DCT
2:24-cv-10740
Kioba Processing LLC v. BMO Bank NA
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Kioba Processing LLC (Georgia)
- Defendant: BMO Bank N.A. (Illinois)
- Plaintiff’s Counsel: Perkowski Legal, PC; Daignault Iyer LLP
- Case Identification: 2:24-cv-10740, C.D. Cal., 12/13/2024
- Venue Allegations: Plaintiff alleges venue is proper in the Central District of California based on Defendant’s maintenance of physical branch locations, operation centers, and ATMs within the district, as well as its provision of online and mobile banking services to customers residing in the district.
- Core Dispute: Plaintiff alleges that Defendant’s digital banking products and services, including its mobile application and debit cards, infringe four patents related to biometric data processing, payment instrument security, mobile payments, and transaction authorization.
- Technical Context: The patents address foundational technologies in digital financial services, including secure authentication using biometrics and user-controlled security features for payment cards, which are central to modern online and mobile banking.
- Key Procedural History: The complaint alleges that Defendant was first notified of its potential infringement via a letter sent on or about May 18, 2020, with multiple follow-up communications, including letters that specifically identified the patents-in-suit, sent in March 2021, September 2022, and August 2024. Plaintiff asserts that Defendant has not responded to any of these communications.
Case Timeline
| Date | Event |
|---|---|
| 1999-01-13 | ’078 Patent Priority Date |
| 2000-05-02 | ’888 Patent Priority Date |
| 2001-01-24 | ’382 Patent Priority Date |
| 2002-03-01 | ’902 Patent Priority Date |
| 2005-07-12 | ’902 Patent Issue Date |
| 2005-08-16 | ’382 Patent Issue Date |
| 2006-09-12 | ’078 Patent Issue Date |
| 2016-10-18 | ’888 Patent Issue Date |
| 2020-05-18 | Plaintiff's agent allegedly sends first notice letter to Defendant |
| 2021-03-18 | Plaintiff's counsel allegedly sends letter identifying patents-in-suit to Defendant |
| 2024-12-13 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 6,917,902 - "System and Method for Processing Monitoring Data Using Data Profiles," issued July 12, 2005
The Invention Explained
- Problem Addressed: The patent describes the difficulty traditional monitoring systems faced in integrating and processing data from various biometric devices (e.g., fingerprint scanners, facial recognition) (’902 Patent, col. 1:42-55). These systems often could not handle incompatible data formats or efficiently use external data templates, limiting the use of biometrics in integrated security processes (’902 Patent, col. 2:3-9).
- The Patented Solution: The invention proposes a system that uses "data profiles" to manage and process monitoring device data (’902 Patent, Abstract). A processing device receives data (e.g., a fingerprint scan), associates it with a data profile corresponding to that data type, and the profile then dictates how to process the data by specifying a "data processing template," "processing rules," and an "action assessment" (’902 Patent, col. 2:35-47). This creates a flexible, rule-based framework for handling diverse data inputs from monitoring devices.
- Technical Importance: This approach provided a standardized method for integrating disparate security and monitoring inputs, particularly emerging biometric technologies, into a cohesive processing system at a time when such integration was not conventional.
Key Claims at a Glance
- The complaint asserts at least independent claim 1 (Compl. ¶66).
- Essential elements of claim 1 include:
- A method for processing monitoring device data from a plurality of monitoring devices.
- Obtaining monitoring device data characteristic of an individual.
- Associating at least one data profile corresponding to a data type of the obtained data.
- The data profile includes: an identification of a data processing template, at least one processing rule, and at least one action assessment.
- Processing the monitoring device data according to the data profile.
- Generating an action assessment corresponding to the processing.
U.S. Patent No. 6,931,382 - "Payment Instrument Authorization Technique," issued August 16, 2005
The Invention Explained
- Problem Addressed: The patent addresses the security risks of online commerce and "card not present" transactions, where merchants and consumers face fraud from unauthorized use of financial data (’382 Patent, col. 2:7-17). It identifies a need for a system that assures a merchant that the user is authorized and reduces the likelihood of a bank authorizing a fraudulent transaction (’382 Patent, col. 2:64-3:5).
- The Patented Solution: The invention discloses a method where a payment instrument owner can control the instrument's usage by "selectively to block and unblock their payment instruments" on command (’382 Patent, col. 3:15-17). The method involves the instrument holder communicating with an issuing entity (e.g., their bank) to set a default "block" on authorizations, and then communicating with an authentication function (e.g., via a trusted third party) prior to a transaction to request that the instrument be "unblocked" for future payments (’382 Patent, col. 4:39-50).
- Technical Importance: The invention provides a user-initiated, proactive security layer for payment cards, shifting from a reactive, fraud-detection model to a preventative, user-permission model.
Key Claims at a Glance
- The complaint asserts at least independent claims 6 and 8 (Compl. ¶81).
- Essential elements of claim 6 include:
- A method of protecting a payment instrument used in transactions.
- Blocking the authorization for a payment instrument on a default basis by the issuing entity.
- Communicating by the authorized instrument holder, prior to a transaction, with an authentication function to subject the holder to authentication and to request the instrument be unblocked.
- Authenticating the holder and, if positive, causing the issuing entity to store the request to unblock the instrument for authorization of payments.
- Claim 8 is a method claim similar to claim 6, but recites communicating with the authentication function through one of several specified methods, such as via an application program on the user's computer.
Multi-Patent Capsule: U.S. Patent No. 7,107,078 - "Method and System for the Effecting Payments by Means of a Mobile Station," issued September 12, 2006
- Technology Synopsis: The patent addresses the inconvenience of early mobile payment systems. It discloses a method where a network application generates a user profile of available payment methods, sends a message to the user's mobile device with payment alternatives, and allows the user to select a method for the specific transaction (Compl. ¶¶53, 98-100).
- Asserted Claims: At least independent claim 1 is asserted (Compl. ¶95).
- Accused Features: The complaint alleges BMO's online and mobile banking systems, which allow users to manage and select payment methods, infringe the patent (Compl. ¶¶96-97).
Multi-Patent Capsule: U.S. Patent No. 9,471,888 - "Transmission of authorization information," issued October 18, 2016
- Technology Synopsis: The patent describes a method for securely transmitting authorization information (e.g., a ticket or voucher) to a mobile device for verification. The information is sent in a graphic format (e.g., similar to an operator logo) and presented on the mobile device's display using a user-independent function, making it difficult to forge (Compl. ¶¶60-62, 113-114).
- Asserted Claims: At least independent claim 6 is asserted (Compl. ¶112).
- Accused Features: The complaint alleges BMO’s mobile banking system, which is used for transmitting authorization information like payment requests for fund transfers and bill payments, infringes the patent (Compl. ¶¶113-115).
III. The Accused Instrumentality
Product Identification
- The accused instrumentalities are collectively referred to as the "BMO Bank Products and Services" and the "BMO Bank System" (Compl. ¶¶10-11). This includes, but is not limited to, BMO's ATM/Debit Cards, the BMO Bank mobile application, online banking websites, and specific features like "BMO Bank Card Manager" (Compl. ¶10).
Functionality and Market Context
- The complaint alleges these products provide digital banking services to BMO customers. A key accused functionality is the BMO Digital Banking app, which allows users to "Quickly and securely access your account with Touch ID® and Face ID®" (Compl. ¶67 & p. 15). A screenshot from a BMO website marketing its mobile app highlights this biometric login capability (Compl. p. 15). Another central feature is the ability for users to "Lock" and "Unlock" their credit or debit cards through the mobile app, which prevents certain new transactions from being approved while the card is locked (Compl. ¶¶82-83). The complaint provides an interactive demonstration screenshot showing a user toggling their card status from "UNLOCKED" to "LOCKED" (Compl. p. 31-32). The complaint positions these services as core components of BMO’s modern consumer banking offerings (Compl. ¶6).
IV. Analysis of Infringement Allegations
U.S. Patent No. 6,917,902 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a method for processing monitoring device data received from at least one of the plurality of monitoring devices | The BMO Bank System provides a method for processing monitoring device data from devices like smartphones. | ¶67 | col. 2:35-37 |
| comprising obtaining monitoring device data characteristics of an individual...from at least one of the plurality of monitoring devices | The system obtains biometric data such as a fingerprint, Face ID, or Voice ID from a user's smartphone. | ¶67 | col. 2:37-39 |
| associating at least one data profile corresponding to a data type of the obtained monitoring device data | BMO's system associates a data profile with the type of biometric data received (e.g., fingerprint vs. Face ID) to process the login. | ¶68 | col. 2:39-41 |
| wherein the data profile includes an identification of a data processing template, at least one processing rule and at least one action assessment | BMO’s system uses data profiles that include templates and rules to process the biometric data for authentication. | ¶68 | col. 2:41-45 |
| processing the monitoring device data according to the at least one data profile | The BMO system processes the user's biometric data according to the associated profile to verify their identity. | ¶69 | col. 2:45-47 |
| generating an action assessment corresponding to the processing of the monitoring device data to at least one data profile | Upon successful biometric authentication, the system generates an action assessment, such as granting the user access to their account. | ¶70 | col. 2:47-50 |
- Identified Points of Contention:
- Scope Questions: A central question may be whether a modern smartphone's biometric sensor (e.g., Apple's Face ID hardware) constitutes a "monitoring device" as contemplated by the patent. Further, does the software process initiated by the BMO app, which calls a mobile operating system's API for biometric data, constitute "obtaining monitoring device data" and processing it via a "data profile" as claimed?
- Technical Questions: The complaint alleges the existence of a "data profile" that includes a "template," "rule," and "action assessment" (Compl. ¶68). A key factual question will be what evidence demonstrates that BMO's system actually implements this specific three-part profile structure, rather than a more generalized authentication workflow.
U.S. Patent No. 6,931,382 Infringement Allegations
| Claim Element (from Independent Claim 6) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method of protecting a payment instrument used in transactions... | BMO provides customers a method of protecting their debit or credit cards via the "Card Management" features in its app. | ¶82 | col. 4:39-41 |
| blocking the authorization for a payment instrument, on a default basis, by the issuing entity | The complaint alleges that when a customer "Locks" their card, this constitutes "blocking the authorization for a payment instrument, on a default basis." | ¶83 | col. 4:41-44 |
| communicating by the authorized instrument holder, prior to a transaction...with an authentication function to subject the authorized instrument holder to authentication and to request that the payment instrument be unblocked... | A customer uses the BMO mobile app to authenticate themselves (e.g., with a passcode or biometrics) and request to "Unlock" their previously locked card. | ¶84 | col. 4:44-50 |
| and if the authentication result is positive, causing the issuing entity to store the request to unblock the payment instrument for the authorization of payments for the transaction or transactions. | After successful authentication, BMO's system stores the "Unlock" request, which unblocks the card for future payment authorizations. A screenshot from a BMO demo shows the card status changing from "LOCKED!" to "Unlocked!" (Compl. p. 32, 34). | ¶85 | col. 4:50-54 |
- Identified Points of Contention:
- Scope Questions: The claim requires "blocking the authorization... on a default basis." BMO's feature is an optional "Lock" that the user must actively enable. A point of contention may be whether this user-initiated lock satisfies the "on a default basis" limitation, or if that language requires the card to be blocked by default upon issuance unless a user acts.
- Technical Questions: What is the precise technical mechanism of BMO's "Lock" feature? Does it block all authorizations at the network level as contemplated by the patent, or does it only block certain transaction types (the complaint's own visual evidence notes that repeating transactions and digital wallet purchases may still be allowed) (Compl. p. 31)? The degree to which the "Lock" is a complete versus partial block may be a central factual dispute.
V. Key Claim Terms for Construction
For the ’902 Patent
- The Term: "data profile"
- Context and Importance: This term is the core of claim 1. The infringement theory depends on construing BMO's authentication process for different biometric inputs (e.g., Touch ID vs. Face ID) as the claimed "data profile" system. Practitioners may focus on whether this term requires a specific, discrete data structure containing the three recited components (template, rule, assessment) or can be construed more broadly to cover a logical process flow that performs equivalent functions.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification describes the profile functionally, stating it "includes an identification of a data processing template, at least one processing rule and at least one action assessment" (’902 Patent, col. 2:41-45). This functional language could support a construction that does not require a specific implementation or data structure.
- Evidence for a Narrower Interpretation: The detailed description repeatedly refers to the profile in the context of a "data profile repository" and databases, suggesting a more structured, stored data object (’902 Patent, col. 5:54-55; col. 6:10-12). An argument for a narrower construction may rely on this context to require a tangible, stored profile.
For the ’382 Patent
- The Term: "blocking... on a default basis"
- Context and Importance: This limitation in claim 6 is critical to determining whether BMO’s user-activated "Lock" feature infringes. The case may turn on whether "default" refers to the system's state upon setup (i.e., blocked unless unblocked) or the state of the card once the user enables the feature (i.e., the "default" becomes "locked").
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification's summary states the invention provides owners "the ability selectively to block and unblock their payment instruments" (’382 Patent, col. 3:15-17). This focus on selective, user-driven control could support interpreting "default basis" to mean the default state after the user has chosen to engage the blocking feature.
- Evidence for a Narrower Interpretation: The language "on a default basis" in the claim itself may suggest an inherent, system-level default state that exists without user intervention. The patent also discusses the process starting with the holder "communicating with the issuing entity to block" the instrument, which could imply this is a one-time setup of a default state, rather than a toggleable feature.
VI. Other Allegations
Indirect Infringement
- The complaint alleges induced infringement for all four patents. The basis is that BMO knowingly encouraged its customers to infringe by providing the accused products (e.g., the mobile app) and actively instructing them on how to use the infringing features (e.g., biometric login, card lock/unlock) through its website, advertisements, and user instructions (Compl. ¶¶72, 86, 103, 118).
Willful Infringement
- Willfulness is alleged for all four patents. The complaint bases this on BMO's alleged pre-suit knowledge, starting with a May 18, 2020 letter from Plaintiff's agent, followed by a March 18, 2021 letter from counsel that expressly identified the patents-in-suit (Compl. ¶¶22, 26). The complaint alleges that despite this notice and multiple follow-ups, BMO continued its allegedly infringing activities and never responded to Plaintiff's communications (Compl. ¶32).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: Does the term "blocking... on a default basis" from the ’382 patent require that a payment instrument be blocked automatically upon issuance, or can it be construed to cover an optional, user-activated "Lock" feature that, once enabled, becomes the card's default state?
- A second central question will be one of technical implementation: Does BMO's system for handling biometric logins via smartphone APIs utilize the specific "data profile" structure (comprising a template, rule, and action assessment) recited in the ’902 patent, or does it employ a different, more generalized authentication method that falls outside the claim's scope?
- A key evidentiary question will concern knowledge and intent: Given the detailed history of pre-suit notice letters alleged in the complaint, the analysis of willfulness may focus on what steps, if any, BMO took to investigate the infringement allegations after being notified of the specific patents-in-suit in March 2021.