AT&T Services Inc v. RightQuestion LLC

1. Case Identification

• Case #: IPR2025-00361
• Patent #: 11,856,132
• Filed: February 7, 2025
• Petitioner(s): AT&T Services Inc., Cellco Partnership d/b/a Verizon Wireless, and Nokia of America Corporation
• Patent Owner(s): RightQuestion, LLC
• Challenged Claims: 1-19

2. Patent Overview

• Title: Validating Automatic Number Identification Data
• Brief Description: The ’132 patent describes techniques for ascertaining the identity of a device initiating communications to detect potential spoofing of caller ID or automatic number identification (ANI) data. The method involves receiving information about a call, including a cryptographic element from the caller device, performing a security determination, and transmitting a notification to the callee.

3. Grounds for Unpatentability

Ground 1: Claims 1-19 are obvious over Har in view of Miller.

• Prior Art Relied Upon: Har (Application # 2012/0144198) and Miller (Application # 2012/0201381).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Har teaches a complete call authentication system that meets most limitations of the challenged claims. Har discloses an authentication server that receives an encrypted and digitally signed authentication request from a caller's mobile device. This request includes information identifying the caller and callee. The server validates the request using public/private keys (a cryptographic element) and sends a notification to the callee. Petitioner contended that to the extent Har focuses more on user authentication than device authentication, Miller provides the missing details. Miller explicitly teaches a system for authorizing a device using a wide range of device-specific "computer minutia" (e.g., hardware, firmware, software identifiers) to create unique cryptographic keys and device fingerprints, directly mapping to the ’132 patent’s limitations of receiving "device information" and a "cryptographic element associated with the caller device."
  • Motivation to Combine: A POSITA would combine Har and Miller to improve the security of Har’s authentication system. Har provides a general framework for authenticating a call, while Miller provides explicit and robust methods for authenticating the specific device itself, a known area of concern for preventing spoofing. Combining Miller's detailed device-fingerprinting techniques into Har’s existing call authentication flow would create a more secure, multi-layered system. Miller itself provides motivation by describing its system as providing "increased security" against spoofing attacks.
  • Expectation of Success: A POSITA would have a reasonable expectation of success because both references describe systems in the same field of call authentication using compatible, well-known components like servers and mobile devices. Augmenting Har’s authentication server with Miller's device-specific validation logic would be a routine integration for a person of ordinary skill.

Ground 2: Claims 2 and 9 are obvious over Har and Miller, in further view of French.

• Prior Art Relied Upon: Har (Application # 2012/0144198), Miller (Application # 2012/0201381), and French (Application # 2012/0131354).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that the combination of Har and Miller already teaches the underlying concepts of claims 2 and 9, which require the security determination to be based on a "policy" and "execution of a rule," respectively. For instance, Miller's "intelligent minutia selection" for different security levels functions as a policy, and the conditional logic in both Har and Miller ("if decryption is successful...") functions as a rule. French is introduced to explicitly supply the well-known terminology. French teaches an encryption server that processes requests by determining an "appropriate encryption policy" and uses "permission rules" and "format rules" for its authentication processing.
  • Motivation to Combine: If the specific terms "policy" and "rule" are deemed necessary, a POSITA would be motivated to look to references like French, which provides a known vocabulary for implementing the conditional, criteria-based security systems taught by Har and Miller. Applying the common software constructs of policies and rules, as explicitly taught by French, to the system of Har and Miller would be a predictable and obvious design choice for structuring the security determination logic.
  • Expectation of Success: The combination would be straightforward, as it merely involves applying standard programming terminology and structure from French to the functional systems already established by Har and Miller.

4. Key Claim Construction Positions

• "performing a security determination": Petitioner asserted that while this term is indefinite in related litigation, for the purposes of this inter partes review (IPR), it should be construed to encompass performing a validation or authentication. This construction is based on the patent's specification and is central to Petitioner's argument that the prior art’s authentication and validation steps meet this claim limitation.

5. Arguments Regarding Discretionary Denial

• Petitioner argued that the Board should not exercise discretionary denial under Fintiv for several reasons. The petition presented compelling evidence of unpatentability using prior art not considered during prosecution. Furthermore, the parallel district court litigation is in its early stages, with a trial date set for October 2025, well after a Final Written Decision (FWD) would issue in this proceeding. Petitioner also stipulated that it would not pursue the same invalidity grounds in the district court if the IPR is instituted, thereby avoiding duplicative efforts.

6. Relief Requested

• Petitioner requests institution of IPR and cancellation of claims 1-19 of Patent 11,856,132 as unpatentable.