DCT

3:24-cv-02872

Factor2 Multimedia Systems LLC v. US Bank National Association

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 3:24-cv-02872, N.D. Tex., 11/15/2024
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains regular and established places of business within the Northern District of Texas and has committed acts of infringement in the district.
  • Core Dispute: Plaintiff alleges that Defendant’s online banking platforms and its implementation of the Zelle payment system infringe six patents related to systems and methods for user authentication using dynamic, single-use codes generated by a trusted or centralized entity.
  • Technical Context: The technology relates to two-factor and centralized authentication methods designed to enhance security for online transactions, a critical function in the digital banking and e-commerce sectors.
  • Key Procedural History: The complaint notes that all six patents-in-suit are members of the same patent family but asserts that each has unique claims covering different inventions. No prior litigation, licensing history, or post-grant proceedings are mentioned in the complaint.

Case Timeline

Date Event
2001-08-29 Earliest Priority Date for all six Patents-in-Suit
2012-10-02 U.S. Patent No. 8,281,129 Issues
2017-07-11 U.S. Patent No. 9,703,938 Issues
2017-07-19 U.S. Patent No. 9,727,864 Issues
2017-12-27 U.S. Patent No. 9,870,453 Issues
2018-09-25 U.S. Patent No. 10,083,285 Issues
2020-09-08 U.S. Patent No. 10,769,297 Issues
2024-11-15 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,281,129 - “Direct Authentication System And Method Via Trusted Authenticators”

  • Issued: October 2, 2012.

The Invention Explained

  • Problem Addressed: The patent’s background describes the problem of identity theft and online fraud, which stems from authenticating users based on static, knowledge-based information like Social Security Numbers that can be easily stolen and reused (’129 Patent, col. 1:47-2:4).
  • The Patented Solution: The invention proposes a two-factor authentication method where a user, when transacting with an entity (e.g., a merchant), requests a temporary "dynamic code" from a separate "trusted-authenticator" (e.g., the user's bank). The user then provides both static information (like a username) and this new dynamic code to the entity. The entity forwards this information to the trusted-authenticator, which authenticates the user's identity by verifying both the static data and the validity of the single-use dynamic code, and then sends a confirmation or denial back to the entity (’129 Patent, Abstract; col. 7:21-49).
  • Technical Importance: This system was designed to mitigate the risk of credential theft by introducing a time-sensitive, single-use factor from an already-trusted third party, rendering stolen static credentials insufficient for fraudulent authentication (’129 Patent, col. 11:21-36).

Key Claims at a Glance

  • The complaint asserts claims 1-52 (Compl. ¶49). Independent claim 1 is presented as representative (Compl. ¶21).
  • The essential elements of independent claim 1 include:
    • A computer implemented method to authenticate an individual in communication with an entity.
    • Receiving, by a trusted-authenticator's computer, a request for a dynamic code from the individual.
    • Calculating, by the trusted-authenticator's computer, the dynamic code, which is valid for a predefined time and becomes invalid after being used.
    • Sending the dynamic code electronically from the trusted-authenticator's computer to the individual.
    • Receiving, by the trusted-authenticator's computer, an authentication request from the entity, which includes user information and the dynamic code that the entity received from the individual.
    • Authenticating the individual's identity based on the user information and the dynamic code.
    • Providing the result of the authentication to the entity.
  • The complaint asserts dependent claims without specifying which ones.

U.S. Patent No. 9,703,938 - “Direct Authentication System And Method Via Trusted Authenticators”

  • Issued: July 11, 2017.

The Invention Explained

  • Problem Addressed: The patent addresses the persistent problem of authenticating users in electronic transactions where reliance on static personal information makes systems vulnerable to fraud and identity theft (’938 Patent, col. 1:10-2:4).
  • The Patented Solution: The invention describes a method where a trusted authentication system receives an electronic request for a dynamic code from a user during a transaction. The system generates the code, which is time-limited and single-use, and provides it to the user. The system then receives an authentication request from the transacting computer system containing the user's digital identity (including the dynamic code). It authenticates the user by validating the code and provides the result back to the computer system, completing the secure transaction loop (’938 Patent, Abstract; col. 13:1-40).
  • Technical Importance: This method refines the two-factor authentication process for real-time electronic transactions, emphasizing that the request for the dynamic code is "digitally triggered during the transaction" itself, enhancing security at the point of need (’938 Patent, col. 13:36-40).

Key Claims at a Glance

  • The complaint asserts claims 1-26 (Compl. ¶65). The complaint does not quote a representative claim for this patent. Independent claim 1 is a lead method claim.
  • The essential elements of independent claim 1 include:
    • A method for enhancing network security by authenticating a user during an electronic transaction.
    • Receiving, at a trusted authentication system, an electronic request for a dynamic code for the user, where the request is digitally triggered during the transaction.
    • Generating a dynamic code that is valid for a pre-determined time and becomes invalid after use.
    • Providing the generated code to the user during the transaction.
    • Receiving a request for authentication from the computer system based on a digital identity that includes the dynamic code.
    • Authenticating the user based on the user specific information, the received dynamic code, and a current time, where the code is used for the first time.
    • Providing the authentication result to the computer system.
  • The complaint asserts dependent claims without specifying which ones.

U.S. Patent No. 9,727,864 - “Centralized Identification and Authentication System and Method”

  • Issued: July 19, 2017.
  • Technology Synopsis: This patent describes an authentication system centered on a "Central-Entity" that securely stores user information. To interact with an "External-Entity" (e.g., a merchant), a user requests a time-dependent, single-use "SecureCode" from the Central-Entity. The user provides this SecureCode as part of a "digital identity" to the External-Entity, which in turn forwards it to the Central-Entity for verification to complete the authentication (’864 Patent, Abstract; col. 1:28-36).
  • Asserted Claims: Claims 1-15 (Compl. ¶81).
  • Accused Features: The complaint alleges that the Zelle System and the USBNA System function as centralized authentication platforms that generate and validate temporary codes for user transactions (Compl. ¶12, 22, 35).

U.S. Patent No. 9,870,453 - “Direct Authentication System and Method Via Trusted Authenticators”

  • Issued: December 27, 2017.
  • Technology Synopsis: This patent details an authentication method where a user in an electronic communication receives a "SecureCode" from an authentication system. The code is configured to be valid for a predetermined time and invalid after its first use. The user provides this code to an online system, which then sends an authentication request to the authentication system to validate the code and confirm the user's identity (’453 Patent, col. 13:1-59).
  • Asserted Claims: Claims 1-26 (Compl. ¶97).
  • Accused Features: The complaint accuses the Zelle and USBNA systems of implementing this method by generating and validating time-sensitive, single-use codes through a trusted third-party authenticator to secure user access and transactions (Compl. ¶12, 22, 35).

U.S. Patent No. 10,083,285 - “Direct Authentication System and Method Via Trusted Authenticators”

  • Issued: September 25, 2018.
  • Technology Synopsis: This patent describes a system where an online system receives authentication information, including a code generated by a separate authentication system that is time-limited and single-use. The online system forwards this information to the authentication system, which authenticates the user by validating the code and user information. Upon successful validation, the authentication system sends a confirmation, and the online system grants the user access (’285 Patent, Abstract; col. 13:1-14:59).
  • Asserted Claims: Claims 1-30 (Compl. ¶113).
  • Accused Features: The Zelle and USBNA systems are alleged to infringe by using an architecture where an online banking application (the online system) receives a code from a user and relies on a separate authentication service to validate it before granting access (Compl. ¶12, 22, 35).

U.S. Patent No. 10,769,297 - “Centralized Identification and Authentication System and Method”

  • Issued: September 8, 2020.
  • Technology Synopsis: This patent claims an authentication system where a user's computing device requests a "SecureCode" from an online computer system. The online system generates and provides the code, which is time-limited and single-use. The online system then receives a "digital authentication request" including the SecureCode back from the user's device and authenticates the user by evaluating the code's validity (’297 Patent, Abstract; col. 5:46-6:51).
  • Asserted Claims: Claims 1-29 (Compl. ¶129).
  • Accused Features: The complaint alleges the Zelle and USBNA systems infringe by operating as an online system that generates a SecureCode, provides it to a user's device, and then authenticates the user when that code is submitted back to the system (Compl. ¶12, 20, 22).

III. The Accused Instrumentality

Product Identification

  • The accused instrumentalities are identified as the "Zelle System" and the "USBNA System" (Compl. ¶3, 35). The USBNA System is further defined as comprising USBNA's mobile banking application and its online website, "www.usbank.com" (Compl. ¶35, 36).

Functionality and Market Context

  • The Zelle System is described as a payment network accessible through mobile applications and the websites of partner financial institutions like USBNA (Compl. ¶22, 26). The USBNA System provides customers with access to online banking services (Compl. ¶35). Both systems are alleged to use authentication methods to verify user identity before granting access to financial services or permitting transactions (Compl. ¶12). The complaint alleges that end users access these systems through "banking apps" or mobile applications on iOS and Android devices (Compl. ¶22, 37).
  • No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

The complaint references but does not attach claim chart exhibits (Exhibits G and H) that allegedly detail infringement of the ’297 Patent (Compl. ¶30, 38). In lieu of a table, the narrative infringement theory is summarized below.

  • Narrative Infringement Theory Summary (’129 and ’938 Patents): The complaint alleges that the accused Zelle and USBNA systems practice the claimed methods for direct authentication via a trusted authenticator (Compl. ¶21). The narrative theory suggests that when a user attempts to log in or transact, the Defendant’s system (acting as or in concert with a "trusted-authenticator") receives a request for and generates a temporary, dynamic code (e.g., a one-time passcode sent via SMS or email) (Compl. ¶12, 21). This code is alleged to be time-limited and single-use, as required by the claims (Compl. ¶21). The user enters this code into the banking app or website (the "entity"), which then sends an authentication request containing the code and other user information to a back-end server (the "trusted-authenticator's computer") for verification (Compl. ¶21). This server allegedly authenticates the user's identity based on the code's validity and provides the result back to the application, either granting or denying access (Compl. ¶21, 22).

  • Identified Points of Contention:

    • Scope Questions: A potential issue is whether the distributed, multi-party architecture of the Zelle network (operated by Early Warning Services, LLC, and utilized by partner banks like USBNA) can be mapped to the claim language of "a trusted-authenticator's computer" performing the recited steps (Compl. ¶26). This may raise questions for the court regarding divided infringement, where multiple actors collectively perform the steps of a claimed method.
    • Technical Questions: The infringement analysis may focus on whether the temporary passcodes used in the accused systems meet the specific limitations of a "dynamic code." For example, what evidence does the complaint provide that the code "becomes invalid after being used" in addition to being "valid for a predefined time," as recited in claim 1 of the ’129 Patent? The precise lifecycle and invalidation triggers of the accused codes compared to the claim language will be a key technical question.

V. Key Claim Terms for Construction

  • The Term: "dynamic code" (’129 Patent, Claim 1)

    • Context and Importance: This term is the core of the claimed invention's security feature. The dispute will likely center on whether the one-time passcodes generated by the Zelle and USBNA systems meet the specific dual requirements that the code is "valid for a predefined time and becomes invalid after being used." Practitioners may focus on this term because the specific mechanism and timing of the code’s invalidation is a critical technical limitation.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification also refers to the code as a "SecureCode" and describes it as an "alphanumeric code" that "will have a different value each time the individual receives it," which could support construing it to cover a wide range of one-time passcodes (’129 Patent, col. 7:29-35).
      • Evidence for a Narrower Interpretation: The explicit language in claim 1 requiring the code to become invalid "after being used" suggests a single-use property. A defendant may argue that a code that simply expires after a set time, regardless of use, does not meet this limitation.

  • The Term: "trusted-authenticator's computer" (’129 Patent, Claim 1)

    • Context and Importance: This term defines the single actor that the claim requires to perform several key steps: receiving the request from the individual, calculating the code, sending the code, receiving the request from the entity, and authenticating. In a system like Zelle, where functionality may be split between Zelle's servers and the bank's servers, identifying a single "trusted-authenticator's computer" that performs all these steps could be challenging.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification describes a "trusted-authenticator" broadly as an entity like a "bank or other financial institution" with whom the user has an established relationship, which could encompass the role USBNA's systems play within the Zelle network (’129 Patent, col. 8:1-17).
      • Evidence for a Narrower Interpretation: The claim’s recitation of "a trusted-authenticator's computer" in the singular could be argued to require that a single, non-divided entity perform the sequence of steps. A defendant might contend that the accused functionality is divided between different entities (e.g., Zelle and USBNA), thereby avoiding infringement of this claim element by any single party.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges contributory infringement under 35 U.S.C. § 271(c). It asserts that Defendant, with knowledge of the patents, supplies the Zelle and USBNA systems, which constitute a material part of the infringing systems, are not staple articles of commerce, and are especially adapted for use in an infringing manner (Compl. ¶27, 41).
  • Willful Infringement: The complaint does not contain an explicit count for willful infringement. However, it requests "enhanced damages under 35 U.S.C. § 284" and an award of attorneys' fees for an "exceptional" case in the prayer for relief (Compl. p. 25-26). It also alleges that Defendant has "no good faith defense to Plaintiff's infringement allegations" (Compl. ¶33, 46). The complaint does not allege any pre-suit knowledge of the patents.

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of architectural mapping and divided infringement: Can the patent claims, which often describe a single "trusted-authenticator" or "centralized entity" performing a complete sequence of authentication steps, be read onto the accused Zelle and USBNA systems, which involve a multi-party architecture of a network operator (Zelle) and a partner bank (USBNA)? The allocation of functions between these parties will be critical.
  • A key evidentiary question will be one of functional equivalence: Do the one-time passcodes used in the accused systems operate in a manner that meets the specific claim limitations of a "dynamic code" or "SecureCode"? The analysis will likely focus on whether the codes possess the dual properties of being both time-limited and single-use, as explicitly required by several of the asserted claims.