Apple Inc v. CardWare Inc

1. Case Identification

• Case #: IPR2025-01146
• Patent #: 10,339,520
• Filed: June 24, 2025
• Petitioner(s): Apple Inc.
• Patent Owner(s): Cardware, Inc.
• Challenged Claims: 18-24

2. Patent Overview

• Title: Electronic Payment Card
• Brief Description: The ’520 patent describes an electronic payment device, such as a smart card, capable of generating a limited-duration or limited-use payment number for conducting secure financial transactions. The technology aims to enhance security by generating dynamic transaction numbers that are valid for a single use, a finite time, or a limited number of transactions.

3. Grounds for Unpatentability

Ground 1: Claims 18-21 and 24 are obvious over Gill, Smith, and Kay.

• Prior Art Relied Upon: Gill (Patent 9,098,846), Smith (Application # 2013/0232083), and Kay (Application # 2013/0124410).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that the combination of Gill, Smith, and Kay disclosed all limitations of the challenged claims. Gill taught a base system for conducting contactless transactions between a mobile electronic device and an ATM using NFC, including user authentication. Smith improved upon this by teaching the use of a tokenized "mobile cloud account" (MCA) number instead of a real account number, along with a payment cryptogram, to enhance security. Kay provided specific teachings of a graphical user interface (GUI) on a mobile device for managing ATM transactions, allowing a user to select operations like "withdraw" or "deposit" and enter a currency amount. Together, these references allegedly taught a method of using a mobile device with a sophisticated user interface to wirelessly conduct a secure, tokenized transaction at an ATM.
  • Motivation to Combine: Petitioner contended a person of ordinary skill in the art (POSITA) would have been motivated to combine these references to achieve predictable security improvements. A POSITA would have integrated Smith’s tokenization (MCA) and cryptogram features into Gill’s contactless ATM system to solve the known security risks associated with such transactions. Furthermore, a POSITA would have incorporated Kay's well-understood GUI design to provide a logical and user-friendly interface for the mobile device, facilitating the selection of accounts and transaction types as taught by Gill and Smith.
  • Expectation of Success: The combination involved applying known security techniques (Smith) and standard user interface designs (Kay) to an existing system (Gill), which would have yielded the predictable result of a more secure and usable contactless ATM transaction system. A POSITA would have had a high expectation of success in implementing this combination.

Ground 2: Claims 18-24 are obvious over Gill, Smith, Kay, and Gomez.

• Prior Art Relied Upon: Gill (Patent 9,098,846), Smith (Application # 2013/0232083), Kay (Application # 2013/0124410), and Gomez (Patent 9,600,808).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground built upon the combination in Ground 1, adding Gomez to provide specific details for making the payment cryptogram more robustly dynamic, as required by limitations regarding "dynamically generated limited-use number portions." While Smith introduced a cryptogram, Gomez specifically taught generating a unique authentication cryptogram for each transaction based on a "temporal signal" (e.g., a timestamp or sequence number) combined with a stored seed value. Petitioner argued this directly taught the generation of a dynamic, time-limited, single-use number that changes with every transaction, rendering stolen credentials useless for future fraudulent use. This fulfilled claim limitations that were not explicitly detailed in the primary combination.
  • Motivation to Combine: Petitioner asserted that a POSITA, having created the system of Gill, Smith, and Kay, would have sought to further enhance the security of the payment cryptogram. Gomez provided a known and obvious solution to prevent replay attacks by ensuring the cryptogram was unique for each transaction. A POSITA would have been motivated to incorporate Gomez's temporal signal-based generation method into the Smith cryptogram to create a more secure, one-time-use authorization token, which was a well-known objective in the field of secure payments.
  • Expectation of Success: Integrating a time-based or sequence-based element into a cryptogram was a common and well-understood technique for enhancing security at the time of the invention. A POSITA would have had a reasonable expectation of success in applying Gomez's method to the combined Gill/Smith/Kay system to achieve the predictable result of increased transaction security.

4. Arguments Regarding Discretionary Denial

• Petitioner noted that a previous IPR petition (IPR2023-00211) relying on identical prior art was instituted but terminated prior to a final written decision. The petition reserved the right to address in further briefing any discretionary denial issues that the Patent Owner may raise.

5. Relief Requested

• Petitioner requested institution of an inter partes review and cancellation of claims 18-24 of the ’520 patent as unpatentable.