed in the portable device to act as an agent to facilitate communications between the
`e-purse applet and a payment server to conduct transactions therebetween.
`For example, the iPhone 13 Pro includes a purse manager midlet, such as software components of the Apple Pay application, Passkit, and/or associated
`frameworks, daemons, and drivers (e.g. the PassKit Framework, Nearfield framework, nfc daemon, seld daemon, and/or pass daemon).
`
`1[f] a purse manager
`midlet being executed in
`the portable device to act
`as an agent to facilitate
`communications between
`the e-purse applet and a
`payment server to conduct
`transactions therebetween.
`
`https://www.yumpu.com/en/document/read/54554964/an-analysis-of-apple-pay at 6-7.
`
`
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 64 of 132
`
`For example, the midlet , acts as an agent to facilitate communications between the e-purse applet (such as a payment card applet) and a payment server
`(such as a payment gateway, payment network server, financial entity server, or issuer server) to conduct transactions therebetween (e.g. NFC, online, in-
`app, and/or peer-to-peer transactions).
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 65 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 65 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 66 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 66 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 67 of 132
`
`
`Activity during Web payment transaction (excerpted from AP-NYTimes-Amex-Subscribe.log):
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 68 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 68 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 69 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 69 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 70 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 70 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 71 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 71 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 72 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 72 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 73 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 73 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 74 of 132
`
`Activity during a payment transaction to fund a Clipper card (excerpted from AP-Clipper-Add-and-Fund.log):
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 75 of 132
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 75 of 132
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 76 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 76 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 77 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 77 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 78 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 78 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 79 of 132
`
`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 79 of 132
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 80 of 132
`
`
`For example, the midlet comprising Apple Pay may further comprise NFC middleware and/or an Android API configured to facilitate communication
`between a card applet and a payment server.
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-2 Filed 08/16/22 Page 81 of 132
`
`2. The portable device as
`recited in claim 1, further
`comprising a security
`module configured to
`install and personalize the
`e-purse applet via either
`the first interface or the
`second interface, wherein
`the keys are updated when
`the personalization process
`built on the first security
`channel completes.
`
`Every Accused Product comprises a security module configured to install and personalize the e-purse applet via either the first interface or the second
`interface, wherein the keys are updated when the personalization process built on the first security channel completes.
`For example, the Galaxy iPhone 13 Pro includes a security module, such as a soft