DCT

3:25-cv-01335

Benedortse LLC v. Wells Fargo Bank NA

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 3:25-cv-01335, M.D. Tenn., 11/17/2025
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant Wells Fargo has committed acts of infringement in the district and maintains a regular and established place of business there, including a specific bank branch in Nashville, Tennessee.
  • Core Dispute: Plaintiff alleges that Defendant’s Wells Fargo Mobile banking application infringes patents related to methods for secure electronic transaction authorization that use encrypted user and device identifiers.
  • Technical Context: The technology addresses multi-factor authentication for online financial transactions by using a customer's personal device as a security factor, aiming to prevent fraud without exposing sensitive financial data to merchants or other third parties.
  • Key Procedural History: The complaint alleges that Defendant had pre-suit knowledge of the asserted patents, citing the fact that at least 66 of Defendant’s own issued U.S. patents reference the ’713 Patent as relevant prior art. This allegation forms the primary basis for the claim of willful infringement.

Case Timeline

Date Event
2000-12-01 Priority Date for ’713 and ’979 Patents
2013-06-11 U.S. Patent No. 8,463,713 Issues
2016-07-26 U.S. Patent No. 9,400,979 Issues
2022-03-04 Defendant allegedly cites ’713 Patent in prosecution of its own patent
2025-11-17 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,400,979 - "Transactional Security Over a Network"

The Invention Explained

  • Problem Addressed: The patent’s background section, read in conjunction with the complaint, identifies the inadequacy of "single-factor" authentication (e.g., username and password) for securing online transactions and the security risks posed by transmitting unencrypted financial data to merchants, who could then store it vulnerably (Compl. ¶¶8-9; ’979 Patent, col. 2:11-23). It also notes the cumbersome nature of early multi-factor authentication systems that required separate physical tokens or digital certificates (Compl. ¶¶10-11).
  • The Patented Solution: The invention proposes a method where a user's computing device itself acts as a second authentication factor. Software on the device generates an encrypted data package by combining a user-specific identifier with a device-specific "hardware identifier." This encrypted code is transmitted to a financial institution for verification, which can then authorize a transaction without the merchant ever receiving or storing the user's sensitive information, such as a full credit card number (’979 Patent, Abstract; col. 11:45-50).
  • Technical Importance: This approach sought to implement a more secure, two-factor authentication system for mass-market e-commerce that was more convenient than prior methods by leveraging the user's existing personal device (Compl. ¶¶14, 16).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 1 (Compl. ¶39).
  • The essential elements of Claim 1 include:
    • Receiving an entered password from a user via a graphical user interface.
    • Determining if the entered password is valid.
    • Based on a valid password, reading a hardware identifier from the user's device.
    • Determining if the hardware identifier is valid.
    • Based on a valid hardware identifier, retrieving a user agreement identifier.
    • Creating an encrypted user code by encrypting the user agreement identifier and the hardware identifier.
    • Transmitting the encrypted user code to a provider in a request for a transaction authorization decision.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 8,463,713 - "System and Method for Secure Transaction Authorization"

The Invention Explained

  • Problem Addressed: As the parent to the ’979 Patent, this patent addresses the same fundamental problem: the "inability to provide a convenient and secure payment system" was "hampering e-commerce" (’713 Patent, col. 1:51-54). Conventional systems required customers to provide private information to merchants, creating security vulnerabilities (Compl. ¶¶8-9).
  • The Patented Solution: The ’713 Patent describes a system and method where customer information is encrypted into a "customer code" on the user's device. This code, which includes identifiers for both the user and the device hardware, is then passed to a merchant and forwarded to a "verification entity" (e.g., a financial institution) for decryption and authorization (’713 Patent, Abstract). The system architecture, illustrated in Figure 1, depicts the distinct roles of the customer's computer (100), the merchant site (140), and the financial institution (150) in this secure flow (’713 Patent, col. 14:11-37).
  • Technical Importance: The invention provided a framework for conducting secure online transactions by using the customer's device as a token, thereby linking a transaction to a specific, verified device in addition to a verified user credential (Compl. ¶16).

Key Claims at a Glance

  • The complaint asserts at least independent Claim 13 (Compl. ¶48).
  • The essential elements of Claim 13 include:
    • Receiving an entered password from a user via a graphical user interface.
    • Determining if the entered password is valid.
    • Based on a valid password, reading a hardware identifier from the user's device.
    • Determining if the hardware identifier is valid.
    • Based on a valid hardware identifier, retrieving a user agreement identifier.
    • Creating an encrypted user code by encrypting the user agreement identifier and the hardware identifier.
    • Transmitting the encrypted user code to a provider in a request for an authorization decision.
  • The complaint does not explicitly reserve the right to assert dependent claims.

III. The Accused Instrumentality

Product Identification

  • The "Wells Fargo Mobile" application for iOS and Android devices, operating in conjunction with Wells Fargo's supporting computer systems (Compl. ¶23).

Functionality and Market Context

  • The Accused Instrumentality is a mobile banking application that allows customers to access financial accounts and authorize transactions, including remote check deposits, funds transfers, and bill payments (Compl. ¶¶23, 28). The complaint alleges that authentication through the accused features is a necessary prerequisite for performing these core banking functions within the app (Compl. ¶31).
  • The complaint alleges the application is highly significant to Defendant's business, citing 26 million quarterly active users in late 2020 and over $34 billion in revenue reported by the corresponding business division in 2020 (Compl. ¶27).

No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

’979 Patent Infringement Allegations

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
receiving, into a graphic user interface of a computerized device, an entered password from a user The Wells Fargo Mobile app receives a user's password via its graphical login interface. ¶39(a) col. 30:55-58
determining, by a processor of said computerized device, whether said entered password is valid The system determines if the entered password is correct for the user's account. ¶39(b) col. 31:1-3
based on said password being valid, reading, by said processor, a hardware identifier from hardware of said computerized device After password validation, the app reads a device-specific hardware identifier, such as a digital serial number, from the user's device. ¶39(c) col. 31:4-7
determining, by said processor, whether said hardware identifier is valid The system determines whether the device identifier is recognized for the user's account. ¶39(d) col. 31:8-11
based on said hardware identifier being valid, retrieving, by said processor, a user agreement identifier...from a storage media of said computerized device The app retrieves a stored user identifier that corresponds to the user's account with Wells Fargo. ¶39(e) col. 31:12-16
creating, by said processor, an encrypted user code by encrypting said user agreement identifier and said hardware identifier The app creates encrypted data that includes both the user identifier and the device identifier. ¶39(f) col. 31:17-20
transmitting, by an input and output device...said encrypted user code to a provider in a transaction request for a transaction authorization decision The app transmits the encrypted data to Wells Fargo's servers to request authorization for the transaction. ¶39(g) col. 31:21-25

’713 Patent Infringement Allegations

Claim Element (from Independent Claim 13) Alleged Infringing Functionality Complaint Citation Patent Citation
receiving, into a graphic user interface of a computerized device, an entered password from a user The Wells Fargo Mobile app receives a user-entered password through a graphical login screen. ¶48(a) col. 35:5-8
determining, by a processor, whether said entered password is valid The system checks whether the entered password is correct. ¶48(b) col. 35:9-12
based on said password being valid, reading, by said processor, a hardware identifier from hardware of said computerized device Upon validation, the app reads a hardware identifier from the user's mobile device. ¶48(c) col. 35:13-16
determining, by said processor, whether said hardware identifier is valid The system determines if the hardware identifier is valid or recognized for that user. ¶48(d) col. 35:17-20
based on said hardware identifier being valid, retrieving, by said processor, a user agreement identifier from a storage media The app retrieves a user-agreement identifier corresponding to the user's account. ¶48(e) col. 35:21-25
creating, by said processor, an encrypted user code by encrypting said user agreement identifier and said hardware identifier The system creates encrypted user data by combining the user-agreement identifier and the hardware identifier. ¶48(f) col. 35:26-29
transmitting, by said input and output device...said encrypted user code to a provider in a request for an authorization decision The app transmits the encrypted data to Wells Fargo in a request for an authorization decision. ¶48(g) col. 35:30-36
  • Identified Points of Contention:
    • Scope Questions: A central dispute may arise over the term "hardware identifier." The complaint suggests this could be "like a digital serial number," while the patent specification gives examples of serial numbers from physical components like a "motherboard, the hard drives, the processor, etc." (’713 Patent, col. 8:13-15). The question for the court will be whether the unique device identifiers available through modern mobile operating systems (which are sometimes software-based and resettable for privacy) fall within the scope of the claimed "hardware identifier."
    • Technical Questions: The complaint alleges on "information and belief" that the accused app reads a hardware identifier and retrieves a user identifier from storage. A key factual question will be what evidence the Plaintiff can present to demonstrate that the Wells Fargo Mobile app performs these specific technical steps, in the claimed sequence, as opposed to using alternative authentication methods such as session tokens or other software-based credentials.

V. Key Claim Terms for Construction

  • The Term: "hardware identifier"

  • Context and Importance: This term appears in the independent claims of both asserted patents and is foundational to the infringement theory. Infringement depends on whether the identifier allegedly used by the Wells Fargo Mobile app constitutes a "hardware identifier" as contemplated by the patents. Practitioners may focus on this term because its construction could be dispositive; a narrow construction limited to physical serial numbers might enable a non-infringement defense if the accused app uses a software-based or OS-level identifier.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The claims themselves simply require reading "a hardware identifier from hardware of the user's device" without further limiting its specific form (’979 Patent, Claim 1). Plaintiff may argue this language is broad enough to cover any identifier that is unique to the device's hardware, regardless of how it is accessed.
    • Evidence for a Narrower Interpretation: The specification provides a specific, limiting list of examples: "unique hardware identifiers (such as serial numbers from the motherboard, the hard drives, the processor, etc.)" (’713 Patent, col. 8:13-15). Defendant may argue this list defines the scope of the term and excludes software-derived or non-permanent identifiers common in mobile devices.

  • The Term: "retrieving a user-agreement identifier from a storage media"

  • Context and Importance: This step requires a specific action—retrieving a pre-existing identifier from storage on the user's device after password and hardware validation. The infringement analysis will depend on whether the accused app performs this precise sequence. If the app instead generates a user identifier on-the-fly or receives a temporary token from the server without performing this specific "retrieval from storage" step, it may create a basis for a non-infringement argument.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification describes the "customer identifier string" as a code used by the financial institution to identify the customer, which is stored on the device (’713 Patent, col. 11:1-3; col. 14:48-51). Plaintiff may argue that any process that accesses a stored, persistent value identifying the user on the device meets this limitation.
    • Evidence for a Narrower Interpretation: The claim language recites a clear sequence of events: password validation, then hardware validation, then retrieving the identifier. Defendant may argue that this requires fetching a static, stored data element and would not read on systems where a session-specific credential or token is used, which is not "retrieved" in the same manner.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges both inducement and contributory infringement. The inducement claim is based on allegations that Wells Fargo encourages and instructs its customers to use the infringing authentication features of the mobile app (Compl. ¶¶41, 49). The contributory infringement claim asserts that the Wells Fargo Mobile app is a material component of the invention, is not a staple article of commerce, and is known by Defendant to be specially adapted for infringing use (Compl. ¶¶42, 50).
  • Willful Infringement: The complaint alleges willful infringement based on Defendant's alleged pre-suit knowledge of the patents-in-suit. The primary factual basis for this allegation is that Defendant's own patent portfolio includes at least 66 patents that cite the ’713 Patent as prior art, including a specific instance where Defendant cited the patent during prosecution on March 4, 2022 (Compl. ¶¶25-26).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of "definitional scope": can the term "hardware identifier," rooted in the patent's examples of physical component serial numbers, be construed to cover the unique device identifiers surfaced by modern mobile operating systems, which may be software-based and resettable for user privacy?
  • A key evidentiary question will be one of "technical implementation": what is the precise nature of the user and device identifiers that the Wells Fargo Mobile app accesses, and does the app's authentication process follow the specific sequence of retrieving these identifiers from device storage as required by the asserted claims?
  • A central question for damages will be one of "willfulness": do the allegations that Defendant cited the ’713 Patent as prior art during its own patent prosecution activities establish pre-suit knowledge sufficient to support a finding of willful infringement and potential enhancement of damages?