Apple Inc v. CardWare Inc

1. Case Identification

• Case #: IPR2025-01149
• Patent #: 11,176,538
• Filed: June 24, 2025
• Petitioner(s): Apple Inc.
• Patent Owner(s): Cardware Inc.
• Challenged Claims: 1-18

2. Patent Overview

• Title: Secure, Smart Multi-Function Tokenizing Electronic Payment Devices and Transaction Processing
• Brief Description: The ’538 patent discloses methods for conducting secure payment transactions using an electronic device. The technology involves emulating a standard credit card by generating a limited-duration, or tokenized, payment number and using near-field communication (NFC) to transmit this information to a payment terminal, thereby enhancing transaction security.

3. Grounds for Unpatentability

Ground 1: Obviousness over Lin, Smith, Varadarajan, and Hammad - Claims 1-5 and 7-18 are obvious over Lin in view of Smith, Varadarajan, and Hammad.

• Prior Art Relied Upon: Lin (WO 2010/039337), Smith (Application # 2010/00125508), Varadarajan (Application # 2011/0184867), and Hammad (Patent 7,740,168).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that the prior art combination discloses all limitations of the challenged claims. Lin taught the foundational method for a mobile payment transaction, including using an NFC-enabled device to receive a payment request, displaying payment options for user selection, and transmitting payment information to a reader. To improve security, a Person of Ordinary Skill in the Art (POSITA) would have modified Lin by incorporating Smith's teaching of a device-specific static payment number (a "mobile PAN" or token) to replace the actual PAN on the device, as required by claim 1(e). To further secure the transaction against interception, a POSITA would have incorporated Varadarajan’s teaching of a dynamically generated, single-use card verification value (DCV) to replace the static CVV, as recited in claim 1(f). Finally, a POSITA would have integrated the validation architecture taught by Hammad, which explicitly describes payment processor and issuer authorities for validating transaction data, to meet the limitations of claim 1(j).
  • Motivation to Combine: A POSITA would combine these references to solve known, pressing security problems in mobile payments. The motivation to combine Lin and Smith was to protect the primary account number if the device were lost or stolen. The motivation to add Varadarajan was to protect against interception attacks by replacing the static CVV with a dynamic, one-time value. The motivation to add Hammad was to implement these security features within a standard, industry-recognized payment processing architecture, ensuring the system could reliably validate the secured data and interoperate with existing financial networks.
  • Expectation of Success: Petitioner asserted a POSITA would have had a high expectation of success. The combination involved applying known solutions (tokenization, dynamic CVVs) to solve well-understood problems (theft, interception) using primarily software modifications on the conventional hardware disclosed in Lin. The result—a more secure payment transaction—was predictable.

Ground 2: Obviousness over Lin, Smith, Varadarajan, Hammad, and Kranzley - Claim 6 is obvious over the combination of Ground 1 in view of Kranzley.

• Prior Art Relied Upon: Lin (WO 2010/039337), Smith (Application # 2010/00125508), Varadarajan (Application # 2011/0184867), Hammad (Patent 7,740,168), and Kranzley (Application # 2010/0125509).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground builds on the combination from Ground 1 to address the specific limitations of claim 6, which depends from claim 3. Claim 6 adds limitations related to the back-end settlement process, specifically limitation 6(e), which requires "a conveying of original issuer payment information to an original payment method issuer, for a settlement of said transaction" after the tokenized payment information has been validated. Petitioner argued that to the extent the primary combination did not explicitly disclose this final settlement step, Kranzley did. Kranzley taught a system where a payment processing entity validates a dynamic code and a virtual account number, and upon successful validation, sends the actual PAN to the card issuer to authorize the transaction and settle the funds.
  • Motivation to Combine: The motivation to add Kranzley's teachings was to create a complete, end-to-end payment system. While the primary combination secured the point-of-sale interaction, a POSITA would have needed a way to connect this secure transaction to the conventional back-end banking infrastructure for actual fund settlement. Kranzley provided a known and logical method for doing so, bridging the gap between the tokenized transaction front-end and the account-based settlement back-end. This would improve efficiency by allowing the payment processor, rather than the issuer, to manage the dynamic codes and tokens.
  • Expectation of Success: A POSITA would have reasonably expected success in adding this settlement step. It represented a known business process in payment systems and would have required routine software modifications to integrate with the system established by the primary combination, yielding the predictable result of a fully functional and secure payment ecosystem.

4. Relief Requested

• Petitioner requests institution of an inter partes review (IPR) and cancellation of claims 1-18 of the ’538 patent as unpatentable.