Apple Inc v. Universal Secure Registry LLC

1. Case Identification

• Case #: IPR2020-01223
• Patent #: 9,928,495
• Filed: July 20, 2020
• Petitioner(s): Apple Inc.
• Patent Owner(s): Universal Secure Registry, LLC
• Challenged Claims: 22-28

2. Patent Overview

• Title: Universal Secure Registry
• Brief Description: The ’495 patent discloses an authentication system for financial transactions. The system comprises a user's electronic device that receives biometric information to authenticate the user and, in response, generates a one-time code, and a separate computer system that receives the code to access the user's account information for transaction authorization.

3. Grounds for Unpatentability

Ground 1: Obviousness over Schutzer and Walker - Claims 22-26 and 28 are obvious over Schutzer alone or in view of Walker.

• Prior Art Relied Upon: Schutzer (European Application # 1028401A2) and Walker (Patent 6,163,771).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued Schutzer discloses the core elements of independent claim 22. Schutzer teaches a user's computing device that receives biometric information (e.g., a fingerprint) to authenticate a user and then generates a one-time "anonymous card number." A separate computer system, such as an issuing bank's server, receives this code via a network and uses a pre-existing "link" to access the user's actual account number to authorize a transaction. To the extent Schutzer’s "link" was not sufficiently detailed, Petitioner asserted that Walker supplements this teaching by disclosing a specific method where an account number is extracted from a received one-time code to retrieve a cardholder's private key, which is then used to decrypt a nonce for validation. Dependent claims were mapped to disclosures in Schutzer and Walker regarding merchants, credit card companies, and various properties of the one-time code (e.g., non-predictable, time-variant, transaction-specific, encrypted).
  • Motivation to Combine: A POSITA would combine Schutzer and Walker because they address the same problem of securing electronic transactions using similar system architectures (user device, merchant, bank server). Petitioner argued that implementing Walker’s more detailed encryption and data retrieval process within Schutzer's framework would be a straightforward application of a known technique to improve the security of a similar system.
  • Expectation of Success: A POSITA would have had a reasonable expectation of success because the combination involved applying a known, compatible security scheme (Walker) to an existing system (Schutzer) to achieve the predictable result of enhanced security against fraud.

Ground 2: Obviousness over Schutzer, Walker, and Slater - Claim 27 is obvious over Schutzer alone or in view of Walker and/or Slater.

• Prior Art Relied Upon: Schutzer (European Application # 1028401A2), Walker (Patent 6,163,771), and Slater (Patent 6,098,053).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground targeted claim 27, which adds the limitation that the one-time code is associated with a "public identification code." Petitioner argued that Schutzer’s "anonymous card number" meets this limitation because it is transmitted over public networks to identify a user’s account without revealing the actual account number. If this was found insufficient, Petitioner argued that Slater teaches a tokenized "financial transaction instruction" containing embedded "card number data" that functions as a public identification code, which is then mapped by the issuing bank to the user's actual account.
  • Motivation to Combine: A POSITA would combine Slater with the Schutzer/Walker system as they are all in the same field, address the same problem, and share similar structures. Slater simply provides specific implementation details for generating and embedding a public identification code into a transmitted token, a known technique to improve a secure transaction system.

Ground 3: Obviousness over Franklin and Schutzer - Claims 22-26 and 28 are obvious over Franklin alone or in view of Schutzer.

• Prior Art Relied Upon: Franklin (Patent 6,000,832) and Schutzer (European Application # 1028401A2).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Franklin teaches the fundamental authentication system of claim 22, wherein a user authenticates to a local computer via a password or PIN, which then generates a one-time "proxy" transaction number. This proxy number is sent to an issuing bank that uses it to access the user's actual account information and authorize a transaction. Petitioner contended that Schutzer renders this system obvious by teaching the modification of replacing Franklin’s password-based authentication with a more secure biometric authentication method, such as a fingerprint scan, to trigger the generation of the one-time code.
  • Motivation to Combine: A POSITA would combine the references to enhance security. Petitioner argued it would have been an obvious design choice to substitute the "weak password" authentication of Franklin with the more robust biometric authentication taught by Schutzer, as both references address the same problem of preventing electronic fraud and disclose nearly identical system flows.
  • Expectation of Success: Success would be predictable because swapping one known authentication method for another to improve security was a common and well-understood practice in the art.

Ground 4: Obviousness over Franklin, Schutzer, and Slater - Claim 27 is obvious over Franklin in view of Schutzer, further in view of Slater.

• Prior Art Relied Upon: Franklin (Patent 6,000,832), Schutzer (European Application # 1028401A2), and Slater (Patent 6,098,053).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground parallels Ground 2 but uses the Franklin/Schutzer combination as the base. Petitioner argued that Franklin's "proxy" transaction number, which is transmitted publicly, constitutes the claimed "public identification code." The combination with Schutzer adds the biometric authentication element. Slater was introduced as an alternative or supplement to provide a more explicit teaching of embedding "card number data" (a public ID code) within a larger tokenized transaction instruction that is sent to the financial institution for processing.
  • Motivation to Combine: The motivation to add Slater to the Franklin/Schutzer combination was to incorporate a known technique for packaging and transmitting transaction data. As all three references operate in the same field and solve the same problem, a POSITA would have found it obvious to combine their respective features to create a functional, secure transaction system.

4. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 22-28 of Patent 9,928,495 as unpatentable under 35 U.S.C. §103.