DCT
3:19-cv-00590
Boom Payments Inc v. Stripe Inc
Key Events
Complaint
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Boom! Payments, Inc. (Delaware)
- Defendant: Stripe, Inc. (Delaware); Shopify (USA) Inc. (Delaware); Shopify Inc. (Canada)
- Plaintiff’s Counsel: Russ, August & Kabat
- Case Identification: 5:19-cv-00590, N.D. Cal., 02/01/2019
- Venue Allegations: Venue is alleged in the Northern District of California based on Stripe and Shopify (USA) Inc. having regular and established places of business in the district, and both defendants having committed acts of alleged infringement within the district.
- Core Dispute: Plaintiff alleges that Defendants’ online payment platforms, Stripe Checkout and Shopify Pay, infringe patents related to authenticating e-commerce transactions using transaction-specific identifiers sent to a buyer's device.
- Technical Context: The technology addresses the need for secure and low-friction checkout experiences in e-commerce, a critical factor for online conversion rates and user trust.
- Key Procedural History: The complaint alleges that in 2013, prior to the launch of the accused Stripe product, Boom’s CEO discussed its patented technology and provided notice of the '084 Patent to Stripe representatives. The complaint also notes that the USPTO, during prosecution of the '857 patent, stated that the claims "fundamentally require mobile computer devices and a server computer device" and are not merely abstract business practices.
Case Timeline
| Date | Event |
|---|---|
| 2011-10-27 | Earliest Priority Date for ’084 and ’857 Patents |
| 2013-04-23 | ’084 Patent Issued |
| 2013-05-22 | Boom allegedly provides notice of ’084 Patent to Stripe |
| 2014-03-05 | Stripe announces release of its Checkout product |
| 2015-09-08 | USPTO issues Notice of Allowance for the '857 Patent |
| 2016-01-12 | ’857 Patent Issued |
| 2017-04-20 | Shopify announces its Shopify Pay feature |
| 2019-02-01 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 8,429,084 - "Confirming Local Marketplace Transaction Consummation For Online Payment Consummation," Issued April 23, 2013
The Invention Explained
- Problem Addressed: The patent identifies challenges in online transactions, particularly the difficulty in reliably confirming that a transaction has been consummated before authorizing payment, especially in "local marketplace" scenarios where a buyer and seller meet physically ('084 Patent, col. 1:32-44). It also notes that buyers may be hesitant to share credit card information with unfamiliar third-party sellers, and sellers may lack the means to process payments themselves, creating a need for a trusted intermediary ('084 Patent, col. 2:45-51; Compl. ¶22).
- The Patented Solution: The invention proposes a system where a payment processor, separate from the seller, handles the transaction. In response to a purchase request, the system generates a unique "transaction-specific buyer acceptance identifier" and sends it to the buyer ('084 Patent, col. 6:15-23). To complete the transaction, the seller receives this identifier from the buyer (e.g., at a physical meeting point) and communicates it back to the system. This communication serves as confirmation, authorizing the system to charge the buyer's account, which is stored with the processor, not the seller ('084 Patent, Fig. 4). This process provides a secure confirmation mechanism without requiring the seller to handle sensitive payment data.
- Technical Importance: The technology aims to increase security and reduce friction in online and consumer-to-consumer transactions by centralizing payment information with a trusted processor and using a dynamic, out-of-band identifier for transaction authentication (Compl. ¶27).
Key Claims at a Glance
- Independent Claim 6 is asserted via dependent Claim 7.
- The essential elements of independent Claim 6 comprise an Internet-based computer system with a server programmed to:
- In response to a buyer's request to purchase an item from a recognized seller, generate a "transaction-specific buyer acceptance identifier."
- Store in memory a relationship between that identifier, an identification of the buyer, and an identification of the seller.
- Communicate the identifier to the buyer.
- The complaint reserves the right to assert other claims (Compl. ¶51).
U.S. Patent No. 9,235,857 - "Confirming Local Marketplace Transaction Consummation For Online Payment Consummation," Issued January 12, 2016
The Invention Explained
- Problem Addressed: As a continuation of the '084 patent's family, the '857 patent addresses the same fundamental problem of securely confirming online transactions where payment and product exchange may be decoupled ('857 Patent, col. 1:32-col. 2:65).
- The Patented Solution: The '857 patent claims a more detailed system architecture involving distinct devices: a "buyer computer device" (e.g., a mobile phone), a "point-of-sale computer device" (e.g., a seller's device), and a "processing computer device" (e.g., a central server) ('857 Patent, Claim 7). The solution involves instructions on the buyer's device to receive a transaction-specific identifier from the processing device and transmit it to the point-of-sale device. The processing device then receives identifiers from the point-of-sale device, compares them to stored records, and confirms the transaction if they match ('857 Patent, col. 23:26-col. 24:1). This claims a specific, distributed system for executing the authentication flow.
- Technical Importance: This patent describes a system architecture that is well-suited for mobile-first e-commerce, where a buyer's phone, a merchant's point-of-sale system, and a payment processor's backend servers interact to complete a transaction (Compl. ¶29).
Key Claims at a Glance
- Independent Claim 7 is asserted.
- The essential elements of independent Claim 7 comprise a computer system with a buyer computer device, a point-of-sale computer device, and a processing computer device, with instructions and programming to:
- (Buyer device) Receive a transaction-specific identifier and transmit it to the point-of-sale device.
- (Processing device) Generate and make the identifier available to the buyer device.
- (Processing device) Store a record relating the transaction-specific identifier to buyer- and seller-specific identifiers.
- (Processing device) Receive identifiers from the point-of-sale device, compare them to the stored record, and confirm the transaction if they match.
- The complaint reserves the right to modify its infringement description (Compl. ¶72).
III. The Accused Instrumentality
Product Identification
- Stripe's "Accused Payment Processor Platform" (Stripe Checkout) and Shopify's "Accused e-Commerce Platform," which incorporates the "Shopify Pay" feature and is allegedly powered by Stripe (Compl. ¶¶5, 19, 46).
Functionality and Market Context
- The accused platforms are designed to streamline the online checkout process. For a first-time purchase, a user enters their payment and contact information (e.g., mobile number) and can opt to have the system "remember" them (Compl. ¶39). In a screenshot of the Dribbble storefront, the system is shown collecting an email, credit card details, and a mobile phone number under a "Remember me" checkbox (Compl. ¶39, p. 13).
- For subsequent purchases on any website using the same platform, the user enters only their email address. The system then automatically sends a unique, single-use verification code via SMS to the user's stored mobile number (Compl. ¶¶38, 40). A series of screenshots for a purchase on Humble Bundle shows the user being prompted for and entering this verification code (Compl. ¶40, p. 14).
- Once the correct code is entered, the user can complete the purchase without re-entering their full credit card details (Compl. ¶40). The complaint alleges these platforms are used to process millions of transactions and are marketed as a way to reduce checkout friction and increase conversion rates for merchants (Compl. ¶¶30, 48).
IV. Analysis of Infringement Allegations
’084 Patent Infringement Allegations (vs. Stripe)
| Claim Element (from Independent Claim 6) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| An Internet-based computer system for confirming that a sale transaction has been consummated, said Internet-based computer system comprising at least one server computer programmed to: | The Stripe Checkout platform is described as an Internet-based system using Stripe's servers to process customer payment details. | ¶51 | col. 4:32-44 |
| [6a] in response to a buyer request...generate a transaction-specific buyer acceptance identifier; | When a buyer using a stored profile initiates a purchase, Stripe's system generates a "Stripe verification code" sent via SMS. This is alleged to be the identifier. | ¶51 | col. 10:16-25 |
| [6b] store in a computer-accessible memory, information comprising a relationship between the transaction-specific buyer acceptance identifier, an identification of the buyer, and an identification of the seller; | Stripe's platform is alleged to necessarily store the verification code, the buyer's identification (e.g., email/phone number), and the seller's identification (e.g., API key) to facilitate the transaction. | ¶51 | col. 12:3-10 |
| [6c] communicate the transaction-specific buyer acceptance identifier to the buyer. | Stripe communicates the verification code to the buyer via an SMS text message. A screenshot shows an incoming text with the code (Compl. ¶51, p. 19). | ¶51 | col. 12:59-64 |
| [Dependent Claim 7a] receive from a seller a communication of a transaction consummation completion identifier, a seller identification, and transaction information... | The complaint alleges that after the buyer enters the code, the seller's website communicates an identifier (which may comprise the entered code and a token representing payment info) to Stripe's servers. | ¶51 | col. 15:43-52 |
| [7b] determine whether: the transaction consummation completion identifier comprises the transaction-specific buyer acceptance identifier, and the seller identification comprises an identification of a seller recognized... | Stripe's servers are alleged to determine if the identifier received from the seller's system contains the correct verification code and if the seller is a recognized user of the Stripe platform. | ¶51 | col. 16:21-31 |
| [7c] for the communication wherein the identifiers match...charge an account associated with the buyer... | If the verification code and seller ID are confirmed, Stripe's platform charges the buyer's stored payment account. A screenshot shows the "Pay $25.00" button becoming active and a final confirmation checkmark (Compl. ¶51, p. 22). | ¶51 | col. 16:32-44 |
- Identified Points of Contention:
- Scope Questions: A central question may be whether the "transaction consummation completion identifier" received from the seller (limitation 7a) is met by the complex, token-based API communication alleged in the complaint (Compl. ¶51), or if the patent requires a simpler communication of the buyer's identifier itself.
- Technical Questions: The complaint's theory relies on the seller's system communicating information back to Stripe's server. A factual question will be what information is actually transmitted and whether it "comprises" the buyer acceptance identifier in the manner required by the claim.
’857 Patent Infringement Allegations (vs. Stripe)
| Claim Element (from Independent Claim 7) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A computer system comprising a buyer computer device, an at least a first point-of-sale computer device, and an at least a first processing computer device... | The system is alleged to comprise the buyer's mobile phone, the seller's computer/website, and Stripe's servers, respectively. | ¶72 | col. 23:26-30 |
| [7a] executable computer program instructions...on said buyer computer device...to receive a transaction-specific identifier and transmit said...identifier to a point-of-sale computer device; | The buyer's mobile phone is alleged to have instructions (e.g., in its OS and browser) to receive the SMS code and to transmit it (via user input) to the seller's website. A screenshot shows the text message and input field (Compl. ¶72, p. 30). | ¶72 | col. 25:19-27 |
| [7b] ...at least a first processing computer device programmed to...generate a transaction-specific identifier, and make said...identifier available to said buyer computer device... | Stripe's processing servers are alleged to generate the verification code and make it available to the buyer's phone via SMS. | ¶72 | col. 25:31-43 |
| [7c] ...processing computer device further programmed to store in a computer-accessible memory a record comprising a relationship between said transaction-specific identifier, a buyer-specific identifier, and a seller-specific identifier; | Stripe's servers are alleged to store the verification code in relation to the buyer's identity (e.g., phone number) and the seller's identity (e.g., API key). | ¶72 | col. 25:44-50 |
| [7e] ...processing computer device programmed to receive from said first point-of-sale computer device an identifier of the transaction, an identifier of the buyer, and an identifier of the seller; | Stripe's servers are alleged to receive information from the seller's website needed to process and authenticate the transaction. | ¶72 | col. 26:1-5 |
| [7f & 7g] ...processing computer device further programmed to compare the...identifiers...and if said identifier[s] match...confirm that the buyer has authorized the particular purchase transaction. | Stripe's servers are alleged to compare the received data with the stored identifiers (including the verification code) to confirm the buyer's authorization before charging the account. | ¶72 | col. 26:6-23 |
- Identified Points of Contention:
- Scope Questions: Does the buyer's standard mobile phone and browser contain "executable computer program instructions" that perform the specific claimed function of transmitting the identifier "to a point-of-sale computer device," or is this simply user data entry into a web form hosted by the seller?
- Technical Questions: The infringement theory requires a specific three-part system architecture (buyer device, POS device, processing device). A factual question will be whether the accused Stripe/Shopify ecosystem, which involves multiple parties (buyer, seller, payment processor), maps cleanly onto this claimed structure.
V. Key Claim Terms for Construction
The Term: "transaction-specific buyer acceptance identifier" ('084 Patent, Claim 6) and "transaction-specific identifier" ('857 Patent, Claim 7)
Context and Importance: This is the core element of the invention. Its definition is critical because the entire authentication process revolves around its generation, communication, and verification. Practitioners may focus on whether a simple, temporary 6-digit code sent via SMS, as used in the accused products, meets the definition and functional requirements of this term as described in the patents.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification suggests the identifier can take multiple forms, including "a human-readable combination of alphanumeric and/or special characters" or a machine-readable code, which could support an argument that a 6-digit numeric code falls within its scope ('084 Patent, col. 10:26-34).
- Evidence for a Narrower Interpretation: The patents originated in the context of "local marketplace transactions" where a buyer might physically show the identifier to a seller ('084 Patent, col. 1:30-32). A defendant might argue this context implies requirements beyond what is present in a purely online checkout, potentially narrowing the term's scope to exclude the accused systems.
The Term: "receive from a seller a communication of a transaction consummation completion identifier" ('084 Patent, Claim 7)
Context and Importance: This term defines how the system confirms the transaction. The complaint alleges this is satisfied by a token-based API call from the seller's server to Stripe's server (Compl. ¶51). The case may turn on whether this modern, secure API interaction constitutes receiving a "communication of a transaction consummation completion identifier" as envisioned by the patent.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent describes this step in general functional terms, stating the seller would "provide the exemplary online marketplace with the Buyer's identifier" ('084 Patent, col. 7:13-15). This functional language may support reading the claim on various technical implementations, including API calls.
- Evidence for a Narrower Interpretation: The patent's flowcharts and description often depict a more direct communication of the identifier itself (e.g., seller messages the buyer's identifier) ('084 Patent, Fig. 2A, element 220). This may support an argument that the claim requires communication of the original identifier, not a different token that is merely representative of the completed transaction.
VI. Other Allegations
- Indirect Infringement: The complaint alleges induced infringement against both Stripe and Shopify, asserting that they provide customers (merchants) with instructions, documentation (e.g., API documentation), and marketing materials that encourage and explain how to implement the accused infringing payment flows on their websites (Compl. ¶¶57, 66, 78, 87).
- Willful Infringement: Willfulness is alleged based on pre-suit knowledge. The complaint details communications in May and June 2013 where Boom's CEO allegedly disclosed the '084 patent and its technology to Stripe employees, including a product manager for Stripe Checkout, nearly a year before Stripe launched the accused product (Compl. ¶¶31-36, 52). Post-suit willfulness is also alleged based on the filing of the complaint (Compl. ¶¶55, 76).
VII. Analyst’s Conclusion: Key Questions for the Case
- A key evidentiary question will be one of technical mapping: Does the accused systems' use of a secure token, passed from a merchant's server to the payment processor's server after a buyer enters an SMS code, constitute "receiving from a seller a communication of a transaction consummation completion identifier" that "comprises the transaction-specific buyer acceptance identifier," as required by the '084 patent? Or is there a fundamental mismatch between the modern, token-based architecture and the specific communication steps claimed?
- A central issue will be one of definitional scope: Can the term "executable computer program instructions...instructing said buyer computer device to...transmit said transaction-specific identifier to a point-of-sale computer device," as claimed in the '857 patent, be construed to read on a standard mobile phone browser and operating system where a user manually types a code into a web form?
- The outcome of the willfulness allegation will likely depend on the factual record of pre-suit knowledge: What was the specific content of the 2013 communications between Boom's CEO and Stripe, and does the evidence establish that Stripe had knowledge of the '084 patent and its applicability to the technology that would become Stripe Checkout?