`
`
`
`UNITED STATES DISTRICT COURT
`
`SOUTHERN DISTRICT OF INDIANA
`
`INDIANAPOLIS DIVISION
`
`
`
`
`Plaintiff,
`
`TRANSACTION SECURE, LLC, a foreign
`limited liability company,
`
`
`
`
`
`FORMSTACK, LLC, a domestic limited
`liability company,
`
`vs.
`
`
`
`
`
`Defendant.
`
`
`
`Case No.: 1:19-cv-3703
`
`COMPLAINT FOR PATENT
`INFRINGEMENT
`
`INJUNCTIVE RELIEF DEMANDED
`
`JURY TRIAL DEMANDED
`
`
`
`
`
`Plaintiff, TRANSACTION SECURE, LLC, sues Defendant, FORMSTACK, LLC, and
`
`alleges:
`
`NATURE OF THE ACTION
`
`1.
`
`This is an action for infringement of United States Patent No. 8,738,921 under the
`
`Patent Act, 35 U.S.C. § 271, et seq., based on Defendant’s unauthorized commercial
`
`manufacture, use, importation, offer for sale, and sale of infringing products and services in the
`
`United States.
`
`PARTIES
`
`2.
`
`3.
`
`Plaintiff, TRANSACTION SECURE, LLC, is a foreign limited liability company.
`
`Defendant, FORMSTACK, LLC, is a domestic limited liability company,
`
`organized under the laws of the State of Indiana, with its headquarters in Indianapolis and/or
`
`Fishers, Indiana. Defendant uses, sells, and/or offers to sell products and/or services in interstate
`
`commerce that infringe the ‘921 Patent.
`
`SUBJECT MATTER JURISDICTION
`
`4.
`
`This court has original jurisdiction over the subject matter of this action, pursuant
`
`to 28 U.S.C. §§ 1331 and 1338(a), because this action involves a federal question relating to
`
`patents.
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT-1
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 2 of 9 PageID #: 2
`
`
`
`PERSONAL JURISDICTION
`
`5.
`
`The court has general in personam jurisdiction over Defendant because Defendant
`
`resides and is found in the State of Indiana.
`
`VENUE
`
`6.
`
`Venue is proper in this court, pursuant to 28 U.S.C. § 1400(b), because Defendant
`
`has a regular and established place of business in this district and resides in this district.
`
`COUNT I
`
`PATENT INFRINGEMENT
`
`7.
`
`Plaintiff repeats and re-alleges paragraphs 2 through 6 by reference, as if fully set
`
`forth herein.
`
`8.
`
` On May 27, 2014, the United States Patent & Trademark Office (USPTO) duly
`
`and legally issued the ‘921 Patent, entitled “System and Method for Authenticating a Person’s
`
`Identity Using a Trusted Entity.” A true and authentic copy of the ‘921 Patent is attached hereto
`
`as Exhibit “A” and incorporated herein by reference.
`
`9.
`
`The ‘921 Patent teaches both a system and method for protecting sensitive
`
`information from identity theft and claims an advancement over two-factor authentication, which
`
`is now the predominate form of digital authentication of sensitive information.
`
`State of the Art
`
`10.
`
`The identity theft problem exists largely because a person’s name, SSN, and
`
`birthday are frequently used and given to others to verify the person’s identity. Individuals use
`
`this information to get employment, apply for a credit card, obtain a mortgage, buy a mobile
`
`phone, get healthcare, and perform numerous other transactions. A person’s SSN and birthday
`
`are usually stored by businesses electronically in databases or on physical paper documents
`
`which can be viewed by many individuals within a business.
`
`11.
`
`Once a person supplies his/her SSN and birthday, they lose control of how that
`
`information will be used and who will view that information.
`
`12.
`
`At times, business computer systems and databases get hacked into allowing the
`
`hacker access to the person’s personal identity information. At other times, the SSN and
`
`COMPLAINT FOR PATENT INFRINGEMENT-2
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 3 of 9 PageID #: 3
`
`
`
`birthday are transmitted to businesses and others electronically via the Internet.
`
`13.
`
`The Internet is an unsecured network, so information not properly encrypted can
`
`be viewed by others on the Internet. There are various ways an impersonator or identity thief can
`
`obtain a person's SSN or birthday. The thief can obtain this information by looking at business
`
`records, viewing unencrypted messages with this information, or other types of fraud.
`
`14.
`
`Once a thief has someone’s SSN and birthday, the thief can use that information
`
`anytime during the lifetime of the person because of the permanence of SSN and birthday and its
`
`association with the person. The SSN and birthday have been reliable indicators of a person’s
`
`existence but their widespread use by both the person and identity theft impersonators has made
`
`them of little use in authenticating the identity of person using the information.
`
`The Patent-In-Suit
`
`15.
`
`Plaintiff is the assignee of the entire right, title, and interest in the ‘921 Patent at
`
`the USPTO, including the right to assert causes of action arising under the ‘921 Patent.
`
`16.
`
`The system and method of the ‘921 Patent increase the efficiency of components
`
`that use software because of the benefits claimed by the ‘921 Patent, namely flexibility and a
`
`higher degree of certainty as to authenticating that a person is who he/she claims to be. The prior
`
`art is described as uncertain because under the prior art, a user’s assurance of authentication is
`
`limited to just confirming that certain devices are what they claim to be, not that certain persons
`
`are who they claim to be.
`
`17.
`
`Through Claim 1, the ‘921 Patent claims:
`
` A
`
` method for authenticating a person’s identity to a transactional entity using a
`trusted entity with a secure repository of a person’s personal identity information,
`comprising: receiving personal identity information at a trusted entity computer
`system, the personal identity information being confidentially stored by the
`trusted entity computer system; in the secure repository, storing a user identifier
`and a password that are associated with, but do not contain, the personal identity
`information; at the trusted entity computer system, receiving a request from the
`person for a unique code, the request including the user identifier and the
`password, the person’s identity having been previously authenticated by the
`trusted entity computer system; providing the unique code to the person, the
`unique code comprising a person identifier and a key, wherein the unique code is
`thereafter transmitted to a transactional entity to identify the person without
`providing the personal identity information to the transactional entity; and the
`trusted entity computer system confirming the unique code to the transactional
`entity to verify the person’s identity.
`
`COMPLAINT FOR PATENT INFRINGEMENT-3
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 4 of 9 PageID #: 4
`
`
`
`18.
`
`
`Through Claim 24, the ‘921 Patent claims:
`
`A system for authenticating a person’s identity to a transactional entity using a
`trusted entity, comprising: a trusted entity which receives personal identity
`information from a person, the personal identity information being confidentially
`stored by the trusted entity; a user identifier associated with but not containing
`any of the personal identity information; a password associated with but not
`containing any of the personal identity information; a client module with a person
`input device for a person to enter the user identifier and the password, a person
`processing unit connected to the person input device to prompt the person for the
`user identifier and the password, and a person display unit connected to the person
`processing unit to display a the key associated with a person identifier to form a
`unique code to the person, the person’s identity having been previously
`authenticated by the trusted entity; a transactional processing module with an
`transactional input device for the transactional entity to enter the key, a
`transactional processing unit connected to the transactional input device to prompt
`the transactional entity for the key, and a transactional display unit connected to
`the transactional processing unit to display a message to the transactional entity
`authenticating the person's identity and to display a photograph of the person,
`whereby the photograph is a secondary verification to the unique code; and a
`trusted entity server with a trusted entity processing unit to process requests from
`the client module and the transactional processing module using a network, and a
`database accessible to the trusted entity processing unit to store the user identifier,
`the password, the unique code, and the person's personal identity information,
`including the photograph.
`
`19.
`
`Overall, the claims of the ‘921 Patent do not merely gather, analyze, and output
`
`data. Indeed, the ‘921 Patent does not merely add an algorithm to old data and generate new
`
`data. Instead, the ‘921 Patent teaches a system and method that is not concerned with
`
`manipulation of data, but rather, an improvement in the state of the art no matter what the
`
`underlying data describes.
`
`20.
`
`Defendant infringes at least Claim 1 of the ‘921 Patent through an authentication
`
`method it uses, along with a system for authenticating a person’s identity, which such method is
`
`disclosed at: https://medium.com/@darutk/diagrams-of-all-the-openid-connect-flows-
`
`6968e3990660.
`
`21.
`
`22.
`
`Defendant’s website operates as the Accused Product.
`
`The Accused Product is a trusted entity, as claimed by Plaintiff, to authenticate
`
`account holders when such holders want to access a service from a resource server (i.e., a
`
`transactional entity), by using non-personal information for securing personal data:
`
`
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT-4
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 5 of 9 PageID #: 5
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`23.
`
`The Accused Product receives personal information from users at a trusted entity
`
`computer system, such as their name, age, birthdate, email address, phone number etc. when
`
`users create an account. Defendant then confidentially stores this data for promoting safety and
`
`security, throgh a process explained at https://www.formstack.com/privacy.
`
`24.
`
`Defendant, in a secure repository, provides users with authorization login details
`
`(i.e., user identifier and password) that they are associated with, but the login details do not
`
`contain the personal details:
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT-5
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 6 of 9 PageID #: 6
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`25.
`
`The user then requests Defendant for resource access. The request includes the
`
`user identifier and the password. Defendant provides an authorization code to obtain the access
`
`token and ID token for accessing the services:
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT-6
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 7 of 9 PageID #: 7
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`26.
`
`Defendant provides a unique authorization code to the user in response of the
`
`request of the user, which includes a user identified and access key, wherein the unique code is
`
`thereafter transmitted to a transactional entity to authenticate the user’s identity without giving
`
`personal information to the transactional entity.
`
`27.
`
`The unique authorization code is required to obtain an access token. This access
`
`token then used by the user for accessing the services.
`
`28.
`
`In the Accused Product, the user identity is verified by the resource server by
`
`using the authorization code to allow the user to access the code.
`
`29.
`
`Upon information and belief, Defendant has known of the existence of the ‘921
`
`Patent, and its acts of infringement have been willful and in disregard for the ‘921 Patent,
`
`without any reasonable basis for believing that it had a right to engage in the infringing conduct.
`
`30.
`
`Defendant’s acts of infringement of the ‘921 Patent have caused and will continue
`
`to cause Plaintiff damages for which Plaintiff is entitled to compensation pursuant to 35 U.S.C. §
`
`284.
`
`31.
`
`Defendant’s acts of infringement of the ‘921 Patent have caused and will continue
`
`to cause Plaintiff immediate and irreparable harm unless such infringing activities are also
`
`enjoined by this court pursuant to 35 U.S.C. § 283. Plaintiff has no adequate remedy at law.
`
`32.
`
`Upon information and belief, the ‘921 Patent, at all times material, was and is in
`
`COMPLAINT FOR PATENT INFRINGEMENT-7
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 8 of 9 PageID #: 8
`
`
`
`compliance with 35 U.S.C. § 287.
`
`WHEREFORE, Plaintiff, TRANSACTION SECURE, LLC, demands judgment against
`
`Defendant, FORMSTACK, LLC, and respectfully seeks the entry of an order (i) adjudging that
`
`Defendant has infringed the ‘921 Patent, in violation of 35 U.S.C. § 271; (ii) granting an
`
`injunction enjoining Defendant, its employees, agents, officers, directors, attorneys, successors,
`
`affiliates, subsidiaries and assigns, and all of those in active concert and participation with any of
`
`the foregoing persons or entities from infringing the ‘921 Patent; (iii) ordering Defendant to
`
`account and pay damages adequate to compensate Plaintiff for Defendant’s infringement of the
`
`‘921 Patent, with pre-judgment and post-judgment interest and costs, pursuant to 35 U.S.C. §
`
`284; (iv) ordering that the damages award be increased up to three times the actual amount
`
`assessed, pursuant to 35 U.S.C. § 284; (v) declaring this case exceptional and awarding Plaintiff
`
`its reasonable attorneys’ fees, pursuant to 35 U.S.C. § 285; and, (vi) awarding such other and
`
`further relief as this court deems just and proper.
`
`
`
`
`
`Transaction Secure, LLC, by counsel, respectfully requests that this cause of action be set
`
`JURY DEMAND
`
`for trial by jury.
`
`
`
`DATED on August 29, 2019
`
`
`
`
`
`
`
`Respectfully submitted,
`
`
`/s/ John M. Bradshaw
`John M. Bradshaw, Esq.
`Indiana Bar No. 21556-49
`Bradshaw Law LLC
`23 East 39th Street
`Indianapolis, IN 46205
`Email: john@jbradshawlaw.com
`Telephone: (317) 490-4852
`
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT-8
`
`
`
`Case 1:19-cv-03703-SEB-MPB Document 1 Filed 08/29/19 Page 9 of 9 PageID #: 9
`
`
`
`
`
`(pending pro hac vice admission)
`Coleman W. Watson, Esq.
`Florida Bar. No. 0087288
`California Bar No. 266015
`Georgia Bar No. 317133
`New York Bar No. 4850004
`Email: coleman@watsonllp.com
` docketing@watsonllp.com
`
`WATSON LLP
`189 S. Orange Avenue
`Suite 810
`Orlando, FL 32801
`Telephone: 407.377.6634
`Facsimile: 407.377.6688
`
`Attorneys for Plaintiff,
`Transaction Secure, LLC
`
`COMPLAINT FOR PATENT INFRINGEMENT-9
`
`