Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Smart Authentication IP, LLC v. Electronic Arts Inc.

United States District Court, N.D. California

September 11, 2019

SMART AUTHENTICATION IP, LLC, Plaintiff,
v.
ELECTRONIC ARTS INC., Defendant.

          ORDER GRANTING DEFENDANT'S MOTION TO DISMISS Re: Dkt. No. 21

          Susan Illston United States District Judge.

         Before the Court is a motion to dismiss brought by defendant Electronic Arts Inc. (“EA”), which seeks a finding that U.S. Patent No. 8, 082, 213 (the “‘213 patent”) is invalid and patent-ineligible under 35 U.S.C. § 101. Dkt. No. 21 (Motion to Dismiss). This matter came on for hearing on August 9, 2019. Having read the papers and heard the parties' arguments the Court hereby GRANTS defendant's motion, finding the ‘213 patent invalid under § 101 and dismisses the complaint with prejudice.

         BACKGROUND

         On December 20, 2011, the ‘213 patent, entitled “Method and System for Personalized Online Security, ” was duly and lawfully issued by the U.S. Patent and Trademark Office. Compl. ¶ 7. Plaintiff, Smart Authentication, is the assignee and owner of the right, title and interest in and to the ‘213 patent. Compl. ¶ 8. The inventions of the ‘213 patent generally relate to methods and systems for multi-factor authentication of users over multiple communications media. Compl. ¶ 9. The ‘213's patent abstract states:

Various embodiments of the present invention provide strong authentication of users on behalf of commercial entities and other parties to electronic transactions. In these embodiments of the present invention, a user interacts with an authentication service provider [“ASP”] to establish policies for subsequent authentication of the user. Thus, in these embodiments of the present invention, a user controls the level and complexity of authentication processes carried out by the authentication service provider on behalf of both the user and commercial entities and other entities seeking to authenticate the user in the course of conducting electronic transactions, electronic dialogues, and other interactions for which user authentication is needed. The policies specified by a user may include specification of variable-factor authentication, in which the user, during the course of an authentication, provides both secret information as well as evidence of control of a tangible object.

Dkt. No. 25-2 at 16 (‘213 Patent).[1] Figure 3 of the ‘213 patent provides a helpful illustration of one of the patent's potential uses. Specifically, it models an interaction between a user, an ASP client, and an ASP. Id. at 5.

         (Image Omitted)

         The ‘213 patent contemplates a user trying to login to the user's account on a website, for example. In order to strengthen the security of the user's login credentials and protect the user's information, the user could be prompted to select an alternative form of authorization confirmation. The user could select to confirm her authorization via a secondary medium, including, but not limited to, a text message on her cell phone or an email. The secondary authenticating medium would occur outside the purview of the initial login credentials. This second form of authentication confirms the user's identity.

         Prior to filing the instant action, Smart Authentication was engaged in proceedings before the Patent Trial and Appeal Board. Claim 11 emerged as the sole remaining claim following an inter partes review (IPR). Dkt. No. 21 at 10, Footnote 2 (Motion to Dismiss); see also Dkt. Nos. 25-3 and 25-4 (Decision on Appeal and Final Written Decision, respectively, attached to the Shekhar Vyas Declaration in Support of Opposition). Claim 11 is dependent upon claims 1, 9, and 10 (all of which were invalidated in the IPR). The relevant claims read:

1. A user-authentication service implemented as routines that execute one or more computer systems interconnected by two or more communications media with both an authentication-service client, and a user, the user-authentication service comprising:
the one or more computer systems;
stored user-authentication policies specified by the user;
stored user information;
account interface routines that implement an account interface by which the user specifies, modifies, adds, and deletes user-authentication policies; and
authentication-interface routines that implement an authentication interface by which, following initiation of a transaction by the user with the authentication service client, the authentication-service client submits an authentication request, through the first communications medium or through a second communications medium, to authenticate the user, the authentication interface routines employing a variable-factor authentication, when specified to do so by stored user-authentication policies, to authenticate the user on behalf of the authentication-service client during which the user communicates with the user-authentication service through a third communications medium different from the first and second communications media and a user device different from that employed by the user to initiate the transaction with the authentication-service client.
9. The user-authentication service of claim 1 wherein a user-authentication policy specifies one or more of: constraints and parameters associated with user- authentication processes carried out by the user-authentication service on behalf of one or more, specified authentication-service clients.
10. The user-authentication service of claim 9 wherein constraints include one or more of:
geographical constraints;
time-of-day constraints;
date constraints;
communications -medium-related constraints;
user-authentication service actions; and
event constraints.
11. The user-authentication service of claim 10 wherein user-authentication service actions include one or more of:
halting authorization service after detecting a specified event;
employing particular types of user-authentication ...

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.