PTAB

IPR2018-00809

Apple Inc v. Universal Secure Registry LLC

Log In
Key Events
Petition

1. Case Identification

2. Patent Overview

  • Title: Universal Secure Registry
  • Brief Description: The ’137 patent discloses systems and methods for authenticating a user to enable a transaction. The system involves a user device that performs local authentication using secret information (e.g., a PIN) and biometric information, and then communicates with a second, remote device to generate a one-time, time-varying token for transaction approval.

3. Grounds for Unpatentability

Ground 1: Claims 1, 2, 6, 7, 9, 10, and 12 are obvious over Jakobsson in view of Maritzen.

  • Prior Art Relied Upon: Jakobsson (WO 2004/051585) and Maritzen (Application # 2004/0236632).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Jakobsson taught the core elements of independent claims 1 and 12. Specifically, Jakobsson disclosed an authentication system with a first user device that authenticates a user locally based on secret information (PIN) and biometric data. This device then generates and transmits signals—including authentication information, an indicator of the biometric match, and a time-varying value—to a second device (a "verifier") for remote authentication. The verifier can then send an "enablement signal" back to the first device. Petitioner contended that to the extent Jakobsson did not explicitly describe enabling a financial transaction, Maritzen supplied this element by teaching a system for securely "conducting a financial transaction" using similar biometric authentication principles.
    • Motivation to Combine: A Person of Ordinary Skill in the Art (POSITA) would combine the references because they are in the same field of secure electronic transactions and address the common problem of fraud. Petitioner asserted it would have been an obvious and predictable step to apply Jakobsson’s robust authentication system to the specific context of financial transactions described in Maritzen to improve security. This combination involved applying a known technique to a known system to yield predictable results.

Ground 2: Claim 5 is obvious over Jakobsson in view of Maritzen and Niwa.

  • Prior Art Relied Upon: Jakobsson (WO 2004/051585), Maritzen (Application # 2004/0236632), and Niwa (Patent 6,453,301).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground built upon the combination in Ground 1 to address the limitations of dependent claim 5, which required the first device’s processor to "compare stored authentication information with the authentication information of the user" and enable the device based on a valid comparison. Petitioner argued that while Jakobsson taught storing user data on the device for authentication, Niwa explicitly disclosed this limitation. Niwa described a fingerprint identification device that authenticates a user by matching a received fingerprint to a "stored fingerprint within the...device." Maritzen further taught unlocking a personal transaction device based on the result of a successful biometric authentication.
    • Motivation to Combine: A POSITA would combine Niwa’s teachings because Niwa was expressly incorporated by reference into Maritzen for its disclosure of a suitable biometric control device. The combination represented the use of a known technique (comparing a live biometric scan to a stored template) to improve a similar device (Jakobsson’s authentication device), which was an obvious design choice to enhance security and would yield the predictable result of allowing user access only upon a successful match.

Ground 3: Claims 8 and 11 are obvious over Jakobsson in view of Maritzen and Schutzer.

  • Prior Art Relied Upon: Jakobsson (WO 2004/051585), Maritzen (Application # 2004/0236632), and Schutzer (European Application # EP 1028401).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground added Schutzer to address dependent claims 8 and 11. Claim 8 recited that the authentication information includes a "multidigit public ID code for a credit card" that an issuer can map back to the actual card number. Petitioner argued that Schutzer taught this exact concept, describing a system that uses an "anonymous or alternate card number" in place of the user’s actual card number during a transaction. The card issuer could then associate this alternate number with the proper account to authorize payment, thus obscuring the real account number. Claim 11 required the second device to be a "networked credit card validation-information entity," which Petitioner asserted was disclosed by Schutzer’s "card issuer's server."
    • Motivation to Combine: A POSITA would combine Schutzer’s teachings to improve the security of the Jakobsson/Maritzen system. All three references recognized the risk of stolen credentials in electronic transactions. Incorporating Schutzer’s use of an alternate card number was a known technique for obscuring exploitable account information. This would have been a simple substitution of one known element (Schutzer’s credit card validation server) for another (Jakobsson’s generic verifier) to obtain the predictable result of a system capable of securely validating a credit card user.

4. Key Claim Construction Positions

  • "Biometric Information": Petitioner proposed this term be construed as "information about a user's physical characteristics, such as fingerprint, voice print, signature, iris or facial scan, DNA analysis, or personal photograph." Petitioner argued this construction was supported by the specification's consistent distinction between physical biometrics and secret codes like PINs. It specifically contended that a single passage in the specification describing a PIN as an example of biometric information was an anomaly inconsistent with the intrinsic record and the understanding of a POSITA, and should therefore be disregarded.

5. Relief Requested

  • Petitioner requests institution of an inter partes review and cancellation of claims 1, 2, and 5-12 of the ’137 patent as unpatentable.