Case Law Rewind – CyberSource Corp. v. Retail Decisions, Inc., No. 2009-1358 (Fed. Cir. 2011)

Note that occasionally, we will post a “Case Law Rewind” article.  These articles revisit decisions that may have issued some time ago, but we felt were important enough to revisit for discussion on our News page.

In CyberSource, with regard to an Internet commerce patent, the Fed. Circuit invalidated both a method claim and the “Beauregard claim” that was directed to a computer readable medium (CRM) containing program instructions to carry out the method. The method was directed to detecting fraudulent credit card purchases made using the internet to, e.g., detect that multiple card numbers had been used to make purchases from a single internet address.

Independent method claim 3 is shown below:

3. A method for verifying the validity of a credit card transaction over the Internet comprising the steps of:

a) obtaining information about other transactions that have utilized an Internet address that is identified with the [] credit card transaction;

b) constructing a map of credit card numbers based upon the other transactions and;

c) utilizing the map of credit card numbers to determine if the credit card transaction is valid.

The district court had found that claim 3 failed the machine or transformation test used in Bilski v. Kappos, 130 S. Ct. 3218 (2010), though the Supreme Court had rejected the machine-or-transformation test as the exclusive test for the patentability of a claimed invention.   The Fed. Circuit agreed, but further found that claim 3 failed to recite patent-eligible subject matter because it is drawn to an unpatentable mental process—a subcategory of unpatentable abstract ideas.

The Federal Circuit agreed with the district court that claim 3 failed both prongs of the machine-or-transformation test.  “The mere collection and organization of data regarding credit card numbers and Internet addresses is insufficient to meet the transformation prong of the test, and the plain language of claim 3 does not require the method to be performed by a particular machine, or even a machine at all.”

The appellant argued that the claimed method was tied to a particular machine because it “would not be necessary or possible without the Internet.”  However, the Federal Circuit stated

Regardless of whether “the Internet” can be viewed as a machine, it is clear that the Internet cannot perform the fraud detection steps of the claimed method. Moreover, while claim 3 describes a method of analyzing data regarding Internet credit card transactions, nothing in claim 3 requires an infringer to use the Internet to obtain that data (as opposed to obtaining the data from a pre-compiled database). The Internet is merely described as the source of the data.

Claim 2 was referred to as “a so-called ‘Beauregard claim.’”  Independent claim 2 is shown as follows:

2. A computer readable medium containing program instructions for detecting fraud in a credit card transaction between a consumer and a merchant over the Internet, wherein execution of the program instructions by one or more processors of a computer system causes the one or more processors to carry out the steps of:

a) obtaining credit card information relating to the transactions from the consumer; and

b) verifying the credit card information based upon values of a plurality of parameters, in combination with information that identifies the consumer, and that may provide an indication whether the credit card transaction is fraudulent,

wherein each value among the plurality of parameters is weighted in the verify-ing step according to an importance, as determined by the merchant, of that value to the credit card transaction, so as to provide the merchant with a quantifiable indication of whether the credit card transaction is fraudulent,

wherein execution of the program instructions by one or more processors of a computer system causes that one or more processors to carry out the further steps of;

[a] obtaining information about other transactions that have utilized an Internet address that is identified with the credit card transaction;

[b] constructing a map of credit card numbers based upon the other transactions; and

[c] utilizing the map of credit card numbers to determine if the credit card transaction is valid.