~2019.Feb.04 Oral Arguments Strikeforce Technolog
Post# of 82672
(Total Views: 1193)
Posted On: 02/08/2019 10:00:44 AM
~2019.Feb.04 Oral Arguments
Strikeforce Technologies, Inc v. Secureauth Corporation
Some comments & opinions from the gallery . There are many more. Thank you all.
https://investorshangout.com/post/view?id=5336909
Everyone was here. Mark, George, and Ram. Half the court room was here for this case. I spoke with our lead attorney as well as Mark, George and Ram. Everyone felt it went well and now we wait for a decision. I will say the lady judge had the SA attorney stuttering as she questioned him on his saying our OOBA was not computer specific
https://investorshangout.com/post/view?id=5336960
Doc, it came down to whether or not SFOR’s technology was “computer specific”. That’s what it boiled down to. That’s where SA attorney had the hard time
https://investorshangout.com/post/view?id=5336991
This is huge!!! Even though Judge Pauline Newman was the one grilling YOUNG Knobbe Martens attorney Jeremy Anapol another Judge, Timothy Dyk, was also on the ANCORA victory where Knobbe Martens lost 2 months ago and Ropes & Gray used that case for their Supplemental Authority on November 26th!!!! The link is below...
02/04/2019 43 Submitted after ORAL ARGUMENT by Douglas Hallward-Driemeier, Esq. for Strikeforce Technologies, Inc. and Mr. Jeremy Angus Anapol for Secureauth Corporation.
https://investorshub.advfn.com/uimage/uploads...Update.png
www.cafc.uscourts.gov/sites/default/files/opinions-orders/18-1404.Opinion.11-16-2018.pdf
https://investorshangout.com/post/5341010
Renenber the SFOR's patent was ruled invalid by the California judge based on the Alice 101 (abstract idea).
In the federal oral argument, the SA's lawyer kept using Alice 103 (obviousness) reasonings and even the judge had to remind him twice that it was Alice 101 in discussion. Do you think SA's lawyer has any meaningful Alice 101 reasonings at hands on that day? None! Otherwise, he would have had used that for his defense.
And why did he spend so much time arguing SFOR's patent is not computer specific? Because he is trying hard to trick the judge for not using the case Ancora Technologies v HTC America as a precedent which means game over for SA. But is it not computer specific? Even the judge said "You can't mean that."
Which federal judge in his right mind would affirm the Alice 101 ruling base on Alice 103 arguments? I think the answer is very clear and no worries here.
https://investorshangout.com/post/view?id=5337669
I had the opportunity to meet and sit next to a fellow investor of SFOR, accb13! Awesome guy. I also meet another investor who said he doesn’t post on the board who also seemed like a great guy. There were 2 hearings before ours. At the end of each hearing the attorneys for that hearing would pack up and leave with a few spectators. When our hearing ended our Attorneys packed up and 80% of the court got up and left. Like 30 or so people! Who were all those people??? Might have been more than 30!
https://investorshangout.com/post/view?id=5337620
In my post hearing discussion with our lead attorney, who surprised me by how personable he was to me, he explained we do not want a quick decision. He said if we win a brief will need to be drawn up which will take time, not the case with a loss. So I’m for one am hoping we don’t hear anything for a while, FYI
https://investorshangout.com/post/5337738
It was a pleasure meeting you as well, Gator. The experience of watching it first hand with a fellow investor and seeing the SFOR brass sitting to our right was very cool. There were many things to take away from the hearing, but the one thing I can't stop thinking about (I haven't revisited the audio yet so it may sound like I'm paraphrasing) is when the judge kept telling the SA attorney that he was arguing 103 instead of 101.
https://investorshangout.com/post/view?id=5337908
I listened to the oral arguments twice and here's my take.
The female judge wanted clarification as to what Strikeforce argues is the difference now as to what was decided in the lower court. I thought Strikeforce's lawyer did a good job clarifying that the authentication channel is novel and an improvement to the prior art (and that it had survived numerous 103 challenges through the IPRs - that it had to be held true). I especially liked when the lawyer brought up "aunt Sally's twin - Bertha" not having authorized access (that analogy wasn't contested by the judges) and that that it is an improvement of prior art and that it has to be held true (due to the cases he referred to).
This was the most important part in my opinion:
SA's lawyer couldn't argue against the male judge saying that secure mail and Asgari Comradi (sp?) (starting at 18:20) wasn't precedent. The lawyer said it was "persuasive" - that's when the judge dug into his argument saying it wasn't precedent (rule 36 affirment) - and the judge saying "I never heard of disposition of rule 36 ever being persuasive" (to the point of feeling awkward) and the lawyer saying "I'll leave it up to you to decide how persuasive you think it is." The judge already said he never heard of it being persuasive. What SA's lawyer thought was his strongest point was strongly questioned by the male judge. After that, SA's lawyer was stammering and he continued for several minutes with the same argument (that the judge already said he never heard of it being persuasive). It didn't sound good...or persuasive. That whole argument fell apart right then and there. Then the female judge said he was presenting arguments (20:26) under 102 or 103 and not 101. All he could say is "I disagree." She then reminds him that Strikeforce's lawyer has said that "technology specific details sufficiently have been provided." The lawyer even argues against himself by saying "the word 'hacking' is a computer-specific term" all the time arguing that Strikeforce's techlology isn't computer-specific (even though it prevents hacking). He later goes on to say that in Strikeforce's technology "hacking" is not computer-specific. The female judge then says "I'm trying to get at the substance that you're talking about computers and hacking computer communications - I'm trying to understand the gap between 101 and 103." I loved it when she said "You can't mean that - you say even if we all agree this is a computer issue or problem, don't bother looking at computer issues and solutions....the solution is implemented by computer." All the lawyer could say is "I don't deny it could be useful." At one point the male judge even says SA's lawyer was wrong.
https://investorshangout.com/post/view?id=5341018
The judge you reference is Judge Pauline Newman. She knows computers, her whole life has been in that field. Check out her bio:
http://cafc.uscourts.gov/judges/pauline-newman-circuit-judge. She had the SA attorney on the verge of stuttering. I looked over at Kay, Waller and Ram as it was happening and we all were smiling! It was a great moment. She had him and wasn’t letting go.
https://investorshangout.com/post/view?id=5341990
In the brief SA filed, they accepted OOBA was invented by SFOR. Reversal is on Way...I know someone who was present at the oral & practiced Patent Law for over 10 yrs. In his view, it's an O&S case. Like others, I am waiting for an imminent big day which will open the flood gate of infringers & settlements.
********************************************
Links to the decision when it becomes available, and the oral argument recording
http://www.cafc.uscourts.gov/search/node/strikeforce
http://www.cafc.uscourts.gov/oral-argument-re...5Bdate%5D=
link to some background information on the appeal
https://investorshangout.com/post/view?id=5336195
Judge panel
http://www.cafc.uscourts.gov/judges/pauline-n...cuit-judge
PAULINE NEWMAN was appointed by President Ronald Reagan in 1984. From 1982 to 1984, Judge Newman was Special Adviser to the United States Delegation to the Diplomatic Conference on the Revision of the Paris Convention for the Protection of Industrial Property. She served on the advisory committee to the Domestic Policy Review of Industrial Innovation from 1978 to 1979 and on the State Department Advisory Committee on International Intellectual Property from 1974 to 1984. From 1969 to 1984, Judge Newman served as director, Patent, Trademark and Licensing Department, FMC Corp. From 1961 to 1962 she worked for the United Nations Educational, Scientific and Cultural Organization as a science policy specialist in the Department of Natural Sciences. She served as patent attorney and house counsel of FMC Corp. from 1954 to 1969 and as research scientist, American Cyanamid Co. from 1951 to 1954. Judge Newman received a B.A. from Vassar College in 1947, an M.A. from Columbia University in 1948, a Ph.D. from Yale University in 1952 and an LL.B. from New York University School of Law in 1958.
http://www.cafc.uscourts.gov/judges/haldane-r...cuit-judge
HALDANE ROBERT MAYER has been a member of the court since 1987. He served as Chief Judge from 1997 to 2004. Born in Buffalo, Judge Mayer was educated in the public schools of Lockport, New York, before attending the United States Military Academy at West Point, from which he graduated with a Bachelor of Science degree in 1963. He earned a law degree in 1971 at the Marshall-Wythe School of Law of The College of William and Mary, where he was editor-in-chief of the William and Mary Law Review as well as a member of Omicron Delta Kappa National Leadership Society. He has served as a director of the William and Mary Law School Association.
Judge Mayer served on active duty in the Army of the United States from 1963 until 1975 in the Infantry and the Judge Advocate General's Corps. He was awarded the Bronze Star Medal, the Meritorious Service Medal, the Army Commendation Medal with Oak Leaf Cluster, the Combat Infantryman Badge, Parachutist Badge, Ranger Tab, RVN Ranger Combat Badge, and several campaign and service ribbons. He resigned his Regular Army commission to take an Army Reserve commission, retiring in 1985 as a lieutenant colonel.
In 1971, Judge Mayer served as a law clerk for Judge John D. Butzner, Jr., of the United States Court of Appeals for the Fourth Circuit in Richmond, Virginia. He practiced law in Charlottesville, Virginia, in the mid-1970’s, simultaneously serving as an adjunct at the University of Virginia School of Law, as he did again in the 1990’s. He has also been an adjunct at George Washington University National Law Center.
From 1977 through 1980, Judge Mayer was the Special Assistant to the Chief Justice of the United States, Warren E. Burger, after which he returned to private law practice in Washington, D.C., until he became Deputy and Acting Special Counsel (by designation of the President).
President Ronald Reagan appointed Judge Mayer to what is now the United States Court of Federal Claims in 1982, and to the United States Court of Appeals for the Federal Circuit in 1987. He assumed senior status on June 30, 2010.
http://www.cafc.uscourts.gov/judges/timothy-b...cuit-judge
TIMOTHY B. DYK was appointed by President William J. Clinton in 2000. Prior to his appointment, Judge Dyk was Partner and Chair, Issues and Appeals Practice Area, at Jones, Day, Reavis & Pogue from 1990 to 2000. He was Adjunct Professor at Yale Law School from 1986 to 1987 and 1989, at the University of Virginia Law School in 1984 and 1985, and from 1987 to 1988, and at the Georgetown University Law Center in 1983, 1986, 1989 and 1991. Judge Dyk was Associate and Partner, Wilmer Cutler & Pickering from 1964 to 1990. From 1963 to 1964, Judge Dyk served as Special Assistant to Assistant Attorney General Louis F. Oberdorfer. He also served as Law Clerk to Chief Justice Warren from 1962 to 1963, and to Justices Reed and Burton (retired) from 1961 to 1962. Judge Dyk received an A.B. from Harvard College in 1958 and an LL.B. from Harvard Law School in 1961. He was First President of the Edward Coke Appellate Inn of Court from 2000 to 2001 and President of the Giles Sutherland Rich Inn of Court from 2006 to 2007. He was the recipient of the 2012 American Inns of Court Professionalism Award for the Federal Circuit and the 2016 Honorable William C. Conner Inn of Court Excellence Award. Judge Dyk is the co-author of the Chapter on Patents in the Fourth Edition of the treatise, Business and Commercial Litigation in Federal Courts. He is a member of The American Law Institute.
Attorneys presenting argument
For Strikeforce Technologies
https://www.ropesgray.com/en/biographies/h/do...-driemeier
Douglas Hallward-Driemeier
Partner
Doug, who leads the firm’s Appellate and Supreme Court practice, has presented more than 70 appellate arguments, including 16 times before the U.S. Supreme Court and before every federal circuit court of appeals. He has briefed and argued both civil and criminal matters covering a wide range of subjects and has particular experience in the areas of intellectual property, bankruptcy, the False Claims Act, securities litigation, and antitrust. Doug has also extensive experience litigating issues of concern to companies and foreign governments with international activities, including the Alien Tort Statute, the Foreign Sovereign Immunities Act, and forum non conveniens.
Doug collaborates with colleagues across numerous practice areas. In addition to handling appeals, Doug works closely with trial court colleagues to present the most compelling dispositive motions and to preserve our clients’ rights to appeal if necessary. He routinely consults with clients about avenues for challenging administrative actions and advises clients about the constitutionality of legislation affecting their interests.
Doug rejoined the firm in 2010 after spending more than a decade handling civil appeals and Supreme Court litigation for the U.S. Department of Justice. Between 2004 and 2009, he was an Assistant to the Solicitor General, where he briefed and argued cases on behalf of the United States before the Supreme Court. Doug has argued sixteen cases before the Supreme Court and filed more than 150 briefs in that Court. In 2015, Doug argued before the Supreme Court in the highly-publicized landmark marriage equality case (Obergefell v. Hodges) and in a key bankruptcy case regarding whether an order denying confirmation of a bankruptcy plan is appealable (Bullard v. Blue Hills Bank).
For SecureAuth
https://www.knobbe.com/attorneys/jeremy-anapol
Knobbe Martens attorney Jeremy Anapol
University of California - Los Angeles School of Law (J.D. 2012)
University of California - Berkeley (B.S. Electrical Engineering & Computer Science 2007)
Jeremy Anapol focuses on patent litigation and post-grant proceedings involving computer hardware and software. He also has experience representing clients in antitrust cases, multidistrict litigation, covered business method (CBM) review and inter partes review (IPR) proceedings.
Jeremy's cases have focused on a variety of technologies including computer security, e-commerce, wireless locks, magnetic resonance imaging, and non-invasive monitoring of blood constituents. He has also assisted with the preparation and prosecution of numerous patents involving video compression, voice recognition, audio signal processing, wireless asset tracking, data mining, and cloud computing.
Before joining the firm, Jeremy worked as a software engineer developing web applications. During law school, he spent a semester working for the Honorable R. Gary Klausner at the U.S. District Court for the Central District of California.
********************************************
Unofficial Transcripts. with just a few passages underlined. Reading or listening to the entire presentation is interesting. You can listen to the official court mp3 at,
http://www.cafc.uscourts.gov/oral-argument-re...5Bdate%5D=
https://investorshangout.com/post/view?id=5341148
SFOR Argument transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SFOR: May I please the court. As this court held in Ancora which we addressed in the 28J letter, improving computer security can be non-abstract improvement if done by a specific technique that the parts from earlier approaches to solve a specific computer problem. And that is precisely what we have here. In fact, the analogy between the systems and improvements here and Ancora are very stark.
In Ancora, as here, the problem was the software license was subject to hacking. That’s at 13.44.
Now some systems have tried to improve upon the prior art such as with a unique identification code, and that is true here as well, as in Wesinger patent that is described and disparaged in specification in these patents. Um, the other attempts have been to place the license in a specific place, a non-modifiable ROM. What the claims that were upheld there did was it broke with that traditional approach by placing the license in a different place, in a modifiable part of the memory in the BIOS. That is the same thing as we have here. Prior art systems had, have the problem of all of the identification information coming in through the access channel. Whether it was in-band or whether even it was a partially out-of-band system, in all of those systems the identification information was coming back in through the access channel, which made it particularly susceptible to hacking.
And in a self-authenticating environment , where everybody is, is, really ah, operating in an anonymous fashion and if you have the credentials you look like the real person whether you may be a hacker or not. There was no way to authenticate that the person presenting the credentials was who they said they were.
And so these claims solve that problem by relocating the authentication to a different place, just as was true in Ancora.
In contrast to the other systems where you had either in-band or even partial out-of-band always coming back through the access channel. Here, we have two separate channels. We have the access channel....
Judge: Suppose we were to disagree with you on that and to say that the idea of having two separate channels Is an abstract idea that doesn’t involve the complete , ah, separation, doesn’t involve, ah, an inventive concept. Is there anything about the diversion the interception that is, ah, an inventive concept?
SFOR: I-I think here , your honor, it is true that the specific solution -because here we don’t proport to preempt the notion of complete out-of-band communication or even complete out of band authentication. Because you can have a system in which the accessor initiates the communication with the security computer and establishes the authentication channel, that would not be covered by these claims if it simply at that point goes directly from the security computer to the host computer and says grant access.
Judge: Ok but I understand you are arguing and that that means that there’s not complete preemptions here but, are you arguing that the diversion, the interception is itself an innovative concept?
SFOR: I think that the interception device really underscores the inventive aspect of this because...
Judge: If not in and of itself an innovative concept....
SFOR: Not in and of itself, but what it does is is it underscores that as in {DVR} you are overriding the traditional method in which , uh, uh, identification is verified. In the traditional method it goes straight down the access channel and all you are able to do is establish that the credentials are credentials that match up with authorized credentials; but you are not able to establish that the person presenting those credentials is in fact the authorized user.
What this does is an interception device , I think sort of is the exclamation point , it cuts that off, it overrides that traditional process by sending it off into the separate authentication channel . And then in the separate authentication channel there is specific components that are arranged in a way that allow you to know that the, um, accessor is in fact the authorized accessor. And that’s because you have a predetermined address or telephone number that you reach out to, establish that authentication channel, and the fact that the person answers and is able to supply the predetermined data in response, again through the authentication channel, allows you to know that it is in fact the authorized user.
In fact, unlike with prior art systems which some of which did use biometric data, the use of biometric data in a system in which all the information is coming back through the access channel doesn’t really significantly improve security. Because if you have a hacker there and they capture the biometric data , your fingerprint, all that is is digitized data. It’s the same as any other digitized data that can be replicated by the hacker in a later attempt to access.
If however, you have two physically separate channels, the authentication channel completely, physically, independent of the access channel, then if you use biometric data it’s not going to be captured unless the hacker simultaneously is hacking two different channels at the same time. This way you know that the person is inputting the biometric data in the authentication channel is in fact the authorized user.
It’s those improvements over the prior art that are described and have to be accepted as true at this point- which is a motion to dismiss!
Under Berkenheimer and Atrix - under Vascom it has to be accepted as true. And, And, I think really again as in Ancora the court said, how are we to know whether these are, in fact, improvements over the prior art as they are claiming to be in this specification we have to accept that as true at this point in the litigation.
What the court has consistently advised against is treating the 101 inquiry as though it were 103 lite. And that is particularly the opposite here, because these claims have already survived multiple 103 challenges. There were two IPR’s each with multiple grounds, that were not instituted because the prior art that they had to cobble together -3 or more references - did not disclose all the limitations of these claims.
And so when you have something that is sufficiently robust and inventive, non-obvious, to survive multiple 103 challenges- to allow something to waltz in and say ‘well but it’s a lot like if you try to go into preschool and try to somehow try to map in on to..
Judge: But what they did say was that every step was known and that the combination of steps was known. Maybe , Isn’t that clear as a given? Is it, that these other aspects were set aside?
SFOR: Your Honor, I want to make/be clear the preschool analogy that they use to suggest that all these steps were already known is not our system. In that hypothetical that they give forth, Aunt Sally or whoever the relative is that is coming -all they are able to do is to verify that Aunt Sally has permission to pick up the child. They’re not able to verify Aunt Sally is Aunt Sally. It’s the latter problem that is the real problem of computer technology where you have a man in the middle , the hacker, in the self-authenticating environment. Because whoever comes in and says I’m Aunt Sally looks just like Aunt Sally if they are anonymous.
They’re just ...
Judge: All you need to do is change the hypothetical and ask the parent what Aunt Sally looks like.
SFOR: Well your Honor, But again, I think because of the unique nature of the new technology it could be Aunt Sally’s twin. Aunt Sally has authorization but Aunt Bertha, who is Aunt Sally’s twin, does not. And you can’t distinguish them from their credentials. From the credentials they each have the same drivers license, you can’t distinguish them. That is the true problem of user authentication - authenticating that the person is who they claim to be.
All of the other systems are designed to make sure that the credentials are authorized credentials, they don’t authenticate that the user accessor is the accessor. And that’s what these claims do-precisely because of the particular architecture that they use.
It may be that the elements of it, a router, a security computer, etc are known elements but they are arranged in a way here that allows you to do something that the prior art was not able to do.
It’s that improvement that is claimed.
And again, it is not all out-of-band there are a lots of out-of-band systems that don’t do it the way that are claimed here. In fact, Wesinger is a version of out-of-band it’s partial out-of-band because you send the information out through out-of-band but it comes back through the access channel. And again as I said before it doesn’t even preempt all completely out-of-band systems. But what this completely out-of-band system does, arranged as these elements are arranged, is it allows you to insure the person seeking to access is in fact the authorized accessor.
Judge: What allows you to do it, is the advancement, the capabilities of technology, and what they say, and held, was this that this is just an old idea it’s just we now - that we now are able to implement it.
SFOR: No, your honor, I think that what’s true, I mean again, the sending the PIN out through the mail from the bank example that they give, and then you bring the PIN back in. All the PIN is, is a password, thats the the old art. All the PIN is, is the password because it is coming back in through the authentication channel. You may be an imposter but if you were there when the mail was delivered and you picked up the PIN you are able to use the PIN. So you don’t know whether the person is who they claim to be, only that they have the right credential. What this system does is organize things, especially I think it’s critical again, the physical separation of the channels so that no hacker can get the authenticating information. Because they are not-the hackers in the access channel- they are not in the authentication channel, because there is nothing there there is no information there. They are not in the authentication channel because they are not in the authentication channel, if for example you use the biometric data, the fingerprint, they don’t get it. And you know the accessor is the accessor.
It’s that unique combination, and the specification chooses that language. And in Berkenheimer and Atrix and Vascom the court has said you have to accept these allegations that it is an improvement , it is not a well understood common routine arrangement. It is one that is not, it improves on the prior art and those have to be accepted as true at this point in the process. So at most we would be entitled to a Remand to establish that those facts as alleged in this specification are true!
I think that you can actually resolve this at step one for the reasons I have already said.
I would like to reserve the balance of my time...
Judge: Ok, thank you.... ...let’s hear from Mr, Anapol when you are ready
https://investorshangout.com/post/view?id=5341149
SecureAuth Argument transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SA: If I may please the court. The decision below should be affirmed because the district court correctly held that the focus of these claims here is out-of-band authentication and that idea is not specific to computer technology.
And we can see that from this court’s cases such as SecureMail, Prism, both of which were addressed in the briefs. As well as a case that came out after our briefing was complete [Ausgary, Comrony, November, 2016 -2415] which also dealt with a form of out-of-band authentication.
So, there has been 3 cases where specific ways of performing authentication in a computer network were held to be abstract, and those are the cases that we are relying on. The cases that opposing council, Strikeforce’s council is pointing to , do not relate even to authentication . Their , their just simply not as analogous as the cases we are relying on. And the reason why SecuredMail, Prism, and [Asgary/ Comrony] held the claims there ineligible is because authentication even when using different communication channels is not a computer specific problem. And the use of multiple channels is not a computer specific solution.
Communication channels could be paper mail, they could be telephones, they could be all manners of different communication channels and that’s what our preschool analogy illustrates.
And l’ll note that in Prism and SecuredMail this court relied on analogies to determine that the ideas at issue were not computer specific. And that’s what we have done here.
I do want to address Strikeforce’s criticism of our analogy. They mention this idea of authenticating who Aunt Sally is. I don’t see anything in the claims that require a verification of the identity of a person apart from verifying that they have the correct information. So there is nothing in the claims that reflects this idea of authenticating who Aunt Sally is as opposed of just that , uh , they have the right login identification. And, So I think that that distinction just doesn’t hold water.
I would also like to address Ancora.... So that case, again, found that the claims were not abstract because they were directed to a computer specific solution, to a computer specific problem.
Specifically there was this BIOS memory and it was alleged that the structure of this BIOS memory, which is of course is unique to computers, is what allowed the solution there to prevent hacking.
So specifically the BIOS memory had multiple areas , the BIOS-ROM, and the BIOS Esquared PROM, and that later part is where the license verification structure was stored. And the reason that that provided an improvement to computer security was that the patent explained BIOS, Esquared PROM is more difficult to access , uh, for a programmer , and when you do access it improperly there is a higher risk that the computer will be disabled.
So they are relying on this very specific computer structure, a memory within the computer that has different traits from other memories that make tampering with that memory less likely to be successful for a hacker.
Here we’re re not seeing any structure that is computer specific that’s being relied on to provide the alleged benefits. The supposed resistance to hacking comes from the use of two separate communication channels. Communication channels , as I have said, are not computer specific and using two separate communication channels improves security outside of computers as well.
We saw that in SecuredMail, we saw that in [Ausgary/Comrony], and let me just explain that a little more since it wasn’t in the briefs, since it had not come out yet, why there are two channels at issue there.
So I do want to note that’s a rule 36 afferent so we don’t know what the reasoning of this court was, but we do know.....
Judge: And it’s not precedent!
SA: That’s correct, it’s not precedent but it is persuasive. I believe under federal circuit rule #32.1.
So we what we know is the context of the claim there....
Judge: The rule 36 is persuasive??
SA: It, non-precedential dispositions are persuasive......
Judge: I don’t know remember any case that says a rule 36 disposition is persuasive.
SA: I believe-well, I guess your honor, is of course, free to decide however persuasive you think it is.
But I will just explain what the facts were there, and what the claims said.
The claims said, that you have a central authority, and external....... I’m sorry, central entity , an external entity , and a user.
The user is trying to access the external entity. So they first start a transaction with that entity and then in order to authenticate that transaction they separately communicate with the central entity to get a code. So there is communication between the external entity, that’s one communication path and the user, and communications between the central entity and the user. And those two separate communication paths are both needed to perform the authentication.
But, setting that aside since it is a rule 36 judgement.
Let’s take a look at SecuredMail. Again that’s a case we pointed out uses not just out-of-band authentication but completely out-of-band authorization , which is what Strikeforce is relying on here. And in that case the/a person receives a piece of mail through the normal postal service and then wants to validate or authenticate that mail. And so they initiate a computer connection and over the computer connection you authenticate that the mail is authentic. And that is a bi-directional out-of-band communication channel. Because it’s separate from the paper mail.....
Judge: But you are presenting arguments under 102 or 103 not 101.
SA: No, I disagree your honor......I’m explaining that in these previous cases, SecuredMail, Prism, Ausgary,Comrony, this court found that all the claims were directed to abstract ideas. Not because they are old, and I’m not.......
Judge: But those cases depend on their facts. I know you are drawing analogy of the facts, but the 101 case, the abstract ideas, lines have been drawn as to what it is or isn’t an abstraction.
SA: The point I’m trying to make your honor, is that why made the ideas in those claims abstract is that they did not provide technology specific solutions to a technology specific problem.
So the way that ....
Judge: But you are -inaudible-
in this case technology specific details sufficiently have been provided!
SA: And the details opposing council provides that are allegedly technology specific is this use of two separate channels .
And that is why I’m going into SecuredMail to show that the use of two separate channels to perform authentication is not technology specific. SecuredMail negates the idea they are proposing that the use of two separate channels to perform authentication is technology specific.
Judge: So what would have to be needed the code, the computer code to overcome this gap?
SA: It’s - No, your honor, it’s not a question of inadequate disclosure of the use of two separate channels, it’s that the use of two separate channels itself is not technology specific because the use of communication channels is not limited to computers. And that’s why we provide this analogy to show that the use of multiple channels for authentication is performed outside the computer context. So they would need a completely different focus of their claims. They would need something like exploiting the structural traits of BIOS, as in Ancora, as distinguished from other computer memory - that is a computer specific solution because it arises specifically from the structure of a computer component. Here, there is nothing they are pointing to that arises specifically from the structure of a computer component that they are relying on for the solution.
Judge: The whole focus is computer hacking. I-I’m trying to understand where the line appropriately should be drawn - between the adequacy of overcoming 101 and not doing so.
SA: I think characterizing this as hacking your honor, is too general of a characterization to be useful. What they mean by hacking here is simply intercepting data that is in transit. Right? Intercepting ......
Judge: There, there is no dispute that that is the target.
SA: Sorry
Judge: interception, to avoid interception.
SA: Right, to avoid interception of information being communicated. That problem is not computer specific. Because, information is routinely intercepted in communication channels ......
Judge: Well it is considered computer specific but it’s applying the same concept that exists outside of computers in the computer context.
SA: The word, hacking , is a computer specific word. But I’m saying the substance of what they are using that word to refer to here, interception in a communication channel, is not computer specific. And that’s why they refer to Ancora because Ancora used the word hacking. But it was using that word to refer to something different. It was using that word to refer to tampering with data stored on the computer to obtain rights to run software that you do not own.
So......
Judge: So it would solve the 101 problem if they had exclusively said we were looking at computer hacks?
SA: No your Honor. The..... the word computer....the word hacking in this context simply means ... uh, intercepting communications in communication channel. Which is not computer specific.
Judge: So that......is to say that intercepting computer communications, is that the difference that you are giving?
SA: No, no, no, that’s just a verbal formulation , your honor, I’m talking about the substance of what their pointing to.
Judge: I-I’m trying to get at the substance of where , where it, it’s crystal clear that you are talking about computers and hacking-computer communications. I’m trying to understand the gap between 101 and 103.
SA: 103 is about what is old. 101 is about what is computer specific. And the reason I say that the so-called hacking here is not computer specific is because it’s no different than intercepting communications in a non-computer communication channel. Unlike the hacking in Ancora which was specifically about accessing computer memory and the use of different types of computer memories. So hacking, for...let me also make this point. Hacking is the problem, right? In order to have a non-abstract solution, you need both the problem to be computer specific and the solution. So I- I think for the reasons I have already explained that they don’t have a technology specific problem here...
But I, you know, that’s not the only issue. The other issue is, do they have a computer specific solution? And the answer to that is also, no, because their alleged solution is to use two separate communication channels in case the communications in one channel are intercepted.
And that solution is not specific to computers because it works with paper mail as we saw in SecuredMail. It works with telephones as we see in our preschool analogy.
And so, even if they did have a computer specific problem of hacking. Their way of preventing that hacking is not a computer specific solution. And I do want to also address this interception issue because this is .......
Judge: that, that, that’s ... You, You can’t mean that! You say even if you , if we all agree that this is a computer problem don’t bother looking at computer, uh, issues and solutions?
SA : If they had a computer specific solution , your honor, that would be patent eligible!
Judge: But why does that convert the issue into an abstract idea?
SA: That is the dividing line that this court has identified between abstract ideas and patentable computer specific improvements. So, in Ancora, in Enfish, in [PhenGen], the common trait that links all those cases your honor, is do you have a computer specific solution to a computer specific problem. And they don’t here. And that’s why.....
Judge: But their solution is implemented by computer .
SA: Implementing, an information based solution in a computer environment is not enough. And we pointed to, for example, [intellectual—- vs CapitalOne financial for that proposition, but that’s well established in the case law.
Implement, just as implementing escrow or intermediated settlement in a computer environment, under Alice, didn’t prevent the claims from being abstract.
And that’s what we have here. A communication channel solution that is simply implemented in a computer environment.
I don’t deny that it could be useful. Just as implementing intermediated settlement in a computer environment could be useful but it doesn’t make it computer specific and that is a crucial dividing line in the case law.
Before I run out of time, I just want to address this interception issue.
The agreed construction of interception device is something that prevents the host computer from receiving. That is a purely functional and generic construction and such purely functional and generic elements cannot provide an inventive concept as a matter of law.
I would also like to point out that the interception device does not even have to be separate from the host computer according to Strikeforce itself. For example, at appendix 799. And there’s embodiments that Strikeforce has referred to in its reply brief showing that the interception device and the host computer may be the same device. So to say that the interception device shields the host computer is false because Strikeforce has said that the interception device may be part of the host computer.
And even if that wasn’t the case because its purely functional and generic it cannot provide an inventive concept as a matter of law.
Judge: Ok, Thank you.
https://investorshangout.com/post/view?id=5341150
Sfor Rebuttal transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SFOR: Thank you, your honor. I want to start with the fact that where you have to draw the line. Because as this court has noted, if you draw it at too high a level of generality- exception swallows the rule.
And, and, my opponent suggested that these claims are not about user identification but that fails to recognize the critical feature of these claims.
And I want to just point to several points where that is clear. In this specification; column 2, lines 20-22, it says that the pro.... the technical problem is addressed is that the hacker is in a self-authenticating environment - in other words the hacker appears......
Judge: That’s true. He-He was wrong about that! But uh, the fact is that in the non-computer context we have the same problem with the same solution.
SFOR. Well your honor, as, as, as I think the court, the case that says this best is the recent case we did not cite, its Data- um, Engine Technologies v Google 906 F-3rd 999 , uh, 2018. Uh, which was, came down after briefing.
It cleared that it’s not sufficient just to be able to trace to some, uh, real world analogy- it has to be an apposite one. And here the preschool analogy one is not apposite because in order to actually practice these claims, in every instance when anybody, even if they are on the permitted list comes to pick up the child you would have to call that person’s cell phone which they would have to have in hand to be able to verify that they are in fact the person on the list and an authenticated used- that never happens. So all they are doing is like waving their hands , something looks like it, it’s the precise problem.....
Judge: It sure sounds like something that happens pretty frequently in the real world in the era before computers. Take, take example someone picking cash from a bank with a note from the depositor. And the bank decides to call the depositor on a land line and asks if the person picking it up is an authorized to pick it up. You, you can come up with lots of examples of this dual channel , uh, utility.
SFOR: But once again your honor, what that doesn’t do is authenticate that the person who’s there is in fact the employee as opposed to someone who is masquerading as the employee. And this goes back to....
Judge: But, but you are claiming every method of ident.., authentication, uh, without limit, isn’t that the problem and I think part of the foundation for the decision that this was abstract?
SFOR: Your Honor, what, what, is critical is that these claims- because they reach out- the, the, the separate authentication channel, you can reach out to a cellphone or PDA that’s already identified in the database, and they reach out and the person who answers it has to give back predetermined information .
This is along a second channel so it’s not somebody sitting in the access channel that may have got it before. That is a significantly higher degree of certainty the user is who....
Judge: But, but, in the bank example, the bank example is they put the guy on the phone, I want to listen to his voice to see if this is the, the person that I sent. Voice recognition , same deal.
SFOR: Your Honor, again, the fact that you could conceive of a system in the real world, in the brick and mortar system, uh, that is not sufficient , that was true in [DVR] where you could conceive of a store within a store , but that wasn’t the problem that was being addressed and it didn’t work they same way. In DVR as here, there is the interception you bring it over to the other system -
I just want to say- Quote, this is, um 9, uh, #12 lines 28-33- that reflect, that in a computer network system, in a corporate system, everybody has their user ID and password. Verifying that they are an authenticated user in that sort of first level way is not that significant. What is that significant is verifying - and this is what it says- Authentication of the person seeking access is the most significant!
And that is what these claims do, they improve the other systems by providing a completely physically separate authentication process using all of these elements: the interception device, the security computer, the, ah, subscriber database, the authentication channel that’s completely physically separate - shares no facilities with the access channel. To a pre-determined number where the user has to pre..., input back in, back through the authentication channel, pre-determined data including biometric data.
That system provides a level of, it may be true that no system can give 100% certainty that the user is the user. This system improves it. It’s true in Ancora as well, it wasn’t absolutely, you know, impenetrable, but here as well, what you have done is improve dramatically the security and the ability to identify the user as the user.
At the very least that is what the specification says is true, whether that is or is not factually true is something that should be determined as a matter of fact on remand. Thank you very much.
Judge: Thank you, thank you both. The case is taken under submission
Strikeforce Technologies, Inc v. Secureauth Corporation
Some comments & opinions from the gallery . There are many more. Thank you all.
https://investorshangout.com/post/view?id=5336909
Everyone was here. Mark, George, and Ram. Half the court room was here for this case. I spoke with our lead attorney as well as Mark, George and Ram. Everyone felt it went well and now we wait for a decision. I will say the lady judge had the SA attorney stuttering as she questioned him on his saying our OOBA was not computer specific
https://investorshangout.com/post/view?id=5336960
Doc, it came down to whether or not SFOR’s technology was “computer specific”. That’s what it boiled down to. That’s where SA attorney had the hard time
https://investorshangout.com/post/view?id=5336991
This is huge!!! Even though Judge Pauline Newman was the one grilling YOUNG Knobbe Martens attorney Jeremy Anapol another Judge, Timothy Dyk, was also on the ANCORA victory where Knobbe Martens lost 2 months ago and Ropes & Gray used that case for their Supplemental Authority on November 26th!!!! The link is below...
02/04/2019 43 Submitted after ORAL ARGUMENT by Douglas Hallward-Driemeier, Esq. for Strikeforce Technologies, Inc. and Mr. Jeremy Angus Anapol for Secureauth Corporation.
https://investorshub.advfn.com/uimage/uploads...Update.png
www.cafc.uscourts.gov/sites/default/files/opinions-orders/18-1404.Opinion.11-16-2018.pdf
https://investorshangout.com/post/5341010
Renenber the SFOR's patent was ruled invalid by the California judge based on the Alice 101 (abstract idea).
In the federal oral argument, the SA's lawyer kept using Alice 103 (obviousness) reasonings and even the judge had to remind him twice that it was Alice 101 in discussion. Do you think SA's lawyer has any meaningful Alice 101 reasonings at hands on that day? None! Otherwise, he would have had used that for his defense.
And why did he spend so much time arguing SFOR's patent is not computer specific? Because he is trying hard to trick the judge for not using the case Ancora Technologies v HTC America as a precedent which means game over for SA. But is it not computer specific? Even the judge said "You can't mean that."
Which federal judge in his right mind would affirm the Alice 101 ruling base on Alice 103 arguments? I think the answer is very clear and no worries here.
https://investorshangout.com/post/view?id=5337669
I had the opportunity to meet and sit next to a fellow investor of SFOR, accb13! Awesome guy. I also meet another investor who said he doesn’t post on the board who also seemed like a great guy. There were 2 hearings before ours. At the end of each hearing the attorneys for that hearing would pack up and leave with a few spectators. When our hearing ended our Attorneys packed up and 80% of the court got up and left. Like 30 or so people! Who were all those people??? Might have been more than 30!
https://investorshangout.com/post/view?id=5337620
In my post hearing discussion with our lead attorney, who surprised me by how personable he was to me, he explained we do not want a quick decision. He said if we win a brief will need to be drawn up which will take time, not the case with a loss. So I’m for one am hoping we don’t hear anything for a while, FYI
https://investorshangout.com/post/5337738
It was a pleasure meeting you as well, Gator. The experience of watching it first hand with a fellow investor and seeing the SFOR brass sitting to our right was very cool. There were many things to take away from the hearing, but the one thing I can't stop thinking about (I haven't revisited the audio yet so it may sound like I'm paraphrasing) is when the judge kept telling the SA attorney that he was arguing 103 instead of 101.
https://investorshangout.com/post/view?id=5337908
I listened to the oral arguments twice and here's my take.
The female judge wanted clarification as to what Strikeforce argues is the difference now as to what was decided in the lower court. I thought Strikeforce's lawyer did a good job clarifying that the authentication channel is novel and an improvement to the prior art (and that it had survived numerous 103 challenges through the IPRs - that it had to be held true). I especially liked when the lawyer brought up "aunt Sally's twin - Bertha" not having authorized access (that analogy wasn't contested by the judges) and that that it is an improvement of prior art and that it has to be held true (due to the cases he referred to).
This was the most important part in my opinion:
SA's lawyer couldn't argue against the male judge saying that secure mail and Asgari Comradi (sp?) (starting at 18:20) wasn't precedent. The lawyer said it was "persuasive" - that's when the judge dug into his argument saying it wasn't precedent (rule 36 affirment) - and the judge saying "I never heard of disposition of rule 36 ever being persuasive" (to the point of feeling awkward) and the lawyer saying "I'll leave it up to you to decide how persuasive you think it is." The judge already said he never heard of it being persuasive. What SA's lawyer thought was his strongest point was strongly questioned by the male judge. After that, SA's lawyer was stammering and he continued for several minutes with the same argument (that the judge already said he never heard of it being persuasive). It didn't sound good...or persuasive. That whole argument fell apart right then and there. Then the female judge said he was presenting arguments (20:26) under 102 or 103 and not 101. All he could say is "I disagree." She then reminds him that Strikeforce's lawyer has said that "technology specific details sufficiently have been provided." The lawyer even argues against himself by saying "the word 'hacking' is a computer-specific term" all the time arguing that Strikeforce's techlology isn't computer-specific (even though it prevents hacking). He later goes on to say that in Strikeforce's technology "hacking" is not computer-specific. The female judge then says "I'm trying to get at the substance that you're talking about computers and hacking computer communications - I'm trying to understand the gap between 101 and 103." I loved it when she said "You can't mean that - you say even if we all agree this is a computer issue or problem, don't bother looking at computer issues and solutions....the solution is implemented by computer." All the lawyer could say is "I don't deny it could be useful." At one point the male judge even says SA's lawyer was wrong.
https://investorshangout.com/post/view?id=5341018
The judge you reference is Judge Pauline Newman. She knows computers, her whole life has been in that field. Check out her bio:
http://cafc.uscourts.gov/judges/pauline-newman-circuit-judge. She had the SA attorney on the verge of stuttering. I looked over at Kay, Waller and Ram as it was happening and we all were smiling! It was a great moment. She had him and wasn’t letting go.
https://investorshangout.com/post/view?id=5341990
In the brief SA filed, they accepted OOBA was invented by SFOR. Reversal is on Way...I know someone who was present at the oral & practiced Patent Law for over 10 yrs. In his view, it's an O&S case. Like others, I am waiting for an imminent big day which will open the flood gate of infringers & settlements.
********************************************
Links to the decision when it becomes available, and the oral argument recording
http://www.cafc.uscourts.gov/search/node/strikeforce
http://www.cafc.uscourts.gov/oral-argument-re...5Bdate%5D=
link to some background information on the appeal
https://investorshangout.com/post/view?id=5336195
Judge panel
http://www.cafc.uscourts.gov/judges/pauline-n...cuit-judge
PAULINE NEWMAN was appointed by President Ronald Reagan in 1984. From 1982 to 1984, Judge Newman was Special Adviser to the United States Delegation to the Diplomatic Conference on the Revision of the Paris Convention for the Protection of Industrial Property. She served on the advisory committee to the Domestic Policy Review of Industrial Innovation from 1978 to 1979 and on the State Department Advisory Committee on International Intellectual Property from 1974 to 1984. From 1969 to 1984, Judge Newman served as director, Patent, Trademark and Licensing Department, FMC Corp. From 1961 to 1962 she worked for the United Nations Educational, Scientific and Cultural Organization as a science policy specialist in the Department of Natural Sciences. She served as patent attorney and house counsel of FMC Corp. from 1954 to 1969 and as research scientist, American Cyanamid Co. from 1951 to 1954. Judge Newman received a B.A. from Vassar College in 1947, an M.A. from Columbia University in 1948, a Ph.D. from Yale University in 1952 and an LL.B. from New York University School of Law in 1958.
http://www.cafc.uscourts.gov/judges/haldane-r...cuit-judge
HALDANE ROBERT MAYER has been a member of the court since 1987. He served as Chief Judge from 1997 to 2004. Born in Buffalo, Judge Mayer was educated in the public schools of Lockport, New York, before attending the United States Military Academy at West Point, from which he graduated with a Bachelor of Science degree in 1963. He earned a law degree in 1971 at the Marshall-Wythe School of Law of The College of William and Mary, where he was editor-in-chief of the William and Mary Law Review as well as a member of Omicron Delta Kappa National Leadership Society. He has served as a director of the William and Mary Law School Association.
Judge Mayer served on active duty in the Army of the United States from 1963 until 1975 in the Infantry and the Judge Advocate General's Corps. He was awarded the Bronze Star Medal, the Meritorious Service Medal, the Army Commendation Medal with Oak Leaf Cluster, the Combat Infantryman Badge, Parachutist Badge, Ranger Tab, RVN Ranger Combat Badge, and several campaign and service ribbons. He resigned his Regular Army commission to take an Army Reserve commission, retiring in 1985 as a lieutenant colonel.
In 1971, Judge Mayer served as a law clerk for Judge John D. Butzner, Jr., of the United States Court of Appeals for the Fourth Circuit in Richmond, Virginia. He practiced law in Charlottesville, Virginia, in the mid-1970’s, simultaneously serving as an adjunct at the University of Virginia School of Law, as he did again in the 1990’s. He has also been an adjunct at George Washington University National Law Center.
From 1977 through 1980, Judge Mayer was the Special Assistant to the Chief Justice of the United States, Warren E. Burger, after which he returned to private law practice in Washington, D.C., until he became Deputy and Acting Special Counsel (by designation of the President).
President Ronald Reagan appointed Judge Mayer to what is now the United States Court of Federal Claims in 1982, and to the United States Court of Appeals for the Federal Circuit in 1987. He assumed senior status on June 30, 2010.
http://www.cafc.uscourts.gov/judges/timothy-b...cuit-judge
TIMOTHY B. DYK was appointed by President William J. Clinton in 2000. Prior to his appointment, Judge Dyk was Partner and Chair, Issues and Appeals Practice Area, at Jones, Day, Reavis & Pogue from 1990 to 2000. He was Adjunct Professor at Yale Law School from 1986 to 1987 and 1989, at the University of Virginia Law School in 1984 and 1985, and from 1987 to 1988, and at the Georgetown University Law Center in 1983, 1986, 1989 and 1991. Judge Dyk was Associate and Partner, Wilmer Cutler & Pickering from 1964 to 1990. From 1963 to 1964, Judge Dyk served as Special Assistant to Assistant Attorney General Louis F. Oberdorfer. He also served as Law Clerk to Chief Justice Warren from 1962 to 1963, and to Justices Reed and Burton (retired) from 1961 to 1962. Judge Dyk received an A.B. from Harvard College in 1958 and an LL.B. from Harvard Law School in 1961. He was First President of the Edward Coke Appellate Inn of Court from 2000 to 2001 and President of the Giles Sutherland Rich Inn of Court from 2006 to 2007. He was the recipient of the 2012 American Inns of Court Professionalism Award for the Federal Circuit and the 2016 Honorable William C. Conner Inn of Court Excellence Award. Judge Dyk is the co-author of the Chapter on Patents in the Fourth Edition of the treatise, Business and Commercial Litigation in Federal Courts. He is a member of The American Law Institute.
Attorneys presenting argument
For Strikeforce Technologies
https://www.ropesgray.com/en/biographies/h/do...-driemeier
Douglas Hallward-Driemeier
Partner
Doug, who leads the firm’s Appellate and Supreme Court practice, has presented more than 70 appellate arguments, including 16 times before the U.S. Supreme Court and before every federal circuit court of appeals. He has briefed and argued both civil and criminal matters covering a wide range of subjects and has particular experience in the areas of intellectual property, bankruptcy, the False Claims Act, securities litigation, and antitrust. Doug has also extensive experience litigating issues of concern to companies and foreign governments with international activities, including the Alien Tort Statute, the Foreign Sovereign Immunities Act, and forum non conveniens.
Doug collaborates with colleagues across numerous practice areas. In addition to handling appeals, Doug works closely with trial court colleagues to present the most compelling dispositive motions and to preserve our clients’ rights to appeal if necessary. He routinely consults with clients about avenues for challenging administrative actions and advises clients about the constitutionality of legislation affecting their interests.
Doug rejoined the firm in 2010 after spending more than a decade handling civil appeals and Supreme Court litigation for the U.S. Department of Justice. Between 2004 and 2009, he was an Assistant to the Solicitor General, where he briefed and argued cases on behalf of the United States before the Supreme Court. Doug has argued sixteen cases before the Supreme Court and filed more than 150 briefs in that Court. In 2015, Doug argued before the Supreme Court in the highly-publicized landmark marriage equality case (Obergefell v. Hodges) and in a key bankruptcy case regarding whether an order denying confirmation of a bankruptcy plan is appealable (Bullard v. Blue Hills Bank).
For SecureAuth
https://www.knobbe.com/attorneys/jeremy-anapol
Knobbe Martens attorney Jeremy Anapol
University of California - Los Angeles School of Law (J.D. 2012)
University of California - Berkeley (B.S. Electrical Engineering & Computer Science 2007)
Jeremy Anapol focuses on patent litigation and post-grant proceedings involving computer hardware and software. He also has experience representing clients in antitrust cases, multidistrict litigation, covered business method (CBM) review and inter partes review (IPR) proceedings.
Jeremy's cases have focused on a variety of technologies including computer security, e-commerce, wireless locks, magnetic resonance imaging, and non-invasive monitoring of blood constituents. He has also assisted with the preparation and prosecution of numerous patents involving video compression, voice recognition, audio signal processing, wireless asset tracking, data mining, and cloud computing.
Before joining the firm, Jeremy worked as a software engineer developing web applications. During law school, he spent a semester working for the Honorable R. Gary Klausner at the U.S. District Court for the Central District of California.
********************************************
Unofficial Transcripts. with just a few passages underlined. Reading or listening to the entire presentation is interesting. You can listen to the official court mp3 at,
http://www.cafc.uscourts.gov/oral-argument-re...5Bdate%5D=
https://investorshangout.com/post/view?id=5341148
SFOR Argument transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SFOR: May I please the court. As this court held in Ancora which we addressed in the 28J letter, improving computer security can be non-abstract improvement if done by a specific technique that the parts from earlier approaches to solve a specific computer problem. And that is precisely what we have here. In fact, the analogy between the systems and improvements here and Ancora are very stark.
In Ancora, as here, the problem was the software license was subject to hacking. That’s at 13.44.
Now some systems have tried to improve upon the prior art such as with a unique identification code, and that is true here as well, as in Wesinger patent that is described and disparaged in specification in these patents. Um, the other attempts have been to place the license in a specific place, a non-modifiable ROM. What the claims that were upheld there did was it broke with that traditional approach by placing the license in a different place, in a modifiable part of the memory in the BIOS. That is the same thing as we have here. Prior art systems had, have the problem of all of the identification information coming in through the access channel. Whether it was in-band or whether even it was a partially out-of-band system, in all of those systems the identification information was coming back in through the access channel, which made it particularly susceptible to hacking.
And in a self-authenticating environment , where everybody is, is, really ah, operating in an anonymous fashion and if you have the credentials you look like the real person whether you may be a hacker or not. There was no way to authenticate that the person presenting the credentials was who they said they were.
And so these claims solve that problem by relocating the authentication to a different place, just as was true in Ancora.
In contrast to the other systems where you had either in-band or even partial out-of-band always coming back through the access channel. Here, we have two separate channels. We have the access channel....
Judge: Suppose we were to disagree with you on that and to say that the idea of having two separate channels Is an abstract idea that doesn’t involve the complete , ah, separation, doesn’t involve, ah, an inventive concept. Is there anything about the diversion the interception that is, ah, an inventive concept?
SFOR: I-I think here , your honor, it is true that the specific solution -because here we don’t proport to preempt the notion of complete out-of-band communication or even complete out of band authentication. Because you can have a system in which the accessor initiates the communication with the security computer and establishes the authentication channel, that would not be covered by these claims if it simply at that point goes directly from the security computer to the host computer and says grant access.
Judge: Ok but I understand you are arguing and that that means that there’s not complete preemptions here but, are you arguing that the diversion, the interception is itself an innovative concept?
SFOR: I think that the interception device really underscores the inventive aspect of this because...
Judge: If not in and of itself an innovative concept....
SFOR: Not in and of itself, but what it does is is it underscores that as in {DVR} you are overriding the traditional method in which , uh, uh, identification is verified. In the traditional method it goes straight down the access channel and all you are able to do is establish that the credentials are credentials that match up with authorized credentials; but you are not able to establish that the person presenting those credentials is in fact the authorized user.
What this does is an interception device , I think sort of is the exclamation point , it cuts that off, it overrides that traditional process by sending it off into the separate authentication channel . And then in the separate authentication channel there is specific components that are arranged in a way that allow you to know that the, um, accessor is in fact the authorized accessor. And that’s because you have a predetermined address or telephone number that you reach out to, establish that authentication channel, and the fact that the person answers and is able to supply the predetermined data in response, again through the authentication channel, allows you to know that it is in fact the authorized user.
In fact, unlike with prior art systems which some of which did use biometric data, the use of biometric data in a system in which all the information is coming back through the access channel doesn’t really significantly improve security. Because if you have a hacker there and they capture the biometric data , your fingerprint, all that is is digitized data. It’s the same as any other digitized data that can be replicated by the hacker in a later attempt to access.
If however, you have two physically separate channels, the authentication channel completely, physically, independent of the access channel, then if you use biometric data it’s not going to be captured unless the hacker simultaneously is hacking two different channels at the same time. This way you know that the person is inputting the biometric data in the authentication channel is in fact the authorized user.
It’s those improvements over the prior art that are described and have to be accepted as true at this point- which is a motion to dismiss!
Under Berkenheimer and Atrix - under Vascom it has to be accepted as true. And, And, I think really again as in Ancora the court said, how are we to know whether these are, in fact, improvements over the prior art as they are claiming to be in this specification we have to accept that as true at this point in the litigation.
What the court has consistently advised against is treating the 101 inquiry as though it were 103 lite. And that is particularly the opposite here, because these claims have already survived multiple 103 challenges. There were two IPR’s each with multiple grounds, that were not instituted because the prior art that they had to cobble together -3 or more references - did not disclose all the limitations of these claims.
And so when you have something that is sufficiently robust and inventive, non-obvious, to survive multiple 103 challenges- to allow something to waltz in and say ‘well but it’s a lot like if you try to go into preschool and try to somehow try to map in on to..
Judge: But what they did say was that every step was known and that the combination of steps was known. Maybe , Isn’t that clear as a given? Is it, that these other aspects were set aside?
SFOR: Your Honor, I want to make/be clear the preschool analogy that they use to suggest that all these steps were already known is not our system. In that hypothetical that they give forth, Aunt Sally or whoever the relative is that is coming -all they are able to do is to verify that Aunt Sally has permission to pick up the child. They’re not able to verify Aunt Sally is Aunt Sally. It’s the latter problem that is the real problem of computer technology where you have a man in the middle , the hacker, in the self-authenticating environment. Because whoever comes in and says I’m Aunt Sally looks just like Aunt Sally if they are anonymous.
They’re just ...
Judge: All you need to do is change the hypothetical and ask the parent what Aunt Sally looks like.
SFOR: Well your Honor, But again, I think because of the unique nature of the new technology it could be Aunt Sally’s twin. Aunt Sally has authorization but Aunt Bertha, who is Aunt Sally’s twin, does not. And you can’t distinguish them from their credentials. From the credentials they each have the same drivers license, you can’t distinguish them. That is the true problem of user authentication - authenticating that the person is who they claim to be.
All of the other systems are designed to make sure that the credentials are authorized credentials, they don’t authenticate that the user accessor is the accessor. And that’s what these claims do-precisely because of the particular architecture that they use.
It may be that the elements of it, a router, a security computer, etc are known elements but they are arranged in a way here that allows you to do something that the prior art was not able to do.
It’s that improvement that is claimed.
And again, it is not all out-of-band there are a lots of out-of-band systems that don’t do it the way that are claimed here. In fact, Wesinger is a version of out-of-band it’s partial out-of-band because you send the information out through out-of-band but it comes back through the access channel. And again as I said before it doesn’t even preempt all completely out-of-band systems. But what this completely out-of-band system does, arranged as these elements are arranged, is it allows you to insure the person seeking to access is in fact the authorized accessor.
Judge: What allows you to do it, is the advancement, the capabilities of technology, and what they say, and held, was this that this is just an old idea it’s just we now - that we now are able to implement it.
SFOR: No, your honor, I think that what’s true, I mean again, the sending the PIN out through the mail from the bank example that they give, and then you bring the PIN back in. All the PIN is, is a password, thats the the old art. All the PIN is, is the password because it is coming back in through the authentication channel. You may be an imposter but if you were there when the mail was delivered and you picked up the PIN you are able to use the PIN. So you don’t know whether the person is who they claim to be, only that they have the right credential. What this system does is organize things, especially I think it’s critical again, the physical separation of the channels so that no hacker can get the authenticating information. Because they are not-the hackers in the access channel- they are not in the authentication channel, because there is nothing there there is no information there. They are not in the authentication channel because they are not in the authentication channel, if for example you use the biometric data, the fingerprint, they don’t get it. And you know the accessor is the accessor.
It’s that unique combination, and the specification chooses that language. And in Berkenheimer and Atrix and Vascom the court has said you have to accept these allegations that it is an improvement , it is not a well understood common routine arrangement. It is one that is not, it improves on the prior art and those have to be accepted as true at this point in the process. So at most we would be entitled to a Remand to establish that those facts as alleged in this specification are true!
I think that you can actually resolve this at step one for the reasons I have already said.
I would like to reserve the balance of my time...
Judge: Ok, thank you.... ...let’s hear from Mr, Anapol when you are ready
https://investorshangout.com/post/view?id=5341149
SecureAuth Argument transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SA: If I may please the court. The decision below should be affirmed because the district court correctly held that the focus of these claims here is out-of-band authentication and that idea is not specific to computer technology.
And we can see that from this court’s cases such as SecureMail, Prism, both of which were addressed in the briefs. As well as a case that came out after our briefing was complete [Ausgary, Comrony, November, 2016 -2415] which also dealt with a form of out-of-band authentication.
So, there has been 3 cases where specific ways of performing authentication in a computer network were held to be abstract, and those are the cases that we are relying on. The cases that opposing council, Strikeforce’s council is pointing to , do not relate even to authentication . Their , their just simply not as analogous as the cases we are relying on. And the reason why SecuredMail, Prism, and [Asgary/ Comrony] held the claims there ineligible is because authentication even when using different communication channels is not a computer specific problem. And the use of multiple channels is not a computer specific solution.
Communication channels could be paper mail, they could be telephones, they could be all manners of different communication channels and that’s what our preschool analogy illustrates.
And l’ll note that in Prism and SecuredMail this court relied on analogies to determine that the ideas at issue were not computer specific. And that’s what we have done here.
I do want to address Strikeforce’s criticism of our analogy. They mention this idea of authenticating who Aunt Sally is. I don’t see anything in the claims that require a verification of the identity of a person apart from verifying that they have the correct information. So there is nothing in the claims that reflects this idea of authenticating who Aunt Sally is as opposed of just that , uh , they have the right login identification. And, So I think that that distinction just doesn’t hold water.
I would also like to address Ancora.... So that case, again, found that the claims were not abstract because they were directed to a computer specific solution, to a computer specific problem.
Specifically there was this BIOS memory and it was alleged that the structure of this BIOS memory, which is of course is unique to computers, is what allowed the solution there to prevent hacking.
So specifically the BIOS memory had multiple areas , the BIOS-ROM, and the BIOS Esquared PROM, and that later part is where the license verification structure was stored. And the reason that that provided an improvement to computer security was that the patent explained BIOS, Esquared PROM is more difficult to access , uh, for a programmer , and when you do access it improperly there is a higher risk that the computer will be disabled.
So they are relying on this very specific computer structure, a memory within the computer that has different traits from other memories that make tampering with that memory less likely to be successful for a hacker.
Here we’re re not seeing any structure that is computer specific that’s being relied on to provide the alleged benefits. The supposed resistance to hacking comes from the use of two separate communication channels. Communication channels , as I have said, are not computer specific and using two separate communication channels improves security outside of computers as well.
We saw that in SecuredMail, we saw that in [Ausgary/Comrony], and let me just explain that a little more since it wasn’t in the briefs, since it had not come out yet, why there are two channels at issue there.
So I do want to note that’s a rule 36 afferent so we don’t know what the reasoning of this court was, but we do know.....
Judge: And it’s not precedent!
SA: That’s correct, it’s not precedent but it is persuasive. I believe under federal circuit rule #32.1.
So we what we know is the context of the claim there....
Judge: The rule 36 is persuasive??
SA: It, non-precedential dispositions are persuasive......
Judge: I don’t know remember any case that says a rule 36 disposition is persuasive.
SA: I believe-well, I guess your honor, is of course, free to decide however persuasive you think it is.
But I will just explain what the facts were there, and what the claims said.
The claims said, that you have a central authority, and external....... I’m sorry, central entity , an external entity , and a user.
The user is trying to access the external entity. So they first start a transaction with that entity and then in order to authenticate that transaction they separately communicate with the central entity to get a code. So there is communication between the external entity, that’s one communication path and the user, and communications between the central entity and the user. And those two separate communication paths are both needed to perform the authentication.
But, setting that aside since it is a rule 36 judgement.
Let’s take a look at SecuredMail. Again that’s a case we pointed out uses not just out-of-band authentication but completely out-of-band authorization , which is what Strikeforce is relying on here. And in that case the/a person receives a piece of mail through the normal postal service and then wants to validate or authenticate that mail. And so they initiate a computer connection and over the computer connection you authenticate that the mail is authentic. And that is a bi-directional out-of-band communication channel. Because it’s separate from the paper mail.....
Judge: But you are presenting arguments under 102 or 103 not 101.
SA: No, I disagree your honor......I’m explaining that in these previous cases, SecuredMail, Prism, Ausgary,Comrony, this court found that all the claims were directed to abstract ideas. Not because they are old, and I’m not.......
Judge: But those cases depend on their facts. I know you are drawing analogy of the facts, but the 101 case, the abstract ideas, lines have been drawn as to what it is or isn’t an abstraction.
SA: The point I’m trying to make your honor, is that why made the ideas in those claims abstract is that they did not provide technology specific solutions to a technology specific problem.
So the way that ....
Judge: But you are -inaudible-
in this case technology specific details sufficiently have been provided!
SA: And the details opposing council provides that are allegedly technology specific is this use of two separate channels .
And that is why I’m going into SecuredMail to show that the use of two separate channels to perform authentication is not technology specific. SecuredMail negates the idea they are proposing that the use of two separate channels to perform authentication is technology specific.
Judge: So what would have to be needed the code, the computer code to overcome this gap?
SA: It’s - No, your honor, it’s not a question of inadequate disclosure of the use of two separate channels, it’s that the use of two separate channels itself is not technology specific because the use of communication channels is not limited to computers. And that’s why we provide this analogy to show that the use of multiple channels for authentication is performed outside the computer context. So they would need a completely different focus of their claims. They would need something like exploiting the structural traits of BIOS, as in Ancora, as distinguished from other computer memory - that is a computer specific solution because it arises specifically from the structure of a computer component. Here, there is nothing they are pointing to that arises specifically from the structure of a computer component that they are relying on for the solution.
Judge: The whole focus is computer hacking. I-I’m trying to understand where the line appropriately should be drawn - between the adequacy of overcoming 101 and not doing so.
SA: I think characterizing this as hacking your honor, is too general of a characterization to be useful. What they mean by hacking here is simply intercepting data that is in transit. Right? Intercepting ......
Judge: There, there is no dispute that that is the target.
SA: Sorry
Judge: interception, to avoid interception.
SA: Right, to avoid interception of information being communicated. That problem is not computer specific. Because, information is routinely intercepted in communication channels ......
Judge: Well it is considered computer specific but it’s applying the same concept that exists outside of computers in the computer context.
SA: The word, hacking , is a computer specific word. But I’m saying the substance of what they are using that word to refer to here, interception in a communication channel, is not computer specific. And that’s why they refer to Ancora because Ancora used the word hacking. But it was using that word to refer to something different. It was using that word to refer to tampering with data stored on the computer to obtain rights to run software that you do not own.
So......
Judge: So it would solve the 101 problem if they had exclusively said we were looking at computer hacks?
SA: No your Honor. The..... the word computer....the word hacking in this context simply means ... uh, intercepting communications in communication channel. Which is not computer specific.
Judge: So that......is to say that intercepting computer communications, is that the difference that you are giving?
SA: No, no, no, that’s just a verbal formulation , your honor, I’m talking about the substance of what their pointing to.
Judge: I-I’m trying to get at the substance of where , where it, it’s crystal clear that you are talking about computers and hacking-computer communications. I’m trying to understand the gap between 101 and 103.
SA: 103 is about what is old. 101 is about what is computer specific. And the reason I say that the so-called hacking here is not computer specific is because it’s no different than intercepting communications in a non-computer communication channel. Unlike the hacking in Ancora which was specifically about accessing computer memory and the use of different types of computer memories. So hacking, for...let me also make this point. Hacking is the problem, right? In order to have a non-abstract solution, you need both the problem to be computer specific and the solution. So I- I think for the reasons I have already explained that they don’t have a technology specific problem here...
But I, you know, that’s not the only issue. The other issue is, do they have a computer specific solution? And the answer to that is also, no, because their alleged solution is to use two separate communication channels in case the communications in one channel are intercepted.
And that solution is not specific to computers because it works with paper mail as we saw in SecuredMail. It works with telephones as we see in our preschool analogy.
And so, even if they did have a computer specific problem of hacking. Their way of preventing that hacking is not a computer specific solution. And I do want to also address this interception issue because this is .......
Judge: that, that, that’s ... You, You can’t mean that! You say even if you , if we all agree that this is a computer problem don’t bother looking at computer, uh, issues and solutions?
SA : If they had a computer specific solution , your honor, that would be patent eligible!
Judge: But why does that convert the issue into an abstract idea?
SA: That is the dividing line that this court has identified between abstract ideas and patentable computer specific improvements. So, in Ancora, in Enfish, in [PhenGen], the common trait that links all those cases your honor, is do you have a computer specific solution to a computer specific problem. And they don’t here. And that’s why.....
Judge: But their solution is implemented by computer .
SA: Implementing, an information based solution in a computer environment is not enough. And we pointed to, for example, [intellectual—- vs CapitalOne financial for that proposition, but that’s well established in the case law.
Implement, just as implementing escrow or intermediated settlement in a computer environment, under Alice, didn’t prevent the claims from being abstract.
And that’s what we have here. A communication channel solution that is simply implemented in a computer environment.
I don’t deny that it could be useful. Just as implementing intermediated settlement in a computer environment could be useful but it doesn’t make it computer specific and that is a crucial dividing line in the case law.
Before I run out of time, I just want to address this interception issue.
The agreed construction of interception device is something that prevents the host computer from receiving. That is a purely functional and generic construction and such purely functional and generic elements cannot provide an inventive concept as a matter of law.
I would also like to point out that the interception device does not even have to be separate from the host computer according to Strikeforce itself. For example, at appendix 799. And there’s embodiments that Strikeforce has referred to in its reply brief showing that the interception device and the host computer may be the same device. So to say that the interception device shields the host computer is false because Strikeforce has said that the interception device may be part of the host computer.
And even if that wasn’t the case because its purely functional and generic it cannot provide an inventive concept as a matter of law.
Judge: Ok, Thank you.
https://investorshangout.com/post/view?id=5341150
Sfor Rebuttal transcript -
*Please note that this may have minor errors, however every attempt was made to be as close to exact as spoken by the parties involved in oral arguments.
SFOR: Thank you, your honor. I want to start with the fact that where you have to draw the line. Because as this court has noted, if you draw it at too high a level of generality- exception swallows the rule.
And, and, my opponent suggested that these claims are not about user identification but that fails to recognize the critical feature of these claims.
And I want to just point to several points where that is clear. In this specification; column 2, lines 20-22, it says that the pro.... the technical problem is addressed is that the hacker is in a self-authenticating environment - in other words the hacker appears......
Judge: That’s true. He-He was wrong about that! But uh, the fact is that in the non-computer context we have the same problem with the same solution.
SFOR. Well your honor, as, as, as I think the court, the case that says this best is the recent case we did not cite, its Data- um, Engine Technologies v Google 906 F-3rd 999 , uh, 2018. Uh, which was, came down after briefing.
It cleared that it’s not sufficient just to be able to trace to some, uh, real world analogy- it has to be an apposite one. And here the preschool analogy one is not apposite because in order to actually practice these claims, in every instance when anybody, even if they are on the permitted list comes to pick up the child you would have to call that person’s cell phone which they would have to have in hand to be able to verify that they are in fact the person on the list and an authenticated used- that never happens. So all they are doing is like waving their hands , something looks like it, it’s the precise problem.....
Judge: It sure sounds like something that happens pretty frequently in the real world in the era before computers. Take, take example someone picking cash from a bank with a note from the depositor. And the bank decides to call the depositor on a land line and asks if the person picking it up is an authorized to pick it up. You, you can come up with lots of examples of this dual channel , uh, utility.
SFOR: But once again your honor, what that doesn’t do is authenticate that the person who’s there is in fact the employee as opposed to someone who is masquerading as the employee. And this goes back to....
Judge: But, but you are claiming every method of ident.., authentication, uh, without limit, isn’t that the problem and I think part of the foundation for the decision that this was abstract?
SFOR: Your Honor, what, what, is critical is that these claims- because they reach out- the, the, the separate authentication channel, you can reach out to a cellphone or PDA that’s already identified in the database, and they reach out and the person who answers it has to give back predetermined information .
This is along a second channel so it’s not somebody sitting in the access channel that may have got it before. That is a significantly higher degree of certainty the user is who....
Judge: But, but, in the bank example, the bank example is they put the guy on the phone, I want to listen to his voice to see if this is the, the person that I sent. Voice recognition , same deal.
SFOR: Your Honor, again, the fact that you could conceive of a system in the real world, in the brick and mortar system, uh, that is not sufficient , that was true in [DVR] where you could conceive of a store within a store , but that wasn’t the problem that was being addressed and it didn’t work they same way. In DVR as here, there is the interception you bring it over to the other system -
I just want to say- Quote, this is, um 9, uh, #12 lines 28-33- that reflect, that in a computer network system, in a corporate system, everybody has their user ID and password. Verifying that they are an authenticated user in that sort of first level way is not that significant. What is that significant is verifying - and this is what it says- Authentication of the person seeking access is the most significant!
And that is what these claims do, they improve the other systems by providing a completely physically separate authentication process using all of these elements: the interception device, the security computer, the, ah, subscriber database, the authentication channel that’s completely physically separate - shares no facilities with the access channel. To a pre-determined number where the user has to pre..., input back in, back through the authentication channel, pre-determined data including biometric data.
That system provides a level of, it may be true that no system can give 100% certainty that the user is the user. This system improves it. It’s true in Ancora as well, it wasn’t absolutely, you know, impenetrable, but here as well, what you have done is improve dramatically the security and the ability to identify the user as the user.
At the very least that is what the specification says is true, whether that is or is not factually true is something that should be determined as a matter of fact on remand. Thank you very much.
Judge: Thank you, thank you both. The case is taken under submission
(24)
(0)Zerify Inc (ZRFY) Stock Research Links
There are no guarantees in investing. No one should consider these pages or posts to be financial advice. Everyone has a responsibility to verify and thoroughly learn more than what is referenced or written here, and everyone must take responsibility for their own investing decisions.
Scroll down for more posts ▼