T 1465/23 (Isolated islands of cryptography/GN HEARING) of 24.6.2025

Summary of Facts and Submissions

I. The appeal lies from the decision of the opposition division to reject the opposition (Article 101(2) EPC). The opposition division considered that the ground for opposition under Article 100(a) EPC in conjunction with Articles 54 and 56 EPC did not prejudice the maintenance of the opposed patent in its granted form.

In the appealed decision, the opposition division took into account the following prior-art document:

D1: EP 2 760 225 A1.

II. In response to the board's communication under Article 15(1) RPBA, the respondent presented two new pieces of evidence:

E1: "Declaration of the Inventor, Allan Munk

Vendelbo, 23 May 2025";

E2: "Declaration of the Independent Expert, Anders

Dalskov, 23 May 2025".

III. Oral proceedings before the board were held on 24 June 2025. The parties' final requests were as follows:

- The appellant requested that the decision under appeal be set aside and that the patent be revoked.

- The respondent requested that the appeal be dismissed (main request). In the alternative, it requested that the patent be maintained in amended form on the basis of one of six auxiliary requests (auxiliary requests 1 to 6). The respondent also requested that the case be remitted to the opposition division if the board finds the main request to be not allowable and that two questions be referred to the Enlarged Board of Appeal.

At the end of the oral proceedings, the board's decision was announced.

IV. Claim 1 of the main request reads as follows (board's feature labelling):

(a) "A hearing device (2) comprising

- a processing unit (4) configured to compensate for a hearing loss of a user of the hearing device (2);

- a memory unit (6); and

- an interface (8),

characterised in that the processing unit (4) is configured to:

(b) - receive a connection request (410,411) for a session via the interface (8);

(c) - obtain a session identifier (180);

(d) - transmit, via the interface (8), a connection response (412) comprising a hearing device identifier (112) and the session identifier (180);

(e) - receive, via the interface (180), an authentication message (420,421) comprising an authentication key identifier (166) and client device data (109);

(f) - select a hearing device key from a plurality of hearing device keys in the memory unit (6) based on the authentication key identifier (166);

(g) - verify the client device data (109) based on the selected hearing device key; and

(h) - terminate the session if the verification fails."

V. Claim 1 of auxiliary request 1 differs from claim 1 of the main request in that it further comprises, between features (f) and (g), the following feature (board's feature labelling):

(i) "- generate a session key based on the session identifier (180) and the hearing device key;

- receive and authenticate session data based on the session key;".

VI. Claim 1 of auxiliary request 2 differs from claim 1 of auxiliary request 1 in that features (e) and (f) are replaced, respectively, by the following features (board's feature labelling and underlining, the latter reflecting amendments vis-à-vis, respectively, features (e) and (f)):

(j) "- receive, via the interface (180), an authentication message (420,421) comprising an authentication key identifier (166), an authentication type identifier (168), and client device data (109);"

(k) "- select a hearing device key from a plurality of hearing device keys in the memory unit (6) based on the authentication key identifier (166) and the authentication type identifier (168);".

VII. Claim 1 of auxiliary request 3 differs from claim 1 of auxiliary request 2 in that features (j), (k) and (g) are replaced by the following features respectively (board's feature labelling and underlining, the latter reflecting amendments vis-à-vis, respectively, features (j), (k) and (g)):

(l) "- receive, via the interface (180), an authentication message (420,421) comprising an authentication key identifier (166), an authentication type identifier (168), and client device data (109), wherein the client device data (109) comprises an encrypted client device certificate (106);",

(m) "- select a hearing device key from a plurality of hearing device keys in the memory unit (6) based on the authentication key identifier (166) and the authentication type identifier (168);

- generate a certificate key based on a common secret, wherein the common secret is based on the selected hearing device key and/or the session identifier (180);",

(n) "- verify the client device data (109) based on the selected hearing device key, wherein to verify the client device data (109) comprises to decrypt the encrypted client device certificate (106A) with the certificate key to obtain a decrypted version (106B) of the encrypted client device certificate; and".

VIII. Claim 1 of auxiliary request 4 differs from claim 1 of auxiliary request 3 in that features (n) and (h) are replaced by the following features respectively (board's feature labelling and underlining, the latter reflecting amendments vis-à-vis, respectively, features (n) and (h)):

(o) "- verify the client device data (109) based on the selected hearing device key, wherein to verify the client device data (109) comprises

- to decrypt the encrypted client device

certificate (106A) with the certificate key

to obtain a decrypted version (106B) of the

encrypted client device certificate, and

- to determine if the authentication key

identifier (166) matches a client device key

identifier (159) of the client device

certificate (106); and";

(p) "- terminate the session if the verification fails, wherein verification fails if no match is determined."

IX. Claim 1 of auxiliary request 5 differs from claim 1 of auxiliary request 4 in that it comprises, at the end, the following feature (board's feature labelling):

(q) "; and

- receive an additional authentication message (440) comprising client device data (109) and an authentication device identifier (169);

- obtain, from the memory unit (6), the common secret based on the authentication device identifier (169);

- generate an additional certificate key from the common secret; and

- verify the client device data (109) based on the additional certificate key".

X. Claim 1 of auxiliary request 6 differs from claim 1 of auxiliary request 5 in that features (l) and (m) are replaced by the following features respectively (board's feature labelling and underlining, the latter reflecting amendments vis-à-vis, respectively, features (l) and (m)):

(r) "- receive, via the interface (180), an authentication message (420,421) comprising an authentication key identifier (166), an authentication type identifier (168), an authentication token identifier, and client device data (109), wherein the client device data (109) comprises an encrypted client device certificate (106);",

(s) "- select a hearing device key from a plurality of hearing device keys in the memory unit (6) based on the authentication key identifier (166) and the authentication type identifier (168);

- generate a certificate key based on a common secret, wherein the common secret is based on the selected hearing device key and/or the session identifier (180);

- store the authentication token identifier in the memory unit (6);

- link the authentication token identifier with the common secret;".

Reasons for the Decision

1. Technical background

1.1 The opposed patent addresses the problem of securing wireless communications for hearing devices. The background section of the opposed patent explains that, as hearing devices become more advanced, they increasingly communicate wirelessly with external devices like fitting apparatuses or smartphones. This use of open standard-based communication interfaces poses, according to the opposed patent, security challenges, making the hearing device vulnerable to attacks that could cause malfunction or battery exhaustion. A further challenge in that regard is that hearing devices are resource-constrained in terms of computational power and memory, i.e. that complex, "off-the-shelf" security algorithms and protocols cannot be readily implemented.

1.2 To solve this problem, the opposed patent proposes a hearing device and a corresponding method for establishing a secure communication session between the hearing device and a client/fitting device. The claimed solution is based on a specific authentication protocol, which is best illustrated by the signalling diagram depicted in Figure 4 of the opposed patent (reproduced below):

FORMULA/TABLE/GRAPHIC

1.3 This authentication protocol unfolds as follows:

1.3.1 A client device (10), comprising a fitter's programming device (14), initiates a connection by sending a connection request (411) to the hearing device (2).

1.3.2 The hearing device (2) obtains a (unique) session identifier (180) and sends it back to the client device in a connection response (412), along with its own hearing-device identifier (112).

1.3.3 The client device (10) then sends an authentication message (421) to the hearing device. This message comprises client-device data (109) and an authentication-key identifier (166).

1.3.4 The core of the invention lies in the next step. The processing unit (4) of the hearing device uses this received authentication-key identifier (166) to select a corresponding hearing-device key from a plurality of different keys stored in its memory unit (6). This selected key is then used to verify the client-device data (109).

1.3.5 Lastly, if the verification fails, the session is terminated.

1.4 The authentication protocol described in Figure 4 of the opposed patent allegedly allows the hearing device to support various "levels of authentication" for different types of client devices in a scalable and secure manner, without the need to exchange secrets in plain text during the session setup.

2. Main request: claim 1 - board's inventive-step assessment

2.1 In Reasons 15, 16.9, 17.6, 18.6 and 19.3 of the appealed decision, the opposition division considered document D1 to be a suitable starting point for the assessment of inventive step of claim 1 of the main request. The board sees no reason to deviate from this choice. In its review, the board will adopt, for the sake of argument, the respondent's view that features (b) to (h) of claim 1 are not disclosed in D1.

2.2 The respondent submitted that the technical effect of features (b) to (h) was to provide a hearing device that was "capable of performing various levels of authentication of a communicating party and received messages as well as deriving keying material for securing communication, e.g. against eavesdropping and modification attacks as illustrated in the application as filed, page 2 lines 15-19". During the oral proceedings before the board, this was refined to providing protection against "modification attacks" (cf. page 2, lines 12 to 14 of the application as filed).

2.3 The board is not satisfied that the technical effects mentioned by the respondent are credibly achieved by the claimed features, especially by the combination of features (b) to (h), over the whole scope of claim 1 as granted. In particular, this claim is silent on any "levels of authentication" and its features do not necessarily imply protection against attacks such as "eavesdropping" or "modification". Instead, as the appellant argued during the oral proceedings before the board, the features of claim 1 as granted constitute a mere aggregation of functionally disconnected

security-related jargon, i.e. a collection of "islands of cryptography" without a clear and reliable interrelationship. The respondent's counter-argument that these features were all causally interrelated was not substantiated beyond a mere reference to the use of definite articles (e.g. "the session" and "the verification"). The board finds that, while this use of definite articles may arguably create a linguistic link between the features, it fails to establish a technically meaningful, functional interrelationship that would in fact be required to produce the alleged security effect. As will be detailed in point 2.4 below, claim 1 remains fundamentally ambiguous as to how these "islands" are actually connected.

2.4 For the purposes of claim construction regarding claim 1 as granted, the board, in accordance with the finding of the Enlarged Board of Appeal in G 1/24 (see its Order and Reasons 12 and 18), has "consulted" and "referred to" the present patent description and drawings to define the skilled reader from whose perspective or view point a claim is to be interpreted (see e.g. T 1924/20, Reasons 2.7). In view of, for example, paragraphs [0001] to [0007] of the patent description, the technical field of that skilled reader is apparently "hearing device security". Such a skilled reader of present claim 1 would however be faced with fundamental ambiguities that militate against the presence of a credible technical effect over the whole scope claimed. In the relevant technical field, terms relating to communication protocols have typically a stable and well-understood meaning. Therefore, contrary to the approach taken by the respondent during the oral proceedings before the board, these terms are not to be re-interpreted or understood in a more limited way in the light of the specific embodiments of the patent description, which, in addition, contain subject-matter that is more limited than that claimed (see e.g. also T 1999/23, Reasons 5.6).

Specifically, the board points to the following deficiencies in the claim's definition of the underlying subject-matter for which the respondent seeks to derive a technical effect:

2.4.1 Claim 1 as granted fails to define any necessary link between the "connection request" of feature (b), the "session" of feature (b) and the "session identifier" of feature (c). It is not even apparent that a "session" must be established for the steps underlying features (b) to (g) to occur.

2.4.2 According to the wording of claim 1, the "hearing device identifier" transmitted within the meaning of feature (d) is not required to be an identifier of the "hearing device" performing the method. It could, for instance, well be the identifier of a contralateral device in a binaural system, rendering it irrelevant for authenticating the party at the other end of the connection.

2.4.3 Present claim 1 does not require that the sender of the "connection request" in feature (b) is the same party that receives the "connection response" in feature (d) and sends the "authentication message" in feature (e). Instead, the process steps underlying features (b) to (h) could in fact involve multiple, different devices.

2.4.4 Furthermore, claim 1 as granted fails to specify what is actually being "authenticated" by the "authentication key identifier" in feature (e). The board notes that the respondent's own expert witness (see declaration E2) implicitly assumed that this authentication step related to "the authenticity of a message" and highlights that this particular purpose of the "authentication" mentioned in feature (e) is not apparent from the claim itself.

2.4.5 The terms "based on" and "verify" used in features (f) and (g) are fundamentally ambiguous, leaving their technical implementation open to a myriad of interpretations:

- The term "based on" used in feature (f) does not require a direct functional or causal link between the "authentication-key identifier" and the selected "hearing-device key". Rather, the selection could be mediated by a series of indirect look-ups, meaning that there is no guaranteed, technically meaningful constraint between the identifier received and the key selected.

- Feature (g) suffers from a similar ambiguous definition. While the verification of the "client device data" must be "based on" the selected key, this term, as established for feature (f), is itself vague. More fundamentally, the nature of the "verify" operation is undefined. As the appellant argued, it could range from a robust cryptographic check to a technically trivial, non-cryptographic comparison, such as confirming the presence of a data field or checking a message length. Claim 1 as granted therefore does not necessarily imply any cryptographic operation that would provide "various levels of authentication" or security against "modification attacks".

2.4.6 The condition for termination according to feature (h), i.e. "if the verification fails", is equally ambiguous. This is because a verification could "fail" for many non-security-related reasons, such as a processing timeout or a user error.

2.5 Due to these deficiencies, the asserted technical effects of providing multiple "levels of authentication" or protecting against "modification attacks" are not credibly achieved over the whole scope of claim 1.

2.6 Given that the alleged technical effect is not credibly achieved and the board cannot identify an effect either, it is not possible for the board to formulate an objective technical problem that is directly and causally related to the claimed invention, in particular to the alleged distinguishing features (b) to (h).

2.7 Following the principles established in G 1/19 (cf. Reasons 49, 82 and 124; see also points 3.1 and 3.3 below), the problem-solution approach may be terminated at this stage if the distinguishing features do not credibly achieve any technical effect over the whole scope claimed. This emanates from settled case law according to which, if a technical effect is not obtained over the full breadth of a claim, at least a subset of the claimed subject-matter is not to be seen as a technical solution to a technical problem and hence cannot be acknowledged as an "invention" involving an inventive step within the meaning of Article 56 EPC (see e.g. T 939/92, Reasons 2.7; T 176/97, Reasons 4.4, last paragraph; T 1294/16, Reasons 26.2). Hence, the introduction of a distinguishing feature having no credible technical effect may then be considered to be no more than an arbitrary modification of the design of a known subject-matter which, being arbitrary, cannot involve an inventive step under Article 56 EPC (see e.g. T 939/92, Reasons 2.5.3; T 72/95, Reasons 5.4; T 746/22, Reasons 1.5). The rationale behind this is to avoid irrelevant and thus superfluous comparisons between claim features which, after all, may be selected by the skilled person in an arbitrary way, and the prior art. In other words, the comparison between a claim, whose subject-matter cannot credibly solve any technical problem, and the technical teaching of a prior-art document can only lead to an artificial and superfluous exercise, i.e. looking for incentives, hints or a motivation comprised or implied in that prior-art document for arriving at a solution which falls within the terms of such an ill-defined

subject-matter. This exercise may be likened to a search for a black cat in a dark room that is actually not there. Similarly, searching for an alternative way to cause a technical effect that is not credibly achieved by the claimed subject-matter does not help either; as also looking for a grey cat in the same dark room does not appear to be useful (see also point 3.3.2 below). In such a case, the distinguishing features which have no effect are considered to be an arbitrary and/or non-functional modification of the prior art, which cannot support an inventive step (see T 72/95, Reasons 5.4; T 1294/16, Reasons 26.2; T 287/23, Reasons 2.8.2 and 2.8.3; T 1580/23, Reasons 2.2.8).

2.8 In the present case, for the above observations, the board concludes that features (b) to (h) represent such arbitrary and non-functional modifications.

2.9 As a consequence, the subject-matter of claim 1 of the main request does not involve an inventive step. Thus, the ground for opposition under Article 100(a) in conjunction with Article 56 EPC prejudices the maintenance of the patent as granted.

3. Main request: claim 1 - respondent's submissions on the board's inventive-step assessment

Regarding the main request, the respondent raised several issues concerning the legal framework for assessing inventive step, particularly when a technical effect is contested. The board's position in this regard is as follows:

3.1 The respondent questioned in general the legal basis for the board's approach set out in points 2.5 and 2.6 above, arguing that the principles of G 1/19 were limited to computer-implemented simulations and that the board should instead have applied the "ab initio implausibility" standard addressed in the referral case underlying G 2/21.

3.1.1 This line of argument is not persuasive. While decisions of the Enlarged Board of Appeal are, under Article 112(3) EPC, only binding on the referring board for the case in question, such decisions serve to ensure the uniform application of law or concern a point of law of fundamental importance (cf. Article 112(1) EPC). The universality of the terms "uniform" and "fundamental" can only imply that all departments of the EPO that are concerned with this point of law under the EPC are expected to follow these decisions (cf. Article 21 RPBA in relation to the Boards of Appeal).

The respondent's attempt to limit the applicability of G 1/19 to the technical field associated with the underlying referral case is incorrect. The board acknowledges that Reasons 82 of G 1/19 appears under the heading "b. Technicality of computer-implemented inventions using the two-hurdle approach", which might seem to support the respondent's argument. However, the heading of a section does not limit the legal scope of the principles established therein, particularly when the text itself signals a broader, general applicability. The Enlarged Board itself designated its findings in Reasons 82 as a "general principle". To underscore this universal scope, it supported its reasoning by citing case law from entirely different technical fields, such as chemistry (cf. T 939/92) and therapeutic applications. This "general principle" broached in G 1/19, Reasons 82, in fact confirms that a technical effect must be achieved over the whole scope of a claim to be considered as the basis for the objective technical problem.

3.1.2 While the term "credible" does indeed not appear in G 1/19, the concept is inherent in the requirement that an effect be "at least implied in the claims" (see Reasons 124). The term is used explicitly in the same context in the landmark decision T 939/92, to which G 1/19, Reasons 82, refers. The assessment of whether an effect is credible is, of course, performed by the deciding body based on the application as filed and the skilled reader's common general knowledge, a standard which G 2/21 (cf. Headnote II) has since affirmed for all technical fields. Therefore, the board's approach to assessing whether the alleged technical effect is credibly achieved over the whole scope claimed as adopted in points 2.5 and 2.6 above is firmly rooted in the established case law of the Boards of Appeal, as summarised and clarified by the Enlarged Board in G 1/19.

3.2 Moreover, the respondent correctly noted that G 1/19, Reasons 82, uses the expression "substantially all embodiments" and that T 814/20 refers to "substantially the whole scope of the claims". The respondent argued that this allowed for a more lenient application of the test "credibly achieved over the whole scope claimed".

3.2.1 However, this argument does not assist the respondent's case either. The term "substantially" was originally used in the context of a credible technical effect in the assessment of inventive step in the landmark chemistry case T 939/92 (dealing essentially with the question whether substantially all the claimed compounds achieve a credible technical effect; see Reasons 2.5.4 and 2.6).

3.2.2 The board first notes that it is not helpful in the assessment of whether an alleged technical effect is indeed credibly achieved over the whole scope claimed to come up with yet another "relative term" such as "substantially".

3.2.3 Second, in the board's view, this term is not a quantitative measure but a qualitative one. However, this additional qualification would open Pandora's box when it comes to the extent to which such an alleged effect should be credibly achieved. On the other hand, if this term is understood to relate to a quantitative measure, the question would arise whether the alleged effect is to be achieved e.g. in 70%, 80% or more of the cases encompassed by the "whole range claimed". Such considerations, however, cannot be conducive to an objective and predictable assessment of inventive step.

3.2.4 Third, the concept of "substantially over the whole scope claimed" appears to provide merely a "narrow safe harbour" for well-defined inventions that may have isolated, peripheral flaws. However, it cannot rescue a claim that is considered to be fundamentally deficient in the sense that the distinguishing features are considered to have no effect at all.

3.2.5 Yet, this "narrow safe harbour" is not applicable to the present main request. The board's objection, as detailed in points 2.3 to 2.9 above, is not that there are isolated failures or failures located at the periphery of claim 1. Rather, the board finds the ambiguity of the claim's core features to be so fundamental and pervasive that the skilled reader is not able to infer how the alleged technical effect can be credibly achieved. Thus, the claim as a whole cannot cause that technical effect, i.e. the effect is at any rate not achieved over "[substantially] the whole scope claimed".

3.3 The respondent further raised specific doubts in view of the board "terminating" the problem-solution approach after the conclusion that there was no credible technical effect over the whole scope claimed (cf. point 2.6 above).

3.3.1 For cases where a technical effect is indeed not credibly achieved over the whole scope of a claim, the board considers that the established practice provides for two paths to overcome this specific objection: the patentee may amend the claim to a narrower scope where the alleged effect is now indeed credibly achieved, or the board may reformulate the objective technical problem to a less ambitious one based on a different effect that is credibly achieved. In some instances, there may be no credible technical effect whatsoever that can be attributed to the features distinguishing the claimed invention from the starting point selected for the inventive-step assessment. In such a case, the board considers these distinguishing features to be an arbitrary or non-functional modification of the prior art (cf. point 2.6 above). Such an arbitrary or

non-functional modification, however, cannot support an inventive step. It would be entirely counter-intuitive to acknowledge an inventive step for features associated with such a modification. Consequently, this particular way of applying the problem-solution approach does not represent a "failure" or an "incomplete application" of the problem-solution approach. On the contrary, it is its logical endpoint: the demonstration that the claimed differences provide no technical effect at all, i.e. no contribution over the prior art, constitutes the very proof of their "obviousness" under Article 56 EPC.

As a result, the respondent's argument that the proprietor should "win by default" if the

problem-solution approach could not be completed in the traditional way represents a misunderstanding of how "obviousness" is to be assessed in relation to Article 56 EPC. Rather, the board considers this "effect-centred" approach to be foundational to the EPC. It refers in this regard to a prominent article that can be considered to lie at the origin of the problem-solution approach as it has been devised by the Boards of Appeal and practised by the EPO, namely "The Problem and Solution Approach to the Inventive Step", G.S.A. Szabo, 1986, 10 EIPR, pages 293 to 303. This article, quoting T 22/82, indicates that a mere "structural difference in a compound has no intrinsic value or significance for the assessment of inventive step as long as it does not manifest itself in a valuable property in the widest sense, an effect or an increase in the potency of an effect" (see page 297, left-hand column). In particular, the article warns that without such an effect or increase, "very odd (and even useless) mixtures could become highly inventive on the basis of the mere unexpectedness of their 'structure'". The author's conclusion is that the only way to prevent this and to maintain a coherent patent system is to insist on a "consistently effect-centred approach". The same "effect-centred approach" was, linking back to Reasons 82 of G 1/19, solidified in T 939/92 (Reasons 2.5 to 2.5.4, referring to that same decision T 22/82), which held that "a mere arbitrary choice from this host of possible solutions of such a 'technical problem' cannot involve an inventive step" and that any patentable selection "must be justified by a hitherto unknown technical effect". In this regard, the board would like to also refer to the conclusions of the UPC Central Division Munich in case UPC_1/2023 of 16 July 2024 (see e.g. its sixth headnote: "A feature that is selected in an arbitrary way out of several possibilities cannot generally contribute to inventive step").

3.3.2 The board distinguishes this situation from cases where the objective technical problem is correctly formulated as "to provide an alternative solution to a known problem" (see e.g. T 1628/22 as cited by the respondent, Reasons 4.2.2 and 4.3.1, or T 2004/21, Reasons 3.12). That formulation is however only appropriate when the distinguishing features result in a functional alternative. To further illustrate this distinction: if a prior-art composition of A+B+D achieves an effect only through the functional interaction of D with A and B and a claimed composition of A+B+C achieves the same effect through the functional interaction of C with A and B, then C indeed provides a technical alternative by identifying an alternative way of achieving the same effect, i.e. solving a problem known in the prior art. In contrast, if the addition of C does not lead to an effect through its functional interaction with A and B and therefore C does not contribute to a technical effect beyond that already provided by A+B, then C is a non-functional modification for which the "provision of an alternative way" cannot constitute a suitable objective technical problem. In view of the foregoing, it appears to be quite logical and consistent that, in that regard, also the EPO Guidelines indicate that "the problem could be simply to seek an alternative to a known device or process which provides the same or similar effects or is more cost-effective" (see Part G, Chapter VII, 5.2, penultimate paragraph, in its latest version of April 2025; board's emphasis).

3.3.3 Overall, if there is no technical effect that is credibly derivable from the wording of a claim on the basis of its distinguishing features, it is usually unnecessary to - artificially - formulate an (unsolved) objective technical problem, such as finding an "alternative way to achieve a (non-existent) technical effect". In such cases, the distinguishing features simply constitute arbitrary or non-functional modifications of the available prior art which cannot involve an inventive step within the meaning of Article 56 EPC.

3.3.4 This is the situation in the present case, where features (b) to (h) have no technical effect and their addition does not achieve an effect through their functional interaction with feature (a) which goes beyond that of feature (a).

3.4 The board also rejects the respondent's formulations of the objective technical problem, such as starting from what the prior art is "silent about" (cf. the section "Starting from D1" on page 9 of the respondent's reply to the board's communication under Article 15(1) RPBA) or defining, with reference to T 1344/21 (cf. Reasons 7.4.2), the problem as "how to implement an embodiment of the prior art" (see e.g. also T 1737/21, Reasons 3.3.3). These formulations are flawed since they cannot be derived from effects directly and causally related to the technical features of the claimed invention (cf. G 2/21, Reasons 25).

3.5 Moreover, the respondent's arguments concerning a "presumption of validity" and the "burden of proof" are unconvincing. As already clarified in G 2/21 (see Reasons 26) and, in particular, in T 449/23 (see Reasons 2.5.6(d)), while, in opposition proceedings, the opponent bears the initial burden of presenting a prima-facie case for lack of inventive step, the burden of demonstrating any alleged technical effect used to counter that case lies with the proprietor (see also T 1188/00, Reasons 4.9).

The respondent attempted to discharge this burden by filing new evidence, including declarations E1 and E2. However, this evidence fails to support the alleged effect for the main request. Both the inventor's declaration (E1) and the expert's declaration (E2) in fact describe a specific, technically sensible implementation of the present invention, notably, at least for E1, in the context of the industry standard "NoahLink". The potential patentability of a specific, narrow embodiment, however, cannot render a claim allowable which, due to its breadth, encompasses a multitude of other, non-inventive embodiments. The submitted evidence is therefore not decisive for the main request.

3.6 In view of the above, the respondent's arguments fail to overcome the board's finding that the distinguishing features of claim 1 of the main request do not produce a credible technical effect over the whole scope claimed. The claimed modification of the disclosure of document D1 is therefore considered to be arbitrary and

non-functional. Consequently, the subject-matter of claim 1 of the main request does indeed not involve an inventive step (Article 56 EPC).

4. Request for remittal

4.1 In relation to the respondent's request that the case be remitted to the opposition division if the main request were not found allowable, the board notes that, under Article 111(1) EPC, it may either exercise any power within the competence of the department which was responsible for the decision appealed or remit the case to that department for further prosecution. In addition, according to Article 11 RPBA, the board shall not remit a case to the department of first instance, unless "special reasons" present themselves for doing so.

4.2 The board finds no "special reasons" that would justify a remittal in the present case. The key issues of claim construction and inventive step have been fully debated by the parties at both instances. The board is thus in a position to decide on the appeal without disproportionate effort.

4.3 The proprietor's request for remittal must therefore be refused.

5. Auxiliary requests 1 to 6: claim 1 - inventive step

5.1 The amendments underlying auxiliary requests 1 to 6 represent a narrowing of the main request, adding features to claim 1 taken from the dependent claims as granted. For all these requests, the respondent maintained that the objective technical problem was the same as the one mentioned for the main request in point 2.2 above, namely to provide a "hearing device" capable of performing "various levels of authentication". However, these amendments, whether taken individually or in combination, fail to cure the fundamental deficiencies of the main request. The core features (b) to (h) or their respective replacement features underlying the auxiliary requests remain broad and ambiguous and the added features are merely further "[isolated] islands of cryptography" (as the appellant had put it; see point 2.3 above) that are not functionally integrated in a way that would credibly produce the alleged effect over the whole scope of the respective claims.

More specifically, the board makes the following observations on the features introduced in those auxiliary requests:

5.1.1 In relation to feature (i), the addition of generating and using a "session key" based on the "session identifier" and the "hearing-device key" is a

textbook-method for securing a communication channel. The respondent's argument advanced during the oral proceedings before the board that this adds a distinct "level" of authentication is thus not convincing. Verifying "client data" in accordance with feature (g) and authenticating subsequent "session data" according to feature (i) are rather integral parts of establishing a single secure session, not distinct hierarchical levels.

5.1.2 Concerning features (j) and (k), the board notes that adding an "authentication-type identifier" to the selection process does not credibly establish different technical "levels" of authentication either. The associated claim 1 does not require that different "types" lead to different security outcomes or rights: it would already be satisfied if all types pointed to identical keys. These features therefore represent, at best, a non-inventive administrative measure or organisational choice.

5.1.3 With respect to features (l), (m) and (n), the board finds that incorporating the decryption of an "encrypted client-device certificate" using a "certificate key" derived from a "common", i.e. "shared", secret describes a standard cryptographic mechanism. As the appellant correctly argued, such mechanisms are common practice in secure protocols like Bluetooth**(®). Hence, adding this standard step does not remedy the fundamental vagueness that is inherent to present claim 1 for the reasons set out in points 2.3 and 2.4 above.

5.1.4 Regarding features (o) and (p), the requirement that the "authentication-key identifier" from the "authentication message" in accordance with feature (e) matches a "client-device key identifier" in the "client-device certificate" mentioned in feature (l) does likewise not contribute to inventive step. If a system uses an identifier to select a key that is meant to verify a certificate, it is an implicit and inherent necessity that some form of matching must occur for the "verification" to be functional and arrive at a technically meaningful result. It is not a separate inventive choice.

5.1.5 Relating to feature (q), the addition of a mechanism for re-authentication using an "authentication-device identifier" to retrieve a stored common ("shared") secret relates to session resumption, which constitutes a common aspect of communication protocols. This feature thus concerns subsequent connections and does not resolve the lack of credibility regarding the "various levels of authentication" suggested by the respondent: the security level depends on how the "common secret" is generated, stored and used, on which the associated claim 1 however remains silent.

5.1.6 Concerning features (r) and (s), the board finds that adding an "authentication-token identifier" to be stored and linked with the common ("shared") secret describes a token-based authentication mechanism. As the appellant noted, this is however a customary practice for remembering previously authenticated devices to speed up future connections. Like the features of claim 1 of auxiliary request 5, this does also not remedy the fundamental defects regarding the lack of credibility with respect to the "various levels of authentication" suggested by the respondent.

5.2 The respondent argued that the board must provide documentary evidence for its assertion that the features underlying claim 1 of auxiliary requests 1 to 6 represent "customary practice" or an "administrative measure". The board finds that concepts such as using session keys, decrypting certificates or using tokens for session resumption were part of the common general knowledge of the person skilled in the art of secure communication protocols already before the opposed patent's date of filing. Such textbook-level concepts do not require specific documentary proof. The respondent's persistent assertion of achieving "various levels of authentication" is not found to be credible. The serial addition of standard, albeit unconnected, security-related steps cannot inherently create a hierarchy of distinct security levels.

5.3 In view of the above, none of auxiliary requests 1 to 6 overcomes the issue that the claimed invention does not credibly achieve the alleged technical effect over the whole scope of claim 1. These auxiliary requests are therefore not allowable for lack of inventive step either (Article 56 EPC).

6. Request for referral to the Enlarged Board of Appeal

6.1 The respondent further requested that the following questions be referred to the Enlarged Board of Appeal:

- Question 1: "How does the approach of finding an absence of an objective technical problem, wherein lack of inventive step is found due to lack of an objective technical problem due to lack of credible technical effect, fit in with the problem-solution approach as described in G 1/19?"

- Question 2: "If the approach of finding an absence of an objective technical problem is valid, what is credible technical effect or lack thereof, and how may it be established?"

6.2 According to Article 112(1)(a) EPC, a Board of Appeal shall refer a question to the Enlarged Board of Appeal if it considers that a decision is required for the purpose of ensuring uniform application of the law or because a point of law of fundamental importance has arisen. The board notes that the terms at the heart of the respondent's questions - such as "objective technical problem" and "credible technical effect" - are jurisprudential tools developed over time by the Boards of Appeal to apply Article 56 EPC consistently; they are not terms found in the legislative text, i.e. the EPC, itself.

Furthermore, as is evident from the detailed reasoning provided in points 2 and 3 above, the board finds that the existing case law, in particular the principles set out in G 1/19 and G 2/21, provides a sufficient and coherent legal framework to resolve the questions raised by the respondent. In addition, there is no lack of clarity or divergence in the case law that would necessitate a referral.

6.3 Since the board can decide on these matters on the basis of the EPC and the established jurisprudence of the Boards of Appeal without needing to clarify a point of law of fundamental importance or to ensure uniform application of the law, the conditions of Article 112(1)(a) EPC are not met.

6.4 The proprietor's request for a referral must therefore be refused.

Order

For these reasons it is decided that:

1. The request for a referral to the Enlarged Board of Appeal is refused.

2. The decision under appeal is set aside.

3. The patent is revoked.