Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 1 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 1 of 103
`
`EXHIBIT F
`EXHIBIT F
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 2 of 103
`
`Appendix F – Claim Chart for US Patent No. 11,018,724 Against Accused Apple Products - CONFIDENTIAL
`
`Based on information presently available, RFCyber Corp. (“RFCyber”) contends that Defendant Apple, Inc. (“Apple”) infringes claims 1-11 (the “Asserted Claims”) of U.S. Patent
`No. 11,018,724 (the “’724 Patent”) through the Accused Products which are manufactured, sold, offered for sale, and/or used by Apple.
`
`
`The Accused Products include at least all iPhones and Apple watches running or containing Apple Wallet, Apple Pay and/or Apple Cash, and all supporting computer systems and/or
`servers providing functionality related thereto.
`
`For example, the Accused Products include, but are not limited to, the following Accused Devices: and all versions and variants of iPhone and Apple Watch made, sold, offered for
`sale, used, or imported in the United States since the launch of Apple Pay in October 2014, including at least all versions and variants of iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone
`6s Plus, iPhone SE (1st generation), iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XR, iPhone XS, iPhone XS Max, iPhone 11, iPhone 11 Pro, iPhone 11 Pro
`Max, iPhone SE (2nd generation), iPhone 12 mini, iPhone 12, iPhone 12 Pro, iPhone 12 Pro Max, iPhone 13 mini, iPhone 13, iPhone 13 Pro, iPhone 13 Pro Max, Apple Watch (1st
`generation), Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, Apple Watch Series 4, Apple Watch Series 5, Apple Watch SE, Apple Watch Series 6, and Apple
`Watch Series 7. RFCyber reserves the right to amend this list of Accused Devices as discovery progresses.
`
`For example, the Accused Products include, but are not limited to, the following Accused Apps: Apple Wallet, Apple Pay and/or Apple Cash and all versions and variants thereof.
`
`Apple directly infringes each of the Asserted Claims by importing, using, selling, and/or offering to sell the Accused Products in violation of 35 U.S.C. § 271(a). Accused Devices
`are preloaded with apps required to use Accused Services.
`
`Apple indirectly infringes the Asserted Claims in violation of 35 U.S.C. § 271(b) by inducing third parties, including Apple customers and end-users, to directly infringe through
`their operation and use of the Accused Products. Apple has knowingly and intentionally induced this direct infringement by, inter alia, (i) selling, importing, or otherwise providing
`the Accused Products to third parties with the intent that the Accused Products will be operated and used in a manner that practices the Asserted Claims; and (ii) marketing and
`advertising the Accused Products. Apple’s marketing and promotional materials for the Accused Products are found, for example, on Apple’s website. For example, Apple’s website
`offers customers downloadable User Manuals for the Accused Products that instruct customers to, among other things, set up, personalize, and use Apple Pay and Apple Cash. Apple
`further provides tutorials with the Accused Products that instruct customers to, among other things, use the Accused Products in an infringing manner. Apple’s website also offers
`support to customers, including instruction to, among other things, use Apple Pay and Apple Cash to perform transactions. On information and belief, Apple knows that its actions
`will result in infringement of the Asserted Claims, or subjectively believes that there is a high probability that its actions will result in infringement of the Asserted Claims but has
`taken deliberate actions to avoid learning these facts.
`
`Apple also contributorily infringes each of the Asserted Claims in violation of 35 U.S.C. § 271(c) by selling, importing, and offering for sale the Accused Products, which when used
`directly infringe the Asserted Claims. The Accused Products constitute a material part of the Asserted Claims.
`
`
`
`
`
`1
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 3 of 103
`
`The following chart identifies specifically where each limitation of each Asserted Claim is found within the Accused Products and, in particular, the corresponding elements that
`meet the limitation in the Apple iPhone 13 Pro installed with Apple Pay. On information and belief, the Apple iPhone 13 Pro is representative of all Accused Devices which practice
`the Asserted Claims in a manner consistent with the Apple iPhone 13 Pro.
`
`RFCyber does not concede that any claims of the ʼ724 Patent that are not listed below are not infringed by the identified Accused Products. Moreover, the citations to certain
`documents and other information below are intended to be exemplary only and in no way foreclose RFCyber from citing or relying on additional documents, information, source
`code, and/or testimony at a later time. These contentions are preliminary in nature, and an analysis of Apple’s products, internal documentation, source code, and/or testimony from
`relevant witnesses may more fully and accurately describe the infringing features of its Accused Products. Accordingly, RFCyber reserves the right to supplement, correct, modify,
`and/or amend these contentions once such additional information is made available to RFCyber. Furthermore, RFCyber reserves the right to supplement, correct, modify, and/or
`amend these contentions as discovery in this case progresses; in view of the Court’s claim construction order(s); in view of any positions taken by Apple, including, but not limited
`to, positions on claim construction, invalidity, and/or non-infringement; and in connection with the preparation and exchange of expert reports.
`To the extent Apple contends that any element of the Accused Products is attributable to a third party, RFCyber contends that the activities are attributable to Apple such that they
`constitute direct infringement by Apple under 271(a). The acts may be attributable to Apple because Apple directs or controls the others’ performance, and because Apple and the
`other entity form a joint enterprise. Akamai Techs., Inc. v. Limelight Networks, Inc., 797 F.3d 1020, 1022 (Fed. Cir. 2015). Additionally, Apple is vicariously liable for the activities
`of these other entities. Centillion Data Sys., LLC v. Qwest Commc'ns Int'l, Inc., 631 F.3d 1279, 1286 (Fed. Cir. 2011). Further, the activities of these entities (including manufacturers,
`distributors, and users of the Accused Products consumers), are attributable to Apple because Apple (1) conditions participation in an activity or receipt of a benefit upon others’
`performance of one or more steps of a patented method, and (2) establishes the manner or timing of that performance. Eli Lilly & Co. v. Teva Parenteral Medicines, Inc., 845 F.3d
`1357, 1365 (Fed. Cir. 2017). These acts are also attributed to Apple because it initiated the activities of its end-users. SiRF Tech., Inc. v. Int'l Trade Comm'n, 601 F.3d 1319, 1330
`(Fed. Cir. 2010)
`
`
`
`2
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 4 of 103
`
`Claim
`
`Apple Accused Products
`
`
`
`3
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 5 of 103
`
`1[p]. A mobile device for
`emulating a plurality of
`cards, the mobile device
`comprising:
`
`Every Accused Product comprises a mobile device for emulating a plurality of cards.
`For example, the iPhone 13 Pro comprises a mobile device for emulating a plurality of payment cards, such as a plurality of cards (e.g. credit, debit,
`loyalty, membership, and/or gift cards, or Apple Cash) provisioned in Apple Pay and/or Apple Wallet.
`
`
`AP-Clipper-Add-and-Fund.wmv at 1:38.
`
`
`
`4
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 6 of 103
`
`https://www.macrumors.com/roundup/apple-pay/
`
`
`
`
`
`5
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 7 of 103
`
`Every Accused Product comprises a display screen showing a list of a plurality of applications for a user of the mobile device to select one therefrom, each
`application corresponding to one card in the plurality of cards.
`For example, the iPhone 13 Pro comprises a display screen which shows multiple cards (e.g. credit, debit, loyalty, membership, and/or gift cards, or Apple
`Cash) added to Apple Pay and/or Apple Wallet, and allows a user to select from the multiple cards.
`
`1[a] a display screen
`showing a list of a plurality
`of applications for a user of
`the mobile device to select
`one therefrom, each
`application corresponding
`to one card in the plurality
`of cards;
`
`
`AP-Clipper-Add-and-Fund.wmv at 1:38.
`
`
`
`6
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 8 of 103
`
`https://www.macrumors.com/roundup/apple-pay/
`For example, each card includes a corresponding application (e.g. a card applet).
`
`
`
`
`
`
`7
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 9 of 103
`
`iOS Security White Paper at 48.
`
`
`
`
`
`8
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 10 of 103
`
`iOS Security White Paper at 51.
`
`
`
`
`
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`
`
`9
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 11 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 11 of 103
`
`
`
`10
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 12 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 12 of 103
`
`
`
`11
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 13 of 103
`
`Activity during Web payment transaction (excerpted from AP-NYTimes-Amex-Subscribe.log):
`
`
`
`
`12
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 14 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 14 of 103
`
`
`
`13
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 15 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 15 of 103
`
`
`
`14
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 16 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 16 of 103
`
`
`
`15
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 17 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 17 of 103
`
`
`
`16
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 18 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 18 of 103
`
`
`
`17
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 19 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 19 of 103
`
`
`
`18
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 20 of 103
`
`Activity during a payment transaction to fund a Clipper card (excerpted from AP-Clipper-Add-and-Fund.log):
`
`
`
`19
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 21 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 21 of 103
`
`
`
`20
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 22 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 22 of 103
`
`
`
`21
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 23 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 23 of 103
`
`
`
`22
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 24 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 24 of 103
`
`
`
`23
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 25 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 25 of 103
`
`
`
`24
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 26 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 26 of 103
`
`
`
`25
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 27 of 103
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`26
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 28 of 103
`
`1[b] a secure element (SE)
`including:
`
`Every Accused Product comprises a secure element (SE).
`For example, the iPhone 13 Pro comprises an NFC module, which includes a secure element.
`For example, the iPhone 13 Pro further comprises an assembly of a secure element, processor (e.g. an A15 Bionic SoC) and memory (e.g. RAM and Flash)
`which, upon information and belief, comprise a secure enclave.
`For example, the iPhone 13 Pro includes an interface, such as a circuit board and/or circuit connections, to receive a secure element, such as the secure
`element included within the iPhone 13 Pro’s SN210 chip.
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`
`For example, upon information and belief, the iPhone 13 pro further includes an interface, such as a circuit board and/or circuit connections, to receive a
`processor comprising a secure execution environment (e.g. a secure enclave).
`
`
`
`
`
`27
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 29 of 103
`
`https://www.techinsights.com/blog/teardown/apple-iphone-13-pro-teardown
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`
`28
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 30 of 103
`
`1[c] an emulator device;
`
`Every Accused Product comprises an emulator device.
`For example, the iPhone 13 Pro comprises an NFC module, which includes an NFC controller, and an NFC antenna.
`For example, the iPhone 13 Pro further comprises an assembly of an NFC controller, processor (e.g. an A15 Bionic SoC) and memory (e.g. RAM and
`Flash) which, upon information and belief, comprise a secure enclave.
`For example, every Accused Product comprises an emulator device configured to execute a request from an e-purse applet (e.g. a payment card applet
`within Apple Pay) and provide a response the e-purse applet is configured to expect. For example, the emulator is configured to execute a request from an
`e-purse applet (e.g. an applet corresponding to a credit, debit, transit, or loyalty card within Apple Pay, and/or to Apple Cash) when making a purchase
`and/or personalizing the applet (e.g. by adding a new card or modifying an existing card).
`
`
`
`29
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 31 of 103
`
`iOS Security White Paper at 48.
`
`
`
`
`
`
`30
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 32 of 103
`
`
`https://support.apple.com/guide/security/secure-element-and-nfc-controller-seccb53a35f0/web
`See also:
`
`
`
`31
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 33 of 103
`
`https://www.yumpu.com/en/document/read/54554964/an-analysis-of-apple-pay at 6-7.
`
`
`
`
`
`32
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 34 of 103
`
`
`https://support.apple.com/guide/security/apple-pay-component-security-sec2561eb018/web
`
`
`
`33
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 35 of 103
`
`For example, the on information and belief, the SN210 of the Accused iPhone 13 Pro includes hardware and software components for emulating a payment
`card when interacting with a card reader. For example, upon information and belief, the SN210 includes substantially similar card emulation functionality
`to that of the NXP PN553, for which a datasheet is publicly available:
`
`
`PN553 Data sheet at 1
`
`
`
`
`
`34
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 36 of 103
`
`
`
`
`PN553 Datasheet at 108
`
`
`
`
`
`35
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 37 of 103
`
`
`
`PN553 Datasheet at 133.
`
`See also:
`
`
`
`
`
`
`
`36
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 38 of 103
`
`
`
`
`For example, the memory of the Accused iPhone 13 Pro is further pre-loaded with software that emulates a payment card.
`For example, the emulator of the iPhone 13 Pro is configured to execute a request from an e-purse applet, such as a payment card applet, within an e-purse
`such as Apple Pay, and to provide a response that applet is configured to expect. For example, the emulator of the Accused iPhone 13 Pro is configured to
`execute a request from a chosen payment or loyalty card applet when making a purchase and/or personalizing the applet (e.g. by adding a new card), and is
`configured to provide a response the payment card applet is configured to expect.
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`37
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 39 of 103
`
`1[d] a memory storing a
`module, when the module
`is executed by the secure
`element, the secure
`element configured to:
`
`Every Accused Product comprises a memory storing a module, when the module is executed by the secure element.
`For example, the iPhone 13 Pro comprises a memory (e.g. SK hynix 6GB LPDDR4X SDRAM, KIOXIA 256 GB NAND Flash, ROM, EEPROM, and/or
`memory of an NXP SN210) storing a module (e.g. a card manager applet, card applet, and/or software component of Apple Pay, Apple Wallet, PassKit, or
`associated daemon, framework, or driver) while the module is executed by the secure element.
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`38
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 40 of 103
`
`1[e] receive and install key
`sets of a Supplementary
`Secured Domain (SSD);
`
`Every Accused Product comprises an SE configured to: receive and install key sets of a Supplementary Secured Domain (SSD).
`For example, the iPhone 13 Pro receives and installs key sets (e.g. key pairs, operation keys, an SSID, Virtual Card ID, Secure Element ID, Security
`Domain key, session key, certificates, symmetric and/or asymmetric keys) of an SSD, such as during provisioning and/or updating a card, and or during
`transactions.
`For example, the iPhone 13 Pro creates a security channel on top of the initial security channel to protect subsequent operations of the smart card (e.g.
`subsequent operations during provisioning and/or transactions) with the e-purse SAM, such as by creating a supplementary security domain, utilizing keys
`sent over an initial channel to protect a second secure channel, and/or generating one or more operation keys, such as a an SSID, Virtual Card ID, Secure
`Element ID, Security Domain key, and/or a session key, that are subsequently used to establish a secured connection between the e-purse applet and the e-
`purse SAM during transactions and/or personalization.
`
`
`
`39
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 41 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`Enrolling a card — Step |
`
`Passbook
`
`Authentication
`YoaAsls
`
`and URL for the terms and conditions
`
`Send “card to authorise” details to apple
`Uses Secure Element Identifier and
`AppleToken for authentication
`https://nc-pod2-smp-device.apple.com/broker/v2/devices/———
`
`JSON of AID, card identifier, sanitized PAN
`
`
`
`
`
`40
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 42 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`Enrolling a card — Step 4
`
`Passbook
`
`Authentication
`NYoadcls
`
`Retreive the generated PasskKit pass
`
`Pealceteonleceeounilelcm—
`
`pe
`
`Zipped package containing:
`Images, JSON containing pass details and
`the signature
`
`
`
`
`
`41
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 43 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`o1@LUSINVZe
`
`Authentication
`Pever
`
`pocertificatessoe Ce
`
`OCSP response
`(check with openssl:
`
`Enrolling a card — Step 5
`
`: Openssl ocsp -respin <response> -text
`
`
`
`
`
`42
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 44 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`Enrolling a card — Step 6
`
`seld
`
`Authentication
`Server
`
`<seld>/get_pending.commands
`
`List of EMV Commands to execute on the
`
`c
`
`secure element.
`
`Retrieve commandsto run on the Secure
`Element, contains certificates, supported
`cards and secure element Id.
`
`
`
`
`
`
`
`43
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 45 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`Passbook
`
`Authentication
`Server
`
`Retrieve a list of the authentication methods
`supported
`
`Hitos://NC
`passes/PeMeaicttocnkeeoiicceTaree
`
`JSON of authentication method data.
`
`Enrolling a card — Step 7
`
`e.g email, SMS or phone call
`
`
`
`
`
`44
`
`€
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 46 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`Enrolling a card — Step 8
`
`Passbook
`
`Authentication
`Server
`
`Send selected method identifer
`jt}Wo}
`passes/p ymentpass.com.apple/<providedURL>/sendActivationMethod
`
`Confirm Response
`
`c
`
`
`
`
`
`45
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 47 of 103
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed
`
`oie)
`
`Authentication
`Server
`
`Enrolling a card — Step 9
`
`Confirm Response
`
`Send results of EMV command execution
`from the secure element
`
`PeeryemaMeronitcinc
`
`c
`
`
`
`
`
`46
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 48 of 103
`
`https://www.yumpu.com/en/document/read/54554964/an-analysis-of-apple-pay at 13-25.
`For example, at least the following log files and corresponding videos show the secure element receives key sets that protecting an SSD, such as during
`personalization and transaction operations.
`• AP-Amex-Add.wmv and AP-Amex-Add.log;
`
`
`
`
`
`47
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 49 of 103
`
`• AP-Apple-Cash-add.wmv and AP-Apple-Cash-Add.log
`• AP-Clipper-Add-and-Fund.wmv and AP-Clipper-Add-and-Fund.log
`• AP-Amex-Pay-Foodies.wmv and AP-Amex-Pay-Foodies.log
`• AP-Apple-Cash-Funding.wmv and AP-Apple-Cash-Funding.log
`• AP-Clipper-Add-and-Fund.wmv and AP-Clipper-Add-and-Fund.log
`See e.g.:
`Activity while adding a card (excerpted from AP-AMEX-Add.log; see also AP-Apple-Cash-Add.log, AP-Clipper-Add-and-Fund.log):
`
`
`
`48
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 50 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 50 of 103
`
`
`
`49
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 51 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 51 of 103
`
`
`
`50
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 52 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 52 of 103
`
`
`
`51
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 53 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 53 of 103
`
`
`
`52
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 54 of 103
`
`Activity during NFC contactless purchase transaction (excerpted from AP-Amex-Pay-Foodies.log)
`
`
`
`53
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 55 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 55 of 103
`
`
`
`54
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 56 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 56 of 103
`
`
`
`55
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 57 of 103
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`56
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 58 of 103
`
`1[f] establish, by the secure
`element based on the key
`sets, a secure
`communication channel
`with a dedicated server;
`
`Every Accused Product comprises an SE configured to: establish, by the secure element based on the key sets, a secure communication channel with a
`dedicated server.
`For example, the iPhone 13 Pro establishes a secure channel (e.g. a security domain) between a secure element and a dedicated server (e.g. an Apple Pay
`application server, TSM server, and/or TSP server).
`For example, the iPhone 13 Pro establishes a supplemental security domain between a secure element and a dedicated server.
`For example, the secure channel is established by a secure element (e.g. a secure element of an NFC module and/or a secure enclave coupled to the secure
`element).
`See claim 1[e].
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`57
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 59 of 103
`
`1[g] receive and install an
`application from the
`dedicated server, each
`application including
`corresponding application
`data sets and a locked or
`unlocked status;
`
`Every Accused Product comprises an SE configured to: receive and install an application from the dedicated server, each application including
`corresponding application data sets and a locked or unlocked status.
`For example, the iPhone 13 Pro receives and installs an application from the dedicated server (e.g. a card applet, and/or a portion thereof). For example,
`each application includes corresponding data sets (e.g. personalized information and/or operation keys) and a locked or unlocked status (e.g. based on entry
`of a PIN, passcode or biometric information, authentication status, one-time unlock status, or card-issuer hold).
`
`iOS Security White Paper at 23.
`Every Apple Product downloads and installs e-purse Applets (e.g. applets associated with credit cards, debit cards, loyalty cards, transit cards, and/or
`Apple Cash) in the smart card (e.g. a module containing an NFC controller and secure element, and/or processor and associated memory) when a card is
`added to Apple Pay and/or Apple Wallet. Every Accused Product performs downloading and installation when the smart card is in communication with the
`
`
`
`
`
`58
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 60 of 103
`
`payment server (e.g. financial institution and/or Apple payment server, such as an Apple Pay server, TSP server, and/or TSM server). For example, this
`functionality is demonstrated by the below log excerpts.
`Activity while adding a card (excerpted from AP-AMEX-Add.log; see also AP-Apple-Cash-Add.log, AP-Clipper-Add-and-Fund.log):
`
`
`
`59
`
`
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 61 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 61 of 103
`
`
`
`60
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 62 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 62 of 103
`
`
`
`61
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 63 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 63 of 103
`
`
`
`62
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 64 of 103
`
`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 64 of 103
`
`
`
`63
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 65 of 103
`
`To the extent that Apple contends that e-purse applets are pre-loaded (e.g. loaded when Apple Pay is pre-loaded onto a phone), and/or that applets are not
`received and installed in a smart card in a host card emulation (HCE) based implementation, RFCyber contends that this limitation is satisfied both
`literally, as discussed above, and equivalently. For example, there would be an insubstantial difference between downloading the executable code of an
`applet from an Apple store server rather than an Apple Pay, TSP, and/or TSM server, as in either case, the applet is downloaded from a trusted source
`under the control of Apple, and because data structures necessary to enable the applet (e.g. tokens) are downloaded from an Apple Pay, TSP, and/or TSM
`server. For example, on information and belief, any allegedly pre-installed applet is dynamically installed into memory (e.g. when Apple Pay is in use
`and/or when a corresponding card is selected in Apple Pay or Apple Wallet), and personalized while in communication with a payment server (e.g. an
`Apple, TSM, or TSP server), as discussed below.
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`64
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 66 of 103
`
`1[h] receive, from the
`plurality of applications, a
`user selection of a first
`application corresponding
`to a first card;
`
`Every Accused Product comprises an SE configured to: receive, from the plurality of applications, a user selection of a first application corresponding to a
`first card.
`For example, the iPhone 13 pro receives a selection (e.g. an actuation based on touching the screen) of a first application (e.g. applet) corresponding with a
`first card selected from the plurality of cards visible on the screen.
`
`
`
`65
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 67 of 103
`
`iOS Security White Paper at 48.
`
`
`
`
`
`
`66
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 68 of 103
`
`
`https://support.apple.com/guide/security/secure-element-and-nfc-controller-seccb53a35f0/web
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`67
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 69 of 103
`
`
`
`1[i] determine that the first
`application has a locked or
`unlocked status and is
`activated,
`
`Every Accused Product comprises an SE configured to: determine that the first application has a locked or unlocked status and is activated.
`For example, the iPhone 13 Pro determines whether the first application is locked or unlocked (e.g. requires entry of a PIN, passcode, biometric
`information, additional verification information such as a billing address, is subject to a one-time unlock token, and/or is subject to a hold due to suspicious
`activity), and activates the application.
`
`iOS Security White Paper at 23.
`
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`
`
`
`68
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 70 of 103
`
`Every Accused Product comprises an SE configured to: in response to said determining that the first application has an unlocked status and is activated,
`load the first application to the emulator device, along with corresponding first application data sets.
`For example, if the application is unlocked, or data sufficient to unlock the application is supplied, the application (e.g. applet) is activated an loaded into
`an emulator device (see claim 1[c]), along with corresponding first application data sets (e.g. corresponding tokens and/or operation keys).
`
`1[j] in response to said
`determining that the first
`application has an
`unlocked status and is
`activated, load the first
`application to the emulator
`device, along with
`corresponding first
`application data sets;
`
`
`
`69
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 71 of 103
`
`iOS Security White Paper at 48.
`
`
`
`
`
`
`70
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 72 of 103
`
`
`https://support.apple.com/guide/security/secure-element-and-nfc-controller-seccb53a35f0/web
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`
`71
`
`

`

`Case 6:21-cv-00916-ADA-DTG Document 94-5 Filed 08/16/22 Page 73 of 103
`
`
`
`1[k] receive, from the
`plurality of applications, a
`user selection of a second
`application corresponding
`to a second card;
`
`1[l] determine that the
`second application has a
`locked or unlocked status
`and is activated;
`
`Every Accused Product comprises an SE configured to: receive, from the plurality of applications, a user selection of a second application corresponding to
`a second card.
`For example, the iPhone 13 receives a user selection (e.g. an actuation based on touching the screen) of a second application (e.g. applet) corresponding
`with a second card selected from the plurality of cards visible on the screen.
`See claim 1[h].
`RFCyber may supplement these contentions, including once access to relevant documents and/or source code is provided.
`
`
`Every Accused Prod