Secure Mobile Transactions LLC v. Independent Bank

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Secure Mobile Transactions LLC (Texas)
  • Defendant: Independent Bank d/b/a Independent Financial (Texas)
  • Plaintiff’s Counsel: Antonelli, Harrington & Thompson LLP; The Stafford Davis Firm
• Case Identification: 9:25-cv-00119, E.D. Tex., 04/08/2025
• Venue Allegations: Venue is alleged to be proper as Defendant maintains regular and established places of business in the district and has committed acts of patent infringement within the district.
• Core Dispute: Plaintiff alleges that Defendant’s digital payment systems, which utilize EMVCo-compliant tokenization for mobile wallet transactions, infringe three patents related to securely conducting transactions at a point-of-sale terminal without transmitting a customer's actual financial account number.
• Technical Context: The technology at issue addresses payment card fraud by replacing a card's static Primary Account Number (PAN) with a dynamically generated, limited-use "token" for mobile and contactless transactions.
• Key Procedural History: The complaint alleges that the patent applications leading to the Asserted Patents have been cited during the prosecution of patent applications by numerous major companies in the payment authorization industry, including Capital One, JP Morgan, First Data, and Mastercard.

Case Timeline

Date	Event
2007-01-03	Earliest Priority Date for ’596, ’285, and ’647 Patents
2017-10-17	U.S. Patent No. 9,792,596 Issued
2020-01-28	U.S. Patent No. 10,546,285 Issued
2022-03-29	U.S. Patent No. 11,288,647 Issued
2025-04-08	Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 9,792,596 - Mobile Phone Based Rebate Device for Redemption at a Point of Sale Terminal

• Issued: Oct. 17, 2017
• The Invention Explained:
  • Problem Addressed: The patent describes the challenge retailers face in managing customer loyalty and reward programs, particularly the difficulty of integrating these programs with mobile devices in a way that is secure and avoids burdening consumers with intrusive data collection (ʼ596 Patent, col. 1:24-34). Traditional methods lack scalability and a way to securely track mobile transactions within a master rewards program (ʼ596 Patent, col. 1:39-43).
  • The Patented Solution: The invention proposes a centralized system where a user's various loyalty programs are aggregated into a single "virtual account" accessible via a mobile phone application. To conduct a transaction, the user presents a unique code (e.g., a discount code) from their mobile device at a POS terminal instead of a sensitive financial account number (ʼ596 Patent, col. 2:50-56). This code is sent to a remote system of servers (an "accounting server" and "AAA server") that authenticates the code, links it to the user's virtual account, and authorizes the transaction without ever exposing the underlying financial details to the POS terminal (ʼ596 Patent, FIG. 3; col. 6:62-7:4).
  • Technical Importance: This architecture aimed to enhance transaction security by decoupling the payment or reward redemption from the user's permanent financial account number, thereby reducing the risk of fraud if a merchant's system were compromised (Compl. ¶13).
• Key Claims at a Glance:
  • The complaint asserts at least independent Claim 1 (Compl. ¶23).
  • The essential elements of independent Claim 1 include:
    • Receiving, by a remote computer system from a POS terminal, a unique code and not a financial account number.
    • Routing the unique code to an accounting server.
    • Determining a virtual account ID.
    • Routing the transaction to an authentication, authorization, and accounting (AAA) server associated with the virtual account ID.
    • Communicating an authorization message back to the POS terminal without communicating the financial account number.
  • The complaint reserves the right to assert other claims (Compl. ¶23).

U.S. Patent No. 10,546,285 - Mobile Phone Based Transactions at a Point of Sale Terminal

• Issued: Jan. 28, 2020
• The Invention Explained:
  • Problem Addressed: The patent addresses the same underlying problem as the ’596 Patent: enabling secure transactions and reward redemptions via mobile devices without transmitting sensitive financial account numbers to merchants, which are vulnerable to data theft (ʼ285 Patent, col. 1:24-34).
  • The Patented Solution: This patent claims the process from the perspective of the POS system itself. The method involves the POS terminal receiving a "mobile transaction-specific unique code" directly from a user's mobile device (ʼ285 Patent, col. 9:22-28). The POS terminal then routes this unique code—and only this code, not a financial account number—to a remote computer system for authorization. Upon receiving an authorization message, the POS system completes the transaction, having never handled the customer's actual account number (ʼ285 Patent, col. 9:29-42).
  • Technical Importance: This method defines a secure protocol for POS terminals, allowing them to participate in mobile payment ecosystems while minimizing their own data security risks and potential liability associated with storing or transmitting customer PANs (Compl. ¶14).
• Key Claims at a Glance:
  • The complaint asserts at least independent Claim 7 (Compl. ¶41).
  • The essential elements of independent Claim 7 include:
    • Receiving from a mobile device a transaction-specific unique code without also receiving any financial account number.
    • Routing the unique code to a remote computer system, again without routing any financial account number.
    • The remote system determines a virtual account ID from the code to authorize the transaction.
    • Receiving an authorization message for the transaction, again without receiving any financial account number.
  • The complaint reserves the right to assert other claims (Compl. ¶41).

U.S. Patent No. 11,288,647 - Radio Device Based Transaction at a Point of Sale Terminal

• Issued: March 29, 2022 (Compl. ¶54)
• Technology Synopsis: Continuing the theme of its parent patents, the ’647 Patent teaches methods for executing a secure transaction at a POS terminal. The invention focuses on the interaction where a "radio device" (e.g., a smartphone) provides a transaction-specific unique code, but not a financial account number, to a POS system, which then communicates with a remote accounting and authorization server to validate the transaction against a device-specific virtual account (ʼ647 Patent, Abstract; col. 8:1-30).
• Asserted Claims: At least independent Claim 7 is asserted (Compl. ¶59).
• Accused Features: The complaint accuses Independent Bank’s system for providing and authenticating EMVCo compliant tokens used in mobile wallet transactions (e.g., Apple Pay, Google Pay) of infringing the ’647 Patent (Compl. ¶56).

III. The Accused Instrumentality

Product Identification

The "Accused Instrumentality" is the card authentication system provided by Independent Bank for its debit and credit cards, such as the Independent Financial Personal Debit Mastercard (Compl. ¶¶ 20, 38, 56). This system is used to enable mobile payments through third-party digital wallets like Apple Pay, Google Pay, and Samsung Pay (Compl. p. 8).

Functionality and Market Context

The system operates using EMVCo-compliant payment tokenization. A customer first provisions their Independent Bank card into a mobile wallet, a process during which the card's PAN is replaced with a device-specific token, or Digital PAN (DPAN) (Compl. ¶¶ 9-10). To make a purchase, the customer taps their mobile device on an NFC-enabled POS terminal. The device transmits the token and a one-time cryptogram, not the actual PAN, to the terminal (Compl. ¶¶ 20-21). This data is then routed through the payment network to the issuer (Independent Bank) for authorization, and an approval is sent back to the merchant, completing the transaction without the merchant ever handling the customer's underlying PAN (Compl. ¶¶ 21, 39; pp. 11-12). The complaint includes a flowchart illustrating this transaction process. This flowchart shows a payment token and cryptogram being sent from an NFC-enabled phone to a POS reader to initiate the transaction (Compl. p. 11, Fig. 6). The complaint frames this tokenization technology as a critical, industry-wide solution to combat fraud from major data breaches (Compl. ¶¶ 13-14).

IV. Analysis of Infringement Allegations

’596 Patent Infringement Allegations

Claim Element (from Independent Claim 1)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
receiving by a remote computer system from a physical point of sale (POS) terminal, a unique code and not a financial account number...	The payment network and issuer processor (the remote system) receive a payment token and cryptogram from the merchant's POS system. This token is a substitute for, and not, the customer's actual PAN.	¶¶ 20-21	col. 6:65-67
routing said unique code without said financial account number to an accounting server;	The payment network routes the token to the appropriate Token Service Provider (TSP) for de-tokenization.	¶¶ 21; p. 12, step 3	col. 7:1-3
determining a virtual account ID;	The TSP validates the token and returns the clear PAN to the payment network, which is then used to identify the customer's account for authorization.	¶¶ 21; p. 12, step 4	col. 7:16-18
routing the transaction to an authentication, authorization and accounting (AAA) server for the virtual account ID in a location remote from said Internet capable mobile device;	The payment network forwards the transaction with the clear PAN to the appropriate issuer processor and issuer (Independent Bank) for authorization.	¶¶ 21; p. 12, steps 5-6	col. 7:1-3
and communicating an authorization message for the transaction without also communicating said financial account number to said physical POS terminal...	The payment network sends an authorization response back to the merchant acquirer/processor, ensuring that the token, not the clear PAN, is included in the response to the merchant.	¶¶ 21; p. 12, step 9	col. 8:31-37

• Identified Points of Contention:
  • Scope Questions: A central question may be whether the distributed components of the accused EMVCo system (e.g., Token Service Provider, Payment Network, Issuer Processor) can be collectively or individually mapped onto the patent's more specific "remote computer system," "accounting server," and "AAA server" architecture.
  • Technical Questions: The complaint alleges the system uses a "payment token" instead of a "financial account number." An issue may arise over whether the token, which the complaint notes "looks like a PAN" to the merchant system (Compl. p. 12, step 2), constitutes a "unique code" that is definitively not a "financial account number" as those terms are properly construed.

’285 Patent Infringement Allegations

Claim Element (from Independent Claim 7)	Alleged Infringing Functionality	Complaint Citation	Patent Citation
receiving from the Internet capable mobile device a mobile transaction specific unique code without also receiving any financial account number from said Internet capable mobile device;	The merchant's NFC-enabled POS terminal receives a payment token and cryptogram from the customer's smartphone via a contactless tap. The actual PAN is not transmitted from the phone to the terminal.	¶¶ 39, 21	col. 9:22-28
routing to a remote computer system the mobile transaction-specific unique code without also routing any financial account number to said remote computer system...	The merchant acquirer/processor receives the token from the POS terminal and routes it into the payment network for validation and authorization, without sending the customer's underlying PAN.	¶¶ 39; p. 12, step 2	col. 9:29-32
receiving an authorization message for the transaction without also receiving any financial account number from said Internet capable mobile device;	The POS terminal receives a final authorization response from the merchant acquirer/processor, which completes the transaction using the token, not the customer's PAN.	¶¶ 39; p. 12, step 10	col. 9:39-42

• Identified Points of Contention:
  • Scope Questions: As with the ’596 Patent, a key issue will be how the claimed "remote computer system" is defined and whether the functions of the accused system's various actors (acquirer, network, TSP, issuer) align with the functions claimed to be performed by that system.
  • Technical Questions: The complaint describes a provisioning process where the PAN is provided to a Token Service Provider to set up the wallet (Compl. p. 9, Fig. 5). While Claim 7 focuses on the transaction itself, it raises the question of whether any part of the overall accused system "receives" a financial account number in a way that might conflict with the claim's negative limitation, depending on how broadly "the system" is defined.

V. Key Claim Terms for Construction

• The Term: "financial account number"

  • Context and Importance: This term is the linchpin of the infringement case. The patents’ core novelty is avoiding the transmission of this number during a transaction. The dispute will likely center on whether the "payment token" used in the accused system is, or is not, a "financial account number." Practitioners may focus on this term because its construction could be dispositive; if a token is found to be a "financial account number," the non-infringement argument is significantly strengthened.
  • Intrinsic Evidence for a Broader Interpretation: The specification consistently distinguishes between a "discount code" or "unique code" and the underlying financial account, suggesting "financial account number" refers to the permanent, primary account number (PAN) linked directly to a line of credit or bank account (e.g., ’285 Patent, col. 8:1-12).
  • Intrinsic Evidence for a Narrower Interpretation: The patent does not explicitly define the term. A party could argue that any numerical identifier that functions to identify an account for a transaction, such as the tokenized PAN, falls within the plain meaning of the term. The complaint itself states the token "looks like a PAN" to the routing system, which could be used to argue it is functionally equivalent (Compl. p. 12, step 2).

• The Term: "accounting server"

  • Context and Importance: The claims assign specific functions to an "accounting server," such as determining a "virtual account ID" from a unique code (’596 Patent, Claim 1). The infringement analysis depends on mapping this claimed entity onto one or more components of the complex, multi-party EMVCo system (e.g., a Token Service Provider, an issuer's host system).
  • Intrinsic Evidence for a Broader Interpretation: The specification describes the server's functions, such as processing transactions, managing accounts, and synchronizing data, which could be interpreted to cover any component or set of components in the accused system that performs these roles, regardless of its name (’285 Patent, col. 4:23-40).
  • Intrinsic Evidence for a Narrower Interpretation: The patent figures depict a more centralized architecture with a distinctly labeled "Accounting Server" (e.g., ’285 Patent, FIG. 1, FIG. 3). A party may argue the term is limited to a single entity that performs all the recited functions, potentially creating a mismatch with the distributed nature of the accused system.

VI. Other Allegations

• Indirect Infringement: The complaint alleges induced infringement, stating that Independent Bank took active steps with the specific intent to cause its customers to infringe. These steps allegedly include "advising or directing," "advertising and promoting," and "distributing instructions" that guide users to enable and use the accused mobile payment functionalities on their devices (Compl. ¶¶ 73-74).
• Willful Infringement: Willfulness is alleged based on Independent Bank's knowledge of the patents "at least since the filing of the Complaint" (Compl. ¶87). The complaint asserts that Defendant's continued infringement is "objectively reckless as to the risk of infringing valid patents" (Compl. ¶86).

VII. Analyst’s Conclusion: Key Questions for the Case

• A core issue will be one of definitional scope: how will the term "financial account number" be construed? Will the court limit its meaning to the static Primary Account Number (PAN) on a physical card, or will it be interpreted broadly enough to read on the dynamically generated "payment token" used in the accused EMVCo system?
• A second central question will be one of architectural mapping: can the distributed, multi-party architecture of the accused mobile payment ecosystem (involving a merchant, acquirer, payment network, token service provider, and issuer) be mapped onto the more centralized "accounting server" and "AAA server" framework described and claimed in the patents, either literally or under the doctrine of equivalents?
• A key evidentiary question will be one of functional correspondence: what evidence will demonstrate that the accused system's components perform the specific functions recited in the claims? For instance, does the accused system's process of validating a token and cryptogram constitute the claimed step of "determining a virtual account ID" from a "unique code"?