Mastercard Incorporated v. OV Loop, Inc.

1. Case Identification

• Case #: IPR2023-01289
• Patent #: 10,032,171
• Filed: September 6, 2023
• Petitioner(s): Mastercard Incorporated and Mastercard International Incorporated
• Patent Owner(s): OV Loop, Inc.
• Challenged Claims: 1-33

2. Patent Overview

• Title: Method for Secure Application-Based Participation in a Payment Card Transaction
• Brief Description: The ’171 patent describes methods and systems for mobile device-based payments that replace a hardware-based Secure Element (SE) on the device with a remotely hosted SE representation. The system sends non-permanent, single-use cryptographic keys from a remote server to the mobile device, which then uses the key to generate a cryptogram for a point-of-sale (POS) transaction.

3. Grounds for Unpatentability

Ground 1: Claims 1-4, 6-20, and 22-33 are anticipated under 35 U.S.C. §102 by Collinge, and all challenged claims (1-33) are obvious under 35 U.S.C. §103 over Collinge in view of the knowledge of a Person of Ordinary Skill in the Art (POSA).

• Prior Art Relied Upon: Collinge (Application # 2013/0262317).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Collinge discloses all elements of the challenged claims. Collinge teaches a mobile payment system where a device lacking a hardware SE conducts contactless transactions. A remote system generates payment credentials, including a "single use key" (a non-permanent cryptographic key), and transmits them to the mobile device. The device uses this key to generate a payment cryptogram (e.g., CVC3) for a single transaction, after which a new key is needed. This process involves the mobile device requesting data from the remote server over a wireless channel (e.g., SSL/TLS) separate from the POS communication channel (e.g., NFC) and locally storing the non-permanent key to generate the cryptogram.
  • Motivation to Combine (for §103 grounds): For any claim element not explicitly disclosed, Petitioner contended a POSA would have been motivated to modify Collinge’s system using standard, well-known techniques to ensure interoperability and security. For example, a POSA would implement Collinge's teachings using standard EMV and PayPass specifications to expand market opportunity by ensuring compatibility with existing POS infrastructure. This includes using standard command-response application protocol data units (APDUs) for communication and generating cryptograms according to established protocols like DES.
  • Expectation of Success: A POSA would have had a high expectation of success because combining Collinge's remote-key architecture with standardized payment protocols was merely the application of known techniques to achieve the predictable result of a secure and interoperable mobile payment system.

Ground 2: Claims 1-33 are anticipated under §102 by Fiske, and all challenged claims are obvious under §103 over Fiske in view of the knowledge of a POSA.

• Prior Art Relied Upon: Fiske (Patent 11,080,693).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Fiske discloses a method for authorizing an EMV payment transaction where a SE is not available to the payment application. Fiske teaches a mobile device communicating with a remote issuing bank over a wireless interface to receive a single-use "ICC Session Key." This non-permanent key is used to generate an Application Cryptogram required for an EMV transaction with a POS terminal. Fiske explicitly describes the mobile device requesting and receiving the key from the remote bank, storing it locally, and using it for a single transaction before it is purged, after which a new key must be requested for subsequent transactions.
  • Motivation to Combine (for §103 grounds): Petitioner argued that because Fiske’s invention is explicitly for authorizing EMV transactions, a POSA would have been motivated to implement any undisclosed details in a manner compliant with the well-known EMV specifications. This would be a simple and predictable design choice to ensure the system functioned as intended within the existing payment ecosystem.
  • Expectation of Success: A POSA would have expected success in implementing Fiske’s system because it relies on established EMV protocols. The generation of cryptograms using session keys derived from a master key was a standard, predictable process in the art.

4. Key Claim Construction Positions

• Petitioner argued that the term “at least one response application data protocol unit containing the response cryptogram and an account identifier for the account” is subject to two constructions.
  • Construction 1: One or more response APDUs that collectively contain the cryptogram and account identifier.
  • Construction 2: One or more response APDUs, each of which contains both the cryptogram and account identifier.
• Petitioner contended that the claims are anticipated or obvious under either construction and that a final resolution of the term is not necessary for institution.

5. Key Technical Contentions (Beyond Claim Construction)

• Priority Date Challenge: A central contention is that the ’171 patent is not entitled to its claimed priority date of August 30, 2011. Petitioner argued that the provisional applications do not disclose the critical claim limitation of a "non-permanent cryptographic key." This concept was allegedly first introduced in the non-provisional application filed on August 30, 2012. Therefore, the effective filing date of the ’171 patent is August 30, 2012, which makes both Collinge (priority date of April 2, 2012) and Fiske (priority date of April 2, 2012) valid prior art under pre-AIA §102(e).

6. Arguments Regarding Discretionary Denial

• §314(a) / Fintiv Factors: Petitioner argued against discretionary denial under Fintiv, stating that the parallel district court proceeding is in its infancy. Key points included that no answer to the complaint had been filed, no scheduling order was in place, no trial date was set, and discovery had not commenced. Petitioner noted its intent to file a motion to stay the district court case pending the outcome of the IPR, a motion the court has granted in the past.
• §325(d) Factors: Petitioner argued against denial under §325(d), asserting the USPTO did not previously consider the same or substantially the same prior art or arguments. While Collinge was cited on the face of the ’171 patent, it does not appear to have been substantively considered by the examiner. Fiske was never presented to or considered by the examiner during prosecution.

7. Relief Requested

• Petitioner requested institution of an inter partes review and cancellation of claims 1-33 of the ’171 patent as unpatentable.