Strikeforce Technologies, Inc. v. Secureauth CorporationBRIEFC.D. Cal.October 30, 20171 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Allan Gabriel, SBN: 76477 agabriel@dykema.com Abirami Gnanadesigan SBN: 263375 agnanadesigan@dykema.com DYKEMA GOSSETT LLP 333 South Grand Ave Suite 2100 Los Angeles, CA 90071 Tel.: (213) 457-1800 Fax: (213) 457-1850 Samuel L. Brenner samuel.brenner@ropesgray.com California Bar ID No. 268087 ROPES & GRAY LLP 800 Boylston Street Boston, MA 02199 Tel.: (617) 951-7120 Fax: (617) 951-7050 Matthew J. Rizzolo Matthew.rizzolo@ropesgray.com Admitted pro hac vice ROPES & GRAY LLP 2099 Pennsylvania Avenue, NW Washington, DC 20006-6807 Tel.: (202) 508-4600 Fax: (202) 508-4650 Rebecca R. Carrizosa rebecca.carrizosa@ropesgray.com California Bar ID No. 252837 ROPES & GRAY LLP 1900 University Avenue, 6th Floor East Palo Alto, CA 94303 Tel.: (650) 617-4000 Fax: (650) 617-4050 Richard T. McCaulley, Jr richard.mccaulley@ropesgray.com Admitted pro hac vice ROPES & GRAY LLP 191 North Wacker Drive Chicago, IL 60606 Tel.: (312) 845-1200 Fax: (312) 845-5500 UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF CALIFORNIA STRIKEFORCE TECHNOLOGIES, INC., Plaintiff, v. SECUREAUTH CORPORATION, Defendant. Case No.: 2:17-cv-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Hon. John A. Kronstadt Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 1 of 30 Page ID #:2891 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 - i - CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM TABLE OF CONTENTS Page I. INTRODUCTION ............................................................................................... 1 II. BACKGROUND ................................................................................................. 2 A. The Technology of the Asserted Patents .................................................. 2 B. Prior Proceedings ...................................................................................... 7 III. ARGUMENT ...................................................................................................... 8 A. Like The Massachusetts Court, This Court Should Reject The Attempt To Limit The Claims To A System Operating “Without Reference To A Host Computer . . . ” As Contrary To Law .................... 8 1. StrikeForce’s construction of “security computer” is consistent with the Massachusetts court’s reasoning, while SecureAuth’s is contrary to law and consensus.............................. 9 2. StrikeForce’s construction of “multichannel security system” / “security system” is consistent with the Massachusetts court’s construction, while SecureAuth’s is not ................................................................................................. 12 B. The Term “Authentication Program” (’698 Claim 20) Is Not Subject To 35 U.S.C. § 112(6) And Should Be Given Its Plain And Ordinary Meaning ........................................................................... 15 C. The Court Should Reject SecureAuth’s Attempts To Improperly Narrow The Claims Through Its Flawed Application Of 35 U.S.C. § 112(6) ................................................................................................... 16 1. “Authentication program mechanism . . . for authenticating [said/an] accessor demanding access to said host computer” (’599 claims 7, 11, 18; ’701 claims 7, 11, 18) .............................. 18 2. “Component for receiving the transmitted data and comparing said transmitted data to predetermined data…” (’698 claim 54) .............................................................................. 21 3. “Prompt [means/mechanism] for . . . ” (’599 claims 1, 11, 18; ’701 claims 1, 11, 18) ............................................................. 23 4. “Biometric analyzer” (’599 claims 7, 11, 17, 18, 19, 28, 31; ’701 claims 11, 18) ....................................................................... 24 IV. CONCLUSION ................................................................................................. 25 Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 2 of 30 Page ID #:2892 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 - ii - CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM TABLE OF AUTHORITIES Page(s) CASES Affymetrix, Inc. v. Hyseq, Inc., 132 F. Supp. 2d 1212 (N.D. Cal. 2001) (same) ...................................................... 15 Aloft Media, LLC v. Adobe Sys. Inc., 570 F. Supp. 2d 887 (E.D. Tex. 2008) ................................................................... 15 Am. Med. Sys. v. Biolitec, Inc., 618 F.3d 1354 (Fed. Cir. 2010) ........................................................................ 12, 13 Aristocrat Techs. Australia Pty Ltd. v. Int’l Game Tech., 521 F.3d 1328 (Fed. Cir. 2008) .............................................................................. 19 Asyst Techs., Inc. v. Empak, Inc., 268 F.3d 1364 (Fed. Cir. 2001) ............................................................ 17, 20, 23, 24 B. Braun Med., Inc. v. Abbott Labs., 124 F. 3d 1419 (Fed. Cir. 1997) ............................................................................. 16 Catalina Mktg. Int’l, Inc. v. Coolsavings.com, Inc., 289 F.3d 801 (Fed. Cir. 2002) ................................................................................ 12 Every Penny Counts, Inc. v. Am. Express Co., 563 F.3d 1378 (Fed. Cir. 2009) .............................................................................. 11 Helmsderfer v. Bobrick Washroom Equip., Inc., 527 F.3d 1379 (Fed. Cir. 2008) .............................................................................. 17 Intirtool, Ltd. v. Texar Corp., 369 F.3d 1289 (Fed. Cir. 2004) .............................................................................. 14 Juxtacomm-Texas Software, LLC v. Axway, Inc., No. 6:10CV11, 2011 WL 6102057 (E.D. Tex. Dec. 7, 2011) ............................... 15 Kara Tech. Inc., v. Stamps.com Inc., 582 F.3d 1341 (Fed. Cir. 2009) .............................................................................. 16 Karlin Tech. Inc. v. Surgical Dynamics, Inc., 177 F.3d 968 (Fed. Cir. 1999) ................................................................................ 16 Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 3 of 30 Page ID #:2893 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 - iii - CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Lexington Luminance LLC v. Amazon.com Inc., 601 F. App’x 963 (Fed. Cir. 2015) ........................................................................... 7 Lockheed Martin Corp. v. Space Sys./Loral, Inc., 324 F.3d 1308 (Fed. Cir. 2003) .............................................................................. 21 Micro Chem., Inc. v. Great Plains Chem. Co., 194 F.3d 1250 (Fed. Cir. 1999) ...................................................... 17, 19, 23, 24, 25 MPHJ Tech. Invs., LLC v. Ricoh Ams. Corp., 847 F.3d 1363 (Fed. Cir. 2017) .............................................................................. 10 O2 Micro Int’l Ltd. v. Beyond Innovation Tech. Co., 521 F.3d 1351 (Fed. Cir. 2008) .............................................................................. 11 Phillips v. AWH Corp., 415 F.3d 1303 (Fed. Cir. 2005) .............................................................................. 20 Pitney Bowes, Inc. v. Hewlett-Packard Co., 182 F.3d 1298 (Fed. Cir. 1999) ........................................................................ 12, 13 Vitronics Corp. v. Conceptronic, Inc., 90 F.3d 1576 (Fed. Cir. 1996) ................................................................................ 17 Vizio, Inc. v. Int’l Trade Comm’n, 605 F.3d 1330 (Fed. Cir. 2010) .............................................................................. 12 Wenger Mfg., Inc. v. Coating Mach. Sys., Inc., 239 F.3d 1225 (Fed. Cir. 2001) .............................................................................. 17 Williamson v. Citrix Online, LLC, 792 F.3d 1339 (Fed. Cir. 2015) ........................................................................ 15, 16 STATUTES 35 U.S.C. § 112(6) ............................................................... 2, 15, 16, 17, 18, 21, 23, 24 OTHER AUTHORITIES Authoritative Dictionary of IEEE Standards Terms .................................................... 15 Newton’s Telecom Dictionary ............................................................................... 10, 15 Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 4 of 30 Page ID #:2894 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 - iv - CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM TABLE OF ABBREVIATIONS Plaintiff StrikeForce Technologies, Inc. “StrikeForce” SecureAuth Corporation “SecureAuth” U.S. Patent Nos. 7,870,599, 8,484,698 and 8,713,701 “the Asserted Patents” U.S. Patent No. 8,713,701 “the ’701 patent” U.S. Patent No. 8,484,698 “the ’698 patent” U.S. Patent No. 7,870,599 “the ’599 patent” Corresponding Exhibit to the Declaration of Samuel Brenner, filed concurrently herewith “Ex. __” Person of Ordinary Skill in the Art “POSITA” ** All emphasis is added and citations removed unless otherwise indicated. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 5 of 30 Page ID #:2895 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 - 1 - CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Plaintiff StrikeForce Technologies, Inc. (“StrikeForce”) respectfully submits this opening claim construction brief. I. INTRODUCTION The parties dispute seven claim constructions that fall into three distinct categories. Notably, in the Joint Claim Construction and Prehearing Statement, SecureAuth proposed that the Court adopt the Delaware Court’s construction of “host computer.” But on the afternoon of October 27, 2017, SecureAuth informed StrikeForce that it now agrees to StrikeForce’s (and the District of Massachusetts’) construction of that term, so it is no longer disputed. The first category of disputed terms includes the preamble terms “security system” and “multichannel security system,” which the District of Massachusetts recently confirmed to be non-limiting in an “early Markman” proceeding in a case against other parties. This first category also includes an additional term—“security computer”—to which the Massachusetts court’s analysis directly applies. While StrikeForce’s proposed constructions for all these terms are consistent with the Massachusetts court’s detailed analysis and rulings based on the intrinsic evidence and applicable law, SecureAuth’s are not. Rather, SecureAuth rejects a selected one of the Massachusetts court’s constructions, and advocates instead for adoption of the flawed construction (and analysis) found in the earlier District of Delaware claim construction order. But the Massachusetts court examined that earlier Delaware court construction and rejected it, determining it was inconsistent with the intrinsic evidence and contrary to Federal Circuit precedent. In particular, the Massachusetts court recognized that the Delaware court improperly limited the preambles at issue, reading into the claims language that appears nowhere in the specification, and is indeed unnecessary in light of the structural elements explicitly recited. This Court, like the Massachusetts court, should reject SecureAuth’s proposed constructions. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 6 of 30 Page ID #:2896 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 2 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM The second category includes just one term—“authentication program.” For this term, the parties dispute whether 35 U.S.C. § 112(6) applies. As the Federal Circuit has explained, where, like here, a term does not use the word “means,” it is presumed not to be subject to § 112(6). Despite this, SecureAuth contends that it should be, despite there being no valid reason to override the presumption here. This term is not a means-plus-function limitation and should be given its plain and ordinary meaning because it is not subject to lexicography and, just as a lay juror would understand what a word processing program or an email program are, a lay juror would understand what an “authentication program” is. The third category comprises terms that the parties agree are subject to 35 U.S.C. § 112(6), but for which the parties disagree about the corresponding function and/or structure. StrikeForce’s proposed constructions are consistent with and encompass all disclosed embodiments, including the Fig. 10, 11, and 13 embodiments found by the Massachusetts court to be within the scope of the claims. SecureAuth, in contrast, ignores disclosed embodiments and otherwise impermissibly attempts to narrow the claims. Because StrikeForce’s constructions are consistent with, and indeed mandated by, the intrinsic evidence and Federal Circuit precedent, they should be adopted. SecureAuth’s should not. II. BACKGROUND A. The Technology of the Asserted Patents The Asserted Patents disclose systems and methods for authenticating a user seeking access to a restricted computer resource using an out-of-band security system. Ex. 1, 1:16-22. In each of the four disclosed embodiments, two different forms of user-entered information are utilized. The first is typically a user’s login information, whereas the second is information used to authenticate that user (such as through a PIN or passcode). This type of system implements “two-factor authentication” because the system authorizes the user request for access using two Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 7 of 30 Page ID #:2897 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 3 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM forms of information. To enhance security even further, these two forms of information are communicated using different pathways (or “channels”). These two- channel systems are referred to as “out of band” authentication systems. As the Asserted Patents explain, according to an aspect of the Invention, a user first attempts to access a host computer (e.g., a banking website) and transmits his or her login credentials (e.g., a user name and password) through an access channel (e.g., using an Internet connection). This request to access the host computer is intercepted and the user’s credentials are verified by a security computer. E.g., id., 4:10-18. Once the user has been verified, the security computer establishes an “out- of-band” communication channel with the user via a different authentication channel (e.g., by calling the user’s mobile phone over a cellular network). Id. Using that second authentication channel, the user provides additional information that is used to authenticate the user for access. Id. This use of separate channels protects against a hacker who has gained access to the access channel, but not the authentication channel. Thus, through implementation of a novel, two-channel system that utilizes a different channel for authentication than for access, the Asserted Patents provide a more secure system than those described in the prior art. See generally id., 2:56-3:1 (discussing inadequacies of prior art in-band and out-of-band systems); 5:45-55 (distinguishing single-channel prior art systems where “[b]oth the USER ID and the voice password are sent along the same pathway and any improper accessor into this channel has the opportunity to monitor and/or enter both identifiers”). The four exemplary embodiments of the Asserted Patents are shown in Figs. 1A, 10, 11, and 13. In the first—referred to herein as the “Fig. 1A WAN embodiment”—the security system is used within a wide area network (“WAN”), such as when a remote user uses the Internet to access a host computer located within an organization’s network. Id., 6:6-35, 8:54-12:2. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 8 of 30 Page ID #:2898 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 4 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM In this embodiment, for example, user 24 attempts to access a web page 32 located at a host computer or web server 34 in a first/access channel using computer 22. Id., Fig. 1A, 6:6-18. In response to that request, the host computer 34 requests that the user enter a user identification and password. Id., 9:4-10. This information is diverted by router 36 to out-of-band security network 40 in a second/authentication channel. Security computer 40 uses the authentication channel to authenticate the user. Id., Fig. 1A, 6:13-19. The second embodiment—referred to herein as the “Fig. 10 LAN embodiment”—is similar to the first embodiment, except that the invention operates within a local area network (“LAN”). Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 9 of 30 Page ID #:2899 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 5 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Here, for example, a user is already within an organization’s internal network but seeks access to a more secure host computer (or a restricted portion of a host computer) on the same network. Id., 12:3-40. In other words, this embodiment covers the example in which the user and user’s computer are within the same network as the host computer (e.g., a corporate network). Id., 5:66-6:3. “[W]hen user 224 requests access to a high security database 232 located at a host computer 234 through computer 222, the request-for-access is diverted by a router 236 internal to the corporate network 238 to an out-of-band security network 240.” Id., 12:21-25. From that point, the security computer authenticates the user in the out-of-band authentication channel in a manner similar to that described for the Fig. 1A WAN embodiment. Id., 12:31-35. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 10 of 30 Page ID #:2900 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 6 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM The third embodiment (Fig. 11) includes a cellular telephone in the authentication channel capable of receiving a biometric identifier (e.g., fingerprint) from the user. Id., FIG. 11, 5:25-27, 12:41-67. In this example, after initial verification, the user communicates over the authentication channel and is prompted to enter a password and biometric identifier. Id., 13:59-63. In the fourth embodiment (Fig. 13), out-of-band authentication is performed using a personal digital assistant (PDA) or cellular telephone through a wireless network as the authentication channel. Id., Fig. 13, 13:32-42. As described in the Asserted Patents, in this example, the security computer can thus communicate with a PDA over the wireless network in an “authentication channel” mode for out-of-band authentication and can receive the user’s ID over the Internet in an “access channel” mode. Id., 13:48-64. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 11 of 30 Page ID #:2901 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 7 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM B. Prior Proceedings Certain of the Asserted Patents have been involved in prior litigation in which claims have been construed on two occasions. In 2014, in the PhoneFactor case, the Delaware court construed sixteen claim terms (seven of which are at issue here) (Ex. 5), adopting in part the Magistrate’s Report and Recommendation (Ex. 4). Then, in August 2017, the District of Massachusetts construed three groups of terms in a different case—including “multichannel security system” / “security system,” which are at issue here, as well as “host computer.” Ex. 6.1 These construed terms had been construed previously in the Delaware proceedings. In its decision, the Massachusetts court rejected the Delaware court’s construction of “multichannel security system” / “security system” (and “host computer”), finding the prior constructions to be improperly narrow and unsupported.2 Unlike the Delaware court, the Massachusetts court did “not construe the preamble’s recitation of a ‘multichannel security system’ / ‘security system’ as a claim limitation” because it “agree[d] with StrikeForce that the claim elements set out the comprehensive constituent components or steps of the claim systems and methods independent of the disputed preamble terms.” Id. at 23-24. In refusing to limit the preambles to a security system that “operates without reference to a host computer,” the Massachusetts court noted that inserting this language into the specification would be “confusing.” Id. at 24. 1 This Order was issued as part of “early Markman” proceedings requested by the parties; a subsequent Markman process may cover additional terms, if any are disputed. 2 Because none of the prior cases was litigated to a final judgment, the prior claim construction orders have no preclusive effect and each district court must perform a claim analysis independent of another court’s claim constructions. See Lexington Luminance LLC v. Amazon.com Inc., 601 F. App’x 963, 969 (Fed. Cir. 2015). Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 12 of 30 Page ID #:2902 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 8 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM In addition, the Massachusetts court rejected the Delaware court’s construction of “host computer.” While the Delaware court determined that “the asserted claims are directed to accessing the host computer itself, not ‘protected data’ on the host computer” (Ex. 4 at 14), the Massachusetts court recognized that, consistent with all disclosed embodiments, a construction of “host computer” must “encompass seeking access to a restricted portion of a computer.” Ex. 6 at 11; see also id. at 10 (“In all the embodiments of the patents, a user may attempt to access a specific portion of a computer rather than the undivided system.”). By explicitly looking to all disclosed embodiments for the proper construction of “host computer,” the Massachusetts court implicitly recognized that the claims encompass all disclosed embodiments. While SecureAuth now agrees with StrikeForce’s and the Massachusetts’ court’s construction of “host computer,” SecureAuth disagrees with StrikeForce (and the Massachusetts court) about whether the claimed security system must operate “without reference to a host computer.”3 III. ARGUMENT A. Like The Massachusetts Court, This Court Should Reject The Attempt To Limit The Claims To A System Operating “Without Reference To A Host Computer . . . ” As Contrary To Law SecureAuth asks the Court to import a limitation that various elements of the claims operate “without reference to the host computer or any database in a network that includes the host computer,” proposing that this language be included in the construction of “security computer” or, if this Court rejects its construction for “security computer,” through the construction of preamble terms “multichannel security system” / “security system.” See Dkt. No. 119, at 21. 3 The parties’ proposed constructions (including agreed-upon constructions) are set forth in Dkt. No. 119. Subsequent to the submission of Dkt. No. 119, SecureAuth agreed to StrikeForce’s construction of “host computer.” Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 13 of 30 Page ID #:2903 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 9 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM The Delaware court incorporated the “without reference” limitation into the claim preambles. See Ex. 4 at 53 (construing “a multichannel security system / an out-of-band computer security system / a security system”). The Massachusetts court, however, correctly rejected the prior Delaware construction because the preamble terms are not limiting and the out-of-band nature of the claims “is already captured by the incorporation of that construction in the construction of the access and authentication channels.” Ex. 6 at 24. The construction of “access channel” and “authentication channel” referred to by the Massachusetts court is the same construction agreed to by the parties here. Compare Ex. 6 at 22 with Dkt. No. 119, at 2. This Court should reject SecureAuth’s attempt to limit the claims improperly through its proposed construction of “security computer.” 1. StrikeForce’s construction of “security computer” is consistent with the Massachusetts court’s reasoning, while SecureAuth’s is contrary to law and consensus The parties agree with the Delaware Court that a security computer is “a computer in the authentication channel that can grant authenticated users access to but is isolated from the host computer.” Ex. 4 at 52. The parties, however, dispute how the term “isolated” in this construction should be understood. StrikeForce agrees with the Delaware court that “being isolated does not mean having no connections at all.” Ex. 5 at 5. And StrikeForce is not the only party to agree with the Delaware court on this issue—all parties in four other related litigations have since agreed on this very interpretation. See Ex. 12, App. A; Ex. 13 at 3. But, despite this widespread agreement, SecureAuth now stands alone in arguing that “isolated” should be construed to mean “that the security computer operates without reference to the host computer or any database in a network that includes the host computer.” SecureAuth’s construction should be rejected. SecureAuth’s construction is based on one of the fundamental errors made by the Delaware court (albeit in the context of a different claim term)—an error that the Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 14 of 30 Page ID #:2904 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 10 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Massachusetts court recognized and corrected. In particular, the Delaware court relied extensively on language that appeared only in an abandoned parent application to argue that the preambles should limit the claims to “a system that operates without reference to the host computer or any database in a network that includes the host computer.” Ex. 4 at 24-25, nn 87-90 (citing Ex. O).4 The Massachusetts court did not so find, and concluded that the preambles are non-limiting. Ex. 6 at 24. Despite the fact that the Massachusetts court did not adopt the Delaware preamble constructions, SecureAuth now attempts to import the same “without reference” language through its construction for “security computer.” This would be incorrect for at least two reasons. First, during prosecution the Inventor removed the “without reference” language from the parent specification and replaced it with the definition of “out-of- band” from Newton’s Telecom Dictionary. See Ex. 10 (comparison of corresponding passages from Ex. 8 and Ex. 1). The removal of such language is significant and it would be error to re-introduce this language into the claims. See MPHJ Tech. Invs., LLC v. Ricoh Ams. Corp., 847 F.3d 1363, 1369 (Fed. Cir. 2017) (“[I]t is the deletion from the ’798 Provisional application that contributes understanding of the intended scope of the final application. We conclude that a person of skill in this field would deem the removal of these limiting clauses to be significant.”). In fact, the language “without reference” appears nowhere else in the intrinsic record and construing “security computer” in this way. the term as such would just add to, rather than resolve, any confusion because it would require further interpretation of the words “without reference.”5 The Federal Circuit has repeatedly confirmed that this should 4 Ex. O corresponds to StrikeForce’s Ex. 9 in the present briefing with consistent page numbers. 5 Indeed, Judge Andrews’ clarification that “isolated” does not mean having no connections was made in response to StrikeForce’s objections that “isolated” could be interpreted to exclude connections allowing communications between the host computer and security computer. See Ex. 5 at 5. Removing Judge Andrews’ clarification and introducing the “without reference” language would re-raise that very problem Judge Andrews sought to resolve. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 15 of 30 Page ID #:2905 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 11 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM be avoided. See O2 Micro Int’l Ltd. v. Beyond Innovation Tech. Co., 521 F.3d 1351, 1360 (Fed. Cir. 2008); see also Every Penny Counts, Inc. v. Am. Express Co., 563 F.3d 1378, 1383 (Fed. Cir. 2009) (discussing a district court’s obligation to ensure that a party’s construction has a fixed and clear meaning before adopting it). Second, the removed language relied upon by SecureAuth appears in connection with the definition of “out-of-band,” not the definition of “security computer.” See Ex. 8 at SF588 (“an ‘out-of-band’ operation is defined as one conducted without reference…”). The Inventor never stated that a “security computer” is a device that could operate only in an out-of-band system , not in an in- band system. Thus, even if the Inventor had not removed the “without reference” language during prosecution, it would still be error to introduce that language into the definition of “security computer.” And to the extent SecureAuth seeks to import this “without reference” language into the claims in order to re-enforce the out-of-band nature of the invention, this (as with the preamble) would be redundant to other limitations of the claims, and only adds confusion. The claims are already limited to “out-of-band” systems through their explicit recitation of an access (or first) channel (i.e., the in-band channel) and an authentication (or second) channel (i.e., the out-of- band channel). Indeed, the parties’ agreed-to constructions for these terms already address the separateness and distinctness of these channels. Similarly, the agreed-to portion of the “security computer” construction already specifies that it resides in the distinct “authentication channel.” Finally, what it means for the security computer to operate “without reference to the host computer” is not clear. To the extent that SecureAuth will contend that there can be “no contact” between the security computer and, for example, the host computer, this would contradict the specification (as was confirmed by the Delaware court (Ex. 5 at 5). For example, the specification discloses that the security computer (via a channel control module) can send messages to the host computer. See, e.g., Ex. 1 at 11:37-46. Thus, there is no basis to add in the additional “without reference” Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 16 of 30 Page ID #:2906 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 12 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM language, particularly given the Inventor’s removal of this language during prosecution. 2. StrikeForce’s construction of “multichannel security system” / “security system” is consistent with the Massachusetts court’s construction, while SecureAuth’s is not SecureAuth’s position on whether the preamble terms are limiting is nebulous. If the Court adopts its construction of “security computer,” SecureAuth apparently agrees with StrikeForce (and the District of Massachusetts) that the preambles are not limitations. If, however, the Court does not adopt its construction of “security computer,” SecureAuth only then contends that preambles are now limitations that need to be construed. This makes no sense—a preamble is either limiting or it is not. Whether it is limiting does not turn on whether the Court construes another term to a party’s liking. Here, the preambles are decidedly not limitations. A preamble typically is not a limitation. Am. Med. Sys. v. Biolitec, Inc., 618 F.3d 1354, 1358-59 (Fed. Cir. 2010). To be limiting, the preamble must be “necessary to give life, meaning, and vitality” to the claim. Pitney Bowes, Inc. v. Hewlett-Packard Co., 182 F.3d 1298, 1305 (Fed. Cir. 1999) (quoting Kropa v. Robie, 187 F.2d 150, 152 (C.C.P.A. 1951)). A preamble is not limiting, however, “where a patentee defines a structurally complete invention in the claim body and uses the preamble only to state a purpose or intended use for the invention.” Vizio, Inc. v. Int’l Trade Comm’n, 605 F.3d 1330, 1340 (Fed. Cir. 2010) (quoting Rowe v. Dror, 112 F.3d 473, 478 (Fed. Cir. 1997). A court should “review . . . the entire []. . . patent to gain an understanding of what the inventors actually invented and intended to encompass by the claim.” Catalina Mktg. Int’l, Inc. v. Coolsavings.com, Inc., 289 F.3d 801, 808 (Fed. Cir. 2002) (citations omitted). Here, as the Massachusetts court recognized (and the Delaware court failed to address), the “claim elements set out the comprehensive constituent components or steps of the claim systems and methods independent of the disputed preamble terms.” Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 17 of 30 Page ID #:2907 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 13 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Ex. 6 at 23-24. The bodies of the asserted claims make clear that the claims cover a “multichannel” system that performs security. Specifically, the body of each claim recites an “access channel” (or “first channel”) and an “authentication channel” (or “second channel”) that is used to perform security operations—i.e., multiple channels. Thus, the reference to a “multichannel security system” in the preambles does not give “life, meaning, [or] vitality” to the claims because the body of the claims themselves define the invention as a multichannel security system. See Pitney Bowes, 182 F.3d at 1305. In other words, “the claim body describes a structurally complete invention such that deletion of the preamble phrase does not affect the structure or steps of the claimed invention.” Am. Med. Sys., 618 F.3d at 1358-59 (quoting Catalina, 289 F.3d at 809). At best, the preamble “merely gives a descriptive name to the set of limitations in the body of the claim that completely set forth the invention.” Id. at 1359 (quoting IMS Tech., Inc. v. Haas Automation, Inc., 206 F.3d 1422, 1434-35 (Fed. Cir. 2000)). The Delaware court did not apply this precedent, finding instead that “[t]he Federal Circuit . . . has found ‘clear reliance on the preamble during prosecution to distinguish the claimed invention from the prior art transforms the preamble into a claim limitation because such reliance indicates use of the preamble to define, in part, the claimed invention.’” Ex. 4 at 23 (quoting Catalina Mktg., 289 F.3d at 808). The Delaware court then determined that the Inventor relied on the preambles to distinguish prior art because the Inventor explained that certain references did not teach “out-of-band” authentication. See id. at 24-26. But the Inventor’s statements do not show “clear reliance” on the preambles at issue to distinguish prior art. For example, the Delaware court relied extensively on statements made by the Inventor in a prior, abandoned application. See Ex. 4 at 24-25, nn. 87-90 (citing Ex. O).6 The cited statements, however, relate to an abandoned claim that is fundamentally 6 Ex. O corresponds to StrikeForce’s Ex. 9 in the present briefing with consistent page numbers. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 18 of 30 Page ID #:2908 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 14 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM different than the claims at issue here. Significantly, the abandoned claim, unlike the asserted claims, does not mention channels in the body of the claim. Compare Ex. 9 at SF646-47 (abandoned claim 1) with Ex. 1, claim 1 (reciting access/authentication channel in claim body), Ex. 2, claim 1 (reciting first/second channel in claim body) and Ex. 3, claim 1 (reciting access/authentication channel in claim body). Moreover, where the Inventor distinguished prior art in the context of issued claims at issue here, he relied upon the recitation of multiple channels in the body of the claims, not the language of the preamble. See Ex. 7 at SF1006 (distinguishing Maes reference because “the Universal Card is authenticated with the PDA in the access channel, whereas in the rejected claims, the authentication is via an out-of- band authentication network”); Id. at SF1009 (distinguishing Tuai reference that discloses an authentication process occurring in the access channel, and, thus, “there is no out-of-band authentication channel separate from the access channel”); see also Intirtool, Ltd. v. Texar Corp., 369 F.3d 1289, 1295-96 (Fed. Cir. 2004) (holding preamble not limiting where statements from the prosecution history could be interpreted as relating to structural limitations set forth in the body of the claim) (citing Catalina Mktg., 289 F.3d at 808). Finally, as the Massachusetts court recognized, “that the claimed systems or methods are ‘out-of-band’ is already captured by the incorporation of that requirement in the construction of the access and authentication channels.7 Inserting the same limitation into the preamble, but using different words, is both redundant and confusing.” Ex. 6 at 24 (citing O2 Micro, 521 F.3d at 1362). Indeed, SecureAuth’s proposal—requiring that the security system operate “without reference to a host computer”—only creates more ambiguity because the words “without reference” appear nowhere in the specification. 7 The parties here agree that the Court should adopt the Massachusetts court’s construction of “access channel” and “authentication channel.” Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 19 of 30 Page ID #:2909 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 15 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM B. The Term “Authentication Program” (’698 Claim 20) Is Not Subject To 35 U.S.C. § 112(6) And Should Be Given Its Plain And Ordinary Meaning The term “authentication program”—unaccompanied by “means” or “mechanism”—appears in ’698 claim 20. The absence of the word “means” creates a presumption that § 112(6) does not apply. Williamson v. Citrix Online, LLC, 792 F.3d 1339, 1348 (Fed. Cir. 2015). SecureAuth, however, asserts that this term is subject to § 112(6), on the apparent assumption that “program” does not connote sufficient structure. Not so. In contrast to the terms “means” and “mechanism,” dictionary definitions confirm that “program,” by itself, connotes sufficient structure. For example, The Authoritative Dictionary of IEEE Standards Terms defines “program” to mean “a prepared sequence of instructions to the system to accomplish a defined task.” Ex. 13 at 874. Similarly, Newton’s Telecom Dictionary defines “program” as “instructions given to a computer or automated phone system to perform certain tasks.” Ex. 14 at 638. Such instructions would be stored in memory, and thus, a “program” is executable computer code that exists as a physical structure that is embodied on a physical medium such as a memory storage device, thereby connoting sufficient structure to avoid application of § 112(6). See Juxtacomm-Texas Software, LLC v. Axway, Inc., No. 6:10CV11, 2011 WL 6102057 at *12 (E.D. Tex. Dec. 7, 2011) (determining that “executable code” has sufficiently definite structure to avoid application of § 112(6)); Aloft Media, LLC v. Adobe Sys. Inc., 570 F. Supp. 2d 887, 898 (E.D. Tex. 2008) (determining “computer code” has sufficiently definite structure to avoid application of § 112(6)); Affymetrix, Inc. v. Hyseq, Inc., 132 F. Supp. 2d 1212, 1232 (N.D. Cal. 2001) (same). Thus, “authentication program,” like a word processing program, is a type of program that can be run on a computer or computers. Moreover, the doctrine of claim differentiation confirms that recitation of an “authentication program” without the word “means” or “mechanism” demonstrates Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 20 of 30 Page ID #:2910 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 16 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM that the Inventor did not intend for ’698 claim 20 to be governed by § 112(6). In contrast to ’698 claim 20, claims 7, 11, and 18 of each of the ’599 and ’701 patents recite “authentication program means” or “authentication program mechanism.” Because the patentee chose not to use “means” or “mechanism” here, in contrast to the ’599 and ’701 patents, § 112(6) should not apply. See Karlin Tech. Inc. v. Surgical Dynamics, Inc., 177 F.3d 968, 971-72 (Fed. Cir. 1999) (explaining doctrine of claim differentiation as “based on the common sense notion that different words or phrases used in separate claims are presumed to indicate that the claims have different meanings and scope”); see also Kara Tech. Inc., v. Stamps.com Inc., 582 F.3d 1341, 1347 (Fed. Cir. 2009) (applying doctrine of claim differentiation across related patents). Ultimately, when the Inventor wanted to invoke § 112(6), he used the term “means.” Thus, § 112(6) does not apply here and the Court should give the term its plain and ordinary meaning.8 C. The Court Should Reject SecureAuth’s Attempts To Improperly Narrow The Claims Through Its Flawed Application Of 35 U.S.C. § 112(6) The parties agree that § 112(6) applies to certain disputed terms, but dispute the specified function and corresponding structure for many of these terms. For limitations subject to § 112(6), the court must first determine what the claimed function is, and then determine what structure disclosed in the specification corresponds to the claimed function. See Williamson, 792 F.3d at 1351-52. For the second step, the Federal Circuit requires that a corresponding structure be clearly linked to the claimed function. See B. Braun Med., Inc. v. Abbott Labs., 124 F. 3d 1419, 1424 (Fed. Cir. 1997). The Federal Circuit has confirmed that it is improper to “import functional limitations that are not recited in the claim, or structural 8 If the Court were to determine that “authentication program” is subject § 112(6), then the Court should construe it in the same manner as “authentication program means.” Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 21 of 30 Page ID #:2911 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 17 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM limitations from the written description that are unnecessary to perform the claimed function.” Wenger Mfg., Inc. v. Coating Mach. Sys., Inc., 239 F.3d 1225, 1233 (Fed. Cir. 2001) (emphasis added); see also Micro Chem., Inc. v. Great Plains Chem. Co., 194 F.3d 1250, 1258 (Fed. Cir. 1999) (a court may not construe a means-plus- function limitation by “adopting a function different from that explicitly recited in the claim”). Simply put, “Section 112 paragraph 6 does not permit incorporation of structure from the written description beyond that necessary to perform the claimed function.” Asyst Techs., Inc. v. Empak, Inc., 268 F.3d 1364, 1369-70 (Fed. Cir. 2001) (internal quotations omitted). In light of this guidance, each of StrikeForce’s constructions identifies the correct claimed function, and identifies only those structures that correspond directly to the claimed function. Furthermore, StrikeForce’s identified structures are limited to only those necessary to perform the claimed functions, as required by law. See id. In contrast, SecureAuth improperly imports various limitations into the claimed functions and identifies corresponding structures that include elements not necessary to perform the claimed functions. In fact, SecureAuth’s constructions go so far as to identify the same corresponding structure for several different § 112(6) limitations that perform different functions within the very same claim. This inconsistency within SecureAuth’s constructions alone is fatal to SecureAuth’s constructions. In other instances, SecureAuth improperly limits the claims to a single preferred embodiment and excludes structure clearly linked to the recited function from the other embodiments, which is contrary to law. See Micro Chem., 194 F.3d at 1258 (“When multiple embodiments in the specification correspond to the claimed function, proper application of § 112, ¶ 6 generally reads the claim element to embrace each of those embodiments.”); see also Vitronics Corp. v. Conceptronic, Inc., 90 F.3d 1576, 1583 (Fed. Cir. 1996) (holding that a construction that does not read on a preferred embodiment is “rarely, if ever, correct”); Helmsderfer v. Bobrick Washroom Equip., Inc., 527 F.3d 1379, 1383 (Fed. Cir. 2008) (cautioning against Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 22 of 30 Page ID #:2912 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 18 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM interpreting a claim to exclude disclosed embodiments). SecureAuth’s attempt to exclude disclosed embodiments also is contrary to its recognition, in agreeing to the construction of “host computer” that the Massachusetts court adopted, that the claims encompass all of the disclosed embodiments, not just that of Fig. 1A. 1. “Authentication program mechanism . . . for authenticating [said/an] accessor demanding access to said host computer” (’599 claims 7, 11, 18; ’701 claims 7, 11, 18) The parties agree that these terms are subject to § 112(6) and agree as to the claimed function: “authenticating [said/an] accessor demanding access to said host computer.” The parties disagree, however, as to the corresponding structure. StrikeForce proposes that the corresponding structure includes step 196 and step 208 of Figures 9A-E and security system 340/440 of Figures 11 and 13. SecureAuth, on the other hand, proposes that the corresponding structure includes nearly every step of Figures 9A-E (i.e., steps 174-219), and excludes from its construction security system 340/440, which correspond to the Figure 11 and 13 embodiments. See supra § II.A. StrikeForce’s proposed structure comes directly from the portions of the specification discussing how an accessor is authenticated. For example, step 196 of Fig. 9B (“DOES THE DTMF PASSWORD MATCH?”) is described as sending a confirmation along a software pathway indicating whether the user’s out-of-band password was found valid or invalid. Ex. 1, 10:36-46. Similarly, step 208 of Fig. 9C (“DOES THE SPEECH PASSWORD MATCH?”) is also described as sending a confirmation along the software pathway indicating whether the out-of-band biometric signal was found valid. Id., 11:19-25. The parties agree that steps 196 and 208 correspond to the claimed function, as SecureAuth also included these steps, along with the corresponding passages, in their recitation of disclosed structure.9 9 It is implicit in StrikeForce’s construction that the proposed algorithm is performed by a general purpose computer. Indeed, the Delaware court’s Report and Recommendation acknowledged that algorithms are required only where the Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 23 of 30 Page ID #:2913 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 19 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Moreover, as noted above, StrikeForce’s corresponding structure incorporates all disclosed embodiments—including the Fig. 11 and 13 embodiments, which describe the authentication of the user being performed by security computer 340/440.10 See id., 12:59-13:3, 13:59-64. In contrast, SecureAuth’s proposed structure excludes disclosed embodiments and incorporates structure beyond that necessary to perform the recited function, and is thus contrary to law. For example, SecureAuth’s proposed structure does not include any recitation of the Fig. 11 and Fig. 13 embodiments. See Micro Chem., 194 F.3d at 1258 (“When multiple embodiments in the specification correspond to the claimed function, proper application of § 112, ¶ 6 generally reads the claim element to embrace each of those embodiments.”). Further, SecureAuth’s proposed structure is over-inclusive and includes structure not necessary to perform the claimed “authenticating” function—structure actually linked to different functions recited separately in the claims. For example, Steps 186 and 200 require playing a prompt for the user that instructs the user to enter a password. Ex. 1, 10:24-26. But the claims separately recite a “prompt mechanism” that instructs the accessor to enter a password (predetermined data), and thus the corresponding structure for the “prompt mechanism,” as SecureAuth agrees (see below), includes Steps 186 and 200. This confirms that the “prompt” steps are not part of the function for the “authentication ________________________ corresponding structure is a general purpose computer. See Ex. 4 at 5-6. As the Federal Circuit states, “instructions of the software program in effect ‘create a special purpose machine for carrying out the particular algorithm.’ Thus, in a means-plus- function claim ‘in which the disclosed structure is a computer, or microprocessor, programmed to carry out an algorithm, the disclosed structure is not the general purpose computer, but rather the special purpose computer programmed to perform the disclosed algorithm.’” Aristocrat Techs. Australia Pty Ltd. v. Int’l Game Tech., 521 F.3d 1328, 1333 (Fed. Cir. 2008) (quoting WMS Gaming, Inc. v. Int’l Game Tech., 184 F.3d 1339, 1348 (Fed. Cir. 1999)). 10 In the Fig. 10 embodiment, “authentication occurs in the out-of-band security network 240, which is analogous to the one described in detail above [in the context of Fig. 1A], except the subscriber database becomes layered by virtue of the classification.” Thus, the structure identified in the context of Fig. 1A also describes authentication in the context of Fig. 10. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 24 of 30 Page ID #:2914 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 20 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM program mechanism” limitation. Similarly, SecureAuth’s proposed structure includes additional unnecessary steps such as, dialing and answering a telephone (step 174, 178), retrieving speech prompts for the user (184, 198), and playing an access granted announcement for the user (step 212), none of which is necessary to perform the recited function.11 See Asyst Techs., 268 F.3d at 1369-70. SecureAuth’s proposed construction is also incorrect in that it recites a “Control Module 62 programmed to perform steps . . . “ See Dkt. 119 at 18-19. “Control Module 62” is a software module that includes various functionality and structure, including “a finite state machine, a call state model, process monitors, and fail-over mechanisms” (Ex. 1, 6:66-7:2), which functionality that goes well beyond the claimed functionality of “authenticating [said/an] accessor demanding access to said host computer.” Thus, SecureAuth’s inclusion of control module 62 in its structure is improper and should be rejected. See Asyst Techs., 268 F.3d at 1369-70. Finally, a number of the steps identified by SecureAuth in its structure as being performed by the control module 62 are not actually performed by the control module 62. For example, in Steps 180 and 190, the line module 64 transmits information, at Steps 184, 186, 198, 200, 204, 206, 208 and 214, the speech module 66 retrieves and/or transmits information, and not the control module 62, at Steps 178, 188, 202 the user answers a telephone and/or enters information that is retrieved by the line module 64, and Steps 217-219 are performed by the server protocol module and client protocol module. Ex. 1 at Figs. 9B-9E. A juror attempting to understand what structure is covered by SecureAuth’s construction would thus be confused and misled. 11 This is further evidenced by dependent claims 12 and 14, which expressly narrow independent claim 11 to require playing an auditory prompt for the user, and claim 13 which requires playing an access granted message for the user. Accordingly, the independent claim must be construed broader than its dependent claims and cannot require these limitations as part of the corresponding structure. See Phillips v. AWH Corp., 415 F.3d 1303, 314-15 (Fed. Cir. 2005). Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 25 of 30 Page ID #:2915 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 21 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM 2. “Component for receiving the transmitted data and comparing said transmitted data to predetermined data…” (’698 claim 54) The parties agree that this term is subject to § 112(6), but disagree as to both the claimed function and structure. Function. StrikeForce’s construction properly identifies the claimed function explicitly recited in the claims: “receiving the transmitted data and comparing said transmitted data to predetermined data.” E.g., Ex. 2, 19:5-7. In contrast, SecureAuth’s construction reads in functional limitations performed by the separately claimed “security computer,” instead of the “component for receiving”; namely, “such that, depending on the comparison of the transmitted and the predetermined data, said security computer outputs an instruction to the host computer to grant access to the host computer or deny access thereto.” This is incorrect as a matter of law. See Lockheed Martin Corp. v. Space Sys./Loral, Inc., 324 F.3d 1308, 1319 (Fed. Cir. 2003) (holding that the claimed function does not include a “‘whereby’ clause that merely states the result of the limitations in the claim”). Here, the “such that” clause of the limitation merely states the result of the limitations in the claim, as in Lockheed Martin, and then adds functionality performed by the security computer separate and apart from the component for receiving and comparing. In particular, the “such that” clause explains the effect of the claimed component’s “comparing” function, and then requires that the security computer (and not the component for receiving and comparing) performs its own subsequent actions. There is no basis to suggest that the functionality of the security computer (and, by extension, the structure necessary to perform that functionality) should be incorporated into the claimed component. The Delaware court agreed with this principle as well. See Ex. 4 at 43 (rejecting defendants’ attempt to incorporate the language following “such that” into the recited function). Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 26 of 30 Page ID #:2916 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 22 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM Structure. The parties agree that the appropriate corresponding structure includes Steps 188-196 and 202-208 of Figs. 9C and 9D, but disagree on what else it includes. Unlike SecureAuth’s construction, StrikeForce’s construction corresponds to that necessary to perform the claimed function, and also encompasses all disclosed embodiments. The claim makes clear that this act of receiving and comparing data takes place after the security computer has already received and verified the user’s login identification. Ex. 2 at 19:1-4 (specifying that the security computer “output[s] a prompt requesting a transmission of data once said login identification is verified”). StrikeForce’s proposed structure therefore incorporates the portions of the specification specifically directed to the claimed functions—receiving, by the security computer, the transmitted data and comparing it to predetermined data. Steps 188- 196 of Fig. 9C (and accompanying explanation at Ex. 2, 10:46-65), Steps 202-208 of Figs. 9C-9D (and accompanying explanation at Ex. 2, 11:24-55), and the descriptions of security computer 340/440 at 13:15-38 and/or 14:12-20, each describes receiving the transmitted data at the security computer (see, e.g., Steps 188-190 wherein the user enters a DTMF password which is transmitted to the security computer’s inline module and passed on to the control module) and comparing the transmitted data to stored data (see, e.g., Steps 192-196 wherein the security computer’s control module retrieves a stored DTMF password and compares it to the transmitted DTMF password). In contrast, SecureAuth’s proposed structure is incorrect for at least two reasons. First, it excludes disclosed embodiments because again it does not include any structure corresponding to the Fig. 11 and Fig. 13 embodiments. Second, by including “control module 62” as part of the required structure, SecureAuth’s construction incorporates structure beyond that necessary to perform the recited function. As explained above in connection with the “authentication program mechanism” limitation, to the extent SecureAuth contends its proposed structure must include all software functionality of the disclosed “control module 62” (including Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 27 of 30 Page ID #:2917 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 23 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM functionalities not clearly linked to, or necessary to perform, the claimed function), it is wrong as a matter of law. See Asyst Techs., 268 F.3d at 1369-70. Finally, as noted above, SecureAuth’s inclusion of Steps 188, 190, 202, 206 and 208 as being performed by the control module 62 is inconsistent with the specification, in which these steps are performed by different software. Supra, Section III.C.1. 3. “Prompt [means/mechanism] for . . . ” (’599 claims 1, 11, 18; ’701 claims 1, 11, 18) The parties again agree that this term is subject to § 112(6) and agree on the recited function—“instructing said accessor to enter predetermined data at and transmit predetermined data from said [peripheral device/cellular telephone/PDA]”— but disagree on the corresponding structure. In particular, while the parties agree that the appropriate corresponding structure includes Step 186 of Fig. 9C (described at Ex. 1, 10:12-31), Step 200 of Fig. 9C (described at Ex. 1, 10:59-11:8), StrikeForce properly incorporates structure from all disclosed embodiments—including Figs. 11 and 13—while SecureAuth improperly excludes those embodiments. See Micro Chem., 194 F.3d at 1258. In addition, SecureAuth improperly includes steps not necessary for the performance of the claimed function. Asyst Techs., 268 F.3d at 1369-70. For example, SecureAuth’s identification of corresponding structure for “instructing said accessor to enter predetermined data” unnecessarily includes Steps 184 and 198, which relate to retrieving the prompt. See, Ex. 1, Figs. 9B-C. It would be legally incorrect to require these extra steps to be part of the corresponding structure. Asyst Techs., 268 F.3d at 1369-70. Finally, SecureAuth’s proposed structure is improperly restrictive because it requires all functionality and structure described in relation to the “speech module 66,” including software elements not demonstrated to be clearly linked to and necessary to perform the recited function. SecureAuth’s structure should be rejected. See id. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 28 of 30 Page ID #:2918 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 24 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM 4. “Biometric analyzer” (’599 claims 7, 11, 17, 18, 19, 28, 31; ’701 claims 11, 18) The parties again agree that this term is subject to § 112(6) and agree on the recited function—“analyzing a monitored parameter of said accessor”—but disagree on the corresponding structure. StrikeForce’s corresponding structure is the same structure identified by the Delaware court and agreed to by defendants in four different litigations. See Ex. 12, App. B at 3; Ex. 13 at 29-30. As the Delaware court and all other defendants implicitly recognized, the algorithm set forth in StrikeForce’s construction may be performed by any general purpose computer. Accordingly, the Delaware court and the parties in the other litigations identified the necessary algorithm without specifying that the algorithm is performed by a general purpose computer. In contrast, while SecureAuth agrees that the corresponding structure requires the very same algorithm set forth by StrikeForce (and Delaware and the other defendants), SecureAuth argues that the algorithms must be performed by particular “modules” described in the specification. But SecureAuth’s restriction to “modules” improperly incorporates structure not necessary to perform the claimed function, and excludes embodiments that are also clearly linked to the claimed function, neither of which is proper. See Asyst Techs., 268 F.3d at 1369-70; Micro Chem., 194 F.3d at 1258. The additional structure identified by SecureAuth—“speech module 66 as shown in FIG. 5 and described at 7:34-61 of the ’599 Patent, or fingerprint module 366 as shown in FIG. 12 and described at 13:1-31 of the ’599 Patent”—is not necessary to perform the recited function and should be rejected accordingly. See Asyst Techs., 268 F.3d at 1369-70. This is evidenced by the fact that Delaware and multiple adverse parties agree on the proposed algorithm, without requiring any particular hardware/software to implement the algorithm (and, thus, implicitly agree to using a general purpose processor to perform the disclosed algorithm). Moreover, by restricting the structure to a speech module and a fingerprint module, SecureAuth Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 29 of 30 Page ID #:2919 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 25 CASE NO. 2:17-CV-04314-JAK-SK PLAINTIFF’S OPENING CLAIM CONSTRUCTION MEMORANDUM excludes multiple embodiments of the biometric analyzer disclosed in the patent. For example, the very basis for the algorithm that SecureAuth agrees to in its identified structure (Ex. 1, 6:29-35) is in the context of explanation that the biometric analysis can be done for at least “iris recognition, retina identification, palms [sic] recognition, and face recognition,” and is explicitly not limited to voice or fingerprint verification. See Ex. 1, 6:25-35. SecureAuth’s attempt to exclude these embodiments is fatal to its construction. See Micro Chem., 194 F.3d at 1258 (“When multiple embodiments in the specification correspond to the claimed function, proper application of §112, ¶ 6 generally reads the claim element to embrace each of those embodiments.”) IV. CONCLUSION For the reasons stated above, StrikeForce respectfully requests that the Court adopt its proposed constructions for the disputed terms and reject SecureAuth’s attempts to improperly narrow the claims. Respectfully submitted, DYKEMA GOSSETT LLP Allan Gabriel Abirami Gnanadesigan ROPES & GRAY LLP Richard T. McCaulley, Jr. Rebecca R. Carrizosa Matthew J. Rizzolo Samuel L. Brenner Dated: October 30, 2017 By: /s/ Abi Gnanadesigan Abirami Gnanadesigan Attorneys for Plaintiff StrikeForce Technologies, Inc. Case 2:17-cv-04314-JAK-SK Document 122 Filed 10/30/17 Page 30 of 30 Page ID #:2920