Jabaa LLC v. Five Below Inc

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Jabaa, LLC (Maine)
  • Defendant: Five Below, Inc. (Pennsylvania)
  • Plaintiff’s Counsel: KENT & RISLEY LLC
• Case Identification: 2:21-cv-00461, E.D. Tex., 12/20/2021
• Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant operates regular and established places of business (retail stores) within the district and has committed acts of infringement there.
• Core Dispute: Plaintiff alleges that Defendant’s Five Below smartphone application infringes a patent related to using a biometric apparatus to secure online transactions.
• Technical Context: The patent addresses securing e-commerce and other online interactions by using a combination of biometric (fingerprint) and cryptographic authentication to verify both the user and the legitimacy of a website.
• Key Procedural History: The complaint alleges that Plaintiff provided Defendant with notice of infringement via a letter dated December 13, 2021, seven days before filing suit. A U.S. Patent and Trademark Office Inter Partes Review Certificate, included with the patent documents, indicates that all claims (1-24) of the patent-in-suit were cancelled as a result of an IPR proceeding, with the certificate issued on June 24, 2025, subsequent to the filing of this complaint. The cancellation of all asserted claims raises a fundamental question about the viability of the action.

Case Timeline

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,480,637 - "Internet Transaction Authentication Apparatus, Method, And System For Improving Security Of Internet Transactions"

The Invention Explained

• Problem Addressed: The patent's background describes the increasing threat of internet fraud, specifically "cloned" or fraudulent websites used to steal personal data and the use of malware like Trojan Horse programs to capture passwords and PINs from a user's computer (’637 Patent, col. 2:8-26).
• The Patented Solution: The invention is a self-contained, portable hardware device—referred to as an Internet Transaction Authentication (ITA) apparatus—that moves the security process off the potentially compromised host computer. This device, envisioned as a USB dongle or wireless card, contains its own processor and fingerprint sensor to biometrically verify the user and cryptographically authenticate a website, thereby performing the "complete transaction...entirely within the ITA, itself" (’637 Patent, Abstract; Fig. 1A). This creates a secure, end-to-end channel for authentication data.
• Technical Importance: The approach aims to provide a "Card Present" level of security for online transactions, a higher standard of assurance that typically involves lower transaction fees due to reduced fraud risk (’637 Patent, col. 3:15-24).

Key Claims at a Glance

• The complaint asserts infringement of at least independent claim 1 (Compl. ¶23).
• Essential elements of claim 1 include:
  • A biometric customer authentication apparatus.
  • An electronic enclosure with a fingerprint sensor and an external communications interface.
  • At least one processor within the enclosure coupled to the sensor.
  • Transaction security software, resident on and executed by the processor, comprising both biometric fingerprint authentication software and cryptographic transaction authentication software.
  • A memory or communications buffer coupled to the processor and communications interface.
  • A communications subsystem to relay data messages between an external system and the apparatus.

III. The Accused Instrumentality

Product Identification

• The "Five Below app" for smartphones (Compl. ¶23).

Functionality and Market Context

• The complaint alleges that the accused instrumentality is Defendant's smartphone application, which customers use to complete purchases (Compl. ¶23).
• The allegedly infringing functionality involves the app's use of fingerprint authentication, which the complaint suggests is implemented via a "Google Pay link found in Defendant's app" (Compl. ¶32). This suggests the app may invoke an underlying operating system or third-party service to perform the biometric authentication step for payment processing.
• No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

The complaint references a preliminary claim chart (Exhibit C) that was not provided with the filed document (Compl. ¶23). The following summary is based on the text of the complaint and claim 1 of the ’637 Patent.

’637 Patent Infringement Allegations

Identified Points of Contention

• Scope Questions: A central dispute may arise over whether a general-purpose smartphone running Defendant's app constitutes the claimed "biometric customer authentication apparatus." The patent specification consistently describes the "apparatus" as a dedicated, stand-alone peripheral device like a USB dongle, not a multi-function device like a smartphone (’637 Patent, Fig. 1A-1B; col. 3:26-29). The interpretation of "apparatus" will therefore be critical.
• Technical Questions: The complaint's own allegation that the app utilizes a "Google Pay link" raises the question of where the claimed "transaction security software" resides and executes (Compl. ¶32). The infringement analysis may turn on whether the Five Below app itself contains the claimed software, or if it merely makes an API call to the phone's operating system or a separate Google Pay service, which would complicate the direct infringement theory against Defendant.

V. Key Claim Terms for Construction

• The Term: "biometric customer authentication apparatus"

• Context and Importance: The definition of this term is fundamental. If construed narrowly to mean only a dedicated, external hardware device as depicted and described throughout the specification, it could present a significant challenge to the infringement allegations against a general-purpose smartphone. Practitioners may focus on this term because the patent's disclosure is arguably limited to such special-purpose peripherals.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The claim language itself does not explicitly limit the "apparatus" to a peripheral and could be argued to cover any device that meets the functional requirements of the claim elements.
  • Evidence for a Narrower Interpretation: The specification's abstract describes the invention as an "enclosure with USB interface capability" or "local wireless connectivity," and the detailed description and figures exclusively show embodiments as a USB "dongle" or a wireless "card" (’637 Patent, Abstract; Figs. 1A, 1B). This consistent description of a separate, single-purpose device could be used to argue for a narrower construction that excludes a smartphone.

• The Term: "transaction security software resident within and executing on said at least one processor"

• Context and Importance: This term's construction will determine whether infringement requires the accused app itself to contain and perform the authentication logic. This is critical given the allegation that a third-party service (Google Pay) is involved in the process (Compl. ¶32).

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: An argument could be made that the Five Below app, as the initiating software "executing on" the processor, satisfies this limitation even if it calls other software modules to complete the task.
  • Evidence for a Narrower Interpretation: The language "resident within" may be interpreted to require the specific biometric and cryptographic software to be an integral part of the accused product (the Five Below app), rather than a separate service provided by the phone's OS or a third party that the app merely invokes.

VI. Other Allegations

Indirect Infringement

• The complaint alleges induced infringement, stating that Defendant encourages and instructs customers to use the app with fingerprint authentication via Google Pay (Compl. ¶32). It also alleges contributory infringement, claiming the fingerprint authentication feature is not a staple article of commerce and has no substantial non-infringing use (Compl. ¶33).

Willful Infringement

• Willfulness is alleged based on both "willful blindness" prior to the lawsuit and actual notice provided by Plaintiff's December 13, 2021 letter, after which Defendant allegedly continued its infringing conduct (Compl. ¶¶25-28).

VII. Analyst’s Conclusion: Key Questions for the Case

1. Definitional Scope: A primary issue will be whether the term "apparatus", as used in the patent, can be construed to read on a general-purpose smartphone. The patent's consistent focus on special-purpose, peripheral hardware may pose a significant hurdle for the Plaintiff's infringement theory.
2. Locus of Infringement: The case may turn on an evidentiary question of technical operation: does the accused Five Below app contain and execute the claimed "transaction security software", or does it merely act as a front-end that calls upon separate, pre-existing services within the phone's operating system or Google Pay to perform the actual authentication?
3. Case Viability: The most fundamental question, which supersedes the technical merits of the infringement claim, is the legal effect of the post-filing cancellation of all claims of the '637 patent by the USPTO. This event presents a dispositive challenge to the continuation of the entire action.