DCT

1:17-cv-01914

Greater Boston Authentication Solutions LLC v. Quark Software Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:17-cv-01914, D. Colo., 08/08/2017
  • Venue Allegations: Venue is alleged based on Defendant’s headquarters and regular and established place of business in the judicial district of Colorado, as well as the commission of infringing acts within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s software product activation technologies infringe patents related to using cryptographic authentication to authorize and control access to electronic data.
  • Technical Context: The technology at issue involves systems and methods for software license activation, a field focused on preventing unauthorized copying and distribution of commercial software products.
  • Key Procedural History: The three patents-in-suit are part of a single patent family. U.S. Patent No. 7,346,583 is a continuation of the application for U.S. Patent No. 6,567,793, which is a continuation-in-part of the application for U.S. Patent No. 5,982,892. This shared prosecution history may be relevant for issues of claim construction and priority.

Case Timeline

Date Event
1997-12-22 Earliest Priority Date for ’583, ’793, and ’892 Patents
1999-11-09 U.S. Patent No. 5,982,892 Issued
2003-05-20 U.S. Patent No. 6,567,793 Issued
2008-03-18 U.S. Patent No. 7,346,583 Issued
2017-08-08 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,346,583 - "REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA SYSTEM AND METHOD"

  • Patent Identification: U.S. Patent No. 7,346,583, "REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA SYSTEM AND METHOD," issued March 18, 2008. (Compl. ¶9).

The Invention Explained

  • Problem Addressed: The patent addresses the susceptibility of distributed software to unauthorized use and sharing. It notes that prior art methods, such as providing a single decryption key, fail to prevent key sharing, while even unique-per-user decryption keys do not protect the software after it has been installed and decrypted on a computer. ('583 Patent, col. 1:30-45).
  • The Patented Solution: The invention proposes a system that controls software access at run-time using cryptographic authentication. A vendor generates a "verification key" that is bundled with the software. To gain access, a user provides "identifying information" (e.g., a machine ID or license number) to a remote "user key generator," which in turn creates a unique "user key" by applying a digital signature. An verifier module within the installed software then uses the public portion of the verification key to confirm the relationship between the user key and the identifying information, thereby unlocking the software for use. ('583 Patent, Abstract; col. 3:28-44).
  • Technical Importance: This method provides persistent, post-installation protection against software piracy by requiring verification each time the software is run, a notable development over one-time activation schemes. ('583 Patent, col. 4:1-5).

Key Claims at a Glance

  • The complaint asserts independent claims 1, 10, 19, and 28, among others. (Compl. ¶12).
  • The core elements of independent claim 1 include:
    • generating a verification key with a digital signature algorithm;
    • combining software and the verification key to create distributable software;
    • inputting identifying information (e.g., user-identifying information, licensing information, batch number, user token, date, or time) to a user-key generator;
    • converting the identifying information to a numeric representation;
    • generating a user key from the numeric representation using the digital signature algorithm;
    • conveying the user key to the user's computer; and
    • verifying a relationship between the user key and the identifying information to determine an access level. (’583 Patent, col. 14:1-30).
  • The complaint reserves the right to assert other claims, including dependent claims. (Compl. ¶12).

U.S. Patent No. 6,567,793 - "REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA SYSTEM AND METHOD"

  • Patent Identification: U.S. Patent No. 6,567,793, "REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA SYSTEM AND METHOD," issued May 20, 2003. (Compl. ¶17).

The Invention Explained

  • Problem Addressed: Like its continuation ('583 Patent), this patent addresses the problem of controlling unauthorized software distribution, particularly in multi-user or enterprise environments. ('793 Patent, col. 1:16-30).
  • The Patented Solution: The patent describes the same fundamental cryptographic activation system but focuses its claims on the use of "group-identifying information." This allows the system to manage licenses for a "group of users," such as employees of a single organization, rather than just individual users. ('793 Patent, Abstract; col. 3:49-55).
  • Technical Importance: The invention extends the cryptographic activation concept to better suit enterprise software licensing models, where a single purchase authorizes use by multiple individuals within a defined group. ('793 Patent, col. 3:49-55).

Key Claims at a Glance

  • The complaint asserts independent claims 1, 8, 19, and 26, among others. (Compl. ¶19).
  • The core elements of independent claim 1 include nearly identical steps to the '583 Patent, but are distinguished by their focus on groups:
    • distributing the software to a user within a group of users;
    • inputting group-identifying information to a user key generator; and
    • verifying a relationship between the user key and the group-identifying information. (’793 Patent, col. 13:42-67).
  • The complaint reserves the right to assert other claims, including dependent claims. (Compl. ¶19).

Multi-Patent Capsule: U.S. Patent No. 5,982,892 - "SYSTEM AND METHOD FOR REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA"

  • Patent Identification: U.S. Patent No. 5,982,892, "SYSTEM AND METHOD FOR REMOTE AUTHORIZATION FOR UNLOCKING ELECTRONIC DATA," issued November 9, 1999. (Compl. ¶24).
  • Technology Synopsis: As the parent patent in the family, this patent establishes the core technical framework for the subsequent patents. It describes a system for controlling software access using a vendor-generated "verification key" and a user-specific "user key." The user key is generated by cryptographically signing a numeric representation of user-identifying information and is validated at run-time to authorize use. (’892 Patent, Abstract; col. 2:28-48).
  • Asserted Claims: The complaint asserts independent claims 1 and 6, along with dependent claims 2-3 and 7. (Compl. ¶26).
  • Accused Features: The complaint alleges that the Quark Product Activation software infringes by generating and verifying keys based on user and computer information to control access to the software. (Compl. ¶26).

III. The Accused Instrumentality

Product Identification

  • The accused instrumentalities are the "Quark Product Activation technologies" incorporated into Defendant's software products, including but not limited to QuarkXPress, QuarkCopyDesk, and Quark Print Collection. (Compl. ¶¶4, 11).

Functionality and Market Context

  • The accused technology is a license activation system designed to prevent software piracy by ensuring software is not used on more computers than authorized by the license. (Compl. ¶11, p. 3).
  • The activation process requires a user to enter a "validation code" (e.g., a serial number). The software then generates a unique "installation code" based on the computer's hardware configuration. (Compl. p. 4). This installation code is transmitted to Quark, which in turn provides an "activation code" to the user. (Compl. ¶11, p. 3). The user enters this activation code to enable the full functionality of the software. (Compl. p. 4).
  • For multi-seat installations, a "Quark License Administrator (QLA)" is alleged to manage software licenses, obviating the need for individual user activation. (Compl. ¶11, p. 3).

IV. Analysis of Infringement Allegations

'583 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
generating, with a digital signature algorithm, a verification key Defendant is alleged to generate a verification key using a digital signature algorithm. ¶12 col. 5:48-52
combining software and the verification key to create distributable software Defendant's software is combined with the verification key to create the distributable Quark software products. ¶12 col. 5:53-56
inputting identifying information... to a user-key generator The accused software gathers hardware configuration information and converts it to an "installation code," which is sent to Quark's servers (the alleged user-key generator). This is described in a visual exhibit provided from Defendant's website. ¶11, p. 3 col. 6:57-65
converting... the identifying information to a numeric representation Defendant's user-key generator allegedly converts the identifying information to a numeric representation. ¶12 col. 6:66-7:4
generating, using the numeric representation, a user key, with the digital signature algorithm Defendant's servers are alleged to generate an "activation code" (the user key) using a digital signature algorithm. ¶12 col. 7:5-10
conveying the user key to the user computer system The "activation code" is returned to the user's computer, where it is entered into the software. A visual exhibit shows the interface for this step. ¶12; p. 4 col. 7:11-14
verifying, with the verification key, a relationship between the user key and the identifying information to determine an access level The accused software allegedly verifies the activation code to determine the user's access level to the software. ¶12 col. 7:56-61

'793 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
distributing the distributable software to a user within a group of users The accused software is distributed to users within groups, allegedly managed by the Quark License Administrator (QLA) for multi-seat installations. ¶19; ¶11, p. 3 col. 3:49-55
inputting group-identifying information to a user key generator The QLA system allegedly inputs group-identifying information to Defendant's user-key generator. ¶19 col. 3:42-44
converting... the group-identifying information to a numeric representation Defendant's system allegedly converts the group-identifying information into a numeric form. ¶19 col. 4:13-17
generating, using the numeric representation, a user key, with the digital signature algorithm Defendant's system allegedly generates a user key based on the group information. ¶19 col. 4:18-22
conveying the user key to the user computer system The user key is conveyed to the user's computer system for use within the group. ¶19 col. 4:23-25
verifying, with the verification key, a relationship between the user key and the group-identifying information The software allegedly verifies the key against the group information to determine the access level. ¶19 col. 4:26-32
  • Identified Points of Contention:
    • Technical Questions: A primary factual question is whether Quark’s activation system actually uses a "digital signature algorithm" as claimed. The complaint alleges this but provides no specific evidence of the cryptographic method employed (e.g., RSA, DSA, or another asymmetric algorithm). The infringement case may depend on evidence showing that Quark's "installation code" and "activation code" function as the claimed "numeric representation" and signed "user key," respectively, rather than as part of a different type of challenge-response or hashing protocol.
    • Scope Questions: The case may raise the question of whether an anonymous hardware fingerprint (the "installation code") constitutes "user-identifying information" or "group-identifying information" as those terms are used in the patents. Similarly, a court may need to determine if the functionality of the "Quark License Administrator (QLA)" maps to the claimed methods involving a "group of users."

V. Key Claim Terms for Construction

  • The Term: "digital signature algorithm"

    • Context and Importance: This term is at the technical heart of the asserted claims. The infringement theory depends on Quark's key generation process meeting the definition of a "digital signature algorithm." Practitioners may focus on this term because if Quark's system uses a different method (e.g., a symmetric key exchange, a simple hash, or a proprietary algorithm), infringement may be avoided.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification states that the invention uses public-key signature algorithms and provides the Digital Signature Standard (DSS) and RSA as examples, suggesting the term is not limited to only those two. (’892 Patent, col. 5:35-42).
      • Evidence for a Narrower Interpretation: The detailed description consistently describes a process involving a private signing key and a public verification key to sign a numeric representation of identifying information, which is then verified. (’892 Patent, col. 2:49-63). A party could argue the term is limited to algorithms that perform this specific asymmetric sign-and-verify function.

  • The Term: "identifying information" / "group-identifying information"

    • Context and Importance: The infringement allegations map Quark's hardware-based "installation code" and license-based "validation code" to this term. The viability of the infringement case depends on this mapping being accepted.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification provides a non-exhaustive list of examples, including "name, machine ID, credit card number or other piece of unique identifying information," as well as "licensing information" and "batch number." (’793 Patent, col. 3:36-44). This suggests the term is flexible and can encompass a variety of inputs.
      • Evidence for a Narrower Interpretation: The patents describe the purpose of this information as enabling accountability and traceability back to a specific user or group. (’892 Patent, col. 4:50-54). A party might argue that purely anonymous hardware data does not meet the "identifying" function contemplated by the patent unless it is tied to a specific user, license, or group in a persistent manner.

VI. Other Allegations

  • Indirect Infringement: The complaint does not contain specific counts or factual allegations for indirect infringement.
  • Willful Infringement: The complaint does not contain an explicit allegation of willful infringement.

VII. Analyst’s Conclusion: Key Questions for the Case

The resolution of this dispute may turn on the answers to two central questions:

  1. A key evidentiary question will be one of technical operation: Does discovery show that the accused Quark Product Activation system employs a "digital signature algorithm" involving an asymmetric sign-and-verify process, as required by the patent claims, or does it operate on a different, non-infringing cryptographic or licensing principle?
  2. A core definitional question will be one of claim scope: Can the term "identifying information," which the patents link to user traceability, be construed broadly enough to cover an anonymous, hardware-derived "installation code" as used in the accused system?