Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 1 of 8

IN THE UNITED STATES DISTRICT COURT

FOR THE WESTERN DISTRICT OF TEXAS
AUSTIN DIVISION

UNILOC 2017 LLC and ) Case No.: 1:18-cv-838

UNILOC LICENSING USA, LLC, )
)
Plaintiffs, )
) PATENT CASE
v. )
)
APPLE INC., )
) DEMAND FOR JURY TRIAL
Defendant. )

COMPLAINT FOR PATENT INFRINGEMENT

Plaintiffs, Uniloc 2017 LLC and Uniloc Licensing USA, LLC (together, “Uniloc”), for

their complaint against defendant, Apple Inc. (“Apple”), allege:

THE PARTIES

1. Uniloc 2017 LLC is a Delaware limited liability company, having places of

business at 1209 Orange Street, Wilmington, Delaware 19801, 620 Newport Center Drive,

Newport Beach, California 92660, and 102 N. College Avenue, Suite 303, Tyler, Texas 75702.

2. Uniloc Licensing USA, LLC is a Delaware limited liability company, having places

of business at 1209 Orange Street, Wilmington, Delaware 19801, 620 Newport Center Drive,

Newport Beach, California 92660, and 102 N. College Avenue, Suite 303, Tyler, Texas 75702.

3. Uniloc holds all substantial rights, title, and interest in and to U.S. Patent No.

7,136,999.

4. Apple is a California corporation having regular and established places of business

at 12535 Riata Vista Circle and 5501 West Parmer Lane, Austin, Texas. Apple uses, offers for

sale, sells and imports the products accused of infringement herein for sale to customers in this

judicial district and elsewhere in the United States. Apple may be served with process through

3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 2 of 8

its registered agent for service in Texas: CT Corporation System, 1999 Bryant Street, Suite 900,

Dallas, Texas 75201.

JURISDICTION

5. Uniloc brings this action for patent infringement under the patent laws of the United

States, 35 U.S.C. § 271, et seq. This Court has subject matter jurisdiction under 28 U.S.C. §§ 1331

and 1338(a).

COUNT I
(INFRINGEMENT OF U.S. PATENT NO. 7,136,999)

6. Uniloc incorporates paragraphs 1-5 above by reference.

7. Uniloc 2017 LLC is the owner by assignment of U.S. Patent No. 7,136,999 entitled

METHOD AND SYSTEM FOR ELECTRONIC DEVICE AUTHENTICATION, which issued

on November 14, 2006 (“the ’999 Patent”). A copy of the ’999 Patent is attached as Exhibit A.

8. Uniloc Licensing USA, LLC is the exclusive licensee of the ’999 Patent, with

ownership of all substantial rights, including the right to grant sublicenses, to exclude others, and

to enforce the patent to recover damages for past infringement.

9. The ’999 Patent describes in detail and claims in various ways inventions in

providing authentication of devices in mobile, wireless communication.

10. The ’999 Patent describes problems and shortcomings in the then-existing field of

providing security in communications between devices using Bluetooth. See, e.g., Ex. A at 1:54-

59. The ’999 Patent describes and claims novel and inventive technological improvements and

solutions to such problems and shortcomings.

11. As evidenced by the allowance thereof, the technological improvements and

solutions described and claimed in the ’999 Patent were not conventional or generic at the time of

2
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 3 of 8

their respective inventions but involved novel and non-obvious approaches to the problems and

shortcomings prevalent in the art at the time.

12. The inventions claimed in the ’999 Patent involve and cover more than just the

performance of well-understood, routine, and conventional activities known to the industry prior

to the invention of such novel and non-obvious methods, systems, and devices.

13. The inventions claimed in the ’999 Patent represent technological solutions to

technological problems. The written description of the ’999 Patent describes in technical detail

each of the limitations of the claims, allowing a person of ordinary skill in the art to understand

what the limitations cover and how the non-conventional and non-generic combination of claim

elements differ markedly from and improved upon what may have been considered conventional

or generic.

14. Apple uses, offers for sale, sells and imports electronic devices that use Apple’s

AirDrop feature to share between such devices photos, videos, contacts, voice memos and location,

including the following: iPhone5, iPhone 5c, iPhone 5s, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone

6s Plus, iPhone SE, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XR,

iPhone XS, iPhone XS Max; iPad (4th, 5th gen.), iPad Mini, iPad Mini 2, iPad Mini 3, iPad Mini

4, iPad Pro, iPad Air, iPad Air 2, MacBook, MacBook Air (11 inches, 13 inches), MacBook Pro

(13 and 15 inches), iMac (21.5 and 27 inches), Mac Mini, Mac Pro; iPod (5th gen.) and iPod touch

(4th, 5th, 6th gen.) (together, “Accused Infringing Device(s)”).

15. The Accused Infringing Devices include Bluetooth and WiFi functionality and use

Apple’s AirDrop feature to exchange data, such as photos, videos, contacts, voice memos, and

location information, between such devices.

3
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 4 of 8

16. When in range of WiFi or Bluetooth, users enable AirDrop by tapping on the

AirDrop button on a first Accused Infringing Device (e.g., an iPhone). When AirDrop is enabled,

a 2048-bit RSA identity is stored on the user’s first Accused Infringing Device (e.g., an iPhone,

iPad, or a MacBook) and an AirDrop identity hash is created based on the email address and phone

number associated with the user’s Apple ID.

17. Once AirDrop has been enabled, the first Accused Infringing Device emits an

AirDrop advertisement signal over Bluetooth, and a second Accused Infringing Device (e.g., an

iPhone, iPad, or MacBook) with AirDrop-enabled that is located within range of the signal

responds by sending over Bluetooth a shortened version of its own identity hash.

18. If the second Accused Infringing Device’s shortened identity hash is recognized as

a contact by the first Accused Infringing Device, the first Accused Infringing Device creates a

peer-to-peer WiFi network (e.g., WiFi Direct) over which the second Accused Infringing Device

sends its full identity hash to the first Accused Infringing Device. If the second Accused Infringing

Device’s full identity hash is recognized by the first Accused Infringing Device, the second

Accused Infringing Device user’s identity is displayed on the first Accused Infringing Device share

sheet.

19. To send, for example, a photo to the second Accused Infringing Device, the user

taps on the selected photo, the share button, and then the AirDrop button on the first Accused

Infringing Device. The first Accused Infringing Device displays any AirDrop enabled devices

within range that are recognized by the first Accused Infringing Device as a contact (or each such

detected device if the contact default is disabled).

20. Once the second Accused Infringing Device’s identity has been confirmed as

described above, by tapping on the displayed intended recipient’s button on the first Accused

4
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 5 of 8

Infringing Device the photo is sent over the direct WiFi channel (enabled by Bonjour) to the second

Accused Infringing Device.

21. Apple has infringed and continues to infringe the ’999 Patent in the United States,

including claims 13 and 17, by using, offering for sale, selling and importing the Accused

Infringing Devices in violation of 35 U.S.C. § 271(a).

22. Apple has also infringed and continues to infringe numerous claims of the ’999

Patent, including claims 13 and 17, by actively inducing others to import, use, offer for sale and

sell the Accused Infringing Devices. Apple’s customers who use the AirDrop feature of the

Accused Infringing Devices, as described above, in accordance with Apple’s instructions infringe

claims 13 and 17 of the ’999 Patent, in violation of 35 U.S.C. § 271(a). Apple intentionally,

directly and/or indirectly instructs its customers to use the Accused Infringing Devices in an

infringing manner through training videos, demonstrations, brochures, installation, and user

guides, such as those located at one or more of the following:

• www.apple.com

• www.apple.com/ipad-pro/

• www.apple.com/ipad-mini-4/ios//

• www.apple.com/safari/

• www.apple.com/imovie/

• www.apple.com/macos/photos/

• https://support.apple.com/en-us/HT203106

• https://support.apple.com/en-us/HT204144

• https://support.apple.com/en-us/HT204289

• https://support.apple.com/kb/PH14580

5
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 6 of 8

• https://support.apple.com/kb/PH24625

• https://support.apple.com/kb/PH26768

• https://support.apple.com/kb/PH26789

• https://help.apple.com/iphone/12/#/iphb658714b9

• https://help.apple.com/iphone/11/#/iphb658714b9

• https://help.apple.com/iphone/10/#/iphb658714b9

• https://help.apple.com/iphone/9/#/iphf28f17237

• https://help.apple.com/ipad/12/#/iPadf84aaf63

• https://help.apple.com/ipad/11/#/iPadf84aaf63

• https://help.apple.com/ipad/10/#/iPadf84aaf63

• https://help.apple.com/macbook/late-2018/#/apd8dc9cb47a

• https://help.apple.com/macbook/early2018/#/apd8dc9cb47a

• https://help.apple.com/ipod-touch/12/#/iphb658714b9

• https://help.apple.com/ipod-touch/11/#/iphb658714b9

• https://support.apple.com/business/site/docs/iOS_Security_Guide.pdf

• www.youtube.com

• www.youtube.com/watch?v=CVLdVmUiqqU

Apple also induces infringement by failing to remove or distinguish the infringing features of the

Accused Infringing Devices. Apple is thereby liable for infringement of the ’999 Patent under 35

U.S.C. § 271(b).

23. Apple has also infringed, and continues to infringe, claims 13 and 17 of the ’999

Patent by selling, offering for sale and importing the Accused Infringing Devices, which devices

are used in practicing the processes, or using the systems, of the ’999 Patent and constitute a

6
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 7 of 8

material part of the invention. Apple knows that portions of the software contained in the Accused

Infringing Devices are especially made, or especially adapted, for use in infringement of the ’999

Patent and are not a staple article or commodity of commerce suitable for substantial noninfringing

use. Apple is thereby liable for infringement of the ’999 Patent under 35 U.S.C. § 271(c).

24. Apple will have been on notice of the ’999 Patent since, at the latest, the service of

this complaint upon it. By the time of trial, Apple will have known and intended (since receiving

such notice) that its continued actions would actively induce and contribute to the infringement of

claim 1 of the ’999 Patent.

25. Apple may have infringed the ’999 Patent through other software and devices

utilizing the same or reasonably similar functionality, including other versions of the Accused

Infringing Products.

26. Uniloc has been damaged by Apple’s infringement of the ’999 Patent.

PRAYER FOR RELIEF

Uniloc requests that the Court enter judgment against Apple:

(A) declaring that Apple has infringed the ’999 Patent;

(B) awarding Uniloc its damages suffered as a result of Apple’s infringement of the

’999 Patent;

(C) awarding Uniloc its costs, attorneys’ fees, expenses, and interest, and

(D) granting Uniloc such further relief as the Court finds appropriate.

DEMAND FOR JURY TRIAL

Uniloc demands trial by jury, under Fed. R. Civ. P. 38.

Date: October 3, 2018 Respectfully submitted,

/s/ Edward R. Nelson III

Paul J. Hayes (Lead Attorney)

7
3050711.v1
 Case 1:18-cv-00838-LY Document 1 Filed 10/03/18 Page 8 of 8

Massachusetts State Bar No. 227000

Kevin Gannon
Massachusetts State Bar No. 640931
Michael Ercolini
New York State Bar No. 5029905
Aaron Jacobs
Massachusetts State Bar No. 677545
PRINCE LOBEL TYE LLP
One International Place, Suite 3700
Boston, MA 02110
Tel: (617) 456-8000
Fax: (617) 456-8100
Email: phayes@princelobel.com
Email: kgannon@princelobel.com
Email: ajacobs@princelobel.com
Email: mercolini@princelobel.com

Edward R. Nelson III

ed@nbafirm.com
Texas State Bar No. 00797142
Shawn A. Latchford
shawn@nbafirm.com
Texas State Bar No. 24066603
NELSON BUMGARDNER ALBRITTON P.C.
3131 West 7th Street, Suite 300
Fort Worth, TX 76107
Tel: (817) 377-9111
Fax: (817) 377-3485

ATTORNEYS FOR THE PLAINTIFFS

8
3050711.v1
JS 44 (Rev. 12/12)
Case 1:18-cv-00838-LY Document 1-1 Filed 10/03/18 Page 1 of 3
CIVIL COVER SHEET
The JS 44 civil cover sheet and the information contained herein neither replace nor supplement the filing and service of pleadings or other papers as required by law, except as
provided by local rules of court. This form, approved by the Judicial Conference of the United States in September 1974, is required for the use of the Clerk of Court for the
purpose of initiating the civil docket sheet. (SEE INSTRUCTIONS ON NEXT PAGE OF THIS FORM.)

I. (a) PLAINTIFFS DEFENDANTS

UNILOC 2017 LLC and UNILOC LICENSING USA, LLC APPLE INC.

(b) County of Residence of First Listed Plaintiff County of Residence of First Listed Defendant
(EXCEPT IN U.S. PLAINTIFF CASES) (IN U.S. PLAINTIFF CASES ONLY)
NOTE: IN LAND CONDEMNATION CASES, USE THE LOCATION OF
THE TRACT OF LAND INVOLVED.

(c) Attorneys (Firm Name, Address, and Telephone Number) Attorneys (If Known)
Edward R. Nelson III, Nelson Bumgardner Albritton P.C.
3131 West 7th Street, Suite 300, Fort Worth, TX 76107
Phone: 817-377-9111

II. BASIS OF JURISDICTION (Place an “X” in One Box Only) III. CITIZENSHIP OF PRINCIPAL PARTIES (Place an “X” in One Box for Plaintiff
(For Diversity Cases Only) and One Box for Defendant)
’ 1 U.S. Government ’ 3 Federal Question PTF DEF PTF DEF
Plaintiff (U.S. Government Not a Party) Citizen of This State ’ 1 ’ 1 Incorporated or Principal Place ’ 4 ’ 4
of Business In This State

’ 2 U.S. Government ’ 4 Diversity Citizen of Another State ’ 2 ’ 2 Incorporated and Principal Place ’ 5 ’ 5
Defendant (Indicate Citizenship of Parties in Item III) of Business In Another State

Citizen or Subject of a ’ 3 ’ 3 Foreign Nation ’ 6 ’ 6

Foreign Country
IV. NATURE OF SUIT (Place an “X” in One Box Only)
CONTRACT TORTS FORFEITURE/PENALTY BANKRUPTCY OTHER STATUTES
’ 110 Insurance PERSONAL INJURY PERSONAL INJURY ’ 625 Drug Related Seizure ’ 422 Appeal 28 USC 158 ’ 375 False Claims Act
’ 120 Marine ’ 310 Airplane ’ 365 Personal Injury - of Property 21 USC 881 ’ 423 Withdrawal ’ 400 State Reapportionment
’ 130 Miller Act ’ 315 Airplane Product Product Liability ’ 690 Other 28 USC 157 ’ 410 Antitrust
’ 140 Negotiable Instrument Liability ’ 367 Health Care/ ’ 430 Banks and Banking
’ 150 Recovery of Overpayment ’ 320 Assault, Libel & Pharmaceutical PROPERTY RIGHTS ’ 450 Commerce
& Enforcement of Judgment Slander Personal Injury ’ 820 Copyrights ’ 460 Deportation
’ 151 Medicare Act ’ 330 Federal Employers’ Product Liability ’ 830 Patent ’ 470 Racketeer Influenced and
’ 152 Recovery of Defaulted Liability ’ 368 Asbestos Personal ’ 840 Trademark Corrupt Organizations
Student Loans ’ 340 Marine Injury Product ’ 480 Consumer Credit
(Excludes Veterans) ’ 345 Marine Product Liability LABOR SOCIAL SECURITY ’ 490 Cable/Sat TV
’ 153 Recovery of Overpayment Liability PERSONAL PROPERTY ’ 710 Fair Labor Standards ’ 861 HIA (1395ff) ’ 850 Securities/Commodities/
of Veteran’s Benefits ’ 350 Motor Vehicle ’ 370 Other Fraud Act ’ 862 Black Lung (923) Exchange
’ 160 Stockholders’ Suits ’ 355 Motor Vehicle ’ 371 Truth in Lending ’ 720 Labor/Management ’ 863 DIWC/DIWW (405(g)) ’ 890 Other Statutory Actions
’ 190 Other Contract Product Liability ’ 380 Other Personal Relations ’ 864 SSID Title XVI ’ 891 Agricultural Acts
’ 195 Contract Product Liability ’ 360 Other Personal Property Damage ’ 740 Railway Labor Act ’ 865 RSI (405(g)) ’ 893 Environmental Matters
’ 196 Franchise Injury ’ 385 Property Damage ’ 751 Family and Medical ’ 895 Freedom of Information
’ 362 Personal Injury - Product Liability Leave Act Act
Medical Malpractice ’ 790 Other Labor Litigation ’ 896 Arbitration
REAL PROPERTY CIVIL RIGHTS PRISONER PETITIONS ’ 791 Employee Retirement FEDERAL TAX SUITS ’ 899 Administrative Procedure
’ 210 Land Condemnation ’ 440 Other Civil Rights Habeas Corpus: Income Security Act ’ 870 Taxes (U.S. Plaintiff Act/Review or Appeal of
’ 220 Foreclosure ’ 441 Voting ’ 463 Alien Detainee or Defendant) Agency Decision
’ 230 Rent Lease & Ejectment ’ 442 Employment ’ 510 Motions to Vacate ’ 871 IRS—Third Party ’ 950 Constitutionality of
’ 240 Torts to Land ’ 443 Housing/ Sentence 26 USC 7609 State Statutes
’ 245 Tort Product Liability Accommodations ’ 530 General
’ 290 All Other Real Property ’ 445 Amer. w/Disabilities - ’ 535 Death Penalty IMMIGRATION
Employment Other: ’ 462 Naturalization Application
’ 446 Amer. w/Disabilities - ’ 540 Mandamus & Other ’ 465 Other Immigration
Other ’ 550 Civil Rights Actions
’ 448 Education ’ 555 Prison Condition
’ 560 Civil Detainee -
Conditions of
Confinement
V. ORIGIN (Place an “X” in One Box Only)
’ 1 Original ’ 2 Removed from ’ 3 Remanded from ’ 4 Reinstated or ’ 5 Transferred from ’ 6 Multidistrict
Proceeding State Court Appellate Court Reopened Another District Litigation
(specify)
Cite the U.S. Civil Statute under which you are filing (Do not cite jurisdictional statutes unless diversity):
35 U.S.C. § 271, et seq.
VI. CAUSE OF ACTION Brief description of cause:
Infringement of U.S. Patent No. 7,136,999
VII. REQUESTED IN ’ CHECK IF THIS IS A CLASS ACTION DEMAND $ CHECK YES only if demanded in complaint:
COMPLAINT: UNDER RULE 23, F.R.Cv.P. JURY DEMAND: ’ Yes ’ No
VIII. RELATED CASE(S)
(See instructions):
IF ANY JUDGE SEE ATTACHED CONTINUATION PG. DOCKET NUMBER
DATE SIGNATURE OF ATTORNEY OF RECORD
10/03/2018 /s/ Edward R. Nelson III
FOR OFFICE USE ONLY

RECEIPT # AMOUNT APPLYING IFP JUDGE MAG. JUDGE

JS 44 Reverse (Rev. 12/12) Case 1:18-cv-00838-LY Document 1-1 Filed 10/03/18 Page 2 of 3
INSTRUCTIONS FOR ATTORNEYS COMPLETING CIVIL COVER SHEET FORM JS 44
Authority For Civil Cover Sheet

The JS 44 civil cover sheet and the information contained herein neither replaces nor supplements the filings and service of pleading or other papers as
required by law, except as provided by local rules of court. This form, approved by the Judicial Conference of the United States in September 1974, is
required for the use of the Clerk of Court for the purpose of initiating the civil docket sheet. Consequently, a civil cover sheet is submitted to the Clerk of
Court for each civil complaint filed. The attorney filing a case should complete the form as follows:

I.(a) Plaintiffs-Defendants. Enter names (last, first, middle initial) of plaintiff and defendant. If the plaintiff or defendant is a government agency, use
only the full name or standard abbreviations. If the plaintiff or defendant is an official within a government agency, identify first the agency and
then the official, giving both name and title.
(b) County of Residence. For each civil case filed, except U.S. plaintiff cases, enter the name of the county where the first listed plaintiff resides at the
time of filing. In U.S. plaintiff cases, enter the name of the county in which the first listed defendant resides at the time of filing. (NOTE: In land
condemnation cases, the county of residence of the "defendant" is the location of the tract of land involved.)
(c) Attorneys. Enter the firm name, address, telephone number, and attorney of record. If there are several attorneys, list them on an attachment, noting
in this section "(see attachment)".

II. Jurisdiction. The basis of jurisdiction is set forth under Rule 8(a), F.R.Cv.P., which requires that jurisdictions be shown in pleadings. Place an "X"
in one of the boxes. If there is more than one basis of jurisdiction, precedence is given in the order shown below.
United States plaintiff. (1) Jurisdiction based on 28 U.S.C. 1345 and 1348. Suits by agencies and officers of the United States are included here.
United States defendant. (2) When the plaintiff is suing the United States, its officers or agencies, place an "X" in this box.
Federal question. (3) This refers to suits under 28 U.S.C. 1331, where jurisdiction arises under the Constitution of the United States, an amendment
to the Constitution, an act of Congress or a treaty of the United States. In cases where the U.S. is a party, the U.S. plaintiff or defendant code takes
precedence, and box 1 or 2 should be marked.
Diversity of citizenship. (4) This refers to suits under 28 U.S.C. 1332, where parties are citizens of different states. When Box 4 is checked, the
citizenship of the different parties must be checked. (See Section III below; NOTE: federal question actions take precedence over diversity
cases.)

III. Residence (citizenship) of Principal Parties. This section of the JS 44 is to be completed if diversity of citizenship was indicated above. Mark this
section for each principal party.

IV. Nature of Suit. Place an "X" in the appropriate box. If the nature of suit cannot be determined, be sure the cause of action, in Section VI below, is
sufficient to enable the deputy clerk or the statistical clerk(s) in the Administrative Office to determine the nature of suit. If the cause fits more than
one nature of suit, select the most definitive.

V. Origin. Place an "X" in one of the six boxes.

Original Proceedings. (1) Cases which originate in the United States district courts.
Removed from State Court. (2) Proceedings initiated in state courts may be removed to the district courts under Title 28 U.S.C., Section 1441.
When the petition for removal is granted, check this box.
Remanded from Appellate Court. (3) Check this box for cases remanded to the district court for further action. Use the date of remand as the filing
date.
Reinstated or Reopened. (4) Check this box for cases reinstated or reopened in the district court. Use the reopening date as the filing date.
Transferred from Another District. (5) For cases transferred under Title 28 U.S.C. Section 1404(a). Do not use this for within district transfers or
multidistrict litigation transfers.
Multidistrict Litigation. (6) Check this box when a multidistrict case is transferred into the district under authority of Title 28 U.S.C. Section 1407.
When this box is checked, do not check (5) above.

VI. Cause of Action. Report the civil statute directly related to the cause of action and give a brief description of the cause. Do not cite jurisdictional
statutes unless diversity. Example: U.S. Civil Statute: 47 USC 553 Brief Description: Unauthorized reception of cable service

VII. Requested in Complaint. Class Action. Place an "X" in this box if you are filing a class action under Rule 23, F.R.Cv.P.
Demand. In this space enter the actual dollar amount being demanded or indicate other demand, such as a preliminary injunction.
Jury Demand. Check the appropriate box to indicate whether or not a jury is being demanded.

VIII. Related Cases. This section of the JS 44 is used to reference related pending cases, if any. If there are related pending cases, insert the docket
numbers and the corresponding judge names for such cases.

Date and Attorney Signature. Date and sign the civil cover sheet.
 Case 1:18-cv-00838-LY Document 1-1 Filed 10/03/18 Page 3 of 3

JS 44 (rev. 12/12)- CONTINUED FROM JS 44

PLAINTIFF DEFENDANT

UNILOC 2017 LLC and APPLE INC.

UNILOC LICENSING USA, LLC

RELATED CASES
COURT JUDGE DOCKET NUMBER
Western District of Texas LEE YEAKEL 1:18-cv-00158
Western District of Texas LEE YEAKEL 1:18-cv-00159
Western District of Texas LEE YEAKEL 1:18-cv-00161
Western District of Texas LEE YEAKEL 1:18-cv-00163
Western District of Texas LEE YEAKEL 1:18-cv-00164
Western District of Texas LEE YEAKEL 1:18-cv-00166
Western District of Texas LEE YEAKEL 1:18-cv-00293
Eastern District of Texas JAMES RODNEY GILSTRAP 2:16-cv-00638
Eastern District of Texas JAMES RODNEY GILSTRAP 2:17-cv-00708
Northern District of WILLIAM ALSUP 3:18-cv-00359
California
Northern District of WILLIAM ALSUP 3:18-cv-00360
California
Northern District of WILLIAM ALSUP 3:18-cv-00363
California
Northern District of WILLIAM ALSUP 3:18-cv-00365
California
Northern District of WILLIAM ALSUP 3:18-cv-00572
California
Northern District of PHYLLIS J. HAMILTON 4:18-cv-00361
California
Northern District of PHYLLIS J. HAMILTON 4:18-cv-00362
California
Northern District of PHYLLIS J. HAMILTON 4:18-cv-00364
California
Northern District of LUCY H. KOH 5:18-cv-00357
California
Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 1 of 6

EXHIBIT A
 Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 2 of 6
US007136999B1

(12) United States Patent (10) Patent No.: US 7,136,999 B1

Griffiths (45) Date of Patent: Nov. 14, 2006
(54) METHOD AND SYSTEM FOR ELECTRONIC 6,772,331 B1* 8/2004 Hind et al. ................. T13/151
DEVICE AUTHENTCATION
FOREIGN PATENT DOCUMENTS
(75) Inventor: Jonathan C. Griffiths, Fremont, CA EP O883318 A1 12/1998
(US) OTHER PUBLICATIONS
(73) Assignee: Koninklijke Philips Electronics N.V., “Specification of Bluetooth System—Core” v. 1. OA, Jul. 26, 1999,
Eindhoven (NL) pp. 18-19,95, 149-154, 169-170, 194-200, 226, 319, 537, 1029 and
1031.
(*) Notice: Subject to any disclaimer, the term of this
patent is extended or adjusted under 35 * cited by examiner
U.S.C. 154(b) by 917 days. Primary Examiner Kambiz Zand
(21) Appl. No.: 09/597,198 (74) Attorney, Agent, or Firm—Larry Liberchuk
(57) ABSTRACT
(22) Filed: Jun. 20, 2000
(51) Int. C. Electronic devices are authenticated to each other initially
H04L 9/00 (2006.01) over a short-range wireless link. In particular, a user first
H04LK LM00 (2006.01) enters a given authentication information in each device.
(52) U.S. Cl. ....................... 713/168; 713/169; 380/270 Later, when the devices are out-of-range of the wireless link,
they may be authenticated to each other without Subsequent
(58) Field of Classification Search ................ 713/168, user input when one of the devices invites the other to
713/169; 380/270 exchange authentication information over an alternative
See application file for complete search history. communications link. If the authentication is Successful, the
(56) References Cited devices may then communicate over the alternative com
munications link as if they were within range of the original
U.S. PATENT DOCUMENTS wireless link.
5,367,558 A * 1 1/1994 Gillig et al. ............. 455,426.1
6,600,902 B1* 7/2003 Bell .......................... 455,412 17 Claims, 1 Drawing Sheet

ELECTRONIC
DEVICE

102
ELECTRONIC
y
DEVICE
 Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 3 of 6

U.S. Patent Nov. 14, 2006 US 7,136,999 B1

ELECTRONIC
DEVICE

----------- 1
115- 107
113 /
1.

115
O' | | - l--192 ELECTRONIC 102
N 11 DEVICE

NON-VOLATILE
-102 MEMORY

AERIAL INPUT DEVICE

PROGRAMS

FIG.2
 Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 4 of 6
US 7,136,999 B1
1.
METHOD AND SYSTEM FOR ELECTRONIC
DEVICE AUTHENTCATION
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to electronic
device authentication.
2. Description of the Related Art
In the Bluetooth Specification, “Specification of the Blue
tooth System Core, V.1.0A, Jul. 26th 1999, pp. 18–19, 95,
149-154, 169-170, 194-200, 226, 319, 537, 1029, and
1031, the so-called Bluetooth short range radio link between
Bluetooth enabled devices is described, particularly, the
Bluetooth frequency bands, the concept of master and slave
devices, and security using authentication of devices. Blue
tooth (BT) is a specification for small form factor, low-cost,
short-range radio links between mobile PCs, mobile phones,
and other such devices. Bluetooth radio arose out of an
initiative among leaders in the telecommunication and com
puter industries to make a global standard for wireless
connectivity. The standard relies on a low power radio link
operating at 2.4 Gigahertz. Bluetooth-provisioned devices
normally must be physically close to each other (i.e., within
100 meters) to communicate. Bluetooth includes a robust
authentication mechanism that ensures that a Bluetooth
device only communicates with other devices for which it is
authenticated, and not with any random device that comes
into its range. Bluetooth radio uses a fast acknowledgement
and frequency hopping scheme to make the link robust.
Devices avoid interference from other signals by hopping to
a new frequency after transmitting or receiving a packet.
Compared with other systems operating in the same fre
quency band, the Bluetooth radio typically hops faster and
uses shorter packets. This makes Bluetooth radio more
robust than other systems.
The Bluetooth authentication scheme works generally as
follows. A user enters a numerical code (a personal identi
fication number or PIN) in the two devices to establish a
Bluetooth link for the first time. The PIN can be any number,
but it must be the same on both devices. Once this is done,
the devices communicate with each other using Bluetooth
transceivers to verify that the PIN numbers match. If so, one
device generates unique key information based on a device
address, which is unique for each device. This unique key
(generated by one of the devices) is stored in both devices
and used to authenticate the two devices for any Subsequent
Bluetooth link between them. In particular, the key
exchanged upon link initialization identifies a unique link
and can be used reliably for Subsequent authentication when
the link is re-established.
The feature that ensures security in a Bluetooth system is
the need for physical proximity to establish a link, i.e., the
user must enter the numerical code on both devices when the
devices are in close proximity. If the devices are more than
100 meters apart, the initial Bluetooth link cannot be estab
lished.
Wide area networks also use basic authentication to
enable electronic devices to communicate with each other.
The most common and popular wide area network is the
Internet. Internet service providers typically restrict access
on their servers to given users. Normally, this is achieved by
requiring a prospective user (e.g., a user of a client machine
running a web browser) to enter a userid and password
combination.
2
BRIEF SUMMARY OF THE INVENTION
It is an object of the invention to authenticate a device first
authenticated on a physically restrained network through
another network.
It is a further object of the invention to simplify authen
tication of a device in a network by re-using a given
authentication process in another network.
In accordance with the invention, a method of authenti
10 cating first and second electronic devices is provided, the
method comprising:
upon link set-up over a short-range wireless link, execut
ing an authentication protocol by exchanging authentication
information between the first and second electronic devices
15 to initially authenticate communication between the first and
second devices;
later, when the first and second electronic devices are
beyond the short-range wireless link, executing the authen
tication protocol by exchanging the authentication informa
tion between the first and second electronic devices over an
alternate communications link, then only allowing commu
nication between the first and second devices if the first and
second devices had initially been Successfully authenticated.
The invention is based upon the insight that once devices
25 are authenticated on a restricted network, it is very simple to
re-connect the devices through another, unrestricted net
work. In this respect, restriction can be determined by the
way a system works, such as authentication in accordance
with said Bluetooth Specification, or can be restricted physi
30 cal access to premises such as an office.
In a preferred embodiment, the first and second electronic
devices each have the capability of communicating with
each other over at least a primary and a secondary commu
nications link. The primary communications link is a given
35 short-range wireless link. Preferably, the short-range wire
less link conforms to a given protocol, namely, Bluetooth.
The secondary communications link may be any alternative
link such as a wide area network (WAN), a local area
network (LAN), or the like. The devices are first authenti
40 cated over the primary link, with the user entering the same,
given PIN code in both devices. After the devices verify that
they share the same PIN code, they exchange key informa
tion. Later, when the devices are no longer within range to
authenticate over the primary communications link using
45 Bluetooth, one of the devices invites the exchange of key
information automatically using the secondary communica
tions link. If the other device can provide the key informa
tion requested, the devices are then authenticated to each
other over the secondary communications link. In addition
50 thereto a user may be requested to enter login data, Such as
a user name or a password. The foregoing has outlined some
of the more pertinent objects and features of the present
invention. These objects and features should be construed to
be merely illustrative of some of the more prominent fea
55 tures and applications of the invention. Many other benefi
cial results can be attained by applying the disclosed inven
tion in a different manner or by modifying the invention as
will be described. Accordingly, a fuller understanding of the
invention may be had by referring to the following Detailed
60 Description of the Preferred Embodiment.
BRIEF DESCRIPTION OF THE DRAWINGS
For a more complete understanding of the present inven
65 tion and the advantages thereof, reference should be made to
the following Detailed Description taken in connection with
the accompanying drawings in which:
 Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 5 of 6
US 7,136,999 B1
3 4
FIG. 1 is a block diagram illustrating an embodiment of
the invention; and
FIG. 2 is a block diagram of an electronic device accord
ing to the present invention.
DETAILED DESCRIPTION OF THE
PREFERRED EMBODIMENT
FIG. 1 is a block diagram illustrating an embodiment of
the invention. As used herein, an “electronic device' should
be broadly construed to mean a computer (or a set of
computers) of any type including, without limitation, a
desktop computer, a workstation or server platform, a note
book computer, a diskless computer, a handheld computing
device (e.g., personal digital assistant, business organizer, or
the like), a communications device (e.g., cellular phone,
Smartphone, or the like) provisioned to include computing
power, in-vehicle computing devices, or the like. Thus, as is
well known, a given electronic device 102, as shown in more
detail in FIG. 2, typically includes a processor 104, a
memory 106 (e.g., RAM and ROM) for storing programs
110 executable by the processor 104, at least one input
device 112 Such as a keyboard or mouse, at least one output
device 114 Such as a monitor or display. Typically, each of
the electronic devices includes hardware and software
resources (not shown) to enable the devices to communicate
with each other over a network 120 such as the Internet, an
intranet, a local area network, a mobile radio network, or the
like. The electronic device 102 can be a mobile phone, a
personal digital assistent (PDA), a laptop computer, or any
other suitable device. In FIG. 1, another electronic device
111 is shown. The electronic device 111 can be a web-server,
an e-mail server, or some other database-like device.
When the device 102, e.g., a laptop, connects to the
network 120, e.g. the Internet, its internet protocol address
is determined and services such as a printer service and a
calendar service are set up automatically. But before such
services are set up the device 102 needs to be authenticated.
Upon device authentication, the user may login to a service
by providing a user name and password, for instance. The
invention is mainly concerned with device authentication
whereby authentication information is exchanged between
devices.
According to the invention, each of the devices also
includes a transceiver 105 to enable the devices to commu
nicate over a communications link 107. Preferably, the
communications link 107 is a short-range wireless link that
conforms to a given radio protocol, e.g., Bluetooth. This is
not a limitation of the present invention, however, as the
alternative communications link 107 may be an infrared
link, an acoustic link, or the like. In the preferred embodi
ment, the alternative communications link 107 is a “pri
mary” link in the sense that the devices initially authenticate
to each other over the link 107 link and then, later, authen
ticate to each other over a secondary link 109 such as the
Internet, an intranet, or Some other link. Thus, according to
the preferred embodiment of the invention, the pair of
electronic devices first authenticate using Bluetooth over a
first link, the link 107 and then later authenticate (e.g., when
the devices are out-of-range of the original wireless con
nection) over some alternative link, the link 109. In FIG. 1,
Such a Successive device authentication at different locations
is indicated by the electronic device 102 having been moved
from a network 113 to which the device 102 has restrained
access, to the unconstrained network 120. The network 113
is a so-called Bluetooth network, for instance, to which a
user 115 has constrained access. When accessing the net
work 113, with the device 102 within network boundary
115, the user 115 needs to initially set-up the link 107 while
the devices 102 and 111 are authenticated. Later, the device
102" moves to another location outside the constrained
network, indicated with the device 102 and a dashed arrow
117. The device 102 may have an aerial 116 when the link
107 is a radio link. Instead of an aerial, an infrared trans
mitter/receiver may be used, when the link 107 is an infrared
link.
10 In terms of Bluetooth, the devices 102/102 and 111 may
be so-called Bluetooth enabled devices, the device 102'/102
being a slave device and the device 111 being a master
device. The concept of master and slave is defined on page
95 of said Bluetooth Specification. Authentication of Blue
15 tooth enabled devices is described on pages 149–154 of said
Bluetooth Specification. When the master and slave are
out-of-range of the wireless or “primary” data link 107.
however, they may still communicate with each other fol
lowing authentication according to the present invention. In
particular, slave device 102 first establishes a link to the
master device 111 over the alternate or “secondary” link 109,
which, as noted above, may be any convenient communi
cations link Such as the Internet, an intranet, a local area
network, or the like. To establish this connection, as noted
25 above, each of the devices 102 and 111 must include
appropriate hardware and Software resources (e.g., a
modem, a TCP/IP stack, and the like) that are used for this
purpose, as is well known. Once this connection is estab
lished, the master device 111 offers to use the authentication
30 protocol of the primary data link 107 to facilitate device
authentication. The primary data link authentication proto
col may be one of several protocols offered during the
attempt to establish a connection between the two devices
102/102 and 111. The offer issued from the master device
35 111 invites the exchange of key information according to the
authentication protocol of the primary data link, in the
example given a Bluetooth protocol. If upon exchange the
keys match, the devices 102/102 are authenticated to com
municate with each other.
40 In Summary, an initial Bluetooth link setup and authen
tication procedure is carried out between a pair of electronic
devices. Thus, for example, the BT-devices can be a home/
office Internet server and a mobile phone, or any other
suitable pair of devices. When the user of the mobile phone,
45 for example, later wants to make a remote connection to the
other device of the BT-enabled link, e.g., through another
network such as the Internet, the same BT authentication
protocol is used as with the initial BT-link setup so that
communication by unauthenticated devices may be pre
50 vented. Thus, once the remote connection is secured by the
initial BT-link setup procedure, i.e., devices other than
legitimate authenticated devices can never use the mobile
phone network to connect to the home server or network for
remote re-connection of the BT-link if the user of the device
55 had not first initiated the BT-link locally.
Security is enhanced with the invention by exchanging
link key information because the link key information is
established in a secure system. In the described example,
security is assured by the requirement that the two devices
60 be in physical proximity when establishing the link key.
Userids or passwords need not be exchanged on Subsequent
logins, depending on the level of additional security
required. An additional PIN may be used to access some
services, possibly in a corporate environment.
65 Although specific embodiments of the present invention
are described herein, they are not to be construed as limiting
the scope of the invention. Many embodiments of the
 Case 1:18-cv-00838-LY Document 1-2 Filed 10/03/18 Page 6 of 6
US 7,136,999 B1
5 6
invention will become apparent to those skilled in the art in
light of the teachings of this specification. For example,
although the described embodiments use a wireless link to
establish the link key, other similarly secure connection
means such as infrared links or closed networks may be
advantageously used. Also, although the described embodi
ments show authentication between two devices on two
networks, authentication can be achieved on any number of
networks between the two devices. The scope of the inven
tion is only limited by the claims appended hereto.
The word “comprising does not exclude the presence of
other elements or steps than those listed in a claim.
Having thus described my invention, what I claim as new
and desire to secure by Letters Patent is set forth in the
following claims.
What is claimed is:
1. A method of authenticating first and second electronic
devices, comprising:
upon link set-up over a short-range wireless link, execut
ing an authentication protocol by exchanging authen
tication information between the first and second elec
tronic devices to initially authenticate communication
between the first and second devices;
later, when the first and second electronic devices are
beyond the short-range wireless link, executing the
authentication protocol by exchanging the authentica
tion information between the first and second electronic
devices over an alternate communications link, then
only allowing communication between the first and
second devices if the first and second devices had
initially been successfully authenticated.
2. The method of claim 1, wherein the authentication
information is an authentication key.
3. The method of claim 1, wherein the authentication
information a password.
4. The method of claim 1, wherein the first device is a
master device and the second device is a slave device.
5. The method of claim 1, wherein the short-range wire
less link is a radio link.
6. The method of claim 1, wherein the short-range wire
less link is an infra-red link.
7. The method of claim 1, wherein the link set-up occurs
when the first and second devices are in physical proximity.
8. The method of claim 1, wherein the short-range wire
less link conforms to a given RF protocol.
9. The method of claim 8, wherein the given RF protocol
is Bluetooth.
10. The method of claim 1 wherein the link set-up step
includes entry of a given personal identification number into
each of the first and second electronic devices.
11. The method of claim 1, wherein the alternate com
munications link is a computer network.
12. The method of claim 1, wherein the first electronic
device is a client and the second electronic device is a server.
13. A method of authenticating first and second electronic
devices, comprising:
upon link set-up over a first link, executing an authenti
cation protocol by exchanging authentication informa
5 tion between the first and second electronic devices to
initially authenticate communication between the first
and second devices;
later, when the first and second electronic devices are
connected using a second link, exchanging the authen
10 tication information between the first and second elec
tronic devices over the second link, then only allowing
communication between the first and second devices if
the first and second devices had initially been success
fully authenticated.
15 14. An electronic device, comprising:
a processor;
and
a memory loaded with a software routine executed by the
processor (a) for generating authentication information
useful in initially authenticating the electronic device to
a another electronic device over a short-range wireless
link, and (b) for later Supplying the authentication
information for later authentication of the electronic
device to the other electronic device over an alternate
25 communications link when the devices are beyond the
short-range wireless link, then only allowing commu
nication between the devices if the devices had initially
been Successfully authenticated.
15. The electronic device of claim 14, wherein the link
30 set-up step includes entry of a given personal identification
number into each of the first and second electronic devices.
16. The electronic device of claim 14, wherein the elec
tronic device is a client and the second electronic device is
a SWC.
35 17. A communications system, comprising:
a first electronic device;
a second electronic device;
a first communications link over which the first and
second electronic devices authenticate each other using
40 a given protocol that includes a link set-up and the
exchange of authentication information following the
link set-up, the authentication information being used
to initially authenticate communication between the
first and second electronic devices; and
45 a second communications link over which the first and
second electronic devices later authenticate each other
using the exchange of the authentication information,
then only allowing communication between the first
and second devices if the first and second devices had
50 initially been successfully authenticated, wherein said
first communications link and said second communi
cations link are different types of links.
k k k k k