Apple Inc.

Petition

Petition summary

## 1. Case Identification
- Case Number: [IPR2025-01149](https://ai-lab.exparte.com/case/ptab/IPR2025-01149)
- Patent #: [11,176,538](https://ai-lab.exparte.com/patent/11176538)
- Filed: June 24, 2025
- Petitioner(s): [Apple Inc.](https://ai-lab.exparte.com/party/apple-inc)
- Patent Owner(s): [Cardware Inc.](https://ai-lab.exparte.com/party/cardware-inc)
- Challenged Claims: 1-18

## 2. Patent Overview
- Title: Secure, Smart Multi-Function Smart Tokenizing Electronic Payment Devices and Transaction Processing Thereof
- Brief Description: [The ’538 patent](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1001) discloses methods for conducting secure payment transactions with an electronic device. The system emulates a standard credit card and enhances security by generating a limited-duration payment number (token) for use in transactions, including those conducted via Near Field Communications (NFC).

## 3. Grounds for Unpatentability

#### Ground 1: Claims 1-5 and 7-18 are obvious over Lin in view of Smith, Varadarajan, and Hammad.
  - **Prior Art Relied Upon:** [Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004) (WIPO Pub. No. 2010/039337), [Smith](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1005) (Application # 2010/00125508), [Varadarajan](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1006) (Application # 2011/0184867), and [Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007) (Patent 7,740,168), which incorporates by reference [Hammad ’089 Provisional](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1009) (Application # 60/884,089).
  - **Core Argument for this Ground:**
    - **Prior Art Mapping:** Petitioner argued that the combination of these references teaches every element of the challenged claims.
      - **[Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004)** provides the foundational system: an electronic device (e.g., a smartphone) that performs NFC-based payment transactions. [Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004) taught storing payment card information, receiving a payment request via NFC, displaying the request for user approval, selecting a payment method, and transmitting payment information to a payee device.
      - **[Smith](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1005)** was combined with [Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004) to introduce a device-specific, limited-use payment account number (a "mobile PAN" or PPAN) to replace the actual PAN stored on the device. This PPAN is a static token associated with the underlying account but unique to the device.
      - **[Varadarajan](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1006)** was added to this combination to teach the dynamic generation of a limited-use security code (a Dynamic Card Value or DCV) to replace the static CVV. The DCV is generated on the device for each transaction using device-specific information.
      - **[Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007)** was used to provide further detail on generating the dynamic security code (a dCVV) and the back-end processing architecture. [Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007) taught using a combination of dynamic elements (like a transaction sequence counter) and static elements (like an account number and device-unique information) to create a cryptogram. [Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007) also disclosed a standard payment ecosystem with distinct payment processor and issuer authorities for validating the transaction.
    - **Motivation to Combine (for §103 grounds):** A person of ordinary skill in the art (POSITA) would have been motivated to combine these known elements to achieve enhanced, multi-layered security for mobile payments—a well-understood goal at the time. A POSITA would first combine [Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004) and [Smith](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1005) to protect the underlying PAN if the device was lost or stolen. Then, to prevent interception or "skimming" attacks, a POSITA would incorporate [Varadarajan](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1006)'s dynamic CVV. Finally, a POSITA would look to [Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007) to implement a robust and secure generation and validation process using a transaction counter and a standard processing architecture, yielding the predictable result of a more secure transaction system.
    - **Expectation of Success (for §103 grounds):** A POSITA would have had a reasonable expectation of success because each reference addresses a known problem in the field using compatible technologies. Combining a tokenized PAN ([Smith](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1005)) with a dynamic CVV ([Varadarajan](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1006)) in an NFC payment system ([Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004)) and validating it with a standard backend ([Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007)) involved applying known techniques to achieve predictable security improvements.

#### Ground 2: Claim 6 is obvious over Lin, Smith, Varadarajan, and Hammad in view of Kranzley.
  - **Prior Art Relied Upon:** [Lin](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1004), [Smith](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1005), [Varadarajan](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1006), [Hammad](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1007), and [Kranzley](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1008) (Application # 2010/0125509).
  - **Core Argument for this Ground:**
    - **Prior Art Mapping:** This ground builds on the combination asserted in Ground 1 and adds [Kranzley](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1008) to address the limitations of claim 6, which relate to the post-validation settlement process. Claim 6 requires conveying original issuer payment information to the issuer for settlement after the limited-use information is validated. Petitioner argued that while the primary combination teaches validation by a payment processor, [Kranzley](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1008) explicitly taught the subsequent step of the payment processor sending the *actual* PAN to the issuer for final authorization and settlement.
    - **Motivation to Combine (for §103 grounds):** Petitioner argued a POSITA would be motivated to add [Kranzley](https://ai-lab.exparte.com/case/ptab/IPR2025-01149/doc/1008)'s teachings to the primary combination to implement a common and efficient industry practice. Separating the validation of dynamic data (at the processor) from the final settlement using the actual PAN (at the issuer) allows for the deployment of new security technologies without requiring constant updates to legacy issuer systems. This division of labor was a known solution to a known problem.
    - **Expectation of Success (for §103 grounds):** A POSITA would have expected success in implementing this final step, as it involved integrating a well-known settlement workflow into the already-established secure transaction system of the primary combination, with no technical incompatibility.

## 7. Relief Requested
- Petitioner requests institution of an inter partes review and cancellation of claims 1-18 of Patent [11,176,538](https://ai-lab.exparte.com/patent/11176538) as unpatentable under 35 U.S.C. §103.

Apple targets a secure mobile payment patent: prior art cited for all 18 claims as obvious over NFC payment tokenization & dynamic security code tech.