Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 1 of 47
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE WESTERN DISTRICT OF TEXAS
`AUSTIN DIVISION
`
`CARBYNE BIOMETRICS, LLC,
`
`Plaintiff,
`
`Civil Action No. 1:23-cv-00324
`
`vs.
`
`APPLE INC.,
`
`Defendant.
`
`JURY TRIAL
`
`PLAINTIFF’S ORIGINAL COMPLAINT
`
`Plaintiff Carbyne Biometrics, LLC (“Carbyne”) files this Complaint for Patent
`
`Infringement against Apple Inc. (“Apple”) and alleges as follows:
`
`NATURE OF THE CASE
`
`1.
`
`This is an action for patent infringement arising under the patent laws of the
`
`United States, 35 U.S.C. § 1 et seq.
`
`2.
`
`Apple has infringed and continues to infringe at least one claim of U.S. Patent
`
`Nos. 10,929,512 (“the ’512 Patent”); 11,475,105 (“the ’105 Patent”); 11,514,138 (“the ’138
`
`Patent") (collectively the “Authentication Patents”); 9,972,010 (“the ’010 Patent”); 10,713,656
`
`(“the ’656 Patent”); and 11,526,886 (“the ’886 Patent”) (collectively the “Fraud Reduction
`
`Patents”) (the Authentication and Fraud Reduction Patents are collectively referred to as the
`
`“Asserted Patents”). See Exs. A-F.
`
`3.
`
`Apple infringes directly, literally and/or by the doctrine of equivalents, and/or
`
`induces infringement of the Asserted Patents by developing, making, using, selling, offering for
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 2 of 47
`
`sale, and/or importing into the United States products that incorporate Carbyne’s patented
`
`authentication and fraud-reducing technology.
`
`4.
`
`Carbyne seeks damages and other relief for Apple’s infringement of Carbyne’s
`
`patented technology.
`
`PARTIES
`
`5.
`
`Plaintiff Carbyne Biometrics, LLC is a Delaware limited liability company having
`
`its principal place of business at 7 East 20th Street #12F, New York, NY 10003.
`
`6.
`
`Apple is a corporation organized under the laws of the State of California, having
`
`its principal place of business at 1 Apple Park Way in Cupertino, California 95014.
`
`7.
`
`Apple maintains various regular and established places of business within the
`
`Western District of Texas including: (1) offices at its two Austin campuses located at 12545
`
`Riata Vista Circle, Austin, Texas 78727 and 6900 W Parmer Lane, Austin, Texas 78729; (2) a
`
`manufacturing facility in Austin; (3) an engineering center at 320 S. Capital of Texas Hwy, West
`
`Lake Hills, Texas 78746; and (4) retail stores located at 2901 S. Capital of Texas Highway,
`
`Austin, Texas 78746 (“Apple Barton Creek”), 3121 Palm Way, Austin, Texas 78758 (“Apple
`
`Domain Northside”), and 7400 San Pedro Avenue, San Antonio, Texas 78216 (“Apple North
`
`Star”).
`
`8.
`
`On information and belief, Apple develops, makes, uses, imports, offers for sale,
`
`and/or sells in Texas and the Western District of Texas devices such as iPhones, iPads, Mac
`
`Pros, Mac Studios, iMacs, Mac Minis, MacBook Air laptops, and MacBook Pro laptops that
`
`infringe the Asserted Patents.
`
`
`
`
`
`2
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 3 of 47
`
`JURISDICTION AND VENUE
`
`9.
`
`This is an action for patent infringement under 35 U.S.C. § 271. This Court has
`
`subject matter jurisdiction pursuant to 28 U.S.C. §§ 1331 and 1338(a) because this action arises
`
`under the patent laws of the United States.
`
`10.
`
`This Court has personal jurisdiction over Apple. Apple has done and continues to
`
`do business in the State of Texas. Apple has, directly or through subsidiaries or intermediaries,
`
`purposefully and voluntarily placed its infringing products and/or services into the stream of
`
`commerce with the specific intention and expectation that it’s infringing products and/or services
`
`will be purchased and used by consumers in Texas and this District. In doing so, Apple has
`
`established minimum contacts in Texas such that the exercise of jurisdiction over Apple would
`
`not offend traditional notions of fair play and substantial justice as required to satisfy
`
`constitutional requirements of due process.
`
`11.
`
`Venue is proper in this Court pursuant to 28 U.S.C. § 1400(b) because Apple has
`
`committed, and continues to commit, acts of infringement in this District and has regular and
`
`established places of business in this District.
`
`12.
`
`Apple’s presence in this District is substantial. Apple’s Austin campuses comprise
`
`Apple’s second largest hub in the United States and are responsible for running all of Apple’s
`
`business operations in the Western Hemisphere, including finance, human resources, corporate
`
`sales, customer support, information systems, and accounting.1 Apple’s original Austin campus
`
`
`1 Lori Hawkins, “Apple dives deeper into Austin’s talent pool” Austin American-Statesman,
`(Sept. 7, 2016), https://www.statesman.com/story/news/2016/09/07/apple-dives-deeper-into-
`austins-talent-pool/10173792007/.
`
`
`3
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 4 of 47
`
`at Riata Vista Circle, completed in 2016, consists of 1.1 million square feet of office space.2 In
`
`2022, Apple completed construction on a new $1 billion campus at 6900 Parmer Lane in Austin.
`
`Apple’s new Austin campus consists of 3 million square feet of office space on 138 acres and
`
`will “initially house 5,000 employees, with the capacity to grow to 15,000.”3 The new campus
`
`even includes a 192-room hotel for Apple employees.
`
`Lori Hawkins, Austin hotel projects move forward, including at new Apple campus, Austin
`American-Statesman (July 20, 2020), https://www.statesman.com/story/news/coronavirus/2020/
`07/20/austin-hotel-projects-move-forward-including-at-new-apple-campus/113737258/.
`
`
`
`
`
`2 Don Reisinger, Where Apple Has Quietly Built Its Biggest Campus, Fortune (Sept. 1, 2016),
`https://fortune.com/2016/09/01/apple-austin-campus/.
`3 Apple, Apple expands in Austin (Nov. 20, 2019), https://www.apple.com/newsroom/2019/11/
`apple-expands-in-austin/.
`
`
`4
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 5 of 47
`
`13.
`
`In early 2023, Apple also announced plans for a $240-million expansion of its
`
`new campus to add 419,441 square feet of office space.
`
`
`
`Andrew Orr, Apple spending $240M to expand its Austin, Texas campus, Apple Insider (Jan. 11,
`2023),
`https://appleinsider.com/articles/23/01/11/apple-spending-240m-to-expand-its-austin-
`texas -campus.
`
`
`Along with its sprawling campuses, Apple operates a seven-story engineering
`
`14.
`
`center in the Capital Ridge area of the Austin suburbs.4 As of 2016, Apple employed around 500
`
`engineers at its Capital Ridge center with a goal of increasing that number to 1,000.5 The
`
`engineers at the Capital Ridge center design and develop both hardware and software.6 On the
`
`
`4 Parimal M. Rohit, Apple buys Austin office building on Capital of Texas Hwy, Austin Business
`Journal (Aug. 25, 2021), https://www.bizjournals.com/austin/news/2021/08/25/apple-buys-
`capital-ridge-austin.html.
`5 Id.
`6 Id.
`
`
`5
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 6 of 47
`
`hardware front, Apple engineers at Capital Ridge play a major role in developing Apple’s A-
`
`Series processors (used in the accused products) and other Apple products.7 In fact, Apple’s
`
`senior vice president for hardware technologies described the engineers at the Capital Ridge
`
`center as “one of [Apple’s] most important engineering groups,” noting that “[t]hey play a very
`
`critical and integral role—they are designing chips that go into all the devices we sell.”8
`
`15.
`
`In addition, the Mac Pro, a product that infringes the Authentication Patents, has
`
`been manufactured and/or assembled in Austin for almost five years. According to Apple’s CEO
`
`Tim Cook, “[b]uilding Apple’s most powerful Mac ever in Austin is a testament to the enduring
`
`power of American ingenuity and we’re proud it’s made here.”
`
`
`
`Apple, Apple expands in Austin (Nov. 20, 2019), https://www.apple.com/newsroom/2019/11/
`apple-expands-in-austin/;
`
`2019,
`20,
`(Nov.
`Twitter
`@tim_cook,
`https://twitter.com/tim_cook/status/1197141315064086530?lang=en.
`
`AM),
`
`7:15
`
`
`7 Reisinger, supra note 2.
`8 Hawkins, supra note 1.
`
`
`6
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 7 of 47
`
`16.
`
`Apple also operates retail establishments in the District, including retail stores at
`
`the Barton Creek Mall and the Domain Northside in Austin, Texas where products that infringe
`
`the Asserted Patents are sold, demonstrated, and explained to consumers in this District.
`
`Apple, Find a Store, https://www.apple.com/retail/ (last visited Feb. 23, 2023).
`
`17.
`
`In total, Apple employs around 7,000 people across its entire Austin footprint.9
`
`Apple also currently employs several individuals in the Austin metro area who likely have
`
`knowledge relevant to Apple’s infringement of the Asserted Patents. At least four individuals in
`
`Austin have significant, known involvement in the design and architecture of the Secure
`
`Enclave.
`
`18.
`
`Gilbert Herbeck, “a design engineer who works on the design specifications for
`
`Secure Enclave[,]” is “based in Apple’s Austin office at Capital Ridge.”10 Mr. Herbeck is “the
`
`9 Apple, Apple expands in Austin (Nov. 20, 2019), https://www.apple.com/newsroom/2019/11/
`apple-expands-in-austin/.
`10 Identity Security LLC v. Apple, Inc., No. 6:21-CV-00460-ADA, Dkt. No. 55, at 7 (W.D.Tex.
`Jan. 20, 2022)(Albright, J.)(granting motion to transfer to Austin division).
`
`7
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 8 of 47
`
`‘lead designer and the lead spec author’ of Secure Enclave[.]”11 Sangwan Kim, also at Capital
`
`Ridge, “works on certain portions of the specifications for the Secure Enclave.”12
`
`19.
`
`Vincent Pierre Le Roy and Eric Peeters work at the CityView engineering campus
`
`“defining security architecture specifications for the Secure Enclave processor.”13
`
`20.
`
`Additionally, Apple currently employs in the Austin metro area individuals who
`
`have knowledge related to Apple’s infringement of the Authentication Patents including:
`
`• SoC Engineers;14
`
`• SoC Design Lead;15 and
`
`• Senior Manager, Cloud Security Engineering.16
`
`These witnesses likely have substantial knowledge regarding Apple’s infringement of the
`
`Authentication Patents, which disclose a very specific system and system-on-chip (“SoC”)
`
`architecture as shown in the attached infringement charts. See Exs. G-L.
`
`21.
`
`Similarly, Apple also currently has multiple job listings in Austin for
`
`opportunities related to the SoC directly relevant to the security of the SoC and thus its
`
`infringement of the Authentication Patents. For example, Apple is currently seeking a “SoC
`
`11 Id. at 8.
`12 Identity Security LLC, Dkt. No. 58-1, Ex. Q at 6 (W.D.Tex. Jan. 25, 2022).
`13 Identity Security LLC, Dkt. No. 55, at 7–8 (W.D.Tex. Jan. 20, 2022)(Albright, J.)(granting
`motion to transfer to Austin division).
`14 See, e.g., LinkedIn, SoC STA Engineer at Apple, https://www.linkedin.com/in/asritha-
`chowdary-chunduri/; LinkedIn, SoC Design Engineer at Apple, https://www.linkedin.com/in/
`sandhya-seshadri-5b51763/.
`15 See, e.g., LinkedIn, SoC Design Lead at Apple Inc., https://www.linkedin.com/in/heling-yi-
`57295a3/.
`16 See, e.g., LinkedIn, Senior Manager, Cloud Security Engineering at Apple,
`https://www.linkedin.com/in/ankitc/.
`
`8
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 9 of 47
`
`Security Architect, Platform Architecture.”17 The position “will be a key role to help us fulfill
`
`our mission with the following core responsibilities: Analysis of Hardware and Software attack
`
`vectors[;] Definition of Hardware and Software security related features[;] Architecture of
`
`security solutions in HW and SW[;] Development of evaluation plans for both HW and SW[;]
`
`Communication with multi-functional teams.” Apple is also looking for a SoC Security
`
`Engineer, Platform Architecture, who has similar job responsibilities:
`
`
`
`Careers at Apple, SoC Security Architect, Platform Architecture, https://jobs.apple.com/en-
`us/details/200448734/soc-security-engineer-platform-architecture?team=HRDWR (last visited
`Feb. 27, 2023).
`
`
`Apple currently employs individuals in the Austin metro area who have
`
`22.
`
`knowledge related to Apple’s infringement of the Fraud Reduction Patents including:
`
`• Software Engineer for iCloud Services and Apple Pay;18
`
`• Apple Cash Fraud Protection Specialists;19 and
`
`
`17 Careers at Apple, SoC Security Architect, Platform Architecture, https://jobs.apple.com/en-
`us/details/200448138/soc-security-architect-platform-architecture?team=HRDWR (last visited
`Feb. 27, 2023).
`18 See, e.g., LinkedIn, Software Development Engineer – Apple Pay at Apple,
`https://www.linkedin.com/in/anthonylife/.
`
`9
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 10 of 47
`
`• Software Quality Engineers, Apple Pay.20
`
`23.
`
`On information and belief, there are also third-party witnesses in Texas and this
`
`District who will have information relevant to Apple’s induced infringement of the
`
`Authentication Patents. For example, the 1Password platform and password autofill features
`
`work in a manner substantially similar to Apple’s iCloud Keychain and password autofill
`
`features.21 As alleged below, Apple induces the infringement of 1Password by providing them
`
`with APIs, instructions, and other developer tools to use the SoC (specifically the Secure
`
`Enclave) and the biometric sensors on each device. Thus, the following 1Password employees
`
`likely have knowledge related to Apple’s infringing conduct:
`
`•
`
`the “Director of Engineering” of 1Password;22
`
`• 1Password Software Developer;23 and
`
`• 1Password Senior iOS Developer.24
`
`24.
`
`On information and belief, there are also third-party witnesses located in Texas
`
`who likely have knowledge relevant to Apple’s infringement of the Authentication and Fraud
`
`Reduction Patents. Apple’s Face ID module, a component of Apple’s iOS devices that provides
`
`
`19 See, e.g., LinkedIn, Apple Cash Fraud Prevention Team Manager, https://www.linkedin.com/
`in/shaun-guhy-61b973184/; Apple Cash Fraud Analyst, https://www.linkedin.com/in/
`chriscasey2/.
`20 See, e.g., Careers at Apple, Software Quality Engineer, Apple Pay, https://jobs.apple.com/en-
`us/details/200336736/software-quality-engineer-apple-pay?team=SFTWR (last visited March 8,
`2023).
`21 See, e.g.¸ 1Password, Secure Enclave Details (March 2018), https://1password.community/
`discussion/87886/secure-enclave-details.
`22 LinkedIn, Director of Engineering at 1Password, https://www.linkedin.com/in/colehecht/ (last
`visited Feb. 27, 2023).
`23 LinkedIn, Software Developer at 1Password, https://www.linkedin.com/in/kevinfalting/ (last
`visited Feb. 27, 2023).
`24 LinkedIn, Senior iOS Developer at 1Password, https://www.linkedin.com/in/christopheraaron
`brown/ (last visited Feb. 27, 2023).
`
`10
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 11 of 47
`
`functionality that infringes the Asserted Patents, is made in Sherman, Texas by the Finisar
`
`Corporation. In 2017, Apple invested $390 million in Finisar to develop vertical-cavity surface-
`
`emitting laser (VCSEL) technology and related chips for Face ID and other features used in
`
`Apple products.25 In a press release touting its investment in Finisar, Apple highlighted the
`
`importance of VCSEL technology to its most successful product lines, noting that “VCSELs
`
`power some of Apple’s most popular new features, including Face ID, . . . made possible with
`
`the iPhone X TrueDepth camera.”26 Apple touted that because of its investment, Finisar would
`
`“transform a long-shuttered, 700,000-square-foot manufacturing plant in Sherman, Texas, into
`
`the high-tech VCSEL capital of the US.”27
`
`
`25 Aishwarya Venugopal, Apple grants $390 million to Finisar to boost laser chip production,
`Reuters, Dec. 13, 2017, https://www.reuters.com/article/uk-apple-finisar-idUKKBN1E71E0.
`26 Apple, Apple awards Finisar $390 million from its Advanced Manufacturing Fund (Press
`Release Dec. 17, 2017), https://www.apple.com/newsroom/2017/12/apple-awards-finisar-390-
`million-from-its-advanced-manufacturing-fund/.
`27 Id.
`
`11
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 12 of 47
`
`
`
`Apple, Apple awards Finisar $390 million from its Advanced Manufacturing Fund (Press
`Release Dec. 17, 2017), https://www.apple.com/newsroom/2017/12/apple-awards-finisar-390-
`million-from-its-advanced-manufacturing-fund/.
`
`25.
`
`Following Apple’s investment, in a nationally televised interview on MSNBC in
`
`April 2018, Apple CEO Tim Cook confirmed that the “very sophisticated Face ID module on the
`
`iPhone X will be made in the United States—in Texas.”28
`
`
`28 Revolution: Apple Changing the World (MSNBC television broadcast Apr. 6, 2018) at 1:47,
`https://www.msnbc.com/msnbc/watch/apple-ceo-tim-cook-on-american-job-opportunity-
`1204826179812.
`
`12
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 13 of 47
`
`
`
`Revolution: Apple Changing the World (MSNBC television broadcast Apr. 6, 2018) at 1:47,
`https://www.msnbc.com/msnbc/watch/apple-ceo-tim-cook-on-american-job-opportunity-
`1204826179812
`
`
`On information and belief, Finisar continues to make the Face ID module for the
`
`26.
`
`latest iPhones and other iOS products in Sherman, Texas, as evidenced by Apple’s investment of
`
`$410 million in Finisar’s parent corporation, II-VI Inc. (now operating as Coherent Corp.), to
`
`expand operations at Finisar’s Sherman facility and other locations in the United States.29
`
`Therefore, it is likely that individuals working in Finisar’s Sherman facility, or in related
`
`positions in Texas, will have information regarding the development and production of the Face
`
`ID module that is relevant to Apple’s infringement of the Fraud Reduction Patents.30
`
`
`29 David Seeley, Apple Invests $410M in II-VI Inc., Supporting 700+ Jobs in Sherman and Other
`U.S. Cities
`(May 5, 2021), https://dallasinnovates.com/apple-invests-410m-in-ii-vi-inc-
`supporting-700-jobs-in-sherman-and-other-u-s-cities/.
`30 See, e.g., LinkedIn, Lead Product Engineer at Coherent Corp/II-VI Inc./Finisar Corp,
`https://www.linkedin.com/in/salman-khalid-16a56116/.
`
`13
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 14 of 47
`
`
`
`David Seeley, Apple Invests $410M in II-VI Inc., Supporting 700+ Jobs in Sherman and Other
`U.S. Cities (May 5, 2021), https://dallasinnovates.com/apple-invests-410m-in-ii-vi-inc-
`supporting-700-jobs-in-sherman-and-other-u-s-cities/.
`
`
`27.
`
`Finally, venue is also convenient in this District. This is at least true because of
`
`this District’s close ties to this case—including the technology, relevant witnesses, and sources
`
`of proof noted above—and its ability to quickly and efficiently move this case to resolution.
`
`Moreover, Apple has previously consented to this Court’s jurisdiction and has moved for an
`
`intra-district transfer to the Western District of Texas’s Austin Division for the convenience of
`
`parties and witnesses under 28 U.S.C. § 1404(a) for similar or related technologies. See
`
`SpaceTime3D, Inc. v. Apple Inc., No. 6-22-cv-00149, Dkt. No. 34 (W.D. Tex. July 18, 2022);
`
`14
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 15 of 47
`
`Identity Security LLC v. Apple, Inc., No. 6:21-CV-00460-ADA, Dkt. No. 55, at 7 (W.D. Tex.
`
`Jan. 20, 2022).
`
`28.
`
`For example, in Identity Security, a case related to the Secure Enclave processor,
`
`Apple identified multiple employees who work on the relevant technology in Austin—including
`
`“the ‘lead designer and the lead spec author’ of Secure Enclave[.]”31 In Identity Security, Apple
`
`moved for transfer to the Austin Division and transfer was granted.
`
`BACKGROUND
`
`29.
`
`Carbyne was founded by Dr. Markus Jakobsson with a focus on user
`
`authentication and security. Dr. Jakobsson is a preeminent security researcher with interests in
`
`applied security, ranging from device security to user interfaces. He is one of the main
`
`contributors to the understanding of phishing and crimeware and currently focuses his efforts on
`
`social engineering, human aspects of security, and mobile security. Dr. Jakobsson has published
`
`a collection of books and over one hundred peer-reviewed conference and journal articles related
`
`to user data security.32
`
`30.
`
`Dr. Jakobsson’s passion for user security started while pursuing a degree in
`
`computer engineering from the Lund Institute of Technology in Sweden. During his studies, Dr.
`
`Jakobsson focused on automated control and robotics; however, Dr. Jakobsson started to notice
`
`that the main problem in the field of automated control was related to getting guided missiles to a
`
`target. Feeling dismayed about being involved with weapons, Dr. Jakobsson began looking for a
`
`path where the main application was not destruction but rather protecting or defending
`
`individuals, information, and devices.
`
`
`31 Identity Security LLC v. Apple, Inc., Case No. 1-22-cv-00058, Dkt. No. 55 at 8, 13 (W.D. Tex.
`Jan. 20, 2022) (Albright, J.) (granting transfer to Austin)
`32 More information on Dr. Jakobsson can be found at https://www.markus-jakobsson.com/.
`
`15
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 16 of 47
`
`31. With this in mind, Dr. Jakobsson became interested in computer security, which
`
`at its very core is about protecting information and resources. After completing his computer
`
`science graduate studies at the University of California San Diego, Dr. Jakobsson realized that
`
`most security problems revolved around the divide between a user’s security preference and the
`
`usability/user experience of a given security feature. For example, a user may prefer to use safe
`
`security practices such as complex usernames and passwords; however, the tedious experience of
`
`implementing and using a complex password combination may lead users to use less secure,
`
`simple passwords or reuse old passwords.
`
`32.
`
`One way to address this issue is to use a password manager secured by a user’s
`
`biometrics. Users are more inclined to use stronger, complex passwords when storing and
`
`retrieving the password is as simple as scanning a biometric—such as a fingerprint or face
`
`scan—when prompted by a device. However, Dr. Jakobsson knew that despite the advantages of
`
`biometrics for storing and securing passwords, if biometric features were not properly deployed,
`
`they could be more insecure than traditional passwords.33 For example, if a user sends biometrics
`
`from a device with a biometric reader (like a phone or tablet) to a different device (like a server)
`
`for verification, the user is sending their most sensitive data over a network that is out of their
`
`control and vulnerable to malicious actors. On the other hand, if a user uses a device with the
`
`biometric reader to scan and verify a biometric, the user is storing their most sensitive data—
`
`such as their biometrics—in the device’s main storage and leaving that data vulnerable to
`
`security breaches and malware. Dr. Jakobsson determined that the correct way to deal with this
`
`was to create a secure portion of a device where at least some processing of the user’s most
`
`sensitive data would be done. This solution eliminates the network security issue because that
`
`
`33 Unlike a password, a compromised biometric cannot be changed.
`
`16
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 17 of 47
`
`data is never sent over an unprotected network, and it does not expose the data to breaches and
`
`other forms of malware.
`
`33.
`
`Dr. Jakobsson also realized that safely storing a user’s sensitive data is only one
`
`aspect of user security. As the world economy has increasingly moved online, electronic fraud
`
`has exploded. Electronic payment fraud is now a multi-billion dollar enterprise, expected to
`
`eclipse $48 billion globally in 2023.34 Electronic fraud is particularly devastating and hard to
`
`prevent because the perpetrator does not need physical access to money or a debit card, and there
`
`is no transaction that takes place in a physical location. A fraudulent electronic transaction can be
`
`completed anywhere, at any time. All that is typically required is access to the Internet and
`
`remote access to a victim’s online account, smartphone, or computer.
`
`34.
`
`In the late 2000’s, Dr. Jakobsson recognized the increasing threat posed by
`
`electronic fraud and set out to develop better techniques for reducing and deterring fraud in
`
`electronic transactions. He started by reading books and journal articles to better understand the
`
`psychological factors that will deter a person from committing fraud. Dr. Jakobsson first
`
`considered the motivations underlying “friendly fraud”—fraud committed by a friend or family
`
`member. He learned that particularly with friendly fraud, feelings of guilt will often deter a
`
`person from committing fraud. One way to increase the potential fraudster’s feelings of guilt is to
`
`humanize the transaction by associating the transaction with an actual person.
`
`35.
`
`But increasing feelings of guilt alone is often not enough to deter fraud,
`
`particularly if the perpetrator has no connection to a person associated with an electronic
`
`transaction. In his research, Dr. Jakobsson also learned that another reason, perhaps the most
`
`
`34 Juniper Research: eCommerce Losses to Online Payment Fraud to Exceed $48 Billion
`Incursions Evolve, Yahoo!
`(Oct.
`12,
`2022),
`Globally
`in
`2023,
`as Fraud
`https://www.yahoo.com/now/juniper-research-ecommerce-losses-online-060000415.html.
`
`17
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 18 of 47
`
`compelling reason, why an otherwise honest person might be tempted to commit fraud is that the
`
`risk of being caught is low. With this in mind, Dr. Jakobsson determined that a key factor in
`
`preventing or reducing fraud is to both increase the likelihood that the fraudulent transaction will
`
`be detected and to cause the fraudster to believe that his or her fraudulent actions will be
`
`detected.
`
`36.
`
`Dr. Jakobsson realized that improving the ability to detect fraud in electronic
`
`transactions would require a technological solution. He determined that possible solutions could
`
`include collecting a user’s location data or biometric information (e.g., requiring a user to take a
`
`photograph of himself) to complete an electronic transaction. But Dr. Jakobsson realized that
`
`relying on a single photograph of the user or other basic biometric methods to authenticate an
`
`electronic transaction would be insufficient. A fraudster could defeat such countermeasures—for
`
`example, by using a two-dimensional photograph of a legitimate user. Dr. Jakobsson determined
`
`that a better fraud detection measure would be collecting a user’s biometric information and
`
`analyzing it in a way that verifies the user is “alive” before authorizing an electronic transaction.
`
`The “aliveness” verification would be more difficult for the fraudster to defeat, thus increasing
`
`the likelihood that a potential fraudulent transaction would be detected and prevented. And so
`
`Dr. Jakobsson’s idea for the Fraud Reduction Patents was born.
`
`THE CARBYNE PATENTS
`
`The Authentication Patents35
`
`On February 23, 2021, the U.S. Patent and Trademark Office duly and legally
`
`A.
`
`37.
`
`issued U.S. Patent No. 10,929,512 (“the ’512 Patent”), entitled “Authentication Translation,” to
`
`inventor Bjorn Markus Jakobsson. Carbyne owns all rights to the ’512 Patent necessary to bring
`
`35 The Authentication Patents share a specification. Unless otherwise noted, the citations are to
`the ’512 Patent’s specification.
`
`18
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 19 of 47
`
`this action. A true and correct copy of the ’512 Patent is attached hereto as Exhibit A and
`
`incorporated herein by reference.
`
`38.
`
`On October 18, 2022, the U.S. Patent and Trademark Office duly and legally
`
`issued U.S. Patent No. 11,475,105 (“the ’105 Patent”), entitled “Authentication Translation,” to
`
`inventor Bjorn Markus Jakobsson. Carbyne owns all rights to the ’105 Patent necessary to bring
`
`this action. A true and correct copy of the ’105 Patent is attached hereto as Exhibit B and
`
`incorporated herein by reference.
`
`39.
`
`On November 29, 2022, the U.S. Patent and Trademark Office duly and legally
`
`issued U.S. Patent No. 11,514,138 (“the ’138 Patent”), entitled “Authentication Translation,” to
`
`inventor Bjorn Markus Jakobsson. Carbyne owns all rights to the ’138 Patent necessary to bring
`
`this action. A true and correct copy of the ’138 Patent is attached hereto as Exhibit C and
`
`incorporated herein by reference.
`
`40.
`
`The ’512 Patent concerns systems and methods for authentication translation. As
`
`the Patent explains, previous authentication techniques made “[p]roviding credentials to a
`
`service, whether via a mobile or other device . . . a tedious experience for a user.” Ex. A (’512
`
`Patent) at 1:35-37. Because the experience was so tedious, users would “often engage in
`
`practices such as password re-use, and/or the selection of poor-quality passwords, which render
`
`their credentials less secure against attacks.” Id. at 1:38-40. Thus, “improvements in
`
`authentication techniques [were] desirable.” Id. at 1:40-42.
`
`41.
`
`The ’512 Patent addresses these shortcomings by disclosing novel authentication
`
`systems and methods. The ’512 Patent discloses methods and systems where “users need not
`
`type such usernames and passwords into their devices whenever required by a service. Instead,
`
`users can authenticate themselves to an ‘authentication translator’ via an appropriate technique,
`
`19
`
`

`

`Case 1:23-cv-00324-LY Document 1 Filed 03/24/23 Page 20 of 47
`
`and the authentication translator will provide the appropriate credentials to the implicated service
`
`on the user's behalf.” Id. at 2:63-3:1. By doing this, the system promotes better user security
`
`practices by making it easier for a user to use complex passwords.
`
`42.
`
`As the ’512 patent discloses, the process begins “when a request to access a
`
`resource is received, as is an authentication input.” Id. at 6:20-21. For example, suppose “[the
`
`user] wishes to sign into social networking website.” Id. at 6:22-23. “[The user] directs [their]
`
`web browser . . . to the social networking website.” Id. at 6:23-25. The “Authentication translator
`
`module 132 recognizes, from the context of [the user’s] actions (e.g., that [the user] is attempting
`
`to access site 120 with [their] browser) that [the user] would like to access a particular resource.”
`
`Ex. A (’512 Patent) at 6:25-28 (emphasis in original). The authentication translator module may
`
`then prompt “[the user] (e.g., by a popup message or via a sound) to provide biometric
`
`information (e.g., to use the integrated fingerprint reader on [the user’s device]).” Id. at 6:28-31.
`
`43.
`
`Once a biometric has been supplied by the user, the supplied biometric data is
`
`compared “to the templates stored on [the user’s device].” Id. at 6:39-40. “If a suitable match is
`
`found . . . the username and password for the website, as stored in a vault, such as vault 220, are
`
`retrieved from the vault” and provided to the resource. Id. at 6:40-46 (emphasis in original). In
`
`the ’512 Patent specification, biometrics include but are not limited to fingerprints, “facial
`
`recognition, voiceprints, or retina scan technology.” Id. at 3:28-29, 3:18-19.
`
`44.
`
`To keep the user’s biometrics secure, the ’512 Patent discloses a device with “a
`
`large and insecure storage 302 attached to a fast processor 304, and a smaller but secure storage
`
`306 attached to a dedicated processor 308 and a sensor 310 (e.g., a camera or a fingerprint
`
`reader).” Id. at 3:67-4:4 (emphasis in original); see also id. at Fig. 3 (reproduced below). The
`
`“Users (and applications) can read from and write to the insecure storage area.” Id. at 4:4-5. Data
`
`20
`
`