Secure Mobile Transactions LLC v. Bank Of Texas A Division Of Bofk NA

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Secure Mobile Transactions LLC (Texas)
  • Defendant: Bank of Texas, a Division of BOFK, N.A. (Texas)
  • Plaintiff’s Counsel: Antonelli, Harrington & Thompson LLP
• Case Identification: 9:25-cv-00115, E.D. Tex., 04/08/2025
• Venue Allegations: Plaintiff alleges venue is proper because Defendant has committed acts of infringement in the district, induces infringement by cardholders in the district, and has regular and established places of business in the district.
• Core Dispute: Plaintiff alleges that Defendant’s card authentication system, which enables mobile payments via digital wallets like Apple Pay and Google Pay, infringes patents related to executing secure transactions at a point-of-sale terminal without transmitting the customer's actual financial account number.
• Technical Context: The technology at issue is payment tokenization, a method used in digital wallets to replace a sensitive Primary Account Number (PAN) with a unique, non-sensitive equivalent called a token to enhance security during transactions.
• Key Procedural History: The complaint notes that the applications leading to the asserted patents have been cited hundreds of times during the prosecution of other patent applications by companies in the payment industry, which Plaintiff may use to argue the significance and non-obviousness of the inventions.

Case Timeline

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,792,596 - "Mobile Phone Based Rebate Device for Redemption at a Point of Sale Terminal," Issued Oct. 17, 2017

The Invention Explained

• Problem Addressed: The patent's shared specification describes challenges retailers face in managing customer loyalty and reward programs, noting that capturing customer data can be intrusive and that traditional single-source discount programs lack scalability and a way to integrate with the increasing number of mobile devices carried by consumers (’285 Patent, col. 1:24-46).
• The Patented Solution: The invention proposes a system to aggregate multiple retailers' reward and loyalty programs into a single virtual account accessible from a user's mobile device (’285 Patent, col. 2:30-38). A central feature is the use of a "unique code" (such as a discount code or PIN) presented from the mobile device at a point-of-sale (POS) terminal. This code is authenticated by a remote back-end system (an "accounting server" and "AAA server") to complete the transaction, which avoids transmitting a customer's primary financial account information to the POS terminal and allows for centralized tracking of rewards across different retailers (’285 Patent, Fig. 3; col. 2:50-55).
• Technical Importance: The technology provides a framework for using mobile devices as a secure intermediary for in-person commercial transactions, centralizing various loyalty programs and enhancing security by separating the transaction credential from the underlying financial account.

Key Claims at a Glance

• The complaint asserts independent Claim 1 (Compl. ¶23).
• Claim 1 is a method of enabling a POS system to execute a transaction, and its key elements include:
  • Receiving, by a remote computer system from a POS terminal, a unique code and not a financial account number.
  • Routing the unique code to an accounting server.
  • Determining a virtual account ID.
  • Routing the transaction to an authentication, authorization, and accounting (AAA) server.
  • Communicating an authorization message for the transaction to the POS terminal without also communicating the financial account number.
• The complaint reserves the right to assert other claims, including dependent claims (Compl. ¶23).

U.S. Patent No. 10,546,285 - "Mobile Phone Based Transactions at a Point of Sale Terminal," Issued Jan. 28, 2020

The Invention Explained

• Problem Addressed: As a continuation with a shared specification, this patent addresses the same problems of managing disparate customer loyalty programs and securely integrating mobile devices into POS transactions (’285 Patent, col. 1:24-46).
• The Patented Solution: The solution is the same as described for the ’596 Patent: a system using a mobile device to present a unique code at a POS, which is then processed by a remote system to authorize a transaction without exposing the customer's financial account number to the merchant's terminal (’285 Patent, col. 2:30-38, 7:1-17).
• Technical Importance: This patent family provides a system architecture for secure, mobile-initiated transactions, which became a foundational concept for modern digital wallets and contactless payments.

Key Claims at a Glance

• The complaint asserts independent Claim 7 (Compl. ¶41).
• Claim 7 is a method performed by the POS system itself, and its key elements include:
  • Receiving from an internet-capable mobile device a "mobile transaction specific unique code" without also receiving a financial account number.
  • Routing the unique code to a remote computer system.
  • Receiving an authorization message for the transaction without also receiving the financial account number.
• The complaint reserves the right to assert other claims, including dependent claims (Compl. ¶41).

U.S. Patent No. 11,288,647 - "Radio Device Based Transaction at a Point of Sale Terminal," Issued Mar. 29, 2022

• Technology Synopsis: As part of the same patent family, the ’647 Patent refines the concept of a secure transaction system. It claims a method performed by a POS system that receives a unique code from a "radio device" (e.g., a smartphone), routes it to a remote system for authorization, and receives authorization back, all without the POS system ever handling the financial account number itself (’647 Patent, Claim 7). The claims are similar in structure to those in the ’285 Patent.
• Asserted Claims: The complaint asserts independent Claim 7 (Compl. ¶59).
• Accused Features: The infringement allegations against the ’647 Patent target the same card authentication system as the other patents, focusing on the process where an NFC terminal receives a payment token from a mobile device to execute a transaction (Compl. ¶¶ 56-57).

III. The Accused Instrumentality

Product Identification

• The "Accused Instrumentality" is the card authentication system offered by Bank of Texas (Compl. ¶20). This system is used when customers provision their Bank of Texas debit or credit cards into third-party digital wallets (e.g., Apple Pay, Google Pay, Samsung Pay) and use them to make payments at merchant POS terminals, typically via Near Field Communication (NFC) (Compl. ¶¶ 20, 38, 56). A screenshot from Defendant's website shows that it encourages customers to add their cards to these specific digital wallets (Compl. p. 8).

Functionality and Market Context

• The complaint alleges the system functions by using EMVCo-compliant payment tokenization (Compl. ¶20). Instead of transmitting the customer's actual card number (PAN), the mobile device sends a "payment token" and a one-time cryptogram to the POS terminal (Compl. ¶21; p. 12, step 1). This token is routed through the payment network to a Token Service Provider (TSP) that validates it and converts it back to the real PAN, which is then sent to Bank of Texas for authorization (Compl. p. 12, steps 3-7). The authorization response is sent back to the merchant POS terminal, again using the token instead of the PAN, thereby completing the transaction without the merchant ever possessing the customer's sensitive card number (Compl. p. 12, step 9). The complaint provides a process diagram detailing this flow of a contactless transaction, showing a "Payment Token" being passed from the mobile phone to the POS reader instead of the PAN (Compl. p. 11).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,792,596 Infringement Allegations

U.S. Patent No. 10,546,285 Infringement Allegations

• Identified Points of Contention:
  • Scope Questions: A primary question may be whether the term "unique code", described in the patent's specification in the context of "discount codes" and "rebate" programs, can be construed to read on the "payment token" and "cryptogram" used in the accused EMVCo system, which serves as a substitute for a primary account number for security purposes.
  • Technical Questions: The infringement theory depends on mapping the functions of the accused distributed system (merchant acquirer, payment network, TSP, issuer) onto the more specific server architecture described in the patent (e.g., "accounting server", "AAA server"). The defense may argue that this mapping is improper and that, for example, a TSP does not perform all the functions of the claimed "accounting server".

V. Key Claim Terms for Construction

For the ’596 and ’285 Patents

• The Term: "unique code" / "mobile transaction specific unique code"

• Context and Importance: The viability of the infringement case hinges on this term's scope. Plaintiff's theory requires this term to cover the payment token and/or cryptogram used in modern digital wallets. Practitioners may focus on this term because the patents' titles and specification frequently reference "rebates" and "discounts," potentially limiting the term's scope to that context, whereas the accused tokens are primarily for security.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The specification states that the system resolves various "Discount Codes (PINs, SKUs, and Barcodes)" to a numerical ID for authentication, suggesting the specific format is less important than its function as a traceable identifier (’285 Patent, col. 2:60-64). Claim 1 of the ’596 patent itself broadly claims a "unique code" separate from a financial account number.
  • Evidence for a Narrower Interpretation: The titles of the parent patents ("...Rebate Device," "...Rebate and Gift Card Aggregation") and repeated use of "discount code" throughout the specification could be used to argue the "unique code" must be related to a rebate, discount, or loyalty program, not a general-purpose payment credential substitute (’285 Patent, col. 7:30-40).

• The Term: "accounting server"

• Context and Importance: Plaintiff's infringement theory maps the functions of the Token Service Provider (TSP), and potentially other network entities, to this claimed server. The defense will likely challenge this equivalence.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The patent describes the "accounting server" as a "secure centralized server that processes and stores the transactional data for each virtual account ID" and is networked to the POS systems and an Application Server (’285 Patent, col. 3:23-28). Plaintiff may argue the TSP and associated network components collectively perform these functions.
  • Evidence for a Narrower Interpretation: The patent's diagrams depict the "accounting server" as a discrete architectural component (e.g., ’285 Patent, Fig. 1, Fig. 3). A defendant could argue that the distributed, multi-party nature of the accused system—involving a merchant, acquirer, payment network, and a separate TSP—is architecturally distinct from the specific server claimed in the patent.

VI. Other Allegations

• Indirect Infringement: The complaint alleges induced infringement, stating that Bank of Texas takes active steps to "encourage[], recruiting, and instructing" customers to use the accused digital wallet functionality through marketing and other communications (Compl. ¶¶ 25, 43, 74). It also alleges contributory infringement on the basis that the tokenization system is a material part of the invention, is especially adapted for use in an infringing manner, and is not a staple article of commerce suitable for substantial non-infringing use (Compl. ¶¶ 27, 45, 82-84).
• Willful Infringement: The complaint alleges that Defendant's infringement is and will be willful. The basis for willfulness appears to be knowledge of the patents acquired "at least as of the date when it was notified of the filing of this action" (Compl. ¶¶ 32, 50, 68). The complaint also alleges Defendant's actions are "at least objectively reckless as to the risk of infringing valid patents" (Compl. ¶86).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: Can the term "unique code", rooted in a specification focused on aggregating "rebate," "discount," and "loyalty" programs, be construed broadly enough to cover the "payment token" used in modern EMVCo systems, which functions primarily as a security substitute for a card number?
• A second central question will be one of architectural equivalence: Does the distributed, multi-entity architecture of the accused payment tokenization system—involving separate acquirers, payment networks, and Token Service Providers—constitute an infringement of patent claims that describe a more centralized system with specific components like an "accounting server"?
• Finally, an evidentiary question will be one of divided infringement: Given that the claimed methods involve actions by multiple distinct entities (the user's mobile device, the merchant's POS system, the acquirer, the payment network, the TSP, and the issuer bank), can Plaintiff establish that one party directs or controls the others' performance sufficiently to attribute all steps of the claimed method to the Defendant for liability purposes?