Académique Documents
Professionnel Documents
Culture Documents
Petitioner
v.
Patent Owner
IPR2017-01850
U.S. Patent 8,838,976
A. Real Party-in-Interest.................................................................................1
A. Summary....................................................................................................4
V. CLAIM CONSTRUCTION.............................................................................11
A. Challenge 1: Claims 1-2, and 5-6 are obvious under 35 U.S.C. 103
in view of Varghese, Donlin, and Risan..................................................13
ii
IPR2017-01850 Petition
U.S. Patent 8,838,976
1. Overview of Varghese.....................................................................13
2. Overview of Donlin.........................................................................15
3. Overview of Risan...........................................................................16
5. Analysis ...........................................................................................23
Claim 1 ............................................................................................ 23
Claim 2 ............................................................................................ 48
Claim 5 ............................................................................................ 52
Claim 6 ............................................................................................ 54
3. Analysis ...........................................................................................55
Claim 13 .......................................................................................... 55
VII. CONCLUSION................................................................................................59
iii
IPR2017-01850 Petition
U.S. Patent 8,838,976
iv
IPR2017-01850 Petition
U.S. Patent 8,838,976
I. MANDATORY NOTICES UNDER 37 C.F.R. 42.8
A. Real Party-in-Interest
B. Related Matters
Patent Owner).
As of the filing date of this Petition, and to the best knowledge of Petitioner,
the 976 Patent is or has been involved in this matter: Uniloc USA, Inc. et al v.
Apple, Inc., Case No. 2:17-cv-00258 (United States District Court for the Eastern
Lead Counsel
David OBrien Phone: 512-867-8457
HAYNES AND BOONE, LLP Fax: 214-200-0853
2323 Victory Ave. Suite 700 david.obrien.ipr@haynesboone.com
Dallas, TX 75219 USPTO Reg. No. 40,107
Back-up Counsel
Ashraf Fawzy Phone: 202-871-0110
Unified Patents Inc.
1875 Connecticut Ave NW, afawzy@unifiedpatents.com
Floor 10 USPTO Reg. No. 67,914
Washington, DC 20009
1
IPR2017-01850 Petition
U.S. Patent 8,838,976
David L. McCombs Phone: 214-651-5533
HAYNES AND BOONE, LLP Fax: 214-200-0853
2323 Victory Ave. Suite 700 david.mccombs.ipr@haynesboone.com
Dallas, TX 75219 USPTO Reg. No. 32,271
consents to electronic service by eMail to Lead Counsel and each of the Back-up
Counsels.
Petitioner certifies pursuant to Rule 42.104(a) that the patent for which
review is sought is available for inter partes review and that Petitioner is not
barred or estopped from requesting an inter partes review challenging the patent
2
IPR2017-01850 Petition
U.S. Patent 8,838,976
A. Prior Art Patents and Printed Publications
U.S.C. 102(b).
Challenge #1: Claims 1-2 and 5-6 of the 976 Patent are obvious under 35
1
The 976 Patent issued from an application filed prior to the enactment of the
America Invents Act (AIA). Thus, the pre-AIA statutory framework applies.
3
IPR2017-01850 Petition
U.S. Patent 8,838,976
Challenge #2: Claim 13 of the 976 Patent is obvious under 35 U.S.C.
A. Summary
identify [sic] of web site users via utilization of parameters of the users respective
client hardware. (EX1001, 9:6-8). The 976 Patent acknowledges that there are
social networking sites, auction sites, shopping sites, etc. (Id., 1:22-24). The
976 Patent alleges that existing systems, including systems that use personally
identifiable information for authentication, may be inconvenient for users, and that
there was a need for an authentication service that provides reliable identification
of users, without being unduly burdensome. (Id., 1:33-36). The 976 Patent
server 110 that is in operative communication with online service server 120 and a
4
IPR2017-01850 Petition
U.S. Patent 8,838,976
EX1001, FIG. 1
The 976 Patent explains that the user computer 130 includes an application
132 that collects machine information of the user computer 130. (Id., 4:34-37). A
device identifier is generated based on the collected machine information. (See id.,
1:52-54). More specifically, the claims of the 976 Patent require that such a
service user based on parameters and properties of the users computerwas well-
known in the art well before the 976 Patent was filed.
A person of ordinary skill in the art (POSITA) for the 976 Patent would
5
IPR2017-01850 Petition
U.S. Patent 8,838,976
engineering, or a related subject, and at least two years of experience working with
(which is closely related to both network communications system design and also
C. Prosecution History
The 976 Patent issued on September 16, 2014 from Application No.
12/703,470 (the 470 Application), filed on February 10, 2010. The 470
The prosecution history of the 976 Patent includes multiple Office Actions.
In a last Action prior to allowance of the 470 Application, the Examiner indicated
carbon and/or silicon degradation was recited only in certain dependent claims,
form. (EX1002 at 1186, 1193). Specifically, the Examiner withdrew the previous
2
As explained more completed below, the 976 Patent is not entitled to priority
6
IPR2017-01850 Petition
U.S. Patent 8,838,976
rejection over prior art disclosing physical unclonable functions (PUFs) after
characteristics accrue with usage over time and is a different class of physical
variation than the initial manufacturing differences upon PUFs. (See Id., 1186).
Each of the independent claims, including the claims that ultimately issued
as claims 1 and 5 of the 976 Patent, was amended to include the requirement that
(Id., 1210-1211). Further, the independent claim that ultimately issued as claim 13
of the 976 Patent was added by the applicant as new claim 21. The new claim 21
and according to the prosecution history, was applicants attempt to focus the
(Id., 1214-1215).
performing the functions recited in the challenged claims of the 976 Patent was
known in the art at the time that the 976 Patent was filed as evidenced by, for
example, the Varghese and Donlin-based grounds detailed below. (Tewfik, 121
(EX1004)). As demonstrated below, the prior art renders obvious each of the
7
IPR2017-01850 Petition
U.S. Patent 8,838,976
D. Priority DateNo Earlier than February 10, 2010
The challenged claims are entitled to priority no earlier than February 10,
2010, the filing date of the 470 Application, which is the first document in the
Applicants priority chain that describes or even mentions a carbon and/or silicon
the 449 Provisional because the 449 Provisional does not provide written
For a patent to benefit from priority of the filing date of a prior provisional
See Dynamic Drinkware, LLC v. National Graphics, Inc., 800 F.3d 1375, 1378
(Fed. Cir. 2015). In other words, the specification of the provisional must
contain a written description of the invention and the manner and process of
making and using it, in such full, clear, concise, and exact terms, to enable an
allow persons of ordinary skill in the art to recognize that [he] invented what is
claimed. Ariad Pharm., Inc. v. Eli Lilly & Co., 598 F.3d 1336, 1351 (Fed. Cir.
2010) (en banc) (quoting Vas-Cath Inc. v. Mahurkar, 935 F.2d 1555, 1563 (Fed.
Cir. 1991)). [T]he test for sufficiency is whether the disclosure of the application
relied upon reasonably conveys to those skilled in the art that the inventor had
possession of the claimed subject matter as of the filing date. Id. The analysis for
adequate written description is an objective inquiry into the four corners of the
specification. Ariad, 598 F.3d at 1351. Although the exact terms need not be used
in haec verba, the prior application must contain an equivalent description of the
claimed subject matter. See Lockwood v. American Airlines, Inc., 107 F.3d 1565,
and 13) recites that the at least one physical non-user-configurable property
limitation was relied upon by the examiner to allow the claims. But the 449
Provisional does not provide written description support for this limitation.
9
IPR2017-01850 Petition
U.S. Patent 8,838,976
Indeed, the 449 Provisional nowhere even mentions a carbon and/or silicon
degradation characteristic.
Dr. Tewfik confirms that the 449 Provisional does not expressly or
data component specific to the device that the unique identifier pertains to, and
and machine serial number. (Id., 10-12). However, the 449 Provisional does not
describe that machine parameters (or properties) include any carbon and/or silicon
Because of the written description failure, none of the claims of the 976
Patent, and certainly, none of the claims here challenged (claims 1-2, 5-6, and 13)
are entitled to priority of the 449 Provisional. Accordingly, the effective filing
date of all challenged claims of the 976 Patent is no earlier than February 10,
2010. For avoidance of doubt, even if the Board were to find otherwise, the prior
art relied upon by Petitioner still predates the filing date of the 449 Provisional by
10
IPR2017-01850 Petition
U.S. Patent 8,838,976
V. CLAIM CONSTRUCTION
C.F.R. 42.100(b); Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2142
(2016). Terms not specifically construed below are given their plain and ordinary
The 976 Patent does not provide an explicit definition for this term.
However, the 976 patent provides user identification (ID) as an example of the
users name, picture, sex, age, location, social network connections and even blog
(EX1001, 3:32-34, FIG. 4), and indicates that online profile information may be
of the term data regarding an online profile to be any data relating to an online
The 976 Patent does not provide an explicit definition for these terms, but
11
IPR2017-01850 Petition
U.S. Patent 8,838,976
including unique manufacturer characteristics, carbon and silicone [sic]
degradation and small device failures and values for damaged sectors and data
storage failures of disk drives and solid state memory devices. (EX1001, 5:48-
49, 5:64-6:5).
During the prosecution of the 470 Application, the applicant explained the
(EX1003, 1173).
The 976 Patent does not provide an explicit definition for this term.
12
IPR2017-01850 Petition
U.S. Patent 8,838,976
However, the 976 Patent describes the signal as follows, [w]hen the second
device identifier matches the first device identifier, a registered user signal may be
transmitted to a server hosting the online service. (EX1001, 9:47-49). The 976
services, including a host server 120 and an authentication server 110. (EX1001,
1. Overview of Varghese
application (e.g., online shopping application, online banking application, etc.) are
identifying a device from which the request was submitted in fraud detection,
3
Unless otherwise specified, we have added bold for emphasis below. Quoted text
in italics is used to signify claim language; reference names are also italicized.
13
IPR2017-01850 Petition
U.S. Patent 8,838,976
real-time authentication, authentication updating, and the like. (Id., 11:1-2, 11:38-
40).
information describing the device from which the user request originated. (Id.,
program already resident on the user device. (Id., 24:28-29). The identity
possible, and may include hardware characteristics of the user device and/or
data token, referred to as a Device ID, may be generated based on [s]ome or all
which is invoked with the Device ID and uses the Device ID to identify an
during prosecution, it was never substantively discussed, and thus inter partes
(May 18, 2017) (instituting despite a 325(d) challenge where reference was never
14
IPR2017-01850 Petition
U.S. Patent 8,838,976
Donlin and Risan; neither Donlin nor Risan was cited during prosecution. Thus,
and Risan (Challenge #1) and Varghese and Donlin (Challenge #2), have not yet
Varghese, has not yet been considered by the Office. In short, institution of trial is
warranted based on Petitioners challenges, and 325(d) does not provide a basis
2. Overview of Donlin
die that may degrade with use and over time. (EX1007, 2:59, 3:41-42).
predetermined license duration. (Id., 12:60-61). Donlin teaches that to enforce the
license, the programmable logic device may operate a metric circuit of a first
core based on the level of degradation of the metric circuit. For example, the
controller may determine the level of degradation of the metric circuit. (Id., 10:55-
15
IPR2017-01850 Petition
U.S. Patent 8,838,976
56). The level of degradation may be measured via the reduced drain/source
controller may then disable the licensed IP core after determining that the
3. Overview of Risan
using cookies in a hidden file. (EX1008, Abstract). For instance, Risan teaches a
information. (Id., 31:4-7). The cookie may contain information regarding the
address, and/or the serial number of the central processing unit (CPU) operable on
username, password, and the users computer system are closed associated. (Id.,
10:62-65).
16
IPR2017-01850 Petition
U.S. Patent 8,838,976
Risan is not of record in the 976 Patent.
A POSITA would have been motivated to combine Varghese and Donlin for
First, Varghese and Donlin are analogous prior art and in the same field of
endeavor (resource access control). Both Varghese and Donlin discuss controlling
and Donlin describe methods in which the access to resources is controlled based
purposes, electrical properties of a silicon die [that] may degrade with use and
over time) that are unique to a particular device. (EX1006, 11:1-2, 11:38-40,
known in the field of endeavor at the time of the invention and addressed by the
patent can provide a reason for combining the elements in the manner claimed.
KSR Intl Co. v. Teleflex Inc., 550 U.S. 398, 420 (2007). Here, improving control
or problem shared by Varghese and Donlin and provides at least one reason to
17
IPR2017-01850 Petition
U.S. Patent 8,838,976
combine the respective teachings.
usage over time, which results in the uniqueness for identifying the device.
(Tewfik, 90 (EX1004).
including the reduced drain/ source current, higher resistance and/or slower
Vargheses system, namely, to obtain a more secure system that provides a unique
device identifier including hardware characteristics of the user device that may not
18
IPR2017-01850 Petition
U.S. Patent 8,838,976
local time and/or time zone, network connection speed such as download and/or
upload times, microprocessor type and/or processing and/or serial number, and the
unique device identifier with a high level of security, a POSITA would have
hardware characteristic that would uniquely identify a device and that would not be
Accordingly, a POSITA would have looked to Donlin for its teaching that
electrical properties of a silicon integrated circuit that degrade with use and over
form of a degrading metric circuit) could uniquely identify a device and would not
19
IPR2017-01850 Petition
U.S. Patent 8,838,976
characteristics gathered for device identification Donlins measurement of
electrical properties of a silicon die that degrade with use and over time. (Tewfik,
In re ICON Health & Fitness, Inc., 496 F.3d 1374 (Fed. Cir. 2007).
properties of a silicon integrated circuit that degrade with use and over time would
have been no more than the combination of known elements according to known
into one), and would have been obvious to a POSITA at the time of the 976 Patent
20
IPR2017-01850 Petition
U.S. Patent 8,838,976
no more than yield predictable results. KSR at 415-16.
A POSITA would likewise have been motivated to combine Risan with the
First, the references are analogous prior art and are in the same field of endeavor
include hardware characteristics including, for example, the serial number of the
[A]ny need or problem known in the field of endeavor at the time of the invention
and addressed by the patent can provide a reason for combining the elements in the
manner claimed. KSR, 550 U.S. at 420. As with the Varghese and Donlin
shared by Risan, and that need or problem provides at least one reason to combine
A POSITA, having reviewed Varghese and Donlin would bring with them an
and would have recognized the benefits of Risans ability to store a unique
including its Device ID, that are encrypted, signed, or otherwise secured against
routine additional security measures for protecting the Device ID stored in the
unique computer system identifier, and would have used that hidden directory with
the system of Varghese and Donlin to store the Device ID and further improve its
Varghese and Donlin would produce operable results that are predictable. (Tewfik,
22
IPR2017-01850 Petition
U.S. Patent 8,838,976
or more non-volatile memory devices within computer system of Risan in the user
incorporating the teachings of Risan into the system taught by Varghese and
Donlin would have been no more than the combination of known elements
according to known methods, and would have been obvious to a POSITA at the
5. Analysis
Claim 1
23
IPR2017-01850 Petition
U.S. Patent 8,838,976
access the online service, data regarding an online profile of the user for the online
profile is properly construed as any data relating to an online user. (See supra,
at 11).
user computer device, especially one that is used to access an online service, is a
locally (from the network device) or remotely (from another device, e.g., an online
25
IPR2017-01850 Petition
U.S. Patent 8,838,976
data regarding an online profile of the user both locally from the network device
(EX1004)).
Varghese teaches that data regarding an online profile of the user for the online
service (e.g., the users ID) is to be retrieved by the network device (e.g., the
illustrated laptop computer) that accesses the online service. (Tewfik, 108
(EX1004)). A POSITA would have understood that Varghese teaches that when
device retrieves a user ID that has been previously stored on the network device.
regarding an online profile of the user for the online service as recited and
Further, Varghese also teaches retrieving data relating to an online user from
the user for the online service, so that the user may provide additional security
26
IPR2017-01850 Petition
U.S. Patent 8,838,976
authenticator receives interface selection criteria from the authentication server,
and sends an authentication interface that should be displayed to the user at the
current user device in order to authenticate the current access request. (EX1006,
Because the questions are personal questions that can be used at the current
user device to authenticate the user, a POSITA would have understood Vargheses
disclosure to teach retrieving at least the personal questions from the online
data regarding an online profile of the user for the online service as recited and
properly construed, because they are data relating to an online user. (See supra,
27
IPR2017-01850 Petition
U.S. Patent 8,838,976
retrieving, by a network device, data regarding an online profile of the user for
the online service, the network device being used by the user to access the online
28
IPR2017-01850 Petition
U.S. Patent 8,838,976
fingerprint, but rather to an authentication process invoked with input data
describing the user request. (EX1006, 8:56-57). The fingerprint process 400
gathers identifying information describing the device from which the user request
(EX1004)).
29
IPR2017-01850 Petition
U.S. Patent 8,838,976
EX1006, TABLE 4
such as screen dots per inch (DPI), screen resolution, and screen color, and
30
IPR2017-01850 Petition
U.S. Patent 8,838,976
peripheral device information indicating whether the user device has a microphone,
has printer support, or has an audio card. (EX1006, Table 4; Tewfik, 115
(EX1004)).
addresses, adapter MAC addresses, local time and/or time zone, network
and/or processing and/or serial number, and the like. (EX1006, 25:18-21).
regarding the network device, as recited in the claim. Varghese teaches that the
24:27-32). Varghese describes that for Internet applications, the software module
can be a plugin, a script, or an applet (e.g., a Java applet) downloaded by the web
Third, Varghese teaches that the fingerprint process 400 is performed by the
that the fingerprint process 400 may be performed by a client program already
31
IPR2017-01850 Petition
U.S. Patent 8,838,976
resident on the user device. (EX1006, 24:27-37; Tewfik, 119 (EX1004)).
that was downloaded to the user device and executed to gather identifying
describing the network device teaches collecting, by the network device, machine
32
IPR2017-01850 Petition
U.S. Patent 8,838,976
(EX1004)). As explained above, a user-configurable parameter is properly
device information including for example, location and language, could, at the time
of the 976 Patent, be configured by a user (e.g., by using the Region and
the network device as recited and properly construed, as they are examples of a
33
IPR2017-01850 Petition
U.S. Patent 8,838,976
As an additional example of the recited user-configurable parameter,
Varghese teaches that the fingerprint process may collect [m]any types of
25:14-21). A POSITA would understand that the local time and/or time zone of
that user computer device may be configured by a user (e.g., by the users edit to
Accordingly, the local time and time zone parameters also correspond to user-
degrade with use and over time may be used to enforce a time-limited license
electrical properties of a silicon die are physical properties of a device that may not
34
IPR2017-01850 Petition
U.S. Patent 8,838,976
6:56; Tewfik, 128 (EX1004)). Using an n-channel metal-oxide-semiconductor
carriers in the silicon may establish a fixed charge which, over time, may
7:21; Tewfik, 128 (EX1004)). The degraded performance may be measured via
the reduced drain/ source current, higher resistance and/or slower performance.
degrade with use and over time are a silicon degradation characteristic as
recited in element [1.4] of the 976 Patent. (Tewfik, 134 (EX1004)). Further,
because the 976 Patent itself (both definitionally in the language of element [1.4]
properties of a silicon die that degrade with use and over time also correspond to
35
IPR2017-01850 Petition
U.S. Patent 8,838,976
collected to uniquely identify a particular device with Vargheses device
A POSITA would have been motivated to combine Varghese and Donlin for
First, Varghese and Donlin are analogous prior art and in the same field of
endeavor (resource access control). Both Varghese and Donlin discuss controlling
and Donlin describe methods in which the access to resources is controlled based
purposes, electrical properties of a silicon die [that] may degrade with use and
over time) that are unique to a particular device. (EX1006, 11:1-2, 11:38-40,
known in the field of endeavor at the time of the invention and addressed by the
patent can provide a reason for combining the elements in the manner claimed.
KSR Intl Co. v. Teleflex Inc., 550 U.S. 398, 420 (2007). Here, improving control
or problem shared by Varghese and Donlin and provides at least one reason to
36
IPR2017-01850 Petition
U.S. Patent 8,838,976
combine the respective teachings.
usage over time, which results in the uniqueness for identifying the device.
(Tewfik, 90 (EX1004).
including the reduced drain/ source current, higher resistance and/or slower
to obtain a more secure system that provides a unique device identifier including
hardware characteristics of the user device that may not be configured by a user.
37
IPR2017-01850 Petition
U.S. Patent 8,838,976
(Tewfik, 91 (EX1004).
local time and/or time zone, network connection speed such as download and/or
upload times, microprocessor type and/or processing and/or serial number, and the
unique device identifier with a high level of security, a POSITA would have
hardware characteristic that would uniquely identify a device and that would not be
Accordingly, a POSITA would have looked to Donlin for its teaching that
electrical properties of a silicon integrated circuit that degrade with use and over
form of a degrading metric circuit) could uniquely identify a device and would not
38
IPR2017-01850 Petition
U.S. Patent 8,838,976
characteristics gathered for device identification Donlins measurement of
electrical properties of a silicon die that degrade with use and over time. (Tewfik,
In re ICON Health & Fitness, Inc., 496 F.3d 1374 (Fed. Cir. 2007).
with use and over time would have been no more than the combination of known
software functionality of two devices into one), and would have been obvious to a
POSITA at the time of the 976 Patent to achieve the benefits of a device-based
39
IPR2017-01850 Petition
U.S. Patent 8,838,976
methods is likely to be obvious when it does no more than yield predictable
electrical properties of a silicon die that degrade with use and over time, renders
Varghese teaches that the fingerprint process 400 creates a device identifier
from the network device. (EX1006, 9:55-64). Varghese further describes that
the recited device identifier of the 976 Patent, and Varghese teaches generating
40
IPR2017-01850 Petition
U.S. Patent 8,838,976
the Device ID based on the collected machine information by generating a data
token (Device ID) that stores some or all of the device identity information.
is stored on the user computing device from which it can be retrieved and form
against modification, and that remain[s] resident on the user device even when it is
may also have been stored by the fingerprint processes of the present invention
during the course of a prior identification of this device. (Id., 24:48-60). Hidden
folders and file directories are common features available in most operating
systems (e.g., Windows, Linux, and Macintosh operating systems) available at the
time of the 976 Patent. In those operating systems, hidden Files and folders can
use a hidden file directory in Varghese to store the Device ID, such that the stored
Second, to the extent that Varghese does not itself disclose or suggest using
a hidden file directory of the network device to store the generated device
network device as a technique for protecting the device identifier. (Tewfik, 151
prevent user access and/or manipulation of that information. (Id., 31:4-7). The
cookie may contain information regarding the users computer system, including
for example a unique identifier associated with computer system, e.g., a MAC
address, an IP address, and/or the serial number of the central processing unit
(CPU) operable on [a] computer system. (Id., 10:37-43). Such a cookie may be
42
IPR2017-01850 Petition
U.S. Patent 8,838,976
content because the username, password, and the users computer system are
teachings of Risans protected cookie method into the system of Varghese and
network device such that the stored Device ID in Varghese would be further
secured against modification and protected from fraudsters and hackers. (Tewfik,
153 (EX1004)).
First, the references are analogous prior art and are in the same field of
endeavor (resource access control). (Tewfik, 154 (EX1004)). Like Varghese and
Risan discusses that a web server may use a unique identifier associated with a
characteristics such as the serial number of the central processing unit (CPU)
the field of endeavor at the time of the invention and addressed by the patent can
provide a reason for combining the elements in the manner claimed. KSR, 550
43
IPR2017-01850 Petition
U.S. Patent 8,838,976
U.S. at 420. As with the Varghese and Donlin combination, improving control of
access to resources is a need or problem also shared by Risan, and that need or
and other protective methods to secure its Device ID against modification suggests
Varghese and Donlin would bring with them an understanding of access control to
and stores data including its Device ID that are encrypted, signed, or otherwise
have looked to use additional security measures for protecting the Device ID stored
unique computer system identifier, and use that hidden directory in the system of
Varghese and Donlin to store the Device ID and achieve improved security.
44
IPR2017-01850 Petition
U.S. Patent 8,838,976
(Tewfik, 155 (EX1004)).
Varghese and Donlin would produce operable results that are predictable. (Tewfik,
or more non-volatile memory devices within computer system of Risan in the user
computing system of Varghese, which stores the encrypted Device ID would have
computing device. Incorporating the teachings of Risan into the system taught by
Varghese and Donlin would have been no more than the combination of known
elements according to known methods, and would have been obvious to a POSITA
[1.7] transmitting the generated device identifier and the retrieved online
profile data to an authentication server.
limitations [1.5] and [1.6], Varghese teaches that the fingerprint process uses the
network device to generate a Device ID (device identifier) and store the Device ID
45
IPR2017-01850 Petition
U.S. Patent 8,838,976
on the network device. (Tewfik, 158 (EX1004)). As shown in FIG. 13B below,
teaches that the FAAS process in the authentication server is invoked with the
from where it is generated (the network device) to where it is received (the FAAS
to limitation [1.2], Varghese teaches that the network device retrieves data
construed as any data relating to an online user, and examples of such retrieved
presented to a user at the current user device to authenticate the user. (Tewfik,
159 (EX1004)).
would have understood that the user identifying information received by the
authentication server includes the user ID retrieved by the network device based on
interface including the personal questions and personal information, a user may
47
IPR2017-01850 Petition
U.S. Patent 8,838,976
(EX1006, 27:39-52; Tewfik, 161 (EX1004)). A POSITA would have understood
network device to the authentication server so that the authentication server could
determine the personal question(s) to which the user was responding. (Tewfik,
161 (EX1004)).
Thus, Varghese teaches transmitting the generated device identifier and the
(EX1004)).
Claim 2
48
IPR2017-01850 Petition
U.S. Patent 8,838,976
In Varghese, the FAAS process implemented by the authentication server receives
FAAS process uses the Device ID to cross reference the device/profile history
database 610 in order to determine if the current device has previously accessed the
49
IPR2017-01850 Petition
U.S. Patent 8,838,976
from the authentication server, a registered user signal. (Tewfik, 165 (EX1004)).
server may provide a signal including the information associated with the current
51
IPR2017-01850 Petition
U.S. Patent 8,838,976
from the authentication server constitutes a registered user signal as recited and
Claim 5
executable code for a Java Virtual Machine (JVM). (Tewfik, 169 (EX1004).
Second, Varghese teaches that such executable code is for a Java Virtual
teaches that the machine information may be captured by a client program already
resident on the user device. Varghese then describes that the client program may
include a software module that may an applet (e.g., a Java applet) downloaded by
the web browser. (EX1006, 24:27-37). Further, Varghese describes that user
52
IPR2017-01850 Petition
U.S. Patent 8,838,976
interfaces are sent to the user device using suitable software, including Java. (Id.,
29:7-19). Java applets and code are executed by a JVM. (Tewfik, 171
(EX1004)).
Varghese teaches this limitation for the reasons discussed supra regarding
limitation [1.2].
Varghese teaches this limitation for the reasons discussed supra regarding
limitation [1.3].
limitation [1.5].
53
IPR2017-01850 Petition
U.S. Patent 8,838,976
[5.6] store the generated device identifier in a hidden file directory of the
network device; and
The combination of Varghese and Risan renders this limitation obvious for
[5.7] transmit the generated device identifier and the retrieved online
profile data to an authentication server.
Varghese teaches this limitation for the reasons discussed supra regarding
Claim 6
limitations [2.1] and [5.1]. Thus, claim 6 is unpatentable over the combination of
Varghese, Donlin, and Risan, as applied to claims 2 and 5. (See supra, at 48, 52).
at 13, 15.
54
IPR2017-01850 Petition
U.S. Patent 8,838,976
2. Reasons to Combine Varghese and Donlin
A POSITA would have been motivated to combine Varghese and Donlin for
3. Analysis
Claim 13
limitation [1.1].
recited in the claim, and that Varghese teaches a fingerprint process for gathering
information on the user computing device (network device), and the stored device-
55
IPR2017-01850 Petition
U.S. Patent 8,838,976
information to be used during a subsequent fingerprint. (EX1006, 8:55-64).
persistent data token that has been previously stored on the user device, which
may have been stored during the course of a prior identification of this device.
186 (EX1004)).
limitation [1.5].
56
IPR2017-01850 Petition
U.S. Patent 8,838,976
[13.5] transmitting the generated device identifier to an authentication
server.
Varghese discloses transmitting the generated device identifier to an
191 (EX1004)). The authentication server may host the actual fraud monitoring,
authentication server implements the Fraud Analysis and Alert Service (FAAS)
57
IPR2017-01850 Petition
U.S. Patent 8,838,976
limitations [1.5] and [1.6], Varghese teaches that the fingerprint process uses the
network device to generate a Device ID (device identifier) and store the Device ID
on the network device. (Tewfik, 192 (EX1004)). As shown in Figure 13B below,
teaches that the FAAS process in the authentication server is invoked with the
Device ID. (EX1006, 8:65-9:4). As such, a POSITA would have understood that
58
IPR2017-01850 Petition
U.S. Patent 8,838,976
the device identifier is transmitted from where it is generated (the network device)
192 (EX1004)).
Thus, Varghese teaches this limitation, and claim 13 is unpatentable over the
VII. CONCLUSION
For the reasons above, Petitioner asks that the Patent Office order an inter
partes review trial for claims 1-2, 5-6, and 13 and then cancel these claims as
unpatentable.
59
IPR2017-01850 Petition
U.S. Patent 8,838,976
Respectfully submitted,
60
IPR2017-01850 Petition
U.S. Patent 8,838,976
VIII. CERTIFICATE OF WORD COUNT
Unified Patents Inc., declares that the argument section of this Petition has 10,718
/David W. OBrien/
David W. OBrien
Counsel for Petitioner
Registration No. 40,107
61
IPR2017-01850 Petition
U.S. Patent 8,838,976
CERTIFICATE OF SERVICE
Documents served Petition for Inter Partes Review, including Exhibit List;
Exhibits 1001 through 1008
/David W. OBrien/
David W. OBrien
Counsel for Petitioner
Registration No. 40,107
62