9:25-cv-00116
Secure Mobile Transactions LLC v. Charles Schwab Bank
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Secure Mobile Transactions LLC (Texas)
- Defendant: Charles Schwab Bank (Texas)
- Plaintiff’s Counsel: Antonelli, Harrington & Thompson LLP
- Case Identification: 9:25-cv-00116, E.D. Tex., 04/08/2025
- Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant conducts business in the state, commits alleged acts of infringement in the district, and maintains regular and established places of business in the district.
- Core Dispute: Plaintiff alleges that Defendant’s card authentication system, which uses tokenization for mobile wallet payments, infringes patents related to methods for securely processing transactions without transmitting a customer's actual financial account number to a point-of-sale terminal.
- Technical Context: The technology at issue is payment tokenization, a security standard where a sensitive Primary Account Number (PAN) is replaced by a unique, non-sensitive equivalent called a "token," primarily for use in mobile and online payments to reduce data breach risks.
- Key Procedural History: The three patents-in-suit are part of the same family and claim priority to a 2007 provisional application. The complaint frames the widely adopted EMVCo payment tokenization standard as an implementation of the patented technology, suggesting a central part of the case will involve comparing the patents' teachings to this industry standard.
Case Timeline
| Date | Event |
|---|---|
| 2007-01-03 | Priority Date for ’596, ’285, and ’647 Patents |
| 2017-10-17 | U.S. Patent No. 9,792,596 Issued |
| 2020-01-20 | U.S. Patent No. 10,546,285 Issued |
| 2022-03-29 | U.S. Patent No. 11,288,647 Issued |
| 2025-04-08 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,792,596 - Mobile Phone Based Rebate Device for Redemption at a Point of Sale Terminal
Issued October 17, 2017 (’596 Patent)
The Invention Explained
- Problem Addressed: The patent’s background describes the challenge retailers face in managing customer loyalty and reward programs, noting that traditional methods lack scalability and a way to securely integrate the growing number of mobile devices carried by customers (’596 Patent, col. 1:24-38).
- The Patented Solution: The invention proposes a centralized system where multiple retailer loyalty and reward programs are aggregated into a single "virtual account" accessible on a user's mobile device (’596 Patent, col. 2:30-46). Instead of swiping a physical card, the user presents a "discount code" at a Point of Sale (POS) terminal. This code is routed to a remote server system for authentication against the user's virtual account, allowing the transaction to complete without the POS terminal ever receiving the user's actual financial account number (’596 Patent, col. 7:55-8:27; Fig. 3).
- Technical Importance: This approach provided a framework for decoupling the payment credential from the physical payment card, enabling secure transactions initiated from a general-purpose mobile device.
Key Claims at a Glance
- The complaint asserts at least independent claim 1 (Compl. ¶23).
- Claim 1 is a method for enabling a POS terminal to complete a transaction without receiving a financial account number, comprising the steps of:
- Receiving a unique code from a POS terminal at a remote computer system.
- Routing the unique code to an accounting server.
- Determining a virtual account ID.
- Routing the transaction to an authentication, authorization, and accounting (AAA) server for the virtual account ID.
- Communicating an authorization message back to the POS terminal, without communicating the financial account number.
- The complaint reserves the right to assert additional claims (Compl. ¶23).
U.S. Patent No. 10,546,285 - Mobile Phone Based Transactions at a Point of Sale Terminal
Issued January 28, 2020 (’285 Patent)
The Invention Explained
- Problem Addressed: As a continuation of the application leading to the ’596 Patent, this patent addresses the same problem: the need for a scalable and secure method to incorporate mobile devices into retail transactions and loyalty programs (’285 Patent, col. 1:21-46).
- The Patented Solution: The solution is substantively the same as in the ’596 Patent, involving a system where a mobile device provides a unique code (e.g., a "discount code," PIN, or barcode) to a POS terminal (’285 Patent, col. 3:12-15). This code is used by a backend system, including an "Accounting Server" and "Application Server," to identify a user’s "Virtual Account" and authorize the transaction, all while isolating the actual financial account data from the merchant's POS system (’285 Patent, col. 2:48-61; Fig. 3).
- Technical Importance: The invention describes a specific flow of information between a POS terminal and remote servers to enable secure, account-based mobile transactions.
Key Claims at a Glance
- The complaint asserts at least independent claim 7 (Compl. ¶41).
- Claim 7 is a method performed by a POS system to execute a transaction without receiving a financial account number, comprising the steps of:
- Receiving a mobile transaction-specific unique code from an internet-capable mobile device.
- Routing the unique code to a remote computer system.
- The unique code includes information enabling a remote accounting server to determine a device-specific virtual account ID.
- Receiving an authorization message for the transaction without receiving any financial account number.
- The complaint reserves the right to assert additional claims (Compl. ¶41).
U.S. Patent No. 11,288,647 - Radio Device Based Transactions at a Point of Sale Terminal
Issued March 29, 2022 (’647 Patent)
Technology Synopsis
The ’647 Patent, also in the same family, describes a method for conducting secure transactions where a "radio device" (like a smartphone) communicates a "transaction-specific unique code" to a POS system. This code, rather than a financial account number, is routed to a remote server for authentication and authorization, thereby preventing the merchant from handling sensitive account data (’647 Patent, Abstract; col. 2:48-61).
Asserted Claims
The complaint asserts at least independent claim 7 (Compl. ¶59).
Accused Features
The accused features are the same as for the other asserted patents, namely Charles Schwab's card authentication system that facilitates tokenized payments through mobile wallets at NFC-enabled merchant terminals (Compl. ¶¶56-57).
III. The Accused Instrumentality
Product Identification
The Accused Instrumentality is the Charles Schwab card authentication system used with its debit and/or credit cards (e.g., the Schwab Bank Visa Platinum Debit Card) when provisioned in a mobile wallet, such as Apple Pay, for making payments (Compl. ¶¶20, 38, 56).
Functionality and Market Context
The complaint alleges the system operates using EMVCo-compliant payment tokenization (Compl. ¶¶14, 20). When a customer uses their smartphone for a contactless payment at an NFC merchant terminal, the system transmits a "payment token" and a cryptogram, not the actual debit/credit card number (PAN), to the merchant's POS terminal (Compl. ¶¶20-21, 39). This data is then routed through a network of entities—including an acquirer, a payment network (e.g., Visa), a Token Service Provider (TSP), and the issuer (Schwab)—to verify the transaction and return an authorization to the merchant, all without exposing the customer's PAN (Compl. pp. 11-12). The complaint includes a diagram from the U.S. Payments Forum illustrating this exact transaction flow. This diagram, titled "Figure 6. Processing a Contactless EMV Transaction," shows the path of the token and cryptogram from an NFC-enabled phone to a POS reader and through the backend network for authorization (Compl. p. 11).
IV. Analysis of Infringement Allegations
’596 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method of enabling a physical point of sale (POS) terminal to execute a transaction associated with an Internet capable mobile device to completion without said physical point of sale (POS) terminal ever having received a financial account number from said Internet capable mobile device... | The accused system enables NFC merchant terminals to execute transactions using a Schwab card stored on a mobile device without the terminal receiving the actual account number. | ¶21 | col. 10:1-8 |
| receiving by a remote computer system from a physical point of sale (POS) terminal, a unique code and not a financial account number... | The merchant acquirer/processor receives a transaction request containing a payment token and a unique cryptogram from the POS terminal. | ¶¶21, p. 12 | col. 10:49-55 |
| determining a virtual account ID; | A Token Service Provider (TSP) receives the token, validates the cryptogram, and detokenizes it to the clear PAN, which corresponds to the virtual account. | ¶¶39, p. 12 | col. 10:56-57 |
| routing the transaction to an authentication, authorization and accounting (AAA) server for the virtual account ID... | The payment network forwards the transaction with the clear PAN to the appropriate issuer processor and then to the issuer (Schwab) for final authorization. | ¶¶39, p. 12 | col. 10:57-61 |
| communicating an authorization message for the transaction without also communicating said financial account number to said physical POS terminal... | The payment network sends an authorization response back to the merchant acquirer/processor, ensuring that the token, not the clear PAN, is included for the response to the POS terminal. | ¶¶39, p. 12 | col. 10:62-11:1 |
’285 Patent Infringement Allegations
| Claim Element (from Independent Claim 7) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method performed by a physical point of sale (POS) system to execute a transaction associated with an Internet capable mobile device... without said physical point of sale (POS) system ever having received a financial account number... | An NFC merchant terminal executes a transaction with a mobile device without receiving the actual account number from the phone. | ¶39 | col. 9:20-26 |
| receiving from the Internet capable mobile device a mobile transaction specific unique code without also receiving any financial account number... | The POS terminal receives a payment token and a unique cryptogram via NFC from the customer's smartphone. | ¶39 | col. 9:27-30 |
| routing to a remote computer system the mobile transaction-specific unique code... | The POS terminal sends the message containing the token and cryptogram to the merchant acquirer/processor. | ¶¶39, p. 12 | col. 9:31-34 |
| ...said mobile transaction-specific unique code including information enabling an accounting server to determine, from said mobile transaction-specific unique code without any financial account number a device specific virtual account ID... | The token is used by the payment network and TSP to perform a BIN lookup and ultimately identify the underlying PAN (the virtual account ID) for authorization. | ¶¶39, p. 12 | col. 9:34-39 |
| receiving an authorization message for the transaction without also receiving any financial account number from said Internet capable mobile device; | The POS terminal receives a final authorization response from the merchant acquirer/processor to complete the transaction, which does not include the PAN. | ¶¶39, p. 12 | col. 9:40-42 |
Identified Points of Contention
- Scope Questions: The patents-in-suit heavily reference "rebate," "loyalty," and "discount code" in their titles and specifications (’596 Patent, Title; col. 3:12-15). The accused system is a general-purpose payment system. This raises the question of whether the claims, despite their broader language, should be limited to the context of loyalty and rewards programs, or if they properly read on general payment tokenization.
- Technical Questions: The patent claims recite a relatively centralized architecture with an "accounting server" and an "AAA server" (’596 Patent, cl. 1). The complaint describes the accused system as a distributed, multi-party ecosystem involving a merchant acquirer, a payment network, a Token Service Provider (TSP), and an issuer processor (Compl. pp. 11-12). A key dispute may be whether the functions of the accused system's disparate entities (e.g., the TSP and issuer) map onto the elements of the claimed servers, either literally or under the doctrine of equivalents.
V. Key Claim Terms for Construction
The Term: "financial account number"
Context and Importance
This is a negative limitation at the core of all asserted claims, as the invention is premised on completing a transaction without the POS system ever receiving this number. The outcome of the case may depend on whether the "payment token" used in the accused system is considered a "financial account number." Practitioners may focus on this term because if a token is construed as a financial account number, the infringement theory may fail.
Intrinsic Evidence for Interpretation
- Evidence for a Broader Interpretation: The patent’s goal of security against fraud could support an interpretation where the term covers any number that can be used to authorize a charge against a user's account, which might include a token.
- Evidence for a Narrower Interpretation: The specification's consistent contrast with traditional card transactions suggests "financial account number" refers to the permanent, vulnerable PAN printed on a physical card, which a token is designed to replace. The complaint itself makes this distinction, stating tokenization prevents the "debit and/or credit card number" from being transmitted (Compl. ¶20).
The Term: "accounting server"
Context and Importance
This server is a key element in the claimed methods, responsible for functions like determining a "Virtual Account ID" from a unique code (’596 Patent, col. 10:56-57). The infringement analysis requires mapping this claimed server to one or more components in the accused distributed system.
Intrinsic Evidence for Interpretation
- Evidence for a Broader Interpretation: The patent describes its function as processing transactions, updating profiles, and managing account data, which could be interpreted as a logical grouping of functions, regardless of whether they are performed by one or multiple physical servers (’285 Patent, col. 3:25-40).
- Evidence for a Narrower Interpretation: The patent figures depict the "Accounting Server" as a distinct, centralized architectural component (e.g., ’285 Patent, Fig. 3). This could support an argument that the claim requires a more monolithic structure than the distributed TSP/issuer-processor architecture alleged to infringe.
VI. Other Allegations
Indirect Infringement
The complaint alleges inducement by asserting that Charles Schwab actively encourages and instructs its customers on how to use the accused mobile payment functionality through its website and FAQs (Compl. ¶¶25, 43, 74). A screenshot of the "Mobile Wallet FAQs" page is provided as evidence of these instructions (Compl. p. 8). Contributory infringement is alleged on the basis that the accused system has special features (i.e., tokenization) that are not staple articles of commerce and are especially designed to be used in an infringing way (Compl. ¶¶27, 45, 82-84).
Willful Infringement
Willfulness is alleged based on Defendant’s knowledge of the patents "at least as of the date when it was notified of the filing of this action" (Compl. ¶¶32, 50, 68). The complaint further alleges that Defendant's actions are "objectively reckless as to the risk of infringing valid patents" (Compl. ¶86).
VII. Analyst’s Conclusion: Key Questions for the Case
- A central issue will be one of claim scope: Can claims from a patent family whose specification is focused on aggregating "rebate" and "loyalty" programs be construed to cover the accused general-purpose payment tokenization system, or will they be limited by the context disclosed in the specification?
- Another key question will be one of architectural mapping: Does the distributed, multi-entity architecture of the accused EMVCo system—which splits functions among acquirers, payment networks, Token Service Providers, and issuers—correspond to the more centralized "accounting server" and "AAA server" architecture recited in the patent claims, either literally or under the doctrine of equivalents?
- Finally, the case will likely turn on a definitional question: Is the "payment token" used in the accused system a "financial account number" as that term is used in the claims? The answer will determine whether the accused system satisfies the core negative limitation of the asserted patents.