How would the Reg be described, I wonder?
An online news story that described a bank's method for authenticating website visitors was valid evidence of prior art, the UK Intellectual Property Office (IPO) has ruled. The date on the web page could be taken at face value, it said. The date and contents of internet disclosures should be assessed on the balance of …
RBS was prompting users for certain characters of their passwords as early as 2001, if not earlier.
When wishing to avoid keyboard input due to the potential existence of key logging software on the user's PC, would it not be an obvious step to change the entry to mouse-based entry of the type described in the patent application?
Even if the prior art claim cannot be proved to a high enough standard to satisfy EPO, surely this obvious invention should prevent the patent from being approved?
I'd have thought that the most bleedin' obvious evidence of this would be the NatWest online banking system which I've been personally using since some considerable time before 2005 and which uses that self-same system of authentication!
I think that they even sent me the original password (like wot HSBC proposed) and I changed it meself to something less memory-hostile. I can't be sure, like I said it was a while back.
Failing that, I think Mastercard's SecureCode online transaction authentication system may be of earlier provenance too. Guess how that one works?
[This: "Under the Patents Act 1977, a patent can be granted only if the invention is not obvious to a person skilled in the art, having regard to the state of the art" has naff all to do with prior art.]
state of the art = prior art up to the date of filing
The question of obviousness is a subjective test based upon the state of the art: what did the state of the art teach the unimaginative skilled person to do up to the date of filing?
I'd have thought the UKIPO would would kill this application as a matter of routine under the Macrossan/Aerotel test (software-only invention), and the EPO would kill this application as a matter of routine under their standard 'the business person thought of it' (lack of inventive step) rejection.
Admittedly, this development about admissibility of evidence at the UKIPO is worrying, though. I've certainly seen a lot of opponents/infringers being rather 'liberal' with the authenticity and/or provenance of electronic evidence (web pages, emails, word/powerpoint/etc.). Demonstrably so, particularly when it's so easy to fiddle file metadata/stats.
Mine's the one with the EPC 2000 in the back pocket.
Balance of probability is right for that.
The claim that people should be awarded a patent unless you can prove conclusively that they SHOULDN'T be awarded the patent has done serious damage to business as they endlessly battle patent trolls.
It was based on a deliberate misinterpretation of TRIPS, the idea that "patents shall be available" implies that by default the patent is issued and you need to show why it isn't .
But that wording does not support that conclusion. And issuing patents to all comers has been a big mistake.
Er, yes it does have everything to do with prior art i.e. whether or not the invention has been described before. Firstly, the very first paragraph of the UK Patents Act 1977 states that:
1.-(1) A patent may be granted only for an invention in respect of which the following conditions are satisfied, that is to say -
(a) the invention is new;
(b) it involves an inventive step;
Secondly, how can something be judged to be obvious or not against prior art if the prior art describes EXACTLY the same invention? Surely that's beyond bleeding obvious and just a straight copy?
This is just yet another prime example of the way the patent system is abused by those with the funds to throw at it. HSBC is not in any way attempting to protect its invention. It is simply and blatantly trying to undermine and block other businesses that use a reasonable (and *very* obvious) method of authentication.
There should be some potentially bad outcome for them for having the audacity to roll the dice and appeal the case. eg. if it is rejected again, as it should be, obviously, then they should be fined a large amount for wasting everybody's time.
Until there is a unified global patent register (like that will ever happen) the system will continue to be abused and misused by companies like this. It's a shame that we have to rely on the luck of the draw and getting an examiner with their head screwed on the right way.
... shouldn't be patentable in France either, then.
Since I opened a bank account in Japan (where I live) back in December 2003, I have been using internet banking with a similar password scheme at login. The "password" is a sequence of digits received from the bank, and at login I am asked to enter 6 of these digits at a particular order chosen randomly by the bank each time I access their website. Like, "please enter the digits #2, #6, #1, ..."
If business practices shouldn't be patentable in the first place, clearly it has long been a strategy of big corporations with a lawyer on payroll to patent even the most obvious things without any (proper?) research of prior art, abusing a system where the patent office is resource constrained and clearly cannot perform the necessary checks. I suggest the costs of successfully overturning a patent should be borne by the sneaky patent holder.
First Direct ask for 3 random characters from your password when you call them - and have since 1991
The British library and a couple of university libraries are supposed to get all the copyright published material - but the fine for not doing so is tiny and the libraries don't want to pay to file and store a dozen 600page ad filled computer mags every week so they don't chase them up.
They also hate dealing with books that contain disks and books with odd shapes or binding so a lot of computer books and manuals never get archived which is why you can find 1000s of books of Victorian poetry in the library but not the technical manual for the original IBM PC.
...may eventually come to include "habitually attaches a digital timestamp to its pages". It may not be an option on the average web-server today (I don't know) but it is clearly technically possible and once programmed in it would be trivial to enable.
The court is right to take a different view of web versus printed media. The whole game-changing nature of the web arises from the very low cost of publication (and re-publication after editing). I can certainly foresee a future where a court would presume (in the absence of other evidence) that an unsigned website was unsigned for a reason and couldn't be trusted.
Indeed, the UK doesn't do "pure" software patents at all. If the invention is implemented in software only (as in: capable of running on bog standard hardware, with no effect outside the bog standard hardware), then it's, to all intents and purposes, garanteed curtains. Any practitionner would tell a client to not bother throwing £s at trying to patent it in the UK or Europe.
For that matter, neither does anywhere else, except the US. And even there, after the KSR case, it's certainly not the free ride everybody makes it out to be anymore, what with the USPTO taking baby steps towards a proper assessment of inventive step (obviousness), by arguing that everything and their dog is obvious.
I don't know where some of the above posters get this idea that patents are awarded as a matter of course (if anything, the article illustrates the point perfectly). It's harder to obtain grant than it's ever been.
Mine's the one with Title 35 USC in the back pocket.
Biting the hand that feeds IT © 1998–2019