PTAB

IPR2023-01331

JPMorgan Chase Bank NA v. Dynapass IP Holdings LLC

Log In
Key Events
Petition

1. Case Identification

2. Patent Overview

  • Title: Authentication of users of secure systems
  • Brief Description: The ’658 patent relates to a user authentication system where access is based on a user ID, a secret passcode known to the user, and a temporary token provided to the user through a personal communication device, such as a mobile phone or pager.

3. Grounds for Unpatentability

Ground 1: Obviousness over Veneklase and Jonsson - Claim 5 is obvious over Veneklase in view of Jonsson.

  • Prior Art Relied Upon: Veneklase (European Application # 0844551) and Jonsson (WO 96/00485).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Veneklase disclosed a computer authentication system that met most limitations of claim 5. Veneklase teaches a host computer with a user database that associates users with pager numbers, sends a randomly generated code (a token) to the user's pager over one network, and receives the code back from the user over a different network to grant access. Petitioner contended that Veneklase fails to explicitly teach creating a single new password based on both the token and a user-known passcode. Jonsson was asserted to supply this missing element, as it discloses an authentication system where a "response code" (new password) is calculated based on a system-generated "challenge code" (token) and a user-inputted PIN (passcode).
    • Motivation to Combine: A POSITA would combine Jonsson's password-creation algorithm with Veneklase's system to improve security and efficiency. Jonsson’s method of creating a single, combined password is more secure and streamlined than Veneklase’s two-step process of entering separate known and unknown codes. Furthermore, Veneklase itself contemplates using algorithms for security, suggesting the addition of an algorithm like Jonsson's would be a natural improvement.
    • Expectation of Success: A POSITA would have had a reasonable expectation of success because the combination merges known techniques to improve a similar device without requiring new or complex hardware.

Ground 2: Obviousness over Kew and Sormunen - Claims 1 and 3-6 are obvious over Kew in view of Sormunen.

  • Prior Art Relied Upon: Kew (WO 95/19593) and Sormunen (WO 97/31306).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner asserted that Kew, as the primary reference, teaches nearly all elements of the challenged claims. Kew discloses an authentication system where a security server generates a random code (token, e.g., "Code A") and sends it to a user's receiver unit (e.g., a pager). The server concurrently creates a "transformed code" (new password, e.g., "Code B") by encrypting the token with a user's identity code (passcode). The user is prompted to enter the code displayed on their device, and access is granted if it matches the server's transformed code. Kew also teaches deactivating access after a predetermined time. Petitioner argued Sormunen was necessary to explicitly teach two features for method claim 1: (1) using a modern cellular network (like GSM) instead of just a conventional paging system, and (2) having the user initiate a request for the token from their personal communication device.
    • Motivation to Combine: A POSITA would combine the references to allow Kew's robust authentication method to operate on the more ubiquitous and flexible cellular networks taught by Sormunen. Kew explicitly discloses using radiofrequency transmitters, which are also used in cellular systems, making the integration straightforward. The combination would also add the user-friendly feature from Sormunen of allowing the user to request a token directly from their mobile device.
    • Expectation of Success: Success would be expected because the combination applies a known communication technology (cellular networks) to improve a similar device (a pager-based authentication system) to enhance its functionality and market applicability.

4. Key Claim Construction Positions

  • "module...configured to...": Petitioner argued these terms should not be treated as means-plus-function limitations under §112(f). However, if they are, Petitioner provided proposed constructions where the structure is the server/processor executing algorithms disclosed in the specification for creating passwords, transmitting tokens, and authenticating users.
  • "Cell phone network": Petitioner proposed this term must be construed to include networks for both mobile phones and pagers. This construction was based on the specification's repeated references to both device types and the fact that dependent claims separately recite a "mobile phone" and a "pager," implying the base claim's network term covers both.
  • "Not known to the user": Petitioner argued this limitation, applied to the token, means "not known to the user before being sent to the user as part of the authentication process." This construction is based on the patent's distinction between secret information the user already knows (passcode) and information provided to the user (token), which the user must necessarily see to complete the login.

5. Arguments Regarding Discretionary Denial

  • §325(d) / Becton Factors: Petitioner argued against discretionary denial under §325(d) because the key prior art references (Veneklase, Jonsson, Kew, and Sormunen) were not cited or considered during the original prosecution. Therefore, the petition raises arguments materially different from those previously before the USPTO.
  • §314(a) / Fintiv Factors: Petitioner argued against discretionary denial based on parallel litigation by highlighting several factors. Petitioner has filed a Sotera stipulation, agreeing not to pursue the same invalidity grounds in the district court if the IPR is instituted. The petition also noted that the parallel litigation is in its early stages, with a trial date scheduled after the statutory deadline for a Final Written Decision in a related IPR. Finally, Petitioner asserted the strong merits of its case, evidenced by the Board's decision to institute a separate IPR (IPR2023-00425) on the same grounds and evidence.

6. Relief Requested

  • Petitioner requests institution of an IPR and cancellation of claims 1 and 3-6 of Patent 6,993,658 as unpatentable.