DCT

7:25-cv-00138

Secure Matrix LLC v. Indeed Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 7:25-cv-00138, W.D. Tex., 03/21/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains an established place of business in the district and has allegedly committed acts of patent infringement there.
  • Core Dispute: Plaintiff alleges that Defendant’s user authentication systems infringe a patent related to multi-device verification methods.
  • Technical Context: The patent addresses methods for securely authenticating users to online services, such as websites or applications, by using a personal electronic device (e.g., a smartphone) to verify an access request initiated on another computer.
  • Key Procedural History: The complaint does not reference any prior litigation, inter partes review (IPR) proceedings, or licensing history related to the patent-in-suit. The allegations of knowledge and inducement are predicated on the filing and service of the complaint itself.

Case Timeline

Date Event
2012-11-21 '116 Patent Priority Date
2014-03-18 '116 Patent Issue Date
2025-03-21 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,677,116 - "Systems and methods for authentication and verification"

  • Patent Identification: U.S. Patent No. 8,677,116, "Systems and methods for authentication and verification," issued on March 18, 2014.

The Invention Explained

  • Problem Addressed: The patent describes a "growing need to authenticate users" for accessing secured internet portals and conducting online consumer transactions in a manner that is both secure and fast ('116 Patent, col. 1:20-28).
  • The Patented Solution: The invention proposes a three-part authentication system: a primary computer (e.g., a desktop browser), a user's personal electronic device (e.g., a smartphone), and a back-end verification server. The primary computer displays a "reusable identifier" (e.g., as a QR code). The user's device scans this identifier, combines it with "user verification information," and sends the combined data to the verification server. The server then evaluates both the identifier from the primary computer and the data from the user's device to authorize the session ('116 Patent, Abstract; Fig. 2). A key aspect is the use of a "reusable" identifier, which does not contain transaction-specific data, to simplify the process and improve system scalability ('116 Patent, col. 6:34-62).
  • Technical Importance: This approach aims to provide security beyond a simple password by requiring a second factor (the user's device) while potentially streamlining the user experience compared to manually entering one-time codes.

Key Claims at a Glance

  • The complaint states it asserts "exemplary claims" identified in an unprovided exhibit but does not specify them in the body of the complaint (Compl. ¶12). The two primary independent claims of the '116 Patent are Claim 1 (a method) and Claim 11 (a system).
  • Independent Claim 1 (Method) requires:
    • Using a computer system to receive a first signal from a computer, containing a "reusable identifier".
    • Using the computer system to receive a second signal from a user's electronic device, containing a copy of the "reusable identifier" and "user verification information".
    • Using a processor of the computer system to evaluate the signals to determine if the user is authorized.
    • Transmitting a third signal with authorization information in response to a successful evaluation.
  • Independent Claim 11 (System) requires:
    • A first input to receive first signals (with a "reusable identifier") from computers.
    • A second input to receive second signals (with a copy of the "reusable identifier" and "user verification information") from electronic devices.
    • A storage device with associations between secured capabilities and identifiers, and between user information and verified users.
    • A processor to evaluate whether a user is authorized.
    • An output to transmit an authorization signal.
  • The complaint does not explicitly reserve the right to assert dependent claims, but refers generally to "one or more claims of the '116 Patent" (Compl. ¶11).

III. The Accused Instrumentality

Product Identification

  • The complaint alleges infringement by "Exemplary Defendant Products" (Compl. ¶11). These products are identified in claim charts attached as Exhibit 2, but this exhibit was not included with the publicly filed complaint (Compl. ¶16).

Functionality and Market Context

  • The complaint does not describe the functionality of the accused products. It alleges that Defendant makes, uses, sells, and internally tests products that "practice the technology claimed by the '116 Patent" (Compl. ¶11, ¶12, ¶16). Given Defendant's business as an online employment platform, the accused instrumentality is presumably a user login or authentication feature of its website or applications.

IV. Analysis of Infringement Allegations

The complaint incorporates by reference claim charts from an unprovided Exhibit 2, which purportedly detail the infringement of "Exemplary '116 Patent Claims" by "Exemplary Defendant Products" (Compl. ¶16, ¶17). Without these charts, a detailed element-by-element analysis based on the complaint is not possible.

No probative visual evidence provided in complaint.

  • Identified Points of Contention: Based on the patent and the general nature of the allegations, several points of contention may arise during litigation.
    • Architectural Questions: A central question will be how the architecture of Defendant’s authentication system maps onto the claimed three-party framework (service-providing computer, user's electronic device, verification server). The patent describes the verification server as a distinct component that receives signals from both the user's device and the service computer ('116 Patent, Fig. 2; col. 7:1-4). The degree to which Defendant’s system mirrors this potentially distributed architecture will be a focus.
    • Technical Questions: The nature of the data transmitted within Defendant's system will be critical. A key factual question is what data constitutes the "reusable identifier" and "user verification information" in the accused products. The infringement analysis may turn on whether the identifier used by Defendant meets the patent's definition of being "reusable" and free of "user-specific or transaction-specific information" ('116 Patent, col. 9:8-14).

V. Key Claim Terms for Construction

  • The Term: "reusable identifier" (Claim 1, 11)

  • Context and Importance: This term is the technological core of the patent, distinguishing the invention from systems using unique, "one-time-use" codes. The construction of "reusable" will be critical to determining the scope of the claims. Practitioners may focus on whether this term requires the identifier to be completely devoid of any session or user context.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification states that a reusable identifier is one that "can be used more than once" and "can be reused for multiple users and multiple transactions" ('116 Patent, col. 9:9-16). This language could support a construction where any identifier not strictly single-use falls within the claim scope.
    • Evidence for a Narrower Interpretation: The patent explicitly distinguishes the invention by noting the identifier "does not contain user-specific or transaction-specific information" ('116 Patent, col. 9:12-14). This suggests a narrower construction where an identifier containing any data that links it to the specific user or session (e.g., a session token) would not be "reusable" in the sense required by the claims.

  • The Term: "user verification information" (Claim 1, 11)

  • Context and Importance: This term defines the data sent from the user's personal device to the verification server, separate from the "reusable identifier". Its definition will clarify what kind of user-related data must be present in the accused data flow for infringement to be found.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification provides a broad list of examples, including information "specific to the user (e.g., the user's first name, family name, email address, phone number)" and information "specific to the first electronic device 20 (e.g., a device identification character string, hardware-specific information...)" ('116 Patent, col. 12:7-14). This could support a broad definition covering almost any user or device data.
    • Evidence for a Narrower Interpretation: The specification also contemplates that the information could be "derivable from user-specific information (e.g., predetermined portions of the user-specific information that would not themselves contain private information)" ('116 Patent, col. 12:15-18). This language might be used to argue for a narrower construction where the information is not raw personal data but rather a token or hash derived from it, a distinction that could be significant depending on the accused system's implementation.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges induced infringement, stating that Defendant distributes "product literature and website materials" that instruct end users on how to use the accused products in a manner that allegedly infringes the '116 Patent (Compl. ¶14).
  • Willful Infringement: The complaint alleges that Defendant has had "actual knowledge" of its infringement at least since the service of the complaint and has "actively, knowingly, and intentionally continued to induce infringement" (Compl. ¶13, ¶15). This forms the basis for a claim of post-suit willfulness.

VII. Analyst’s Conclusion: Key Questions for the Case

  1. A core issue will be one of definitional scope: can the term "reusable identifier", as defined in the patent to exclude "user-specific or transaction-specific information," be construed to read on the authentication tokens or session identifiers allegedly used in Defendant's system? The outcome of this construction will likely be dispositive for infringement.
  2. A second key issue will be one of architectural mapping: does Defendant's authentication system, which may be a tightly integrated service, practice the distributed, three-component architecture (service computer, user device, verification server) that appears to be required by the patent's claims and described in its figures?
  3. An essential evidentiary question will be one of data flow: what specific data does Defendant's system transmit between a user's browser, the user's mobile device, and its back-end servers during an authentication event, and does this data flow meet the specific "reusable identifier" and "user verification information" limitations of the asserted claims?