DCT

1:25-cv-02434

Factor 2 Multimedia Systems LLC v. Middletown Valley Bank Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:25-cv-02434, D. Md., 07/25/2025
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established place of business within the District of Maryland and has committed alleged acts of infringement in the district.
  • Core Dispute: Plaintiff alleges that Defendant’s online banking apparatus, which uses two-factor authentication, infringes six patents related to systems and methods for direct and centralized user authentication via trusted authenticators or central entities.
  • Technical Context: The patents address methods for enhancing computer network security by moving beyond static, knowledge-based credentials to systems that use dynamic, single-use codes for authenticating users during online transactions.
  • Key Procedural History: The complaint notes that all six patents-in-suit are members of the same patent family. No other significant procedural events, such as prior litigation or post-grant proceedings, are mentioned in the complaint.

Case Timeline

Date Event
2001-08-29 Earliest Priority Date for ’864 and ’297 Patents
2005-02-07 Earliest Priority Date for ’129, ’938, ’453, and ’285 Patents
2012-10-02 U.S. Patent No. 8,281,129 Issued
2017-07-11 U.S. Patent No. 9,703,938 Issued
2017-07-19 U.S. Patent No. 9,727,864 Issued
2017-12-27 U.S. Patent No. 9,870,453 Issued
2018-09-05 U.S. Patent No. 10,083,285 Issued
2020-08-19 U.S. Patent No. 10,769,297 Issued
2021-03-31 Launch date mentioned for Defendant's "MVB Bank" mobile app
2025-07-25 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,281,129 - "Direct Authentication System And Method Via Trusted Authenticators," issued October 2, 2012

The Invention Explained

  • Problem Addressed: The patent’s background section describes the problem of fraud and identity theft stemming from the "faulty assumptions" that personal information (e.g., Social Security Number, name, birth date) can be kept confidential and that knowledge of such information is sufficient to verify a person's identity online (’129 Patent, Abstract; col. 1:22-col. 2:6).
  • The Patented Solution: The invention proposes a two-factor authentication method involving three parties: an individual, a business, and a "trusted-authenticator" (such as the individual's bank) (’129 Patent, Fig. 1a). To authenticate, the individual provides the business with both a "static key" (e.g., a password) and a "dynamic key" (a time-sensitive, single-use code) that the individual requests and receives from their trusted-authenticator. The business then communicates with the trusted-authenticator to verify both keys and confirm the individual's identity (’129 Patent, col. 5:9-24; col. 7:1-16).
  • Technical Importance: The invention describes a shift away from relying on static, compromised credentials toward a brokered, dynamic authentication framework designed to provide higher security for online transactions (’129 Patent, col. 6:61-col. 7:16).

Key Claims at a Glance

  • The complaint asserts claims 1-52 and recites independent claim 1 as representative (Compl. ¶21, ¶42).
  • Essential elements of independent claim 1 include:
    • Receiving a request for a dynamic code from an individual by a trusted-authenticator's computer.
    • Calculating the dynamic code, which is valid for a predefined time and becomes invalid after use.
    • Sending the dynamic code to the individual.
    • Receiving an authentication request from an entity, the request based on user information and the dynamic code that the entity received from the individual.
    • Authenticating the individual's identity based on the user information and the dynamic code.
    • Providing the result of the authentication to the entity.

U.S. Patent No. 9,703,938 - "Direct Authentication System And Method Via Trusted Authenticators," issued July 11, 2017

The Invention Explained

  • Problem Addressed: Similar to the ’129 Patent, the specification describes the inadequacy of authentication systems that rely on static personal information, which is easily obtained by identity thieves (’938 Patent, col. 1:24-39).
  • The Patented Solution: This patent, a continuation from the same family as the ’129 Patent, also describes a multi-party authentication system. It claims a method where a trusted authentication system receives a request for a dynamic code during an electronic transaction, generates the code, provides it to the user, and then receives an authentication request from the transacting computer system that includes the user-provided code for verification (’938 Patent, col. 13:1-34).
  • Technical Importance: The technology provides a refined method for implementing dynamic, two-factor authentication within the context of a specific electronic transaction, aiming to prevent fraud by ensuring credentials are valid only for that session (’938 Patent, col. 11:1-13).

Key Claims at a Glance

  • The complaint asserts claims 1-26 (Compl. ¶46). The complaint does not specifically recite a claim from this patent. Independent claim 1 is analyzed here.
  • Essential elements of independent claim 1 include:
    • Receiving, at a trusted authentication system during an electronic transaction, an electronic request for a dynamic code for a user.
    • Generating the dynamic code, which is valid for a pre-determined time and becomes invalid after use.
    • Providing the generated code to the user.
    • Receiving an authentication request from a computer system based on a digital identity that includes the dynamic code.
    • Authenticating the user based on the digital identity, where the dynamic code is used for a first time within the predetermined time.
    • Providing the result of the authentication to the computer system.

Multi-Patent Capsule: U.S. Patent No. 9,727,864 - "Centralized Identification and Authentication System and Method," issued July 19, 2017

  • Technology Synopsis: This patent describes a centralized authentication system where a "Central-Entity" manages users' personal and financial information to create a "digital identity." This digital identity, comprising a username and a dynamic "SecureCode," is then used for authentication with third-party "External-Entities" (e.g., online merchants), obviating the need for the user to share sensitive personal data directly with each entity (’864 Patent, Abstract; col. 2:1-16).
  • Asserted Claims: At least claims 1-15 (Compl. ¶50).
  • Accused Features: The complaint alleges infringement by the "Middletown Valley Bank Apparatus" generally but does not specify features unique to this patent (Compl. ¶12).

Multi-Patent Capsule: U.S. Patent No. 9,870,453 - "Direct Authentication System and Method Via Trusted Authenticators," issued December 27, 2017

  • Technology Synopsis: As a continuation in the same family as the ’129 Patent, this patent further refines claims directed at a two-factor authentication method. The claims focus on the flow of information between a user, an online entity, and an authentication system that generates a time-limited "SecureCode" to validate a transaction in real-time (’453 Patent, Abstract; col. 13:1-col. 14:51).
  • Asserted Claims: At least claims 1-26 (Compl. ¶54).
  • Accused Features: The complaint alleges infringement by the "Middletown Valley Bank Apparatus" generally but does not specify features unique to this patent (Compl. ¶12).

Multi-Patent Capsule: U.S. Patent No. 10,083,285 - "Direct Authentication System and Method Via Trusted Authenticators," issued September 5, 2018

  • Technology Synopsis: This patent, also from the ’129 Patent family, claims systems and methods for enhancing authentication. The claims detail the process of receiving user-authentication information that includes a code generated by an authentication system, providing a request back to that system for verification, and proceeding with an online transaction based on the response (’285 Patent, Abstract; col. 13:20-60).
  • Asserted Claims: At least claims 1-30 (Compl. ¶58).
  • Accused Features: The complaint alleges infringement by the "Middletown Valley Bank Apparatus" generally but does not specify features unique to this patent (Compl. ¶12).

Multi-Patent Capsule: U.S. Patent No. 10,769,297 - "Centralized Identification and Authentication System and Method," issued August 19, 2020

  • Technology Synopsis: As a continuation in the same family as the ’864 Patent, this patent describes an authentication system for enhancing security. The claims are directed to an online system that receives a request for a "SecureCode," generates it, provides it to the user, and subsequently authenticates the user by evaluating the validity of that code when it is included in a digital authentication request (’297 Patent, Abstract; Compl. ¶20).
  • Asserted Claims: At least claims 1-29 (Compl. ¶62). The complaint provides a detailed, element-by-element infringement analysis for claim 1 of this patent (Compl. ¶¶26-37).
  • Accused Features: The complaint specifically accuses Middletown Valley Bank's two-factor online banking login system of infringing this patent (Compl. ¶¶27-37).

III. The Accused Instrumentality

Product Identification

  • The accused instrumentality is the "Middletown Valley Bank Apparatus," which includes the bank's internet website, back-end systems, and backbone infrastructure used to authenticate users for its online banking services (Compl. ¶22).

Functionality and Market Context

  • The complaint alleges the accused apparatus provides online banking services that require user login and authentication (Compl. ¶27). The system implements "two-factor authentication," described as a security measure that requests a "one-time access code" for logging into digital banking (Compl. ¶28). A screenshot from the bank's website shows an FAQ explaining that this feature "enhances security by creating an identity verification layer in addition to your unique username and password" (Compl. ¶28, p. 9). The user receives this code via SMS text or another electronic method after initiating a login, and the code is alleged to be valid for only a short period of time and for a single use (Compl. ¶28, ¶31, ¶32).

IV. Analysis of Infringement Allegations

The complaint does not provide sufficient detail for analysis of infringement allegations for U.S. Patent Nos. 8281129 and 9703938. The complaint makes only general allegations that the Accused Product satisfies the elements of the asserted claims without mapping specific product functionality to individual claim elements for these patents (Compl. ¶25).

  • Identified Points of Contention:
    • Scope Questions: A central question for the '129 and '938 patents may be whether the claimed architecture, which the patent specification and figures depict as a three-party system (individual, business, and a separate trusted-authenticator), reads on the accused two-party system where Middletown Valley Bank appears to act as both the "entity" providing the online banking service and the "trusted-authenticator" that generates and verifies the authentication code. The complaint alleges the user authenticates with Middletown Valley Bank systems, which suggests the bank serves both roles. This raises the question of whether the claim terms "entity" and "trusted-authenticator" require two distinct entities. The complaint also provides a screenshot of the initial online banking login page, which shows a simple username field before any two-factor process is initiated (Compl. ¶27, p. 8).
    • Technical Questions: The complaint alleges on "information and belief" that the accused system performs various claimed steps, such as "calculating" and "authenticating" a code (Compl. ¶21). A technical point of contention will be what evidence exists to show that the accused back-end system performs the specific functions required by the claims, as opposed to a generic process of generating a random number and checking for a match.

V. Key Claim Terms for Construction

  • The Term: "trusted-authenticator's computer" (from '129 Patent, Claim 1)

    • Context and Importance: The definition of this term is critical to determining whether the patent's three-party model can apply to the Defendant's two-party system. Practitioners may focus on this term because if it must be a computer system of an entity separate from the "entity" with which the user is transacting, the Defendant may have a viable non-infringement defense.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The plain language of claim 1 does not explicitly state that the "trusted-authenticator's computer" must be separate from the "entity's" computer system; it only requires that the two roles (requesting authentication and performing authentication) exist in the method.
      • Evidence for a Narrower Interpretation: The specification repeatedly describes the trusted-authenticator as a distinct entity, such as a user's bank authenticating them for a transaction with a separate business or creditor (’129 Patent, col. 4:11-14). The patent figures also consistently depict the "Business" (20) and "Trusted-Authenticator" (30) as separate boxes in the system diagram (’129 Patent, Fig. 1a, 2a).

  • The Term: "dynamic code" (from '129 Patent, Claim 1)

    • Context and Importance: The characteristics of the accused "one-time code" must align with the scope of this claim term. The dispute may center on whether the Defendant's implementation meets all the properties of the claimed code.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: Claim 1 itself defines the term's key properties: "valid for a predefined time and becomes invalid after being used" (’129 Patent, col. 12:56-58). Any code meeting these functional requirements could fall within the claim's scope.
      • Evidence for a Narrower Interpretation: The specification describes the "dynamic key" or "SecureCode" as an "alphanumeric code" that may have a "non-repeating value" and "be in an encrypted format" (’129 Patent, col. 8:14-22). A defendant could argue that a simple, unencrypted numeric code sent via SMS does not embody the full technical scope of the "dynamic code" as described in the patent.

VI. Other Allegations

  • Indirect Infringement: The complaint makes general allegations of induced and contributory infringement, stating that Defendant's "instructions for operation" lead to infringement (Compl. ¶3, ¶24). However, the complaint does not cite or provide specific examples of such instructions, such as user manuals or developer guides, that would allegedly form the basis for intent.
  • Willful Infringement: The complaint does not explicitly plead willful infringement or allege pre-suit knowledge of the patents-in-suit. The prayer for relief includes a request for enhanced damages under 35 U.S.C. § 284, the statutory remedy for willful infringement, but the factual allegations typically required to support such a claim are not detailed in the complaint body (Compl. p. 16, ¶B).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of architectural scope: can the claims of the lead patents, which describe a three-party authentication framework involving a user, an "entity," and a separate "trusted-authenticator," be construed to cover the accused two-party system where Middletown Valley Bank appears to function as both the entity and the authenticator for its own online banking platform?
  • A key evidentiary question will be one of functional specificity: beyond the high-level description of a two-factor login process, what technical evidence will be presented to demonstrate that the accused system’s back-end software and hardware perform the specific, multi-step methods of receiving requests, "calculating" codes, and "authenticating" identity as narrowly recited in the asserted claims?