Plano Encryption Tech LLC v. Independent Bank

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Plano Encryption Technologies, LLC (Texas)
  • Defendant: Independent Bank (Texas)
  • Plaintiff’s Counsel: Pitcock Law Group
• Case Identification: 2:15-cv-01382, E.D. Tex., 07/31/2015
• Venue Allegations: Plaintiff alleges venue is proper because Defendant is located, transacts business, and has committed alleged acts of infringement within the Eastern District of Texas.
• Core Dispute: Plaintiff alleges that Defendant’s mobile banking platform, including its servers and mobile applications, infringes patents related to secure key distribution and remote software authentication.
• Technical Context: The patents-in-suit address foundational technologies for secure client-server communications and digital rights management, which are critical for applications like e-commerce and digital content delivery on open computing platforms.
• Key Procedural History: The complaint notes that Plaintiff provided Defendant with notice of the asserted patents via letters on or about May 14, 2015, and June 1, 2015, prior to filing the lawsuit.

Case Timeline

Date	Event
1997-12-12	U.S. Patent No. 5,974,550 Priority Date
1997-12-18	U.S. Patent No. 5,991,399 Priority Date
1999-10-26	U.S. Patent No. 5,974,550 Issue Date
1999-11-23	U.S. Patent No. 5,991,399 Issue Date
2015-05-14	Plaintiff provides first notice to Defendant
2015-06-01	Plaintiff provides second notice to Defendant
2015-07-31	Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 5,991,399, Method for Securely Distributing a Conditional Use Private Key to a Trusted Entity on a Remote System, issued November 23, 1999 (’399 Patent)

The Invention Explained

• Problem Addressed: The patent describes the vulnerability of open computing platforms like the personal computer (PC), where software for accessing encrypted digital content (e.g., a DVD player application) could be "hacked" to extract a decryption key, enabling unauthorized copying. (’399 Patent, col. 2:12-24, 2:53-60). The patent seeks to solve the problem of distributing decryption keys without pre-loading a universal, static key into the player software. (’399 Patent, col. 2:60-68).
• The Patented Solution: The invention proposes a dynamic system where a server generates a unique asymmetric key pair for a specific transaction. A private key from this pair, along with other data, is "wrapped into an executable tamper resistant key module." (’399 Patent, Abstract). This module is sent to the remote "trusted player" application. The module is designed to "plug-in" to the player, validate the player's integrity, and only then provide the key to decrypt the content, preventing the key from being easily intercepted. (’399 Patent, col. 4:1-7; Fig. 2).
• Technical Importance: This method provided a framework for digital rights management (DRM) on open systems by binding a dynamically generated, conditional-use key to a specific, authenticated software instance. (’399 Patent, col.3:5-12).

Key Claims at a Glance

• The complaint asserts independent claim 1 and dependent claim 9. (Compl. ¶10).
• Independent Claim 1 recites a method of securely distributing data with the essential elements:
  • generating an asymmetric key pair having a public key and a private key;
  • encrypting predetermined data with the generated public key;
  • building an executable tamper resistant key module identified for a selected program, the executable tamper resistant key module including the generated private key and the encrypted predetermined data.

U.S. Patent No. 5,974,550, Method for Strongly Authenticating Another Process in a Different Address Space, issued October 26, 1999 (’550 Patent)

The Invention Explained

• Problem Addressed: The patent addresses the shortcomings of conventional challenge-response protocols, which can verify that two parties share a secret but cannot ensure that one of the parties' software has not been tampered with or "hacked," particularly when communicating over a network. (’550 Patent, col. 1:11-32).
• The Patented Solution: The invention describes a method where a first process ("Process A") authenticates a second, remote process ("Process B"). Process A creates a "tamper resistant module" containing a temporary secret and sends it, along with a challenge, to Process B. (’550 Patent, Fig. 2, step 102). Process B executes this module, which first verifies the integrity of Process B (e.g., by checking its code signature). (’550 Patent, Fig. 2, step 104). Only upon successful verification does the module reveal the secret, which Process B then uses to correctly encode the challenge and prove its authenticity to Process A. (’550 Patent, Fig. 2, steps 106, 110).
• Technical Importance: This technology offered a method for establishing high-assurance trust between separate software processes by dispatching a trusted software "agent" to verify the remote process's code integrity before completing a cryptographic authentication handshake. (’550 Patent, col. 2:20-34).

Key Claims at a Glance

• The complaint asserts independent claim 14. (Compl. ¶17).
• Independent Claim 14 recites an apparatus for authenticating a first process, with the essential elements:
  • a processing unit and a storage medium with instructions for a "first process";
  • the instructions, when executed, cause the first process to:
    • receive a tamper resistant module from a second process;
    • initiate execution of the tamper resistant module;
    • recover a secret from the module when the integrity of the first process is verified by the module;
    • receive a challenge from the second process;
    • encode the challenge using the secret to produce a response; and
    • send the response to the second process.

III. The Accused Instrumentality

• Product Identification: The accused instrumentalities are Independent Bank’s mobile banking platform, which includes its servers and mobile applications used for secure online banking. (Compl. ¶11, ¶18).
• Functionality and Market Context: The complaint alleges that the accused platform facilitates secure transactions between the bank's servers and its customers' mobile devices. This involves using an "SSL handshake process" with asymmetric key pairs to establish a secure communication channel. (Compl. ¶11). The platform is also alleged to authenticate a "first process (Independent Bank's mobile app)" which operates in a different address space from a "second process (running on Independent Bank's server)." (Compl. ¶18). The complaint further alleges that the mobile apps use certificates to verify their integrity. (Compl. ¶14, ¶21). No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

’399 Patent Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
generating an asymmetric key pair having a public key and a private key;	Defendant’s computers and/or servers allegedly generate asymmetric key pairs with a public and private key as part of the SSL handshake process between its servers and mobile apps.	¶11	col. 9:56-58
encrypting predetermined data with the generated public key;	As part of the SSL handshake process, predetermined data is allegedly encrypted with a public key of an asymmetric key pair.	¶12	col. 9:59-60
building an executable tamper resistant key module identified for a selected program, the executable tamper resistant key module including the generated private key and the encrypted predetermined data.	Defendant’s servers and mobile apps allegedly "build an executable tamper resistant key module identified for the mobile app program." This module is alleged to include the generated private key and the encrypted data, and is described as "tamper resistant" and necessary for the mobile app to function.	¶13	col. 9:61-64

’550 Patent Infringement Allegations

Claim Element (from Independent Claim 14)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
a processing unit for executing programming instructions; and a storage medium having stored therein...	The accused apparatus is alleged to be a mobile device with a processing unit and local storage media on which the Independent Bank mobile app is downloaded and its instructions are stored.	¶19	col. 5:2-4
receive a tamper resistant module from the second process,	The mobile apps are alleged to receive a "tamper resistant module." The complaint alleges that when the app is launched, it creates an SSL tunnel and the application "contains the tamper resistant module, which uses data from the server to recover an embedded secret."	¶20	col. 6:26-29
initiate execution of the tamper resistant module,	The complaint alleges that "When the app is launched, the app creates an SSL tunnel connection" and that the "application contains the tamper resistant module," implying its execution.	¶20	col. 6:29-30
recover a secret embedded in the tamper resistant module when the integrity of the first process is verified during execution of the tamper resistant module,	The complaint alleges that a "code signature validation check is performed" to "verify that the application code is the same as it was at the last update or when the app was installed," which verifies the integrity of the process. It is also alleged that the module uses data from the server to "recover an embedded secret."	¶20-21, ¶22	col. 6:30-35
receive a challenge from the second process,	The mobile apps allegedly "receive challenges from the second process," which may be a security question or a code sent to the mobile phone.	¶23	col. 6:35-36
encode the challenge using the secret to produce a response, and	The mobile apps allegedly encode the received challenges "using the secret to produce a response."	¶23	col. 6:36-38
send the response to the second process.	The mobile apps allegedly "send the response to the second process (running at the server)."	¶23	col. 6:39-40

• Identified Points of Contention:
  • Scope Questions: A central question for both patents is whether standard security protocols like SSL/TLS and application code-signing fall within the scope of the claimed "executable tamper resistant key module" or "tamper resistant module." The defense may argue that the patents describe a very specific type of obfuscated, self-decrypting software agent created by a special compiler, which is structurally and functionally distinct from the standardized libraries and operating-system-level checks used in modern mobile banking.
  • Technical Questions: The infringement allegations for both patents depend on the precise architecture of Defendant's system. For the ’399 Patent, a key question is whether the system "builds" a new module for a transaction, as the patent seems to require, or merely uses established, pre-existing cryptographic libraries. For the ’550 Patent, a question is whether the mobile app truly "receives" a module from the server that then inspects the app, or if the app's integrity is checked by the operating system or server through other means not contemplated by the patent's specific method.

V. Key Claim Terms for Construction

• The Term: "executable tamper resistant key module" (’399 Patent, claim 1) and "tamper resistant module" (’550 Patent, claim 14)
• Context and Importance: This term is the core of the inventions and the infringement case. The definition will determine whether the accused system's use of modern security protocols like SSL and code signing can be considered infringing. Practitioners may focus on this term because its construction could be dispositive of the entire case.
• Intrinsic Evidence for Interpretation:
  • Evidence for a Broader Interpretation: The Plaintiff may point to general language describing the module's function, such as software that is "resistant to observation and modification" and can "operate as intended even in the presence of a malicious attack." (’550 Patent, col. 2:50-53).
  • Evidence for a Narrower Interpretation: The defense may cite more specific descriptions, such as a module created by a "tamper resistant compiler" that replaces plain-text source code with an "obfuscated," "self-decrypting" image that will fail to execute if altered. (’399 Patent, col. 5:52–6:1; ’550 Patent, col. 2:55–62). This specific implementation may be argued as a definitional limitation.

VI. Other Allegations

• Indirect Infringement: The complaint alleges Defendant has "committed and/or induced acts of patent infringement." (Compl. ¶5). However, the detailed infringement counts focus on Defendant's direct infringement through its own use of the accused systems, and the complaint does not plead specific facts to support a claim of inducement, such as actions taken to encourage infringement by a third party. (Compl. ¶10-23).
• Willful Infringement: The complaint alleges that Plaintiff provided pre-suit notice to Defendant via letters on May 14 and June 1, 2015. (Compl. ¶9, ¶16). The prayer for relief seeks enhanced damages based on alleged "knowing, deliberate, and willful" conduct. (Compl., Prayer for Relief ¶3). This claim appears to be based on alleged knowledge of the patents at least as of the notice dates.

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: Can the term "tamper resistant module," which the patent specifications describe as a specific type of obfuscated, self-decrypting software agent, be construed broadly enough to read on the components of a standard SSL/TLS handshake or an operating system's native code signature verification, as allegedly used in the accused mobile banking platform?
• A key evidentiary question will be one of architectural correspondence: Does the accused system's actual operation match the specific steps recited in the claims? For instance, does the bank's server "build" and "send" a distinct software module to the mobile app for authentication, as described in the patents, or does the system rely on a fundamentally different security architecture based on standard certificate exchange and pre-installed cryptographic libraries, raising a question of factual mismatch with the claimed methods and apparatuses.