IP Law Daily E-commerce user authentication patent failed to claim eligible subject matter
News
Thursday, July 7, 2016

E-commerce user authentication patent failed to claim eligible subject matter

By Peter Reap, J.D., LL.M.

The asserted claims of a patent asserted by Nader Asghari-Kamrani and Kamran Asghari-Kamrani (the "plaintiffs") directed to "a system and method provided by a Central-Entity for centralized identification and authentication of users and their transactions to increase security in e-commerce," are directed to an abstract idea and are thus ineligible for patent protection, the federal district court in Norfolk, Virginia, has ruled. Therefore, the motion filed by the United Services Automobile Association (USAA) to dismiss the plaintiffs’ suit was granted (Asghari-Kamrani v. United Services Automobile Association, July 5, 2016, Dowmar, R.).

The plaintiffs alleged that USAA infringes "at least claims 1-10, 12, 13, 16-26, 28-35, 38-42, 45, 47, 48, 50-52, 54, and 55" of their United States Patent No. 8,266,432 ("the ‘432 patent"). The ‘432 patent identifies three entities that perform the patent’s methods: (1) a "Central-Entity" which "centralizes user’s personal and financial information in a secure environment in order to prevent the distribution of the user’s information in e-commerce"; (2) a "user" which "represents both a typical person consuming goods and services as well as a business consuming goods and services, who needs to be identified in order to make online purchases or gain access to restricted web sites"; and (3) an "External-Entity" which "is any party offering goods or services in ecommerce and needs to authenticate the users based on digital identity."

Initially, the user signs-up at the Central-Entity and provides his or her "personal or financial information." The Central-Entity gives the user a UserName and Password that he or she will utilize when interacting with the Central-Entity. When requested by the user, the Central-Entity also gives the user a SecureCode, which is "dynamic, nonpredictable and time-dependent." The user may then provide his or her UserName and SecureCode to the External-Entity. The External-Entity then sends the UserName and SecureCode to the Central-Entity, which will validate the information and confirm the identity of the user and inform the External-Entity of the result.

In Mayo Collaborative Services v. Prometheus Laboratories. Inc., 132 S.Ct. 1289 (2012), the Supreme Court set forth a two-part framework for distinguishing patents that claim one of these patent-ineligible concepts from those that claim patent-eligible applications of these concepts. Alice Corp. Pty. v. CLS Bank Int’l, 134 S.Ct. 2347, 2355 (2014). In the first step of this Mayo/Alice framework, a court determines whether the claims at issue are directed to a patent-ineligible concept. Id. If so, in the second step, a court must consider "what else" is in the claims that may justify patent protection. Id. This second step is a search for an "inventive concept" that ensures that the patent claims amount to "significantly more" than claims upon an ineligible concept. Id.

Mayo/Alice step one. In Alice, the leading Supreme Court case holding that patent claims were invalid because directed to an abstract idea, the Supreme Court declined "to delimit the precise contours of the ‘abstract ideas’ category." Id at 2354. Critically for the present case, the Federal Circuit has added a new inquiry to step one of the Mayo/Alice analysis when the claims involve computer-related technology. The goal of this inquiry is to distinguish between claims that "merely recite the performance of some business practice known from the pre-Internet world along with the requirement to perform it on the Internet" and those that are "necessarily rooted in computer technology in order to overcome a problem specifically arising in the realm of computer networks." DDR Holdings. LLC v. Hotels.com. L.P., 773 F.3d 1245, 1257 (Fed. Cir. 2014).

All of the claims in the ‘432 patent require the use of a computer, the court noted. Claim 1 of the patent, which is representative, claims a "method for authenticating a user during an electronic transaction." However, despite the electronic setting and purportedly Internet-specific problem addressed, the patent claims are directed to a common method for solving an old problem, the court observed.

The claims are directed to the abstract idea of using a third party and a random, time-sensitive code to confirm the identity of a participant to a transaction. Actually, the patent claims combine two abstract ideas: the use of a third party intermediary to confirm the identity of a participant to a transaction and the use of a temporary code to confirm the identity of a participant to a transaction. It is an obvious combination, and nothing about the combination removes the patent claims from the realm of the abstract, the court determined.

Furthermore, nothing about the concept behind the patent claims depends upon their implementation by computers. As USAA pointed out, the concept could easily be performed either by hand or, more simply, with technologies much older than computers. The claims in the ‘432 patent are not like those considered in the recent Federal Circuit cases that have held that the patent claims under review were not directed to an abstract idea because they were directed to an improvement in computer technology.

The plaintiffs argued that the patent claims are directed to a "problem unique to computer- network authentication" and could only be implemented by a computer system. It is true, as the plaintiffs argued, that there are advantages to performing the claimed method on computers. However, these advantages do not transform the method into one directed to an improvement of computer technology, the court said.

Mayo/Alice step two. Having determined that the claims are directed to an abstract idea, in the second step of the Mayo/Alice analysis the court must consider whether the elements of the claims both individually and as an ordered combination transform the nature of the claims into a patent eligible application.

Taken individually, each of these claim elements describes conventional computer functions. The claim elements describe sending data electronically, generating a random code, and comparing two pieces of data to see if they are the same. the claim elements do not add anything inventive. to the abstract concept underlying them, the court held. They simply instruct a generic computer or computers to verify the identity of a participant to a transaction using a randomly generated code. This is not enough to transform a patent-ineligible abstract idea into a patent-eligible invention, according to the court.

The case is No. 2:15-cv-00478-RGD-LRL.

Attorneys: Krystyna Colantoni (Mei & Mark LLP) for Kamran Asghari-Kamrani. Matthew Carl Berntsen (Fish & Richardson, PC) for United Services Automobile Association.

Companies: United Services Automobile Association

MainStory: TopStory Patent VirginiaNews

Back to Top

Interested in submitting an article?

Submit your information to us today!

Learn More