PTAB

IPR2023-01289

MasterCard Inc v. Ov Loop Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Authorization and Payment Methods on Mobile Devices
  • Brief Description: The ’171 patent describes methods for secure mobile payments where a mobile device communicates with a remotely hosted Secure Element (SE) representation. The system sends a non-permanent cryptographic key from the remote server to the mobile device, which then uses this temporary key to generate cryptograms for transaction authorization at a point-of-sale (POS) terminal.

3. Grounds for Unpatentability

Ground 1: Claims 1-4, 6-20, 22-33 are anticipated and claims 1-33 are obvious over Collinge

  • Prior Art Relied Upon: Collinge (Application # 2013/0262317).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Collinge discloses all limitations of the challenged claims. Collinge describes a system enabling a mobile device without a physical SE to conduct contactless payments. It teaches a remote system that generates and transmits a "single use key" (a non-permanent cryptographic key, KSUN) in an encrypted payload to a mobile device over a wireless network. The mobile application then uses this locally stored, temporary key to generate a payment cryptogram (CVC3) when interrogated by a POS terminal via a separate NFC channel. Collinge further discloses that after a transaction, the mobile device would need to acquire a new single-use key from the remote system for subsequent transactions, meeting the limitations related to requesting and receiving a second non-permanent key.
    • Motivation to Combine (for §103 ground): For any limitations not explicitly disclosed, Petitioner contended a person of ordinary skill in the art (POSA) would have been motivated to implement Collinge’s system using well-known, standardized EMV protocols. This would ensure interoperability with existing payment infrastructure and expand market opportunity. For instance, configuring the mobile application to explicitly "request" the single-use keys, rather than having them pushed from a server, was presented as an obvious design choice to conserve bandwidth and manage security.
    • Expectation of Success (for §103 ground): A POSA would have had a high expectation of success because combining Collinge's teachings with standard EMV transaction flows involved applying known techniques to achieve the predictable result of a functioning, interoperable, and secure mobile payment system.

Ground 2: Claims 1-33 are anticipated and obvious over Fiske

  • Prior Art Relied Upon: Fiske (Patent 11,080,693).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner asserted that Fiske, which relates to authorizing EMV payment transactions without a physical SE, anticipates the claims. Fiske teaches a mobile device receiving a single-use, non-permanent "ICC Session Key" from a remote issuing bank. The mobile application uses this session key to generate a required "Application Cryptogram" during an EMV transaction with a POS terminal. Fiske explicitly discloses that the session key is valid for only a single transaction and can be purged afterward, necessitating a new key for the next transaction. The communication with the issuing bank for the key occurs over a wireless interface separate from the NFC interface used for the POS interrogation.
    • Motivation to Combine (for §103 ground): Petitioner argued that a POSA would have found it obvious to implement Fiske’s system in a manner fully compliant with the EMV specifications that Fiske incorporates by reference. This would involve using standard command-response messaging (APDUs) between the POS terminal and the mobile device and ensuring the device could generate cryptograms as required by the standard. This motivation stems from the clear goal of creating a commercially viable product compatible with the dominant payment standards.
    • Expectation of Success (for §103 ground): Success was expected because Fiske’s system was designed for EMV transactions. Implementing it according to the detailed and established EMV specifications would predictably result in a secure and functional payment application.

4. Key Claim Construction Positions

  • Petitioner identified the term “at least one response application data protocol unit containing the response cryptogram and an account identifier for the account” as potentially ambiguous.
  • Petitioner proposed two alternative constructions: (1) one or more protocol units that collectively contain the cryptogram and identifier, or (2) one or more protocol units where each contains both the cryptogram and identifier.
  • Petitioner argued that the challenged claims are anticipated or obvious under either construction, asserting that standard EMV transactions, when applied to the prior art systems, would satisfy the limitation under both interpretations.

5. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under 35 U.S.C. §314(a) and the Fintiv factors is not warranted. The parallel district court litigation was in its earliest stages, as Petitioner had not yet answered the complaint and no discovery had occurred.
  • A motion to stay the district court case was filed concurrently with the IPR petition.
  • Petitioner further argued against denial under 35 U.S.C. §325(d), stating that the primary references, particularly Fiske, were not before the examiner during prosecution. While Collinge was cited, it did not appear to have been substantively considered, and the arguments presented in the petition were not previously evaluated.

6. Relief Requested

  • Petitioner requests institution of an inter partes review and cancellation of claims 1-33 of the ’171 patent as unpatentable.