DCT
4:24-cv-00931
Texas Secure Authentication LLC v. Fifth Third Bank National Association
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Texas Secure Authentication, LLC (Texas)
- Defendant: Fifth Third Bank, National Association (District of Columbia)
- Plaintiff’s Counsel: Sand, Sebolt & Wernow Co., LPA; Banie & Ishimoto LLP
- Case Identification: 4:24-cv-00931, N.D. Ohio, 05/28/2024
- Venue Allegations: Venue is alleged to be proper based on Defendant maintaining regular and established places of business within the Northern District of Ohio.
- Core Dispute: Plaintiff alleges that Defendant’s online banking services, specifically its multi-factor authentication functionalities, infringe a patent related to methods for managing interactions between data structures using dynamic software "registers."
- Technical Context: The patent describes a system for organizing and managing information in networked environments using intelligent, evolving data objects, a concept aimed at overcoming the static nature of content on the early internet.
- Key Procedural History: The patent-in-suit expired in February 2019. The complaint references a 2011 recommendation from the Federal Financial Institutions Examination Council (FFIEC) regarding multi-factor authentication, which may be relevant to the timeline of the accused technology's adoption.
Case Timeline
| Date | Event |
|---|---|
| 1998-01-30 | '682 Patent Priority Date |
| 2011-01-18 | '682 Patent Issue Date |
| 2011-06-29 | FFIEC recommends multi-factor authentication for business customers |
| 2017-06-18 | Article notes Fifth Third app offers multi-factor authentication |
| 2019-02-25 | '682 Patent Expiration Date |
| 2024-05-28 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 7,873,682 - "System and method for creating and manipulating information containers with dynamic registers"
- Patent Identification: U.S. Patent No. 7,873,682, "System and method for creating and manipulating information containers with dynamic registers," issued January 18, 2011.
The Invention Explained
- Problem Addressed: The patent’s background section describes a problem with early computer networks where content, such as a document, "remains inert, except by the direct intervention of users" and is not modified by usage patterns or the existence of other content on the network (’682 Patent, col. 2:1-5). This static nature limited the utility and "possibility of evolution" of online information (Compl. ¶15; ’682 Patent, col. 2:29).
- The Patented Solution: The invention proposes a system of "information containers" that are made interactive through the use of "dynamic registers" (’682 Patent, col. 2:61-64). A "container" is a logical data structure that holds information, and its "registers" are appended values that define rules for how that container interacts with other containers and system components (’682 Patent, col. 9:4-8, 9:20-25). These registers can evolve over time based on network activity, allowing for what the patent calls the "dynamic governance of information" (Compl. ¶17; ’682 Patent, col. 13:48-50).
- Technical Importance: This approach sought to create a more intelligent and adaptable information architecture for networks, where data objects could self-manage and evolve based on their interaction history and context, thereby upgrading network utility (’682 Patent, col. 2:65-3:4).
Key Claims at a Glance
- The complaint asserts independent claim 1 and dependent claims 6 and 7 (Compl. ¶28).
- Independent Claim 1 recites a computer-implemented method with the following key steps:
- Determining identification information for a first container using a first gateway.
- Determining identification information for a second container using a second gateway.
- Determining if an interaction between the containers can occur using the first gateway and a first register of the first container.
- Determining if the interaction can occur using the second gateway and a second register of the second container.
- Performing the interaction prescribed by the first gateway and first register if the interaction can occur.
- Wherein the gateways collect and store register information from the containers, including container interaction information.
III. The Accused Instrumentality
Product Identification
- The "Accused Instrumentality" comprises Fifth Third Bank’s Online Banking services, including its website (www.53.com) and the "Fifth Third app" (Compl. ¶¶3, 27-28).
Functionality and Market Context
- The complaint focuses on the multi-factor authentication (MFA) functions of the accused services (Compl. ¶28). These functions are alleged to determine identification information and securely authenticate users, for example, to "prevent logins from unrecognized devices" (Compl. ¶27). The complaint also alleges that the bank’s server places a "cookie" on the user's computer as part of the accused method (Compl. ¶31).
IV. Analysis of Infringement Allegations
The complaint incorporates a claim chart as Exhibit B, which was not available for this analysis (Compl. ¶30). The infringement theory is based on the narrative allegations in the complaint.
’682 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a computer-implemented method, comprising: determining identification information for a first container using a first gateway; | The complaint alleges Fifth Third Bank's website and app employ MFA methods that determine identification information. This suggests a user's device or browser session is the "first container." | ¶28, ¶29 | col. 29:50-54 |
| determining identification information for a second container using a second gateway; | This suggests Fifth Third's server-side authentication system is the "second container." The complaint alleges the use of "unconventional software structures" to determine identification (Compl. ¶12). | ¶28, ¶29 | col. 29:55-57 |
| determining whether an interaction between the first container and the second container can occur using the first gateway and a first register of the first container; | The complaint alleges that a browser "cookie" placed on a user's computer is part of the infringing method, which may map to the "first register." The interaction is the authentication/login attempt. | ¶19, ¶31 | col. 29:58-61 |
| determining whether the interaction between the first container and the second container can occur using the second gateway and a second register of the second container; | The complaint alleges the MFA methods employ "Password," and "Online Banking PIN" functions, which may map to the "second register" of the bank's server-side "container." | ¶19, ¶28 | col. 30:1-4 |
| performing the interaction between the first and second containers prescribed by the first gateway and the first register...if the interaction...can occur... | The MFA system grants or denies user access ("performing the interaction") based on the information exchanged between the user's device and the bank's servers. | ¶20, ¶24 | col. 30:13-18 |
| wherein the first gateway and the second gateway collect and store register information from the first container and the second container... | The complaint's description of "dynamic governance of information" suggests that the system learns from interactions, which could correspond to collecting and storing register information. The complaint includes a flowchart, FIG. 5, to illustrate the patented method of modifying registers to achieve dynamic information modification (Compl. p. 8, ¶21). | ¶20, ¶21 | col. 30:19-24 |
- Identified Points of Contention:
- Scope Questions: A central issue may be whether the patent’s terms, originating from a 1998 priority date and focused on dynamic content management, can be construed to cover the components of a modern multi-factor authentication security protocol. For example, does the term "container" as described in the patent read on a user's transient browser session and a bank's authentication server?
- Technical Questions: The complaint alleges that a browser "cookie" is part of the infringing method (Compl. ¶31). A technical question is what evidence demonstrates that a standard HTTP cookie performs the function of a "register" that actively "prescribe[s]" an interaction, as required by claim 1, rather than merely storing state information.
V. Key Claim Terms for Construction
The Term: "container"
- Context and Importance: The plaintiff’s theory requires a broad definition of "container" to encompass abstract entities like a user's browser session or a server-side authentication process. The defense may argue for a narrower definition tied to the patent's examples. Practitioners may focus on this term because its scope is fundamental to whether the patent applies to the accused MFA technology at all.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification defines a container as a "logically defined data enclosure" that can encapsulate "any element or digital segment...or set of digital segments, or...any system component or process" (’682 Patent, col. 9:4-8).
- Evidence for a Narrower Interpretation: The patent’s detailed examples and figures often depict containers as organizing more traditional data objects like documents, databases, and files (e.g., FIG. 3A, elements 10800000, 10700000), which could suggest a primary focus on content management rather than security protocols.
The Term: "register"
- Context and Importance: The infringement allegation appears to map a browser cookie to the claimed "register". The viability of this mapping depends on the term's construction.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification describes registers as "interactive dynamic values appended to the logical enclosure of an information container" that "serve to govern the interaction of that container" (’682 Patent, col. 9:20-23).
- Evidence for a Narrower Interpretation: The patent provides an extensive list of specific, purpose-built registers, such as those for time, space, ownership, value, and identity (FIG. 4; ’682 Patent, col. 14:30-55). This could support an argument that a "register" is a more complex and structured metadata element than a standard HTTP cookie.
VI. Other Allegations
- Indirect Infringement: The complaint does not allege indirect infringement; the single count is for direct infringement under 35 U.S.C. § 271(a) (Compl. ¶¶25-34).
- Willful Infringement: The complaint does not contain factual allegations to support a claim for willful infringement, such as pre-suit knowledge of the patent or infringement. The prayer for relief includes a request for enhanced damages, which is a standard inclusion (Compl. ¶B, p. 11).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the patent's key terms "container" and "register", which originate in the context of 1990s-era dynamic content management, be construed to read on the functionally distinct components of a modern multi-factor authentication system, such as a user's browser, a bank's server, and HTTP cookies?
- A key evidentiary question will be one of functional operation: does the accused system, particularly the browser cookie, perform the specific active role of "prescrib[ing]" and "govening" an interaction as required by Claim 1, or does it perform a more passive state-keeping function that falls outside the claim's scope?