DCT

2:25-cv-01178

Nusantao IP LLC v. Samsung Electronics America Inc

Log In
Key Events
Complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:25-cv-01178, E.D. Tex., 11/29/2025
  • Venue Allegations: Venue is alleged to be proper as to Samsung America due to its "regular and established place of business" in Plano, Texas. Venue over the foreign parent, Samsung Electronics, is asserted based on its status as a foreign entity and, alternatively, because it allegedly controls the operations of the Plano facility.
  • Core Dispute: Plaintiff alleges that Defendant’s electronic devices incorporating the Knox Vault security platform infringe patents related to hardware-level security for sensor data and policy-based management of application access to that data.
  • Technical Context: The patents address the security and privacy of data generated by sensors in modern electronics, aiming to protect raw data at the hardware level before it can be accessed by the primary operating system or potentially malicious applications.
  • Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or licensing history related to the patents-in-suit.

Case Timeline

Date Event
2018-06-07 ’613 Patent Priority Date
2019-04-02 ’546 Patent Priority Date
2021-01-01 Samsung introduces Knox Vault with Galaxy S21 (Date inferred from "in 2021")
2021-08-17 ’613 Patent Issued
2022-01-01 Samsung introduces Knox Matrix security architecture (Date inferred from "in 2022")
2023-05-02 ’546 Patent Issued
2025-01-01 Samsung introduces Knox Vault Enhanced Protection (“KEEP”) (Date inferred from "in 2025")
2025-11-29 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 11,095,613 - “System of Smart Edge Sensors,” issued August 17, 2021 (’613 Patent)

The Invention Explained

  • Problem Addressed: The patent describes the security risk in modern devices where a hacker who compromises the main processor or operating system can gain access to sensitive, unencrypted data from the device’s sensors, such as microphones and cameras (’613 Patent, col. 2:1-20).
  • The Patented Solution: The invention proposes a hardware security module, or "smart edge" device, that is physically or logically placed between a sensor and the device's main processor. This module intercepts the raw data signal from the sensor, encrypts it, and then passes the encrypted signal to the main processor, thereby ensuring that the main processor and any applications running on it never have access to the unencrypted sensor data (’613 Patent, Abstract; col. 6:1-8). The complaint includes a reproduction of the patent's Figure 1, which illustrates this architecture of a "Smart Edge" module (140) placed between a sensor (130) and the device bus (110) (Compl. ¶17).
  • Technical Importance: This architecture pushes security and encryption to the "edge" of the network—the sensor itself—creating a hardware-based isolation layer that is independent of the device's primary, and more vulnerable, software environment (’613 Patent, col. 5:36-39).

Key Claims at a Glance

  • The complaint asserts independent claim 12 (Compl. ¶18).
  • Claim 12 Elements:
    • An electronic device comprising:
    • a device processor executing a device operating system (OS);
    • a device bus;
    • a device memory coupled to the device bus;
    • a plurality of sensors;
    • at least one security module, interposed between at least one corresponding sensor of the plurality of sensors and the device bus, the security module configured to receive a raw data signal from the corresponding sensor, encrypt at least part of the raw data signal to generate an encrypted signal, and transmit the encrypted signal to the device bus; and
    • a device driver residing in the device memory and configured to facilitate communication between the device processor and the security module.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 11,640,546 - “Managing Access to Data and Managing Operations Performed by Applications,” issued May 2, 2023 (’546 Patent)

The Invention Explained

  • Problem Addressed: The patent addresses the problem of applications, particularly AI and machine learning models, using personal or sensitive data for unintended or unauthorized purposes that go beyond the scope for which the data was originally collected, creating significant privacy risks (’546 Patent, col. 2:31-41).
  • The Patented Solution: The invention discloses a system that uses a "secure edge module" to enforce rules laid out in a "smart contract." This smart contract dictates which applications are allowed to access specific sets of data and, crucially, what types of operations or "inferences" those applications are permitted to generate from the data (’546 Patent, Abstract; col. 3:62-4:17). The system is designed to programmatically prevent applications from performing operations not explicitly authorized by the smart contract, thus managing both data access and data use (’546 Patent, col. 4:10-17).
  • Technical Importance: This approach moves beyond simple user authentication to application authentication, creating a framework to control and audit how sophisticated algorithms use personal data after access has been granted (’546 Patent, col. 2:55-61).

Key Claims at a Glance

  • The complaint asserts independent claim 11 (Compl. ¶26).
  • Claim 11 Elements:
    • An apparatus, comprising:
    • a memory configured to store data; and
    • a processing device comprising one or more of a [list of processor types], which is configured to:
      • obtain a first smart contract associated with a set of data, a secure edge module, and an artificial intelligence model, wherein the artificial intelligence model is configured to generate inferences;
      • determine whether the artificial intelligence model is allowed to generate a set of inferences using the set of data based on the first smart contract;
      • in response to determining that the artificial intelligence model is allowed to generate the set of inferences using the set of data, cause the artificial intelligence model to execute on the set of data to generate the set of inferences; and
      • performing one or more post processing operations for one or more of the artificial intelligence model and the set of data based on the first smart contract;
    • wherein the processing device is configured to refrain from: performing operations that are not indicated in the first smart contract; executing artificial intelligence model that are not indicated in the first smart contract; and allowing access to data that is not indicated in the first smart contract.
  • The complaint does not explicitly reserve the right to assert dependent claims.

III. The Accused Instrumentality

Product Identification

The accused instrumentalities are Samsung electronic devices that incorporate the Samsung Knox Vault security platform, including subsequent versions such as the Knox Matrix security architecture and Knox Vault Enhanced Protection ("KEEP") (Compl. ¶1, ¶5-8). The complaint specifically identifies product lines such as Galaxy S series phones, Galaxy Tab series tablets, and Galaxy Watch series wearables as accused products (Compl. ¶5).

Functionality and Market Context

  • The complaint alleges that Knox Vault is a "hardware-based security" platform that "operates completely independently from the primary processor running the Android OS" (Compl. ¶6). It is described as an "isolated, tamper-proof, secure subsystem with its own processor and memory" for storing sensitive data like cryptographic keys and biometric credentials (Compl. ¶6). The complaint includes a System-on-Chip diagram from Samsung's materials, which depicts the "Knox Vault" as a distinct component alongside the "Primary Application Processor" (Compl. p. 3).
  • The complaint alleges Samsung introduced Knox Vault in 2021 and has since expanded its implementation across its device ecosystem, including the introduction of Knox Matrix in 2022 to "extend the Vault sensor interception architecture across multiple devices" (Compl. ¶7). The complaint also references a timeline graphic from Samsung showing the evolution from Knox Vault in 2021 to Knox Matrix in "2023 and Beyond" (Compl. p. 4). The 2025 introduction of KEEP is alleged to be a "new architecture designed to safeguard... AI-powered features," including the Personal Data Engine (PDE) (Compl. ¶8).

IV. Analysis of Infringement Allegations

’613 Patent Infringement Allegations

Claim Element (from Independent Claim 12) Alleged Infringing Functionality Complaint Citation Patent Citation
at least one security module, interposed between at least one corresponding sensor... and the device bus The Knox Vault Subsystem is alleged to be an isolated security subsystem with a dedicated processor, positioned between sensors (e.g., ultrasonic fingerprint sensor) and system interconnects (e.g., LPDDR5X DRAM). ¶19 col. 6:40-44
the security module configured to receive a raw data signal from the corresponding sensor The Knox Vault Subsystem allegedly receives raw data from sensors, including the fingerprint sensor, for secure authentication processing. ¶19 col. 6:44-46
encrypt at least part of the raw data signal to generate an encrypted signal Knox Vault is alleged to apply hardware-based encryption with vault-unique keys to the raw sensor data. ¶19 col. 6:46-48
and transmit the encrypted signal to the device bus Knox Vault allegedly transmits encrypted packages ("blobs") to the system interconnects before they are stored in DRAM. ¶19 col. 6:48-49
a device driver residing in the device memory and configured to facilitate communication between the device processor and the security module The device memory allegedly contains drivers, such as the StrongBox Keymaster driver, that facilitate communication between the main processor and the Knox Vault Subsystem. ¶19 col. 6:50-54
  • Identified Points of Contention:
    • Scope Questions: A central issue may be the interpretation of "interposed between." The complaint alleges Knox Vault is positioned between a sensor and "system interconnects, including those associated with the LPDDR5X DRAM." The defense may argue this architecture does not meet the specific structural relationship of being interposed "between" the sensor and the "device bus" as contemplated by the patent, raising a question of claim scope.
    • Technical Questions: The complaint asserts that the StrongBox Keymaster driver facilitates communication. A technical question will be whether this driver performs the functions required by the claim element, or if its role is materially different from the "device driver" described in the patent's specification.

’546 Patent Infringement Allegations

Claim Element (from Independent Claim 11) Alleged Infringing Functionality Complaint Citation Patent Citation
obtain a first smart contract associated with a set of data, a secure edge module, and an artificial intelligence model The accused processors allegedly obtain Samsung and Knox security policies and access rules, which are equated with the "smart contract." These policies are associated with data (e.g., camera/biometric data), the Knox Vault Subsystem (the "secure edge module"), and Galaxy AI models (the "artificial intelligence model"). ¶27 col. 3:62-65
determine whether the artificial intelligence model is allowed to generate a set of inferences... based on the first smart contract The system allegedly determines if Galaxy AI and its PDE are permitted to generate inferences based on the security policies and rules enforced by StrongBox Keymaster. ¶27 col. 11:1-4
cause the artificial intelligence model to execute on the set of data to generate the set of inferences In response to a positive determination, the system allegedly causes Galaxy AI and third-party AI models to execute on the data to create summaries, suggestions, and routines. ¶27 col. 11:5-10
wherein the processing device is configured to refrain from: performing operations that are not indicated in the first smart contract The Galaxy S25 processors are alleged to not perform operations, execute AI models, or allow access to data unless authorized by the applicable Samsung and Knox security policies enforced by StrongBox Keymaster. ¶27 col. 11:14-21
  • Identified Points of Contention:
    • Scope Questions: The core dispute will likely center on whether Samsung's collection of "security policies and access rules... enforced by StrongBox Keymaster" constitutes a "smart contract" as the term is used in the patent. This raises a definitional question of significant scope.
    • Technical Questions: What evidence does the complaint provide that the accused system performs the specific sequence of "obtain," "determine," and then "cause... to execute" as required by the claim? The infringement allegation combines multiple Samsung features (StrongBox Keymaster, PDE, KEEP, Galaxy AI), and a key technical question will be whether these components operate together in the manner claimed.

V. Key Claim Terms for Construction

For the ’613 Patent:

  • The Term: "interposed between"
  • Context and Importance: This term is central to the claimed physical or logical architecture. The infringement case depends on whether the Knox Vault Subsystem's location within the device's System-on-Chip meets this structural limitation relative to a sensor and the device bus.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The specification describes the module as being "inserted between a communication bus... and a sensor" (’613 Patent, col. 3:1-3) and speaks of "intercepting" signals (’613 Patent, col. 5:60-63), which could suggest a functional, rather than strictly physical, placement.
    • Evidence for a Narrower Interpretation: Figure 1 of the patent depicts the "Smart Edge" module (140) as a discrete component in a direct series connection between the sensor (130) and the device bus (110) (’613 Patent, Fig. 1). The abstract also describes modules "each interposed between a respective sensor and the microprocessor" (’613 Patent, Abstract), which may imply a more direct, one-to-one relationship than what exists in a complex SoC.

For the ’546 Patent:

  • The Term: "smart contract"
  • Context and Importance: Plaintiff's infringement theory equates Samsung's "security policies and access rules" with the claimed "smart contract." The viability of the infringement claim for the ’546 patent hinges on whether this interpretation is adopted.
  • Intrinsic Evidence for Interpretation:
    • Evidence for a Broader Interpretation: The patent specification provides a broad definition: "A smart contract may be a document, file, or other data that may indicate which applications have access to a set of data" and "may also indicate the types of operations that an application is allowed to perform" (’546 Patent, col. 3:66-4:6). This language may support reading the term on a wide variety of access-control policies.
    • Evidence for a Narrower Interpretation: The detailed description discusses using smart contracts to "programmatically enforce" rules and to validate applications by comparing file hashes to those "stored in the smart contract" (’546 Patent, col. 3:11-12, col. 3:48-50). The defense may argue that these functionalities imply a more specific, cryptographically verifiable data structure than general OS-level security policies.

VI. Other Allegations

  • Indirect Infringement: The complaint does not provide sufficient detail for analysis of indirect infringement, as it does not plead facts concerning specific actions taken by Defendant to encourage or enable infringement by third parties. The allegations are focused on direct infringement (Compl. ¶18, ¶26).
  • Willful Infringement: The complaint does not provide sufficient detail for analysis of willful infringement. It does not contain allegations of pre-suit knowledge of the patents or egregious conduct that would typically support such a claim.

VII. Analyst’s Conclusion: Key Questions for the Case

This case appears to center on fundamental questions of claim scope and the mapping of patent terminology onto complex, multi-component commercial systems. The outcome may depend on the court’s determination of the following issues:

  1. A core issue will be one of architectural mapping: Does Samsung's Knox Vault, an integrated subsystem within a System-on-Chip, satisfy the ’613 patent's requirement for a security module to be "interposed between" a sensor and the device bus, or is there a material difference in its structural and functional position?

  2. A second core issue will be one of definitional scope: Can the term "smart contract" in the ’546 patent, defined in the specification as a "document, file, or other data" indicating permissions, be construed to read on Samsung’s aggregation of security policies, Android permissions, and access rules, or does the patent require a more specific, self-executing data structure?

  3. A key evidentiary question will be one of functional operation: Do the various accused software and hardware components (Knox Vault, KEEP, PDE, StrongBox Keymaster, Galaxy AI) operate in concert to perform the specific, sequential steps of the asserted method claims, or do they function independently in a manner distinct from the patented methods?