`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________________
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________________
`APPLE INC.,
`Petitioner,
`
`v.
`PROXENSE, LLC,
`Patent Owner.
`____________________
`Case No. IPR2024-01486
`U.S. Patent No. 8,352,730
`____________________
`PETITION FOR INTER PARTES REVIEW
`
`
`
`
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`TABLE OF CONTENTS
`
`I. 
`
`II. 
`
`REQUIREMENTS FOR IPR ......................................................................... 1 
`A.  Grounds for Standing ............................................................................ 1 
`B. 
`Challenge and Relief Requested ........................................................... 1 
`C. 
`Claim Construction ............................................................................... 2 
`D. 
`Level of Ordinary Skill in the Art ......................................................... 4 
`THE ‘730 PATENT ........................................................................................ 4 
`A. 
`Brief Description ................................................................................... 4 
`B. 
`Prosecution History ............................................................................... 5 
`III.  THE CHALLENGED CLAIMS ARE UNPATENTABLE ........................... 6 
`A. 
`[GROUND 1] – Claims 1, 2, 4-9, 11, 12, and 14-17 are obvious over
`Burger .................................................................................................... 6 
`1. 
`Burger ......................................................................................... 6 
`2. 
`Application of Burger to the ’730 Claims ............................... 28 
`[GROUND 2] – Claim 3, 10, and 13 are Obvious in view of Burger and
`Robinson .............................................................................................. 86 
`1. 
`Robinson .................................................................................. 86 
`Combination of Burger and Robinson ..................................... 90 
`2. 
`3. 
`Application of Burger and Robinson to the ’730 Claims ........ 93 
`PTAB DISCRETION SHOULD NOT PRECLUDE INSTITUTION ......... 95 
`A. 
`35 U.S.C. §314(a) - Fintiv ................................................................... 95 
`B. 
`35 U.S.C. §325(d) – Advanced Bionics ............................................... 98 
`CONCLUSION ........................................................................................... 100 
`V. 
`VI.  MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1) ...................... 100 
`A. 
`Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1) ........................ 100 
`B. 
`Related Matters Under 37 C.F.R. § 42.8(b)(2) ................................. 100 
`C. 
`Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ............. 102 
`D. 
`Service Information ........................................................................... 103 
`
`B. 
`
`IV. 
`
`
`
`
`
`
`
`i
`
`

`

`MSC-1001
`
`MSC-1002
`
`MSC-1003
`MSC-1004
`
`MSC-1005
`
`MSC-1006
`
`MSC-1007
`
`MSC-1008
`
`MSC-1009
`
`MSC-1010
`MSC-1011
`MSC-1012
`MSC-1013
`
`MSC-1014
`MSC-1015
`
`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`EXHIBITS
`U.S. Patent No. 8,352,730 to John J. Giobbi (“the ’730
`Patent”)
`Excerpts from the Prosecution History of the ‘730 Patent (“the
`’730 Prosecution History”)
`Declaration and Curriculum Vitae of Dr. Patrick Traynor
`Complaint, Proxense, LLC v Microsoft Corporation, 6:23-cv-
`00319, W.D. Tex., filed April 28, 2023
`US Patent Application Publication No. 2005/0050367
`(“Burger”)
`US Patent Application Publication No. 2003/0177102
`(“Robinson”)
`Institution Decision, Samsung Electronics America, Inc. v.
`Proxense, LLC, IPR2021-01444, Paper 11 (PTAB Feb. 28,
`2022)
`Definition of “transaction,” Merriam-Websters Collegiate
`Dictionary, 10th Ed., 1999
`Google Pixel Serial Number Guide, HomeServe webpage,
`https://www.homeserve.com/en-us/customers/find-serial-
`number-device-type/google/ (last visited April 19, 2024)
`US Patent No. 8,977,860 (“Barrus”)
`US Patent No. 7,681,050 (“Blom”)
`US Patent No. 10,755,300 (“Goodhart”)
`US Patent Application Publication No. 2009/0070219
`(“D’Angelo”)
`US Patent No. 10,929,869 (“Rosenberg”)
`US Patent No. 8,200,980 (“Robinson 980”)
`
`ii
`
`

`

`MSC-1016
`
`MSC-1017
`
`MSC-1018
`
`MSC-1019
`
`MSC-1020
`
`MSC-1021
`MSC-1022
`
`MSC-1023
`
`MSC-1024
`
`MSC-1025
`
`MSC-1026
`
`IPR2024-01486
`U.S. Patent No. 8,352,730
`Memorandum, Interim Procedure for Discretionary Denials in
`AIA Post-Grant Proceedings with Parallel District Court
`Litigation (USPTO June 21, 2022) (“Director’s Guidance”)
`Microsoft’s Opening Brief in support of its Motion to Dismiss
`for Failure to State a Claim, Proxense, LLC v Microsoft
`Corporation, 6:23-cv-00319, W.D. Tex., filed July 10, 2023
`Microsoft’s Reply in support of its Motion to Dismiss for
`Failure to State a Claim, Proxense, LLC v Microsoft
`Corporation, 6:23-cv-00319, W.D. Tex., filed August 10,
`2023
`Order Canceling Markman Hearing, Proxense, LLC v
`Microsoft Corporation, 6:23-cv-00319, W.D. Tex., Jan. 9,
`2024
`Product Identification Codes, https://www.uc.edu/con-
`tent/dam/uc/ce/docs/OLLI/Page%20Content/PRODUCT%20I
`DENTIFICATION%20CODES%20BAR%20QR.pdf, last
`visited April 19, 2024
`RESERVED
`Ex-Parte Re-examination Request of 730 Patent; Re-
`examination application number 90/015,052
`Motion to Transfer, Proxense, LLC v Microsoft Corporation,
`6:23-cv-00319, W.D. Tex., Aug. 21, 2023
`Motion to Stay pending resolution of the Motion to Transfer,
`Proxense, LLC v Microsoft Corporation, 6:23-cv-00319, W.D.
`Tex., Mar. 8, 2024
`Order Granting Motion to Stay pending resolution of the
`Motion to Transfer, Proxense, LLC v Microsoft Corporation,
`6:23-cv-00319, W.D. Tex., Mar. 26, 2024
`How to Find the Serial Number on TP-Link Devices,
`https://www.tp-link.com/us/support/faq/503/, last visited April
`19, 2024
`
`iii
`
`

`

`MSC-1027
`
`EX-1028-1029
`EX-1030
`
`EX-1031
`
`EX-1032
`
`EX-1033
`
`EX-1034
`
`EX-1035
`EX-1036
`
`EX-1037
`
`
`
`
`IPR2024-01486
`U.S. Patent No. 8,352,730
`Order Denying Motion to Transfer, Proxense, LLC v
`Microsoft Corporation, 6:23-cv-00319, W.D. Tex., April 18,
`2024
`
`Reserved
`Proxense, LLC v. Microsoft Corp., Case No. 6:23-cv-00319,
`Dkt. No. 66, Claim Construction Order (W.D. Tex. May 24,
`2024)
`Docket Sheet for Proxense, LLC v. Apple Inc., Case No. 6-24-
`cv-00143 (W.D. Tex) (pulled Oct. 14, 2024)
`Proxense, LLC v. Apple Inc., Case No. 6-24-cv-00143, Dkt. No.
`38, Agreed Joint Motion to Amend Scheduling Order (W.D.
`Tex)
`Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-
`21-cv-00210, Dkt. No. 43, Claim Construction Order (W.D.
`Tex. Jan. 18, 2022)
`Proxense, LLC v. Samsung Electronics Co., Ltd., Case No. 6-
`21-cv-00210, Dkt. No. 149, Memorandum in Support of Claim
`Construction Order (W.D. Tex. Dec. 28, 2022)
`Applications Related to the 730 Patent
`Complaint, Proxense, LLC v Apple Inc., 6:24-cv-00143, W.D.
`Tex., filed March 18, 2024
`Proxense, LLC v. Google LLC, Case No. 6:23-cv-00320, Dkt.
`No. 59, Claim Construction Order (W.D. Tex. Jan. 13, 2024)
`
`
`
`iv
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`LISTING OF CHALLENGED CLAIMS
`
`Claim 1
`
`
`
`[1pre]
`
`A method for verifying a user during authentication of an
`
`integrated device, comprising the steps of:
`
`[1.1]
`
`persistently storing biometric data of the user and a
`
`plurality of codes and other data values comprising a
`
`device ID code uniquely identifying the integrated device
`
`and a secret decryption value in a tamper proof format
`
`written to a storage element on the integrated device that
`
`is unable to be subsequently altered;
`
`[1.2]
`
`wherein the biometric data is selected from a group
`
`consisting of a palm print, a retinal scan, an iris scan, a
`
`hand geometry, a facial recognition, a signature
`
`recognition and a voice recognition;
`
`[1.3]
`
`responsive to receiving a request for a biometric
`
`verification of the user, receiving scan data from a
`
`biometric scan,
`
`v
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`[1.4]
`
`comparing the scan data to the biometric data to
`
`determine whether the scan data matches the biometric
`
`data;
`
`[1.5]
`
`responsive to a determination that the scan data matches
`
`the biometric data, wirelessly sending one or more codes
`
`from the plurality of codes and the other data values for
`
`authentication by an agent that is a third-party trusted
`
`authority possessing a list of device ID codes uniquely
`
`identifying legitimate integrated devices, wherein the one
`
`or more codes and other data values includes the device
`
`ID code; and
`
`[1.6]
`
`responsive to authentication of the one or more codes
`
`and the other data values by the agent, receiving an
`
`access message from the agent allowing the user access
`
`to an application,
`
`[1.7]
`
`wherein the application is selected from a group
`
`consisting of a casino machine, a keyless lock, a garage
`
`vi
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`door opener, an ATM machine, a hard drive, computer
`
`software, a web site and a file.
`
`Claim 2
`
`
`
`[2]
`
`The method of claim 1, wherein the one or more codes
`
`and the other data values are transmitted to the agent
`
`over a network.
`
`Claim 3
`
`
`
`[3]
`
`The method of claim 1, further comprising: registering
`
`an age verification for the user in association with the
`
`device ID code.
`
`Claim 4
`
`
`
`[4]
`
`The method of claim 1, wherein the one or more codes
`
`and the other data values indicate that the biometric
`
`verification was successful.
`
`vii
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`Claim 5
`
`
`
`[5]
`
`The method of claim 1, wherein the biometric data and
`
`the scan data are both based on a fingerprint scan by the
`
`user.
`
`Claim 6
`
`
`
`[6]
`
`The method of claim 1, further comprising: establishing
`
`a secure communication channel prior to sending the one
`
`or more codes and the other data values for
`
`authentication.
`
`Claim 7
`
`
`
`[7.1]
`
`The method of claim 1, further comprising: receiving a
`
`request for the one or more codes and the other data
`
`values without a request for biometric verification; and
`
`[7.2]
`
`responsive to receiving the request for the one or more
`
`codes and the other data values without a request for
`
`biometric verification, sending the one or more codes
`
`viii
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`and the other data values without requesting the scan
`
`data.
`
`Claim 8
`
`
`
`[8.pre]
`
`An integrated device for verifying a user during
`
`authentication of the integrated device, comprising:
`
`[8.1]
`
`a memory stores biometric data of a user and a plurality
`
`of codes and other data values comprising a device ID
`
`code uniquely identifying the integrated device and a
`
`secret decryption value in a tamper proof format written
`
`to the memory that is unable to be subsequently altered;
`
`[8.2]
`
`wherein the biometric data is selected from a group
`
`consisting of a palm print, a retinal scan, an iris scan, a
`
`hand geometry, a facial recognition, a signature
`
`recognition and a voice recognition;
`
`[8.3]
`
`a verification unit, in communication with the memory,
`
`receives scan data from a biometric scan for comparison
`
`against the biometric data, and if the scan data matches
`
`the biometric data, wirelessly sends one or more codes
`
`ix
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`from the plurality of codes and the other data values for
`
`authentication by an agent that is a third-party trusted
`
`authority possessing a list of device ID codes uniquely
`
`identifying legitimate integrated devices, wherein the one
`
`or more codes and the other data values includes the
`
`device ID code; and
`
`[8.4]
`
`responsive to the agent authenticating the one or more
`
`codes and the other data values, a radio frequency
`
`communicator, receives an access message from the
`
`agent allowing the user access to an application,
`
`[8.5]
`
`wherein the application is selected from a group
`
`consisting of a casino machine, a keyless lock, a garage
`
`door opener, an ATM machine, a hard drive, computer
`
`software, a web site and a file.
`
`Claim 9
`
`
`
`[9]
`
`The integrated device of claim 8, wherein the one or
`
`more codes and the other data values are transmitted to
`
`the agent over a network.
`
`x
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`Claim 10
`
`
`
`[10]
`
`The integrated device of claim 9, wherein an age
`
`verification is registered in association with the device
`
`ID code.
`
`Claim 11
`
`
`
`[11]
`
`The integrated device of claim 8, wherein the verifier
`
`comprises: an LED to be activated for requesting the
`
`biometric scan.
`
`Claim 12
`
`
`
`[12.pre]
`
`A method for authenticating a verified user using a
`
`computer processor configured to execute method steps,
`
`comprising:
`
`[12.1]
`
`receiving one or more codes from a plurality of codes
`
`and other data values including a device ID code,
`
`[12.2]
`
`wherein the plurality of codes and the other data values
`
`comprises the device ID code uniquely identifying the
`
`integrated device and a secret decryption value
`
`xi
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`associated with a biometrically verified user, the device
`
`ID code being registered with an agent that is a third-
`
`party trusted authority possessing a list of device ID
`
`codes uniquely identifying legitimate integrated devices;
`
`[12.3]
`
`requesting authentication of the one or more codes and
`
`the other data values by the agent, wherein the
`
`authentication determines whether the one or more codes
`
`and the other data values are legitimate;
`
`receiving an access message from the agent; and
`
`in response to a positive access message, allowing the
`
`biometrically verified user access to an application,
`
`wherein the application is selected from a group
`
`consisting of a casino machine, a keyless lock, a garage
`
`door opener, an ATM machine, a hard drive, computer
`
`software, a web site and a file.
`
`[12.4]
`
`[12.5]
`
`Claim 13
`
`[13]
`
`The method of claim 12, further comprising: registering
`
`a date of birth or age with the agent.
`
`xii
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`Claim 14
`
`
`
`[14]
`
`The method of claim 12, further comprising:
`
`establishing a secure communications channel with a
`
`biometric key, wherein the one or more codes and the
`
`other data values associated with the biometrically
`
`verified user is received from the biometric key.
`
`Claim 15
`
`
`
`[15.pre]
`
`A system, comprising:
`
`[15.1]
`
`a biometric key stores biometric data of a user and a
`
`plurality of codes and other data values comprising a
`
`device ID code uniquely identifying the biometric key
`
`and a secret decryption value in a tamper proof format
`
`written to a storage element on the biometric key that is
`
`unable to be subsequently altered, and if scan data can be
`
`verified as being from the user by comparing the scan
`
`data to the biometric data, wirelessly sending, one or
`
`more codes from the plurality of codes and other data
`
`xiii
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`values wherein the one or more codes and the other data
`
`values include the device ID code,
`
`[15.2]
`
`and the biometric data is selected from a group
`
`consisting of a palm print, a retinal scan, an iris scan, a
`
`hand geometry, a facial recognition, a signature
`
`recognition and a voice recognition; and
`
`[15.3]
`
`an authentication unit receives the plurality of codes and
`
`the other data values and send the plurality of codes and
`
`the other data values to agent for authentication to
`
`determine whether the one or more codes and the other
`
`data values are legitimate, wherein the agent is a third-
`
`party trusted authority possessing a list of device ID
`
`codes uniquely identifying legitimate integrated devices,
`
`and
`
`[15.4]
`
`responsive to the device ID code being authenticated, the
`
`authentication unit receiving an access message from the
`
`agent allowing the user to access an application,
`
`[15.5]
`
`wherein the application is selected from a group
`
`consisting of a casino machine, a keyless lock, a garage
`
`xiv
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`door opener, an ATM machine, a hard drive, computer
`
`software, a web site and a file.
`
`Claim 16
`
`
`
`[16]
`
`The system of claim 15, wherein the biometric key
`
`receives an authentication request from the
`
`authentication unit, and in response, requests a biometric
`
`scan from the user to generate the scan data.
`
`Claim 17
`
`
`
`[17]
`
`The system of claim 15, wherein if the biometric key
`
`cannot verify the scan data as being from the user, it does
`
`not send the one or more codes and the other data values.
`
`
`
`xv
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`Apple Inc. (“Petitioner” or “Apple”) petitions for Inter Partes Review
`
`(“IPR”) of claims 1-17 (“the Challenged Claims”) of U.S. Patent No. 8,352,730
`
`(“the ‘730 Patent”). Compelling evidence presented in this Petition demonstrates
`
`at least a reasonable likelihood that Apple will prevail with respect to at least one
`
`of the Challenged Claims.
`
`I.
`
`REQUIREMENTS FOR IPR
`A. Grounds for Standing
`Petitioner certifies that the ‘730 Patent is available for IPR. This petition is
`
`being filed within one year of service of a complaint against Apple. EX-1036.
`
`Apple is not barred or estopped from requesting review of the Challenged Claims
`
`on the below-identified grounds.
`
`B. Challenge and Relief Requested
`Apple requests an IPR of the Challenged Claims on the grounds noted
`
`below. Dr. Patrick Traynor provides supporting testimony in his Declaration
`
`(MSC-1003, ¶¶[1]-[166]).
`
`Ground
`
`Claim(s)
`
`35 U.S.C. § 103
`
`1
`
`2
`
`
`
`
`
`1, 2, 4-9, 11, 12, and
`
`Burger
`
`14-17
`
`3, 10, and 13
`
`Burger in view of Robinson
`
`1
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`The ’730 Patent was filed on December 20, 2005, and claims priority from
`
`earlier applications. MSC-1001, cover. The earliest application that the ’730
`
`Patent claims priority from is US provisional application No. 60/637,538, filed on
`
`December 20, 2004. MSC-1001, cover. While Petitioner does not concede that
`
`December 20, 2004 is the priority date that should be accorded to the ’730 Patent,
`
`for the purposes of this proceeding, each of the references asserted in this Petition
`
`qualifies as prior art under 35 USC §§102(a), (b), or (e) (as shown in the table
`
`below) even if the December 20, 2004 date of the provisional application is used as
`
`the priority date of the ’730 Patent.
`
`Reference
`
`Filing Date
`
`Publication
`
`Date
`
`US 2005/0050367 (Burger or MSC-1005)
`
`Sept. 30,
`
`Mar. 3, 2005
`
`2004
`
`US Pat Pub. No. 2003/0177102 (Robinson or
`
`Feb. 19,
`
`Sept. 18, 2003
`
`MSC-1006)
`
`2003
`
`
`
`C. Claim Construction
`No formal claim constructions are necessary in these proceedings because
`
`“claim terms need only be construed to the extent necessary to resolve the
`
`controversy.” Wellman, Inc. v. Eastman Chem. Co., 642 F.3d 1355, 1361 (Fed.
`
`
`
`2
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`Cir. 2011). Nonetheless, for the sake of completeness, Petitioner notes the three
`
`phrases addressed by the Board during a prior IPR proceeding (IPR2021-01444).
`
`In IPR2021-01444, the Board noted that:
`
`1)
`
`“interpretation of ‘tamper proof format’ is not necessary to determine
`
`whether to institute an inter partes review”;
`
`2)
`
`“[t]he plain meaning of ‘third-party trusted authority’ suggests an
`
`entity or party separate from the principal parties to a transaction”;
`
`and
`
`3)
`
`“no further interpretation of the ‘access message’ limitations is
`
`necessary.”
`
`MSC-1007, 11-15. The references asserted in this petition render the claims
`
`obvious even if these earlier positions adopted by the Board are used in these
`
`proceedings.1 MSC-1003, ¶¶[43]-[44].
`
`
`1 Additional claim terms were construed in other proceedings relating to the ’730
`
`patent, but the Board need not resolve those terms because the Grounds relied on
`
`in this petition render the challenged claims obvious under either the plain and
`
`ordinary or alternate constructions adopted in the other proceedings. See EX-
`
`1037, EX-1030, EX-1033-1034, IPR2024-00232, Paper 10.
`
`
`
`3
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`Petitioner reserves the right to respond to any constructions offered by
`
`Patent Owner or adopted by the Board. Petitioner is not conceding that each
`
`challenged claim satisfies all statutory requirements. Petitioner is not waiving any
`
`arguments concerning other grounds that cannot be raised in IPR proceedings.
`
`D. Level of Ordinary Skill in the Art
`A person of ordinary skill in the art (“POSITA”) relating to the subject
`
`matter of the ‘730 Patent as of December 20, 2004 would have had (1) at least a
`
`bachelor’s degree in computer science, computer engineering, electrical
`
`engineering, or a related field, and (2) at least two years of industry experience in
`
`wireless communications security. Additional graduate education could substitute
`
`for professional experience, and vice versa. MSC-1003, ¶¶[22]-[23].
`
`II. THE ‘730 PATENT
`A. Brief Description
`The ‘730 patent is directed to systems and methods for performing “an
`
`authentication responsive to biometric verification of a user being authenticated.”
`
`MSC-1001, 1:15-18, Abstract, 2:60-67. In particular, the ‘730 patent discloses a
`
`biometric key 100, as shown in FIG. 2 below, that can be used to perform the
`
`biometric verification using a trusted key authority. MSC-1001, 3:47-5:2, 5:60-67;
`
`MSC-1003, ¶¶[45]-[48].
`
`
`
`4
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`
`
`MSC-1001, FIG. 2.
`B.
`Prosecution History
`The ’730 patent was filed as US Patent Application No. 11/314,199 (the
`
`“’199 application”) on Dec. 20, 2005. MSC-1001, cover. After three RCEs, the
`
`Examiner allowed the claims by amending the claims to add features [1.2] and
`
`[1.7] (and some other minor amendments) by virtue of an Examiner amendment
`
`attached to the notice of allowance dated August 31, 2012. MSC-1002, 31-43.
`
`However, as noted in this petition below, features [1.2] and [1.7] were well-known
`
`and would have been obvious to a POSITA. MSC-1003, ¶¶[49]-[50].
`
`
`
`5
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`III. THE CHALLENGED CLAIMS ARE UNPATENTABLE
`A.
`[GROUND 1] – Claims 1, 2, 4-9, 11, 12, and 14-17 are
`obvious over Burger
`1.
`Burger
`Burger is related to a portable electronic authorization device it calls a
`
`“Pocket Vault.” MSC-1005, ¶[51]. The Pocket Vault is “used for producing,
`
`distributing, storing, and using the typical contents of a person’s wallet, as well as
`
`the multiple, separate transaction authorization devices.” MSC-1005, ¶[93].
`
`Burger’s system, shown below in FIG. 1, enables “individuals to replace nearly all
`
`of the paper and plastic contents of their wallets and all of their other transaction
`
`authorization implements with a single, hand-held portable electronic authorization
`
`device”—the Pocket Vault. MSC-1005, ¶¶[51], [93]; MSC-1003, ¶[51].
`
`
`
`6
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`
`
`MSC-1005, FIG. 12.
`Burger’s system 100 includes the Pocket Vault 102, an associated token
`
`102a, network server(s) 114, interface stations 104a-c coupled to the network
`
`server(s) 114, commercial card reader(s) 106, commercial bar code reader(s) 107,
`
`and computers 108, 110, and 112 operated by one or more advertisers, non-
`
`financial media issuers, and financial media issuers, respectively. MSC-1005,
`
`¶¶[96][97]. Components of system 100 can be connected in a wired or wireless
`
`manner. MSC-1005, ¶¶[99]-[102]. The Pocket Vault 102 may communicate with
`
`
`2 Annotations to figures in the petition are marked up in color.
`7
`
`
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`the network server 114 directly in a wireless network or may communicate through
`
`the interface stations 104a-c. MSC-1005, ¶[101]; MSC-1003, ¶[52].
`
`An example of the Pocket Vault 102 is shown below in Burger’s FIG. 2.
`
`Burger’s Pocket Vault 102 includes “a controller 202, … a transceiver 204, a user
`
`input device 206, a docking interface 208, a read/write memory 210, a write-once
`
`memory 212, a power manager 214, an indicator 215, a display 216, a token port
`
`218, and a fingerprint scanner 220, all coupled to the controller 202.” MSC-1005,
`
`¶[118]. Burger “is not limited to any particular type of memory. The memory 210
`
`may, for example, comprise a suitable non-volatile SRAM. Similarly, any suitable
`
`memory device that permits a only [sic] single write operation to take place may
`
`be employed as the write-once memory 212.” MSC-1005, ¶[127]. The Pocket
`
`Vault 102 may also include a hard-wired memory (not shown) to store device
`
`serial numbers and key operating system and encryption software components.”
`
`MSC-1005, ¶[118]. A POSITA would have understood that device serial numbers
`
`are generally used to identify a device, and, for a device such as the Pocket Vault,
`
`would have included a Pocket Vault ID (chip ID). MSC-1003, ¶[53].
`
`Memory 210 can include a high-security section used to “store value-based
`
`or value-linked media such as debit and credit cards and certain ID information
`
`such as driver’s licenses, passports, building security passes, etc.” MSC-1005,
`
`¶[129]; MSC-1003, ¶[54].
`
`
`
`8
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`
`
`MSC-1005, FIG. 2.
`The controller 202 includes “a low-power multiprocessor or microcomputer
`
`having an on-board SRAM and/or flash memory.” MSC-1005, ¶[122]. “The
`
`controller 202 may include a software-programmable and encryption-protected or
`
`hard-wired unique chip ID. In one embodiment, this chip ID [(Pocket Vault ID)]
`
`is released from the Pocket Vault 102 only after the fingerprint scanner 220 … has
`
`successfully authenticated the identity of the holder.” MSC-1005, ¶[122]; MSC-
`
`1003, ¶[55].
`
`
`
`9
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`The Pocket Vault 102 includes a display 216 that can be used, e.g., to
`
`dynamically display branding and advertising messages. MSC-1005, ¶[110]. In
`
`addition, the display 216 can include a “touch screen or a separate user input
`
`device” to “effectively flip through the contents of the Pocket Vault 102 to locate
`
`and select a desired media (e.g., a credit card, driver’s license, library card,
`
`frequent flier card, a particular RFID personality, etc.) much like a person can flip
`
`through the contents of his or her wallet to do the same.” MSC-1005, ¶¶[109],
`
`[132], [133]; MSC-1003, ¶[56].
`
`The Pocket Vault 102 can also include or be coupled to a token 102a, which
`
`“may be used by the Pocket Vault holder to engage in a transaction.” MSC-1005,
`
`¶[103]. Token 102a can be released from the Pocket Vault 102 and can include a
`
`display device to display information such as credit card information and used in
`
`transactions with retailers. MSC-1005, ¶¶[103]-[104], [155]-[158]. For example,
`
`“[w]hen used by a consumer, retailers may verify authenticity by matching the
`
`information displayed on the token 102a with that revealed in the swipe or other
`
`token reading process. Without a match, the token 102a may be rejected.” MSC-
`
`1005, ¶[158]; MSC-1003, ¶[57].
`
`Burger’s Pocket Vault 102 also includes a fingerprint scanner 220. MSC-
`
`1005, FIG. 2; ¶[135]. “[O]ther bio-metric scanning devices may also be employed
`
`to verify the identity of the holder. For example, some embodiments may employ a
`10
`
`
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`charge coupled device (CCD) to serve as an iris or retina scanner, an optical
`
`sensor, and/or a voiceprint.” MSC-1005, ¶[135]; MSC-1003, ¶[58].
`
`When a user is interested in using the device, the user’s biometric feature
`
`(e.g., fingerprint scan, retina scan, etc.) is used to authenticate the user. MSC-
`
`1005, ¶[112]. “In one illustrative embodiment, authentication information used to
`
`validate the holder’s identity (e.g., the stored fingerprint and/or PIN code) is stored
`
`within the to-be-accessed device,” the Pocket Vault, “and the validation is
`
`performed in its entirety on-board the same device, such that the user-specific
`
`authentication information never leaves the device in which it is stored. Thus,
`
`using this technique, the likelihood that such information will be intercepted by
`
`unauthorized third parties may be reduced significantly.” MSC-1005, ¶[112].
`
`Burger explains that “great care may be taken to ensure that only authorized
`
`individuals are permitted to validate Pocket Vaults 102 by having their
`
`authentication information (e.g., their fingerprint data or PIN codes) stored therein.
`
`Therefore, after it has been confirmed that the holder’s authentication information
`
`has been properly stored in the Pocket Vault 102, a “trust relationship” may be
`
`established between the network server 114 and the Pocket Vault 102. This
`
`relationship may involve, for example, the registration of a unique encrypted chip
`
`ID of the Pocket Vault 102 with the network server 114 through a secure Internet
`
`connection, the distribution of a digital certificate (e.g., a PKI certificate) to the
`11
`
`
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`Pocket Vault 102, and the grant of authority to the Pocket Vault 102 to
`
`permanently store the Pocket Vault holder’s authentication information.” MSC-
`
`1005, ¶[114]. “Because of the creation of the above-described trust relationships,
`
`each Pocket Vault 102 and each interface station 104 may communicate securely
`
`with the network server 114.” MSC-1005, ¶[116]; MSC-1003, ¶[59].
`
`Burger’s network server(s) 114 can “serve as: (1) a repository of
`
`information for the network, (2) the entity that controls access to the stored
`
`information by the other network devices, and (3) a service provider for financial
`
`and non-financial media issuers, advertisers, as well as Pocket Vault holders.”
`
`MSC-1005, ¶¶[98], [117], FIG. 1. In one example shown in FIG. 4 (reproduced
`
`below), the network server 114 may include a database 406 that stores “a real-time
`
`record of critical reference data along with transaction histories, back-up files, and
`
`security audit trail information for key events. Examples of specific items that
`
`may be stored in the database 406 include: a list of current Pocket Vault holders
`
`…; … a list of currently authorized or registered Pocket Vaults 102, identified by
`
`chip ID and linked to the holder list; a list of currently authorized or registered
`
`tokens 102a, identified by chip ID and linked to the holder list; … authorized
`
`media data received from media issuers that has not yet been downloaded to
`
`individual Pocket Vaults 102.” MSC-1005, ¶[146], FIG. 4; MSC-1003, ¶[60].
`
`
`
`12
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`MSC-1005, FIG. 4.
`FIG. 27 (shown below) depicts another example implementation of a
`
`
`
`network server 114 that includes “one or more controllers 402 and a database 406,
`
`as described above in connection with FIG. 4. In addition, the network server 114
`
`may include a communication protocol layer 2716, which provides low-level
`
`communication functions to server communications software.” MSC-1005,
`
`¶¶[0540], [0077], [0531], [0542]; MSC-1003, ¶[61].
`
`
`
`13
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`
`
`
`MSC-1005, FIG. 27.
`An example method of using Burger’s Pocket Vault 102 to perform user and
`
`device authentication is shown in FIG. 7A below. When a user’s fingerprint is
`
`applied to the fingerprint scanner 220, the power manager 214 powers on the
`
`Pocket Vault 102. MSC-1005, ¶¶[178]-[181]. “[T]he fingerprint scanner 220
`
`[then] scans the applied fingerprint of the Pocket Vault holder” and determines
`
`whether the Pocket Vault 102 has been validated (step 708). MSC-1005, ¶¶[181]-
`
`[182]. “In one embodiment, the Pocket Vault 102 is not validated until: (1) a
`
`user’s fingerprints have been stored in the fingerprint memory (e.g., the write-once
`
`
`
`14
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`memory 212 of FIG. 2), and (2) the Pocket Vault 102 has received and stored
`
`encrypted validation information (e.g., a PKI certificate) from the network server
`
`114.” MSC-1005, ¶¶[182]; MSC-1003, ¶[62].
`
`MSC-1005, FIG. 7A.
`“When, at the step 708, it is determined that the Pocket Vault 102 has
`
`already been validated,” at step 712 “it is determined whether Pocket Vault 102
`
`has been authenticated, e.g., whether the fingerprint scanned at the step 706
`
`
`
`
`
`15
`
`

`

`IPR2024-01486
`U.S. Patent No. 8,352,730
`matches one of the fingerprints stored in the fingerprint memory 212.” MSC-
`
`1005, ¶¶[183]-[184], [209]-[210]. After “it is determined that the Pocket Vault
`
`102 has been properly authenticated,” “an encryp