PTAB

IPR2018-00812

Apple Inc v. Universal Secure Registry LLC

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Universal Secure Registry
  • Brief Description: The ’539 patent describes systems and methods for anonymously authenticating users for transactions using a time-varying multicharacter code. The system is intended to allow a user to purchase goods without directly providing sensitive personal or financial information, like a credit card number, to a merchant.

3. Grounds for Unpatentability

Ground 1: Obviousness over Reber and Franklin - Claims 1-3, 5-8, 16-24, 26-30, and 37-38 are obvious over Reber in view of Franklin under 35 U.S.C. §103.

  • Prior Art Relied Upon: Reber (Patent 5,930,767) and Franklin (Patent 6,000,832).
  • Core Argument for this Ground:

    • Prior Art Mapping: Petitioner argued that Reber discloses a general framework for secure, anonymous financial transactions that teaches the core elements of the challenged claims. Reber described a system where a user transmits two data elements to a remote computer for authentication: a first element identifying the merchant/item and a "second data element" that is a time-varying, non-predictable code identifying the user. This remote computer hosts a database, compares the received code to stored user information, and approves or denies the transaction without revealing the user's underlying account information to the merchant. Petitioner contended Reber’s "second data element" is the "time-varying multicharacter code" of the claims, its remote computer and database is the "secure registry system," its "first party" is the "provider," and its "second party" is the "entity."

    • To the extent Reber did not explicitly teach every limitation, Petitioner argued that Franklin supplied the missing details. For example, while Reber did not specify a mechanism for verifying the merchant, Franklin taught checking for a valid merchant to prevent fraud. A POSITA would have incorporated this known technique into Reber's system. Similarly, Franklin disclosed using a proxy card number that is functionally identical to Reber’s "second data element" and explicitly taught that the authenticating database is maintained by the card's issuing institution (a third party), fulfilling the claim requirement to provide account information to a third party but not the provider.

    • Motivation to Combine: Petitioner asserted a POSITA would combine Reber and Franklin for several reasons. Both references are in the same field of secure financial transactions, address the identical problem of preventing fraud in electronic commerce, and propose strikingly similar system architectures (an end-user, a merchant, and a remote authenticating database). A POSITA would have naturally looked to the specific implementation details in Franklin (e.g., using a proxy card number, locating the database at the issuing bank) to implement the more general, conceptual framework disclosed in Reber.

    • Expectation of Success: The combination would have yielded only predictable results. Implementing Reber's general authentication framework using Franklin's specific techniques for handling proxy card numbers and merchant validation would have predictably resulted in a more robust and secure authentication protocol, which was the stated goal of both references.

4. Key Claim Construction Positions

  • Provider: Petitioner proposed this term means "the party to a transaction, such as a merchant, that provides a good or service to an entity." This construction was argued to be critical for mapping the "first party" (e.g., a seller or merchant) described in Reber to the claimed "provider."
  • Entity: Proposed as "the purchasing party to a transaction who has data stored in the secure registry." This was necessary to map Reber's "second party" (e.g., a buyer) to the claimed "entity."
  • Time-Varying Multicharacter Code: Proposed as "a sequence of numbers that varies with time." This construction allowed Petitioner to map the term to Reber’s disclosure of a "time-varying and nonpredictable" personal identification code used as a "second data element."
  • Secure Registry: Proposed as "a database with access restrictions." This construction was foundational to the argument, allowing Petitioner to identify the remote "database" in Reber, which controls access to authentication information, as the claimed "secure registry."

5. Relief Requested

  • Petitioner requested institution of an inter partes review and cancellation of claims 1-3, 5-8, 16-24, 26-30, and 37-38 of the ’539 patent as unpatentable.