T 1749/14 (MOBILE PERSONAL POINT-OF-SALE TERMINAL/MAXIM) of 3.4.2020

Summary of Facts and Submissions

I. This appeal is against the decision of the examining division refusing European patent application No. 09810380.7 pursuant to Article 97(2) EPC on the ground of lack of inventive step (Article 56 EPC) with regard to US 2004/0058705 A1 (D1).

II. In the statement setting out the grounds of appeal, the appellant requested that the Board "indicate the allowability of the claims ... now on file". Oral proceedings were requested on an auxiliary basis.

III. Independent claim 1 of the main request reads as follows:

"1. A method comprising:

(a) storing customer account information in a customer mobile personal point-of-sale terminal (CMPPT), wherein the CMPPT includes a cellular telephone portion and a point-of-sale attachment portion; this CMPPT is personalized for the individual customer by storing (a) encryption key(s) that is(are) used for communication with the individual CMPPT of the individual customer, and using this personalized CMPPT in subsequent operations;

(b) after the storing of customer account information in the CMPPT according (a) [sic] receiving merchant account information into the CMPPT; and

(c) initiating a transaction by sending the customer account information and the merchant account information from the CMPPT to a financial transaction verification entity (FTVE)."

Independent claim 12 is directed to a corresponding terminal.

IV. The appellant argued essentially that according to D1 only the terminal itself was responsible for the secure handling and encrypting of the data. The examining division did not recognise that the present invention differed in that not only the terminal was part of the secure handling of the data but also the cellular phone. Therefore the terminal and cellular phone were "married" with each other. This "couple" was called a "customer mobile personal point-of-sale terminal" (CMPPT) and it included a "cellular telephone portion" and a "point-of-sale attachment portion". Both were personalised by storing encryption key(s).

Transactions could only be done when this very specific cellular telephone portion was attached into this very specific sleeve of the terminal ("point-of-sale attachment portion"). Transactions would not work with a different cellular phone even if it was the same kind of cellular phone. To recognise the correct cellular phone and effect the transaction, the once entered encryption key had to be correct. This encryption key could be used for all further transactions.

The invention created a physical entity of two separate devices and influenced them so that they could work together. This resulted in improved security of data transactions without increasing the costs of such devices. None of the prior art documents disclosed any combination of terminal and cellular phone as it was currently claimed.

Reasons for the Decision

1. The invention is in the field of mobile point-of-sale (POS) terminals for carrying out transactions, e.g. involving a credit card. Conventionally, the merchant possesses such mobile POS terminals and the customer has to provide his identification credentials such as account number and PIN to this merchant's unit (see e.g. D1 [0024], [0025] or [0106], 0107]). The invention tries to avoid the customer's sensitive information becoming known if the merchant's device is tampered with by allowing a transaction to be carried out without the customer having to present account information and the PIN to the merchant.

2. The closest prior art D1 discloses a mobile POS terminal which consists of a cellular phone and docking module combination (see Figures 1 and 2). This apparatus forms the whole POS terminal and is in the possession of and under control of the merchant. No further equipment is required to carry out a POS transaction.

The examining division cited passages [0031], [0037] and [0167] of D1 concerning different embodiments (see point 1 of the contested decision), which refer to a check transaction or involve situations where the merchant, not the customer, has to provide his PIN. In the Board's view the cited passages do not reflect transactions where the problem of the customer having to present sensitive information to the merchant occurs. The skilled person when assessing inventive step of the present application would therefore not consider those embodiments of D1, which do not reflect the problem posed by the present invention, but would look for embodiments as a valid starting point where the customer has to present his credentials (PIN and/or account information).

The Board therefore refers to the preferred embodiment of a standard magnetic stripe credit card transaction (see [0105] onwards) performed with the mobile POS terminal according to D1. The docking module 200 causes the magnetic information contained on the credit card 400 to be read by the magnetic read head 208 and associated electronics on the docking module control assembly 203 in such a manner as to present to the docking module microprocessor the information contained on stripe 2 of the credit card 400.

This information includes, inter alia, identification of the credit card issuer and account number along with the credit card expiration date. The microprocessor on the docking module control assembly 203 checks the credit card 400 number and expiration date of the card.

The microprocessor on the docking module control assembly 203 then prompts the customer for their PIN number. Upon acceptance of the PIN number from the customer, the microprocessor on the docking module control assembly 203 provides an incorporated multifunction security access module (SAM) 204 to encrypt the transaction (credit card number, PIN, etc.) prior to invoking a dialing routine with the attached cellular telephone 100. The cellular telephone 100 dials the pre-configured number of the registration computer (see Figure 3, step 318).

The registration computer 318 further validates the credit card data through a validation or verification computer system (see Figure 3, step 319) in the credit card issuer's premises or some such recognised credit card clearing facility.

This transaction with the mobile POS terminal of D1 therefore involves the security problem of the customer having to provide his PIN and account number to the merchant's device, which then encrypts this information and passes it on to the Financial Transaction Verification Entity (FTVE).

The present invention seeks to overcome this by directly communicating the customer's sensitive information to the FTVE (see [0033] of the description and Figure 3 for the overall transaction handling). This is achieved by dividing the POS terminal into a merchant part (merchant POS terminal 32 in Figure 3 of the application) and a customer part consisting of a docking station or sleeve (point-of-sale attachment portion according to the wording of the present application) and a cellular phone, the combination of both called customer mobile personal POS terminal (CMPPT 10 in Figure 3 of the application).

Encryption keys are only usable to communicate between one particular CMPPT and the FTVE (see [0040] of the description). Any necessary merchant account information needed to initiate the transaction can be communicated from the merchant to the FTVE without such information being entered into the CMPPT (see e.g. [0014] of the description). The CMPPT can therefore be used to carry out the authorisation for a transaction such that the merchant receives an approval code, but the customer's PIN or signature does not pass through the merchant's POS terminal (see e.g. [0042] of the description).

3. As regards the subject-matter of claim 12, D1 discloses structural features such as a cellular phone part and a docking part. However these form the whole POS terminal and are all in the possession of the merchant. The Board agrees with the appellant (see page 3, second paragraph of the statement setting out the grounds of appeal) that the cellular phone used in D1 is a standard cellular phone without any specific modification and performs merely the dialing part of the transaction (see D1, [0100] "The cellular telephone 100 has not been modified in any manner..."). All security relevant handling and encryption is done by the merchant's terminal/docking part.

The subject-matter of independent claims 1 and 12, however, is not directed to a complete POS terminal for carrying out a complete POS transaction, but it merely claims a mobile POS terminal part, i.e. the CMPPT.

The concept of the invention differs from the teaching of D1 in that dedicated encryption keys are assigned to the POS attachment portion with the customer's cellular phone being linked by the phone's serial number thereby personalising the CMPPT. The Board agrees with the appellant that this causes the security related effect that only this personalised cellular phone can be used for a transaction, in contrast to D1 where any cellular phone can be used.

A further difference is that customer account information is stored in the point-of-sale attachment portion, which receives merchant account information. Customer and merchant account information is sent from the CMPPT to the FTVE when initiating a transaction, i.e. the customer account information is sent directly from the cellular phone portion of the CMPPT to the FTVE. This has the effect that customer account information is not accessible to the merchant's POS terminal. In contrast to the contested decision (see point 1 of the decision; page 3, first paragraph), D1 does not disclose the latter difference.

4. The claimed subject-matter therefore requires structural and functional modifications of the mobile POS terminal of D1:

- dividing the mobile POS terminal into a merchant part and a customer part, the customer part consisting of a cellular phone portion and a docking portion (POS attachment portion),

- personalising the customer part by storing dedicated encryption keys used for communication,

- storing customer account information in the customer part of the POS terminal and

- changing the transaction protocol by directly sending customer account information from the cellular phone portion of the customer part to the financial transaction verification center.

5. The examining division argued that no technical problem was solved by the differences over D1, which were only cognitive business aspects providing no technical contribution. The problem to be solved was therefore merely to implement the idea of defining the entry point of the transaction as the property of the customer which was an obvious automation not modifying the standard and expected intrinsic behaviour of the technical features of D1 (see page 3, last paragraph of the decision).

The notional business person, as introduced in T 1463/11 (Universal merchant platform / CardinalCommerce), knows all about the business related requirements specification and knows about the fact that such business related concepts can be implemented on a computer system (stand-alone or networked, including the Internet). What the notional business person does not know, however, is how exactly it can be implemented on a computer system. This is in the sphere of the technical expert and subject to the assessment of inventive step (see T 1082/13).

In the Board's view, in the present case the notional business person might come up with the abstract idea of avoiding the customer having to provide PIN and account information to the merchant. Even when considering this to be an abstract business concept for carrying out POS transactions, it cannot however be convincingly argued that it would be sufficient to implement this idea on a standard general purpose mobile POS terminal infrastructure as known from D1 with standard programming skills. It requires a new infrastructure, new devices and a new protocol involving technical considerations linked to modified devices and their capabilities as well as security relevant modifications of the transfer of sensitive information using new possibilities achieved by the modifications to the mobile POS infrastructure.

This goes beyond what the notional business person knows, but rather concerns technical implementation details (how to implement) which are more than a straight-forward 1:1 programming of an abstract business idea. Just as T 1463/11 (supra) considered the security relevance of centralising authentication services in view of avoiding maintenance of software plug-ins in merchant computers contributed to the technical character, the Board considers the security relevance of the modifications according to point 4 above contribute to the technical character of the present invention.

6. The Board therefore considers the objective technical problem underlying the differences outlined in point 4 above to be to improve the mobile POS terminal known from D1 in respect of the customers security against fraudulent use of their sensitive information.

7. Since the Board agrees with the appellant's arguments, the decision can be taken in writing.

8. In order to assess whether the technical contribution of the claimed subject-matter of independent claims 1 and 12 is inventive (Article 56 EPC) and allowable, as requested by the appellant, a look into the further prior art is required. The Board, however, cannot be sure whether the features alleged to be non-technical or not contributing to inventive step in the contested decision have been systematically searched, in particular in view of the fact that the European Search Opinion was based on the approach of the contested decision. Only the examining division can therefore judge whether the Supplementary European Search covered those features of the independent claims, which the Board considers to provide a technical contribution as outlined above, or whether a further search is necessary.

These are special reasons which justify the remittal to the examining division (Article 11 RPBA 2020). The Board therefore remits the case for further prosecution, whereby the assessment of inventive step will have to consider all the technical features and their respective technical effects (see point 4 above).

9. The independent claims are not directed to a system or to a complete transaction as described in Figure 3 of the application, but only to the customer mobile POS terminal part. It will therefore also have to be examined whether all essential features for carrying out the invention are claimed.

Order

For these reasons it is decided that:

1. The decision under appeal is set aside.

2. The case is remitted to the department of first instance for further prosecution.