PTAB

IPR2023-00425

Unified Patents LLC v. Dynapass Holdings IP LLC

Log In
Key Events
Petition

1. Case Identification

2. Patent Overview

  • Title: Authentication of User for Secure System Access
  • Brief Description: The ’658 patent describes a system for authenticating users of a secure system. The method involves supplying a user token to a personal communication device, like a mobile phone or pager, which is then used in combination with a secret passcode to generate a password for system access.

3. Grounds for Unpatentability

Ground 1: Obviousness of Claim 5 over Veneklase in view of Jonsson

  • Prior Art Relied Upon: Veneklase (European Patent Application # 084451) and Jonsson (WO 96/00485).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Veneklase disclosed a computer authentication system where a user inputs a known password, receives a pseudo-random code (a token not previously known to the user) on a pager via a second communication channel, and then enters that code to gain access. While Veneklase taught using a known passcode and an unknown token, it did not explicitly teach combining them to form a single new password. Petitioner asserted that Jonsson remedied this by disclosing an algorithm that "calculates a response code [new password] based on the received challenge code [token], the user input (e.g., PIN) [passcode]." Jonsson’s system generated a unique response code for each transaction, which served as the new password for authentication.
    • Motivation to Combine: A POSITA would combine Jonsson’s algorithm with Veneklase’s system to improve security and efficiency. Veneklase’s two-step input process (passcode, then token) could be streamlined into a single step by creating one new password from both inputs, as taught by Jonsson. Furthermore, Veneklase explicitly discussed using algorithms for security, which would motivate a POSITA to incorporate Jonsson’s known algorithmic approach to enhance the system and protect against threats like SIM swapping.
    • Expectation of Success: A POSITA would have a reasonable expectation of success because the combination integrated two known authentication methods to create a more efficient process (one step instead of two) without requiring additional hardware.

Ground 2: Obviousness of Claims 1, 3-6 over Kew in view of Sormunen

  • Prior Art Relied Upon: Kew (WO 95/19593) and Sormunen (WO 97/31306).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Kew taught a method for preventing unauthorized access to a host computer. In Kew, a security server generated a random code (token) and used it with a user's identity code (passcode) to create a transformed code (new password). The server also sent the random token to the user's pager. The pager independently created a similar transformed code, which the user then entered for comparison and authentication. This met the core limitations of creating a new password from a token and passcode. For limitations requiring communication over a "cell phone network" and receiving a token request from the user's device, Petitioner pointed to Sormunen. Sormunen disclosed a method for obtaining passwords where a user sent a request via a short message from a mobile station (e.g., a device on a cellular network) to a password server.
    • Motivation to Combine: A POSITA would combine the references to allow Kew’s authentication system to operate on a more modern and ubiquitous network. Kew taught using conventional paging systems, which communicate via radiofrequency. Sormunen taught using cellular networks (like GSM) for similar authentication functions, which also rely on radiofrequency. A POSITA would be motivated to adapt Kew's system to a cellular network as taught by Sormunen to increase flexibility, expand availability, and enable two-way communication, allowing users to request tokens from their personal devices.
    • Expectation of Success: A POSITA would expect success in modifying Kew’s system because it involved applying a known communication technology (cellular networks) to an existing authentication framework that already used a similar underlying technology (radiofrequency transmitters).

4. Key Claim Construction Positions

  • "a control module...configured to...": Petitioner argued these terms do not invoke means-plus-function claiming under §112, ¶ 6 because they denote sufficient structure. However, should the Board disagree, Petitioner provided proposed constructions based on the algorithms and structures disclosed in the specification, such as a server executing software to generate passwords.
  • "Cell phone network": Petitioner contended this term should be construed to encompass both mobile phone networks and pager service provider networks. This construction was based on the ’658 patent specification, which repeatedly described the personal communication device as potentially being a pager and the service provider as a pager or mobile phone service.
  • "Not known to the user": Petitioner argued this limitation, referring to the token, should be construed to mean "not known to the user before being sent to the user as part of the authentication process." This interpretation acknowledges that the user must eventually know the token to use it for authentication, as shown in the patent's own figures and description.

6. Arguments Regarding Discretionary Denial

  • Petitioner argued that the Board should not exercise discretionary denial under §314(a) or §325(d). The petition asserted that its grounds were materially different from those in a co-pending IPR (IPR2023-00367), as it challenged different claims (including claim 4) and used different prior art combinations.
  • Regarding the Fintiv factors for parallel litigation, Petitioner argued they weighed heavily in favor of institution. Key reasons included that Petitioner is not a party to any district court litigation, the court's trial date was distant and speculative, and the invalidity grounds presented in the IPR had minimal overlap with potential district court issues.

7. Relief Requested

  • Petitioner requested institution of an inter partes review and cancellation of claims 1, 3-6 of the ’658 patent as unpatentable.