DCT
2:25-cv-05670
EasyWeb Innovations LLC v. Socketlabs Acquisition LLC
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: EasyWeb Innovations, LLC (New York)
- Defendant: Socketlabs Acquisition LLC d/b/a Socketlabs (Pennsylvania)
- Plaintiff’s Counsel: Hecht Partners LLP
- Case Identification: 2:25-cv-05670, E.D. Pa., 10/01/2025
- Venue Allegations: Venue is alleged to be proper based on Defendant maintaining regular and established places of business within the Eastern District of Pennsylvania.
- Core Dispute: Plaintiff alleges that Defendant’s Socketlabs email platform infringes a patent related to computer systems that allow individual users to select from multiple security authorization schemes.
- Technical Context: The dispute centers on user authentication technology, specifically the implementation of selectable security levels, a foundational component of modern account security for online services.
- Key Procedural History: The complaint notes that during prosecution, the asserted patent overcame a rejection under 35 U.S.C. § 101. The applicant successfully argued that the claims were not directed to an abstract idea but represented a "concrete improvement in the field" by enabling security scheme selection on a per-user basis, which was asserted to be a technological improvement over the "well understood, routine, or conventional" system-wide security of the era.
Case Timeline
| Date | Event |
|---|---|
| 1999-03-11 | U.S. Patent No. 10,114,905 Priority Date |
| 2018-10-30 | U.S. Patent No. 10,114,905 Issues |
| 2019-04-02 | Date of website capture for Accused Product |
| 2025-10-01 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 10,114,905 - Individual User Selectable Multi-Level Authorization Method for Accessing a Computer System
- Patent Identification: U.S. Patent No. 10,114,905, "Individual User Selectable Multi-Level Authorization Method for Accessing a Computer System," issued October 30, 2018.
The Invention Explained
- Problem Addressed: The complaint alleges that at the time of the invention's priority date, computer access security systems were typically rigid, offering only a single, system-wide authorization scheme that applied to all users equally (Compl. ¶10). This "one-size-fits-all" approach allegedly prevented individual users from choosing a security level that balanced their personal preferences for convenience versus strength (Compl. ¶11).
- The Patented Solution: The invention is a method for providing user-customizable security by allowing each user on a computer system to select a security scheme from a plurality of available options (’905 Patent, Abstract). The key feature is that at least two of the selectable schemes require different amounts or types of identification information to grant access, allowing a user to choose, for example, between a simpler login process and a more secure one requiring additional credentials (’905 Patent, col. 45:25-46:3). The user's selection is then stored in their personal account and used for subsequent authorizations (’905 Patent, col. 45:34-39).
- Technical Importance: The technology provides a framework for personalized, multi-level security within a multi-user computer system, a concept that has become central to modern online account management (Compl. ¶5).
Key Claims at a Glance
- The complaint asserts infringement of claims 1-20 (Compl. ¶30). The independent claims are 1, 9, and 18.
- Independent Claim 1 (Method Claim):
- Prompting a user for a selection of a security scheme from a plurality of schemes.
- A first scheme requires a "specific number" of identification items.
- A second scheme requires "additional identification information beyond that of the first scheme."
- Storing the user's selection as a preference.
- Authorizing access when the selected scheme's requirements are met.
- Independent Claim 9 (Method Claim):
- Prompting a first user for a selection of a first security scheme.
- Storing the first user's selection.
- Prompting a second user for a selection of a second security scheme.
- Storing the second user's selection.
- The first and second security schemes require a "different number of identification information" to be satisfied.
- Authorizing access for each user when their respective selected scheme is satisfied.
- The complaint does not explicitly reserve the right to assert dependent claims, but the general assertion of claims 1-20 covers them.
III. The Accused Instrumentality
Product Identification
- The accused instrumentalities are "all versions and variants of the Socketlabs Website since 2019," which provide access to the Socketlabs email analytics and delivery platform (Compl. ¶19).
Functionality and Market Context
- The complaint focuses on the account security features of the Socketlabs platform (Compl. ¶19). Specifically, it alleges that users can choose between two security configurations for their accounts: a standard login requiring only a username and password, or a more secure login that also requires a two-factor authentication code ("Two-Step Verification") (Compl. ¶20, 24-25).
- The complaint provides a reproduction of a Socketlabs help page explaining Two-Step Verification, which describes it as an "additional security feature" that users can enable for their individual accounts (Compl. ¶20). The instructions detail how a user can log in, navigate to a security menu, and enable the feature, which then requires a verification code from a personal device for future logins (Compl. ¶20).
IV. Analysis of Infringement Allegations
U.S. Patent No. 10,114,905 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| prompting the particular user of the computer system for a selection of a particular security scheme from among the plurality of security schemes... | The Socketlabs platform provides a user interface with a security settings prompt that allows users to select a security scheme, such as enabling or disabling Two-Step Verification (2FA). | ¶22 | col. 45:25-29 |
| wherein a first of the plurality of security schemes requires a specific number of identification information to authorize the particular user... | When Two-Step Verification is not enabled, the platform requires two pieces of identification information: a username and a password. | ¶24 | col. 45:29-32 |
| and a second of the plurality of security schemes requires additional identification information beyond that of the first scheme to authorize the particular user; | When Two-Step Verification is enabled, the platform requires three pieces of identification information: a username, a password, and a two-factor authentication code. | ¶25 | col. 45:32-34 |
| storing the selection as a preference in the particular user's storage area; | The user's choice to enable or disable 2FA is stored in their user account storage area so that the system applies the selected scheme for subsequent login attempts. | ¶23, 26 | col. 45:34-36 |
| and thereafter authorizing the particular user to access the computer system when the selected security scheme of the particular user is satisfied. | The system grants access to the user's account only after the user provides the credentials required by their selected scheme (either username/password alone or username/password plus the 2FA code). | ¶27 | col. 45:37-39 |
Identified Points of Contention
- Scope Questions: The dispute may turn on whether offering an optional, enhanced security feature like 2FA constitutes providing a "plurality of security schemes" from which a user "selects." A central question for the court could be whether enabling or disabling 2FA is a selection between distinct schemes, as required by the claim, or merely a modification within a single, overarching security framework.
- Technical Questions: The analysis may focus on whether the user interface for security settings in the Accused Products performs the act of "prompting" as contemplated by the patent. The question could be raised whether providing an option within a settings menu that a user must actively navigate to constitutes "prompting the... user for a selection."
V. Key Claim Terms for Construction
- The Term: "plurality of security schemes"
- Context and Importance: The definition of this term is central to the infringement analysis. The plaintiff's case relies on the premise that a standard login and a 2FA-enabled login are two distinct "schemes." Defendant may argue that this is merely a single scheme with an optional security layer, not a "plurality" of different schemes. Practitioners may focus on this term because its construction could be dispositive of infringement.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: Claim 1 itself defines the difference between the two required schemes as one requiring "additional identification information beyond that of the first," and Claim 9 defines it as requiring a "different number of identification information." This language may support an interpretation where any selectable configuration that alters the number of required credentials qualifies as a distinct "scheme." (’905 Patent, col. 45:29-34, col. 46:25-29).
- Evidence for a Narrower Interpretation: The patent title refers to "Multi-Level Authorization." A defendant could argue that this implies more distinct and separate levels of security than merely toggling a single authentication factor. However, the specification provides limited language to support a narrower construction beyond the plain meaning of the claim language itself.
VI. Other Allegations
- Indirect Infringement: The complaint alleges inducement of infringement under 35 U.S.C. § 271(b), asserting that Defendant provides "instructions, documentation, and other information," such as the online help page, that encourage and instruct customers to use the Socketlabs platform in an infringing manner (Compl. ¶34). The complaint also alleges contributory infringement under § 271(c), stating that the accused components are not staple articles of commerce and have no substantial non-infringing uses (Compl. ¶35).
- Willful Infringement: The complaint does not provide sufficient detail for analysis of willful infringement.
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: does the act of enabling or disabling a two-factor authentication feature on a user account constitute "selecting" from a "plurality of security schemes" as defined by the patent claims, or is it merely the configuration of a single, unified security system?
- A second key issue will be one of patent eligibility: given the complaint's extensive pre-emptive defense of the patent's validity under 35 U.S.C. § 101, a central question for the court will be whether the claims are directed to a patent-ineligible abstract idea (e.g., tiered access control) or to a specific and concrete technological improvement over conventional, system-wide security architectures of the late 1990s.