T 2081/12 (Reading secure information from IC chip / FELICA NEWORKS) of 3.5.2019

European Case Law Identifier: ECLI:EP:BA:2019:T208112.20190503
Date of decision: 03 May 2019
Case number: T 2081/12
Application number: 09155361.0
IPC class: G06Q 20/00
Language of proceedings: EN
Distribution: D
Download and more information:
Decision text in EN (PDF, 292 KB)
Documentation of the appeal procedure can be found in the Register
Bibliographic information is available in: EN
Versions: Unpublished
Title of application: Information processing apparatus, information processing method, program and information processing system
Applicant name: FeliCa Networks, Inc.
Opponent name: -
Board: 3.5.01
Headnote: -
Relevant legal provisions:
European Patent Convention Art 56
Keywords: Inventive step - using a script rather than an application for reading secure information from an IC chip
Inventive step - (no
Inventive step - obvious)
Catchwords:

-

Cited decisions:
-
Citing decisions:
-

Summary of Facts and Submissions

I. This is an appeal against the decision of the examining division to refuse the European patent application No. 09155361.0 for lack of inventive step (Article 56 EPC).

II. The examining division found that the subject-matter of claim 1 of auxiliary request III did not involve an inventive step over the prior art mentioned in the introductory part of the application. The difference over this prior art was considered to be an alternative implementation of a business concept. The broader subject-matter claimed in the main request and auxiliary requests I and II was found to lack an inventive step for the same reasons.

III. The applicant appealed and requested that the decision of the examining division to refuse the application be set aside and that a patent be granted on the basis of the refused main request, or the refused first, or second auxiliary request, or, alternatively, auxiliary request III as submitted with the statement of grounds of appeal.

IV. Claim 1 of the main request reads:

An information processing apparatus (100, 100') on which an IC chip (150, 150') in which secure information is recorded is mounted and which is connected to a service providing server (200, 200') for providing a service to a user and one or a plurality of settlement operator servers (300, 300'a, 300'b) for executing a settlement concerning the service via a network (50, 50'), comprising:

a content data acquisition part (108) for acquiring content data containing location information of one or a plurality of script files capable of reading secure information in the IC chip (150, 150') from the service providing server (200, 200');

a file reading part (112) for reading the one or plurality of script files from the settlement operator servers (300, 300'a, 300'b) based on the location information of the one or plurality of script files contained in the content data acquired by the content data acquisition part (108);

a secure information reading part (116) for reading the one or plurality of pieces of secure information from the IC chip (150, 150') based on secure information access description contained in the one or plurality of script files read by the file reading part (112); and

wherein the information processing apparatus (100, 100') is configured to request settlement operation information from the one or plurality of settlement operator servers (300, 300'a, 300'b) and to receive settlement processing execution content notification from the one or plurality of settlement operator servers (300, 300'a, 300'b) when the secure information has been written into the IC chip (150, 150').

V. The first auxiliary request adds to claim 1 the following feature after the "secure information reading part (116)" feature:

an interpretation part (114) for interpreting the secure information access description contained in the script file,

wherein the secure information reading part (116) reads the secure information from the IC chip (150, 150') based on an interpretation of the secure information access description by the interpretation part (114).

VI. The second auxiliary request further adds to claim 1 the following features after the "interpretation part (114)" feature in claim 1:

a display part (120) for displaying the one or plurality of pieces of secure information in the IC chip (150, 150') read by the secure information reading part (116) in one screen in order;

wherein the IC chip (150, 150') has the plurality of pieces of secure information, each updatable by the plurality of settlement operator servers (300, 300'a, 300'b), recorded therein; and the information processing apparatus (100,100') further comprising

a secure information selection part (124) for selecting one or more pieces of the secure information from the plurality of secure information displayed in the display part (120) in accordance with a user entry, and

one or more pieces of the secure information selected by the secure information selection part (124) are updated by the settlement operator servers (300, 300'a, 300'b).

VII. The third auxiliary request differs from the second auxiliary request in that claim 1 refers to a "plurality of script files" rather than "one or plurality of script files", to a "plurality of pieces of secure information" rather than "one or plurality of pieces of secure information, and to "one or more of the plurality of settlement operator servers" rather than "one or plurality of settlement operator servers".

VIII. In the statement of grounds of appeal, the appellant argued as follows:

In the invention, the content data acquisition part, the file reading part, the secure information reading part, the interpretation part, the display part, the IC chip, the secure information selection part, and the information processing apparatus, were configured to perform particular actions. All those features had by themselves technical character, even if in combination they provided an operation that assisted business.

The invention solved the problem of avoiding the waiting time that was caused by switching from one application to another, without giving the service provider access to the secure information on the IC chip. This was a technical problem.

In the invention, the file reading part and the secure information reading part solved a security problem.

The invention was not about JavaScript per se. The apparatus in claim 1 had a file reading part that received information from one or more settlement operation servers. The file reading part was configured to do this in response to information received by the content data acquisition part from the service providing service. Thus, the claimed apparatus had particular entities that were configured in a certain way in order to handle distributed information.

IX. In a communication pursuant to Article 15(1) RPBA, the Board gave its preliminary view that the subject-matter of claim 1 according to all requests lacked an inventive step over the prior art mentioned in the application. The Board cited the following document:

D6 Kapil Sachdeva: "Device coordination with Web applications", 7 February 2006, Axalto Inc, retrieved from the Internet at http://www.w3.org/2006/02/axalto-paper.html.

X. The appellant did not submit any further arguments in response to the Board's communication. Instead, the appellant informed the Board that the representative would not attend the oral proceedings.

XI. The Board held oral proceedings in the appellant's absence.

Reasons for the Decision

1. Background

1.1 The invention concerns Internet shopping using electronic money, or the like, stored on an IC card. The shopping service (a Web site) is provided by a "service providing server", whereas the settlement of the payment is carried out by one or more third-party "settlement operator servers".

1.2 In order to carry out the settlement, information has to be read from the user's IC card. The IC card also needs to be updated to complete the settlement. In the prior art mentioned in paragraphs [0002] to [0006] of the published application, this was done by an "application" provided by the settlement operator. Then, the user's browser had to switch from the shopping Web site to the settlement application.

2. Auxiliary request III

2.1 The appellant did not dispute the Board's assessment that the invention in claim 1 of auxiliary request III differs from the prior art described in the application by the use of a script (or scripts), rather than an "application", for reading secure information from the IC chip.

Claim 1 specifies a content data acquisition part for acquiring content data containing location information of the script files, a file reading part for reading the script files based on the location information, a secure information reading part for reading the information from the IC card based on information (a "secure information access descriptor") contained in the script files, and an interpretation part for interpreting the information in the script files.

Since the content acquisition part, the file reading part and the interpretation part are all inherent features in client-side JavaScript, those features amount to nothing more than using such a script for reading information from the IC card.

The Board furthermore notes that the claim, as well as the description, leave open how the updating is implemented; the script is only for reading.

2.2 Switching from the shopping Web site to the third-party settlement application in the prior art causes delay. The script in claim 1 may well be faster in that it does not require the browser to switch away from the shopping Web site. However, that is merely an advantage of JavaScript, which was well known to the skilled person. Thus, in the Board's view, the skilled person would have considered replacing the application in the prior art with JavaScript in order to get those advantages.

2.3 The appellant argued that the use of a script increased security. The Board is not persuaded. The use of JavaScript for accessing secure information on the client machine rather violates the normal JavaScript security policy (the sandbox model) - see D6, in particular the paragraph bridging pages 1 and 2. The application does not address this issue at all. It does not disclose how to securely access information on an IC card using a script. Therefore, at the level on which it is disclosed in the application, the invention does not solve any problem of security.

2.4 Lastly, document D6 discloses a method of accessing information on an IC card (smart card) from a Web application using HTML and JavaScript, via a browser extension (see page 2, section "Enabling access to smart cards from Web applications"). Thus, the distinguishing feature of claim 1 of auxiliary request III is known from D6. This is an additional reason why this feature cannot be the basis of an inventive step. The skilled person would have considered the teachings in D6 and replaced the application in the prior art with JavaScript.

2.5 In conclusion, the Board judges that the subject-matter of claim 1 of auxiliary request III does not involve an inventive step (Article 56 EPC).

3. Main request and auxiliary requests I and II

3.1 The broader subject-matter claimed in the main request and auxiliary requests I and II is not inventive (Article 56 EPC) for the same reasons.

Order

For these reasons it is decided that:

The appeal is dismissed.

Quick Navigation