Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 1 of 22
`
`
`
`Shekhar Vyas (229853)
`Stamoulis & Weinblatt LLC
`302 Washington Street, #150-2028
`San Diego, CA 92103
`Telephone: (302) 999-1540
`Facsimile: (302) 762-1688
`vyas@swdelaw.com
`
`Attorneys for Plaintiff
`Smart Authentication IP, LLC
`
`
`SMART AUTHENTICATION IP, LLC
`
`
`
`Plaintiff,
`
`
`v.
`
`
`
`ELECTRONIC ARTS INC.
`
`
`
`Defendant.
`
`
`
`
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE NORTHERN DISTRICT OF CALIFORNIA
`SAN FRANCISCO DIVISION
`
`
`)
`)
`) Civil Action No. 3:19-cv-1994
`)
`) COMPLAINT FOR
`) PATENT INFRINGEMENT
`)
`) JURY TRIAL DEMANDED
`)
`)
`
`
`
`
`
`
`
`
`
`
`For its Complaint, Smart Authentication IP, LLC ("SAIP"), by and through the
`
`undersigned counsel, alleges as follows:
`
`THE PARTIES
`
`1.
`
`SAIP is a Texas limited liability company with a place of business located at 1400
`
`Preston Road, Suite 400 Plano, Texas 75093.
`2.
`
`Defendant Electronic Arts Inc. is a Delaware company with, upon information
`
`and belief, a place of business located at 209 Redwood Shores Parkway, Redwood City,
`
`California 94065.
`
`JURISDICTION AND VENUE
`
`This action arises under the Patent Act, 35 U.S.C. § 1 et seq.
`
`Subject matter
`
`jurisdiction
`
`is proper
`
`in
`
`this Court under 28 U.S.C.
`
`3.
`4.
`
`§§ 1331 and 1338.
`5.
`
`Upon information and belief, Defendant conducts substantial business in this
`
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 2 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`forum, directly or through intermediaries, including: (i) at least a portion of the infringements
`
`alleged herein; and (ii) regularly doing or soliciting business, engaging in other persistent courses
`
`of conduct and/or deriving substantial revenue from goods and services provided to individuals
`
`in this district.
`6.
`
`Venue is proper in this district pursuant to 28 U.S.C. § 1400(b).
`
`BACKGROUND
`
`7.
`
`On December 20, 2011, U.S. Patent No. 8,082,213 (the "'213 patent"), entitled
`
`"Method and System for Personalized Online Security," was duly and lawfully issued by the
`
`U.S. Patent and Trademark Office. A true and correct copy of the '213 patent is attached hereto
`
`as Exhibit A.
`8.
`
`SAIP is the assignee and owner of the right, title and interest in and to the '213
`
`patent, including the right to assert all causes of action arising under said patent and the right to
`
`any remedies for infringement of it.
`9.
`
`The inventions of the '213 patent generally relate to methods and systems for
`
`multi-factor authentication of users over multiple communications mediums.
`10.
`
`The '213 patent discloses an Authentication Service Provider ("ASP"), which "is
`
`generally implemented above a software and hardware platform or platforms . . . that include
`
`operating systems, lower-level applications, and computer-server hardware." Ex. A at col. 4, ll.
`
`13-16. "In many embodiments, the ASP . . . is a software implemented service that runs on one
`
`or more computer systems interconnected by various communications media with both ASP
`
`clients and users." Id. at col. 2, ll. 47-50. In certain embodiments, the "ASP may interact with
`
`the user via two different communications media, such as a combination of the Internet and a cell
`
`phone." Id. at col. 3, ll. 23-25.
`11.
`
`In another example of disclosed embodiments, "[t]he [] third interface 208 allows
`
`the ASP to interface with user devices through alternative communications media, such as a cell
`
`phone, fax machine, telephone, or other communications devices. The third interface 208 allows
`
`the ASP to interface with virtually any network enabled resource through an appropriate
`
`2
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 3 of 22
`
`
`
`
`medium, including both physical devices such as a cell phone, fax machine, telephone, or other
`
`communications devices, and also soft devices, such as an instant messaging account, or an
`
`email account." Id. at col. 3, ll. 37-46.
`12.
`
`As one example of the asserted claim, the '213 patent recites a novel method of
`
`providing a user-authentication policy
`
`that specifies constraints associated with user-
`
`authentication processes carried out by the user authentication service. The constraints include
`
`different user-authentication service actions, such as 1) halting authorization service after
`
`detecting a specified event; 2) employing particular types of user-authentication procedures; or
`
`3) providing alerts upon detecting specified events.
`13.
`
`Defendant's products and services use two-factor authentication over multiple
`
`communications mediums by first requiring the user to enter a username (e.g., e-mail address)
`
`and password through the Internet via a browser, mobile, or desktop app, and then by requiring
`
`the user to verify his or her identity by entering a one-time code received by means of text
`
`message (SMS), voice call, or e-mail.
`14.
`
`During
`
`the
`
`two-factor authentication process, Defendant also uses
`
`the
`
`electronically- encoded information about the user to retrieve all authentication-related policies
`
`for that user. For example, the user may set up several methods of receiving the one-time
`
`verification code. Once the authentication-related policies are retrieved, Defendant conducts the
`
`authentication procedure and returns the authentication results.
`
`COUNT I – INFRINGEMENT OF U.S. PATENT NO. 8,082,213
`
`15.
`
`SAIP repeats and realleges the allegations of paragraphs 1 through 14 as if fully
`
`set forth herein.
`16. Without license or authorization and in violation of 35 U.S.C. § 271(a), Defendant
`
`is liable for infringement of claim 11 of the '213 patent by making, using, importing, offering for
`
`sale, selling and/or hosting a method for authenticating a user that requires two-factor
`
`authentication, including, but not limited to Login Verification, because each and every element
`
`is met either literally or equivalently.
`
`3
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 4 of 22
`
`
`
`
`17. More specifically and upon information and belief, Defendant provides a two-
`
`factor authentication service for its users via email, phone call, or text message.
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`18.
`
`Defendant's two-factor authentication runs on one or more computer systems
`
`(e.g., a server with authentication functionality).
`
`
`
`4
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 5 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`Chrome Developer Tools Snapshot.
`19.
`
`Defendant stores user-authentication policies specified by the user (e.g., whether
`
`
`
`5
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 6 of 22
`
`
`
`
`verification is turned on or off, whether to use email or text for verification, applicable phone
`
`number and email, etc.).
`20.
`
`
`
`https://answers.ea.com/ea/attachments/ea/origin-access-en/2971/1/2017-05-12_13-07-30.jpg
`
`
`
`6
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 7 of 22
`
`
`
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`21.
`
`Defendant stores user information (e.g., email, phone number, etc.).
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`7
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 8 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`
`
`https://www.neogaf.com/threads/locked-out-of-psn-permanently-because-i-used-a-fake-birthday-
`
`10-years-ago.1437690/.
`22.
`
`Defendant's two-factor authentication comprises account interface routines where
`
`a user can specify, modify, add, and delete a user-authentication policy (e.g., specifying email or
`
`text verification, modifying email address or phone number, and turning verification on and off).
`
`
`8
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 9 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`https://answers.ea.com/ea/attachments/ea/origin-access-en/2971/1/2017-05-12_13-07-30.jpg
`
`
`
`9
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 10 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`23.
`
`Defendant implements an authentication interface (e.g., API, network-protocol
`
`based interface, and/or function call interface) by which, following initiation of a transaction by
`
`the user (e.g., a login attempt), the authentication-service client (e.g., Defendant's website)
`
`submits an authentication request to Defendant's authentication service.
`
`
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`24.
`
`In one implementation, a user can input the "Email" and "Password" into the
`
`mobile Origin website and this information is submitted through a first communications medium
`
`(e.g., mobile browser on a smart phone).
`
`
`10
`
`Complaint for Patent Infringement
`
`

`

`
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 11 of 22
`
`
`
`11
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 12 of 22
`
`
`
`
`25.
`
`In another implementation, a user can input the "Email" and "Password" into the
`
`Defendant Origin Client and this information is submitted through a second communications
`
`medium (e.g., PC Application on computer).
`
`
`https://support.cdkeys.com/hc/en-gb/articles/211589025-How-To-Redeem-Origin-Keys.
`26.
`
`Defendant's authentication
`
`routines employ variable-factor authentication
`
`whereby a user provides secret information (e.g., a username, password, or the one-time code
`
`generated by Defendant's authentication service) and demonstrates control of a tangible object
`
`(e.g., the user's smartphone) as specified by the stored user authentication policies.
`
`12
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 13 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`
`
`
`
`
`https://help.ea.com/en-nz/help/madden/madden-2016/login-verification-for-mut/.
`27.
`
`A user communicates with Defendant's authentication service through email, text
`
`message, or phone call.
`
`13
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 14 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`28.
`
`A user can communicate with Defendant's authentication service through a
`
`different device than the one used to initiate the transaction with the authentication service client.
`
`For example, a user may first attempt to login to the Defendant website using a computer, but
`
`then receives a phone call or SMS message with a one-time code using a cell phone.
`
`
`
`14
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 15 of 22
`
`
`
`
`
`
`Id.
`
`29.
`
`Defendant's user-authentication policy specifies constraints associated with the
`
`user-authentication processes carried out by the service. For example, halting service after too
`
`many login attempts or requiring verification when using a new device.
`
`15
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 16 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`
`
`
`16
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 17 of 22
`
`
`
`
`https://answers.ea.com/t5/Battlefield-4/you-have-tried-too-many-login-attempts/td-
`
`p/5436464?attachment-id=96768.
`30.
`
`Defendant implements several constraints, including user-authentication service
`
`actions (e.g., halting authorization after too many login attempts).
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`17
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 18 of 22
`
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`
`
`
`18
`
`Complaint for Patent Infringement
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 19 of 22
`
`
`
`
`https://answers.ea.com/t5/Battlefield-4/you-have-tried-too-many-login-attempts/td-
`
`p/5436464?attachment-id=96768.
`31.
`
`Defendant employs multiple user-authentication service actions, including halting
`
`authorization service after detecting a specified event (e.g., preventing the user from logging in if
`
`there have been too many failed attempts to verify the account).
`
`
`
`
`
`19
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 20 of 22
`
`
`
`
`https://answers.ea.com/t5/Battlefield-4/you-have-tried-too-many-login-attempts/td-
`
`p/5436464?attachment-id=96768.
`32.
`
`Defendant employs multiple user-authentication service actions, including
`
`employing particular types of user-authentication procedures (e.g., employing the authentication
`
`procedure of requiring a code whenever the user logs in from a new or unrecognized device).
`
`https://help.ea.com/en-us/help/account/origin-login-verification-information/.
`
`
`
`
`
`
`20
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 21 of 22
`
`
`
`
`https://help.ea.com/en-nz/help/madden/madden-2016/login-verification-for-mut/.
`33.
`
`Defendant employs multiple user-authentication service actions, including
`
`providing alerts upon detecting specified events (e.g., alerting the user upon detecting too many
`
`
`
`login attempts).
`
`https://answers.ea.com/t5/Battlefield-4/you-have-tried-too-many-login-attempts/td-
`
`p/5436464?attachment-id=96768.
`34.
`
`SAIP is entitled to recover from Defendant the damages sustained by SAIP as a
`
`
`
`21
`
`Complaint for Patent Infringement
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`

`

`Case 3:19-cv-01994 Document 1 Filed 04/12/19 Page 22 of 22
`
`
`
`
`result of Defendant's infringement of the '213 patent in an amount subject to proof at trial, which,
`
`by law, cannot be less than a reasonable royalty, together with interest and costs as fixed by this
`
`Court under 35 U.S.C. § 284.
`
`JURY DEMAND
`
`SAIP hereby demands a trial by jury on all issues so triable.
`
`PRAYER FOR RELIEF
`
`WHEREFORE, SAIP requests that this Court enter judgment against Defendant as
`
`follows:
`A.
`B.
`
`An adjudication that Defendant has infringed the '213 patent;
`
`An award of damages to be paid by Defendant adequate to compensate SAIP for
`
`Defendant's past infringement of the '213 patent and any continuing or future infringement
`
`through the date such judgment is entered, including interest, costs, expenses and an accounting
`
`of all infringing acts including, but not limited to, those acts not presented at trial;
`C.
`
`A declaration that this case is exceptional under 35 U.S.C. § 285, and an award of
`
`SAIPs reasonable attorneys' fees; and
`D.
`
`An award to SAIP of such further relief at law or in equity as the Court deems just
`
`and proper.
`
`
`Dated: April 12, 2019
`
`
`
`
`
`/s/ Shekhar Vyas
`Shekhar Vyas (229853)
`Stamoulis & Weinblatt LLC
`302 Washington Street, #150-2028
`San Diego, CA 92103
`Telephone: (302) 999-1540
`Facsimile: (302) 762-1688
`vyas@swdelaw.com
`
`Attorneys for Plaintiff
`Smart Authentication IP, LLC
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`22
`
`Complaint for Patent Infringement
`
`