IN THE HIGH COURT OF JUSTICE
BUSINESS AND PROPERTY COURTS OF ENGLAND AND WALES
INTELLECTUAL PROPERTY LIST (Ch)
PATENTS COURT
Rolls Building
Fetter Lane
London, EC4A 1NL
Before :
MRS JUSTICE BACON
Between :
SYCURIO LIMITED
(formerly Semafone Limited)
Claimant
- and -
(1) PCI-PAL PLC
(2) PCI-PAL (UK) LIMITED
Defendants
Michael SilverleafKC and Kyra Nezami (instructed by Michelmores LLP) for the Claimant
Guy Tritton, Edward Cronan and Laura Adde (instructed by Shepherd & Wedderburn LLP) for the Defendants
Hearing dates: 12–16, 21–23 June 2023
Approved Judgment
REVISED NON-CONFIDENTIAL VERSION
Note: Excisions in this Judgment marked “[REDACTED]” relate to commercially confidential information.
This judgment was handed down remotely at 4.45pm on 25 September 2023 by circulation to the parties or their representatives by email and by release to the National Archives.
The parties’ positions as to the skilled team 9
The subject matter of the Patent 9
Call centre telephony systems 11
Security of payment systems 13
Techniques available for addressing fraud and the PCI DSS requirements 14
The disclosure of the Patent 16
Prior art relied on in this case 29
Section 60(1)(b) infringement on a normal construction 43
Section 60(1)(b) infringement by equivalents 48
MRS JUSTICE BACON:
INTRODUCTION
This case concerns Patent GB 2473376 (the Patent), entitled “Signal detection and blocking for voice processing equipment”, which concerns the processing of telephone calls within a call centre. The claim of the Patent in issue is claim 9, which claims a method of reducing fraud by call centre agents, by blocking DTMF tones entered by a caller from being transmitted to the agent when the caller is using the keypad to provide sensitive information required for a transaction, such as their payment card details. The priority date of the Patent is 9 May 2008.
The claimant (Sycurio) is the proprietor of the Patent. It contends that the defendants (collectively PCI-Pal) have infringed and continue to infringe the Patent, either literally or under the doctrine of equivalents, by their cloud-based secure card payment system known as Agent Assist Gen 2 (Agent Assist). Agent Assist is available in a variety of variants, and Sycurio contends that each variant infringes.
PCI-Pal challenge the validity of the Patent on various grounds, deny infringement, and (by way of counterclaim) seek declarations of non-infringement in relation to nine proposed enhancements of the Agent Assist system.
Mr Silverleaf KC and Ms Nezami appeared for Sycurio; PCI-Pal were represented by Mr Tritton, Mr Cronan and Ms Adde. Mr Silverleaf, Ms Nezami, Mr Tritton and Mr Cronan all made submissions at the hearing, and both sides provided detailed written opening and closing submissions. There were no witnesses of fact; there were, however, two experts for each party, who provided written expert reports and were cross-examined at the trial.
In light of the extensive materials before me for the trial, which included detailed discussion of the functionality of the Agent Assist systems (in both submissions and evidence), it was unfortunate that the implications of an important technical issue regarding the way in which Agent Assist worked only emerged as a point in dispute at the end of Mr Silverleaf’s reply on the last day of the trial. It was then addressed in written submissions by both parties following the hearing. I will discuss this further below.
THE ISSUES
The issues in dispute slightly narrowed during the course of the trial, the remaining issues being as follows:
The subject matter of the Patent and accordingly the nature of the skilled team.
The scope of the common general knowledge (CGK), which was largely dependent on the identification of the skilled team.
The construction of various points in claim 9.
Identification of the inventive concept of claim 9.
Obviousness of claim 9 over US patent 2004/0193897 A1, published on 30 September 2004, referred to as Van Volkenburgh.
Obviousness of claim 9 over US patent 2006/0050658 A1, published on 9 March 2006, referred to as Shaffer.
Obviousness of claim 9 over a prior art press release by the company LiveOps, published in “destination CRM” magazine in January 2007, referred to as LiveOps.
Whether claim 9 relates to excluded subject matter under s. 1(2)(c) of the Patents Act 1977, on the basis that it only discloses a scheme or method for doing business or a computer programme.
Whether claim 9 contains matter extending beyond that disclosed in the original application for the Patent as filed.
Whether any of the Agent Assist variants infringe claim 9 under s. 60(1)(b) and/or s. 60(2) of the Patents Act 1977, on a normal construction or the doctrine of equivalents (and including the question of a Gillette/Formstein defence based on obviousness over US patent 2005/0246242 A1, published on 3 November 2005, referred to as Proctor).
Whether any of the Agent Assist enhancements infringe claim 9, and if not whether PCI-Pal should be granted a declaration of non-infringement.
As I will explain, I do not need to decide some of those issues in light of the way in which I have decided other issues in the case.
WITNESSES
Preliminary comments
Before commenting on the evidence of the expert witnesses for Sycurio and PCI-Pal, respectively, it is necessary to make some preliminary observations about the duties and responsibilities of expert witnesses in patent cases, and the corresponding obligations of the solicitors who assist those witnesses in preparing their evidence.
There is no dispute that an expert witness in a patent case is subject to the rules of CPR Pt 35. These include under r. 35.3(1) the duty of experts “to help the court on matters within their expertise”, and under r. 35.10(1) the requirement for an expert’s report to comply with Practice Direction 35.
Practice Direction 35 includes the following requirements:
“2.1 Expert evidence should be the independent product of the expert uninfluenced by the pressures of litigation.
2.2 Experts should assist the court by providing objective, unbiased opinions on matters within their expertise, and should not assume the role of an advocate.”
The starting point in both CPR Pt 35 and the accompanying Practice Direction is therefore that the expert witness must give evidence on matters which fall “within their expertise”. That may of course require the expert to do some further research to enhance their existing knowledge in the field, so as to be able to assist the court with the specific issues in the case. An expert may also wish to do background reading in relation to a related field in which they do not profess specific expertise, so as to be able to understand the context of the questions which they are asked which do fall within their field of expertise, and thereby to give useful answers to those questions.
What the expert should not, however, do is to give evidence on the basis that they have sought to read in and educate themselves in the relevant field for the purposes of the case in question. A person does not become an expert by virtue of having acquired knowledge in the course of the case itself. Nor should an expert give evidence on a subject which falls outside their expertise, but which they consider they understand “well enough” to express a view on the matter. An expert is not instructed for court proceedings on the basis that they believe that they have “sufficient” grasp of the matter to express a view, or are able to teach themselves what they need to know in the course of preparing their evidence. They are instructed on the basis that they are a genuine expert in the relevant field, whose opinions may be relied upon and given weight by the court.
As to the process by which an expert report is prepared in a patent case, both parties agreed that the position was correctly set out by Arnold J in Medimmune v Novartis [2011] EWHC 1669 (Pat), §§99–114. In particular, both parties endorsed the propositions that the specialist nature of such cases and the likely fields of expertise of the expert witnesses instructed in such cases mean that expert witnesses in patent actions require a “high level of instruction by the lawyers”, and that in practice expert reports in patent cases are often drafted by the lawyers on the basis of what the expert has told them, with the expert then amending the draft report as appropriate (§110).
That process must not, however, obscure the duties of the expert as set out in CPR Pt 35 and Practice Direction 35. In particular it must not lead to an outcome where the expert strays into giving evidence on matters falling outside their expertise, on the basis that they have been asked questions by their solicitors which they have endeavoured to answer. That is an outcome which both the expert and their instructing legal team must be vigilant to avoid. The instructing solicitors should not simply assume that the expert will understand the requirements of CPR Pt 35 and the Practice Direction. It is their responsibility to ensure that the expert has the necessary expertise and is aware of the duties imposed on an expert witness.
With those preliminary comments in mind, I will comment on the parties’ expert witnesses. The evidence of those witnesses was divided up differently, reflecting a fundamental disagreement between the parties (which I will need to address below) as to the subject of the Patent and the characteristics of the skilled team to which it is primarily addressed.
The Claimant’s witnesses
Sycurio divided its evidence between Mrs Concepta Penn and Professor Kin Leung. Both of them were cross-examined.
Prof Leung specialises in telephony and networking. Since 2009 he has held the position of Head of the Communications and Signal Processing Group within the Electrical and Electronic Engineering department at Imperial College, London. His principal role was to explain to the court how traditional circuit switched and more modern packet switched internet-based telephony systems work, in order for the court to understand (in particular) the technology underlying PCI-Pal’s Agent Assist system. His expertise was unquestionable, and most of his evidence was uncontroversial.
Mrs Penn is a consultant specialising in payment card processing, including call centre payments, at an operational level. She has in-depth knowledge of the various international card scheme rules, and UK and EU card payment standards. In that field, her expertise was not in doubt. She does not claim to have any expertise in the technical solutions used to implement the card processing systems which she has worked on and designed, and she explained that for those purposes she would work together with engineers who would implement the system she had specified. Her evidence addressed the issues in the action as a whole, including the scope of the CGK, novelty and obviousness over the prior art, and infringement. She was therefore Sycurio’s main witness in the action, and she was cross-examined over almost two days. At the outset of her cross-examination, Mr Silverleaf noted that Mrs Penn was dyslexic and might on occasion need additional time to read documents.
During her cross-examination, it became apparent that Mrs Penn was struggling to understand and answer the questions put to her on the technical documents, in particular the Van Volkenburgh, Schaffer and Proctor patents and PCI-Pal’s Product and Process Description (PPD), despite having addressed all of these in considerable detail in her expert reports. Her answers became increasingly confused, and on several occasions she was unable to explain points that she had specifically commented on in her written evidence. Following discussion with Mr Silverleaf immediately after Mrs Penn’s oral evidence had concluded, and further discussion during the next day of the hearing, Mr Silverleaf recalled Mrs Penn (at my invitation) to explain her difficulties during her cross-examination and also the way in which her written evidence had been prepared.
When recalled, Mrs Penn gave evidence in chief (in response to questions from Ms Nezami) and was then cross-examined again by Mr Tritton. It is to Mrs Penn’s credit that she was willing to be recalled after what had clearly been a very difficult initial cross-examination, and the explanations which she went on to give were in my judgment entirely candid.
Mrs Penn started off by explaining that she had struggled in particular on the second day of the trial due to lack of sleep and a medical issue for which she was taking prescription medication. She had been dehydrated and had become increasingly unable to concentrate on the questions she was being asked. She said that her dyslexia meant that she had been unable to find relevant references in the documents she was being asked about, which had added to her stress.
I accept that these issues may well have impacted on the quality of Mrs Penn’s evidence (particularly on the second day of her cross-examination). The real problem, however, was that she was giving evidence about matters which fell well outside the scope of her expertise. That had been apparent from the first day of her cross-examination and continued throughout her oral evidence. It was confirmed by Mrs Penn’s description of the way in which her evidence had been prepared, in response to Mr Tritton’s further cross-examination. She explained that she had not written the first draft of her expert reports herself, but had sent copious notes to her instructing solicitors, who had then spent many months putting her reports together, with further input from her on specific points. She frankly admitted that she had struggled to understand PCI-Pal’s PPD and had spent many days and a “huge amount of research” to be able to do so. The Shaffer patent had been, she said, “an absolute nightmare” to try and understand, but she said that she had eventually got through it. She had done research on various other technical points to reach what she considered to be an adequate level of understanding to enable her to comment on them in her evidence. She maintained that the final written reports were entirely her own evidence, and that she had read them carefully and agreed with the points made. She said, however, that because her own language was so non-technical, the solicitors had sometimes reformulated what she said to put it into the right form of words.
Having considered Mrs Penn’s further evidence, Mr Tritton eschewed any submission that it had been prepared in an improper manner, as such. But Mrs Penn’s explanations highlighted the difficulties she faced in trying to address the issues in the case. She had sought – no doubt with the best intentions – to understand and educate herself on the telephony technology referred to in the prior art and the PPD. It was, however, not within her field of expertise and she should not have been giving evidence on those points. That should have been readily apparent to her instructing solicitors.
The result is that I am unable to accept Mrs Penn’s evidence on any matter that falls outside her core area of expertise. As to the matters which did fall within her expertise, namely payment card processing systems and the relevant industry requirements and standards applicable to those, her evidence was not controversial. The disputed matters in the case, in so far as they concerned the expert evidence, were matters on which Mrs Penn had opined, but for which I cannot give her evidence any weight.
That is no doubt why, in his closing submissions, Mr Silverleaf placed almost no reliance on Mrs Penn’s evidence. He contended that he did not need to do so, because he could make his points as legal submissions on the basis of the undisputed material and PCI-Pal’s own evidence. That was an unfortunate position to end up in, given the extensive scope of Mrs Penn’s written evidence. For the reasons set out below I consider that Mr Silverleaf’s submissions on the technical points could not be maintained without evidential support, which he ultimately did not have.
The Defendants’ witnesses
PCI-Pal divided their evidence between Mr Craig Robinson and Mr Colin Whittaker. Both of them were cross-examined.
Mr Robinson is a consultant in call centre and telephony technology. His areas of expertise include telecommunications, networks, contact centres and customer experience. He has extensive experience supporting clients with the design, specification and implementation of call centres. He was PCI-Pal’s main witness in the action, and his evidence addressed most of the issues in the case, including the scope of the CGK, novelty and obviousness over the prior art, and infringement. He acknowledged that there was some overlap between his experience and that of Mr Whittaker. He therefore specifically did not comment on the issues addressed by Mr Whittaker regarding the handling of payment information and the understanding of the prior art from the perspective of a payments advisor.
As with Mrs Penn, Mr Robinson was cross-examined for almost two days. He was a very impressive and knowledgeable witness. His responses to questions, including highly technical questions, were consistently careful and comprehensive, and provided considerable assistance to the court. He explained the steps that he had taken to avoid hindsight when considering obviousness over the prior art.
Mr Whittaker is a consultant specialising in cyber security and risk. He worked for many years as the information technology security officer at the Association for Payment Clearing Services (APACS), which was established by the UK banks to manage payment clearing and overseas money transmission in the UK. In particular, he was responsible for the APACS e-commerce programme and developed the industry standard for two-factor authentication technology. Mr Whittaker’s evidence focused on payment processing and the handling of payment information – essentially the area of Mrs Penn’s evidence in which it was undisputed that she also had relevant expertise. It was common ground that Mr Whittaker was an excellent witness, who gave clear and straightforward answers to the questions asked in cross-examination. Mr Silverleaf positively asserted that his evidence should be accepted, and he relied on that evidence in his closing submissions.
THE SKILLED TEAM
The law
The concept of the person skilled in the art or skilled team (for convenience I will adopt the latter expression) is well-established and there was no doubt about the principles to be applied. I can therefore summarise them shortly:
The skilled team is a hypothetical construct, used to identify the notional research team to whom the patent is addressed, and whose combined experience and way of thinking is used by the court to determine the teaching of the patent, the sufficiency of the patent, the teaching of the prior art, and what it would be obvious to do in light of the prior art.
A patent specification is addressed to those persons likely to have a real and practical interest in the subject matter of the invention. The skilled team must therefore consist of persons with practical knowledge and experience of the kind of work in which the invention is intended to be used: see Kitchin LJ in Medimmune v Novartis [2012] EWCA Civ 1234, §72.
The attributes and experience of the skilled team are to be identified by asking the objective question “what problem does the invention aim to solve?”: Birss J in Illumina Cambridge v Latvia MGI Tech [2021] EWHC 57 (Pat) §§68–9.
It is also relevant to ask whether there are real research teams operating in the field: Mellor J in Alcon v AMO [2022] EEWHC 955 (Pat), §214.
Every member of the skilled team is deemed to be unimaginative with no inventive capacity: Henry Carr J in Garmin (Europe) v Koninklijke Philips [2019] EWHC 107 (Pat), §85(iv).
Once the skilled team is identified, the patent and the prior art are considered on the basis of the “knowledge and assumptions” which are attributed to that skilled team: Lord Hoffmann in Kirin-Amgen v Hoechst Marion Roussel [2004] UKHL 46, §32.
While there are some cases where the skilled team relevant for the purposes of construction and sufficiency of a patent may differ from the team relevant for the purposes of assessing obviousness, it was common ground in the present case that the skilled team is one and the same for all of the disputed issues in the case.
The parties’ positions as to the skilled team
There was a fundamental dispute between the parties as to the identity of the skilled team. They agreed that the overall team required to implement a telephone payment card facility for a call centre would need both someone with expertise in payment systems and card security, and someone with technical expertise in the design and implementation of telephony systems for call centres, including those where sensitive data are to be given by a caller. PCI-Pal said that the Patent is addressed to a skilled team that would include both areas of expertise – i.e. someone with expertise equivalent to that of both Mr Robinson (telephony technology) and Mr Whittaker (payment processing and the handling of payment information).
Sycurio, however, said that the Patent is directed at a payment systems problem, not a telephony problem. Accordingly, it said that the “controlling mind” of the skilled team should be the person with expertise in payment systems and their requirements (such as Mrs Penn or Mr Whittaker). That person would call on the technical skills of telephony engineers (such as Prof Leung or Mr Robinson) as necessary; but the assessment of whether the invention is obvious should on Sycurio’s case refer primarily to the thinking and approach of the payment system expert rather than that of the telephony system technical expert.
To address these contentions it is necessary to start by considering the subject matter of the Patent. I will analyse the detail of the specification in the Patent further below.
The subject matter of the Patent
The title of the Patent is “Signal detection and blocking for voice processing equipment”. The Patent specification states at the outset (p. 1) that:
“The present invention relates to a telephone call processing system and method, and in particular to an apparatus to enable a caller to perform a transaction, facilitated by a call centre, with a third party without having to disclose sensitive information to the call centre.
Also described is a system for the secure communication of information and a method of operating the same. The system and method described finds particular use in the communication of information, such as personal and/or financial information, between a user and a call centre or the like.”
The specification then describes the background to the invention, referring to the problem of breaches of security by call centre staff, the increasing use of dual-tone multi frequency (DTMF) signalling for the entry of sensitive customer information over the telephone as an alternative to the customer providing that information verbally, the problem that DTMF tones can be recorded by call centre agents and then decoded, as well as the fact that DTMF data will be stored in call recording files when calls are recorded by the call centre, making those data vulnerable to theft (pp. 1–2). The specification goes on to comment (p. 2) that:
“Accordingly, there is a need for an improved system and method for allowing secure communication across a telephone system, in particular to allow for personal and/or financial data and information to be provided in a secure manner.”
The Patent is therefore concerned with a solution for the problem of agent fraud at call centres, having regard to the vulnerabilities of the existing technical solutions such as the use of DTMF signalling. On its face, the problem which the Patent aims to solve is a technical one, directed at a telephony solution for the problem of agent fraud in call centre remote transaction systems. It is not solely a payment systems issue to be addressed primarily by a payment systems expert without relevant technical expertise.
That conclusion is supported by Mr Robinson’s evidence as to the existence of real teams in the field. As he said, there are many such teams in the field regularly at work in setting up call centres. Those teams require telephony expertise, security expertise and (when taking payments is required) payments expertise. The solutions in the field therefore require a combined input from across a cross-section of skills. In his view, the Patent is directed at a team with precisely such a cross-section of skills, since it is concerned with the problem of mitigating potential for agent fraud in a specific technical way. He also pointed out that the Patent assumes significant technical knowledge on the part of the skilled team, requiring them to be familiar with the hardware described in the diagrams in the specification, in order to be able to interpret and implement the teaching of the Patent.
Mrs Penn did not agree. She considered that the Patent is addressed to someone with expertise similar to her own, who is working on payment card security and compliance with industry standards such as, in particular, the Payment Card Industry Data Security Standard (PCI DSS). Telephony engineers would not in her view have a practical interest in the system described in the Patent.
I unhesitatingly reject Mrs Penn’s evidence on this point. The Patent is not limited to discussion of payment card security issues, at what Mrs Penn sometimes referred to as an “operational” level, i.e. looking at the functional effects of the systems rather than the technical means of implementation of the systems. Rather, the Patent concerns a specific technical solution for the identified security issues, and accordingly contains numerous technical diagrams and a significant amount of technical description in the specification. It is plainly addressed to a person or a team with technical telephony expertise, and (as Mr Robinson rightly said) assumes significant technical knowledge on their part, which Mrs Penn did not claim to have.
The identification of the subject matter of the Patent therefore answers the question as to the skilled team for the purposes of this case. The skilled team is as identified by PCI-Pal: a team with a cross-section of expertise that includes both telephony expertise and payment systems expertise. I do not consider that the experts in either one of those fields should be regarded as the “controlling mind” of the team. While Mr Robinson noted that the skilled team implementing a telephony solution in a call centre will typically be led by a project manager, he said that the structure of such a team is likely to be relatively flat. Likewise, in implementing the teaching of the Patent in this case I consider that the skilled team would work together and would draw equally on the experience of all members of the team.
COMMON GENERAL KNOWLEDGE
Following the conclusion of the trial, I was provided with an agreed statement of the CGK. The only difference between the parties was whether certain technical parts of that (which would not have been known to a payments advisor such as Mrs Penn or Mr Whittaker) should form part of the CGK. It was not disputed that those facts would form part of the CGK of PCI-Pal’s skilled team, which includes a telephony expert. Given my conclusions as to the composition of the skilled team, it follows that the CGK in this case includes the technical parts of the agreed statement. The following summary is therefore based primarily on that statement, with some editing and additions on my part.
Call centre telephony systems
Prior to the priority date for the Patent, call centres used private telephone systems called private branch exchanges (PBXs), which comprised telephone lines (trunks) connected to the public switched telephone network (PSTN), and extensions to each telephone handset used by a call centre agent. During the 1980s, analogue PBX systems were replaced by digital PBXs, and by the priority date digital PBXs accounted for 90% of the market. The remaining systems used Voice over Internet Protocol (VoIP) technology, which businesses were starting to use by the priority date.
Both analogue and digital PBX systems used the traditional circuit switched network. By contrast, the more recent VoIP technology used (and continues to use) packet switched networks. The differences between these are discussed further below.
DTMF technology
DTMF technology is legacy technology which was widely used in the UK by the late 1970s. A DTMF tone is an audible sound created when two pure frequencies (one high, and one low) are combined. Each button on a telephone keypad generates a different DTMF tone when pressed, and DTMF tones can therefore be used to input information via telephone instead of providing information verbally.
At the priority date DTMF tones were commonly used by call centres to provide information (including payment information) to Interactive Voice Response (IVR) systems. An IVR system is an automated system with which a caller can interact on a telephone call through either voice or with DTMF tones, a typical use being in an automated welcome menu (e.g. press “1” for “sales”, “2” for “accounts”, etc). IVR systems can play announcements and prompt callers to enter each piece of information, and can read information back to customers (such as a customer’s credit card number) and ask them to confirm it. At the end of an interaction with an IVR, the system may transfer the caller to an appropriate member of staff (automatically or by asking the caller to press a button) or end the call.
At the priority date, it was common for call centre technology (including DTMF functionality and IVR systems) to be based on telephony cards which were inserted into computers, and which could manage multiple calls at a time. Because the telephony card fitted into a standard computer expansion slot, the manufacturer only needed to develop the hardware and software for the specific functions of the card; everything else could be written by the user on the computer as standard software code or configuration. Typical functionality on telephony cards included a “silent monitor” function whereby a supervisor or trainer could listen in on an agent’s call for training or quality-control purposes, and a “whisper mode” whereby the supervisor could listen in to the call and speak to the agent, unheard by the caller.
Telephony card functionality also included DTMF blocking functionality (sometimes referred to in the materials before me as DTMF “clamping”), enabling DTMF tones to be blocked from one person on the call, such that the DTMF tones would not be heard by that person but the rest of the conversation would be heard. This functionality could be configured using the telephony card software. For example, when an agent pressed a DTMF button to transfer a customer to another agent, DTMF blocking could be used to prevent the customer from hearing the DTMF tone. DTMF blocking could be done in any direction (e.g. agent to caller or caller to agent), although there was no CGK application at the priority date which required DTMF blocking in the caller to agent direction.
DTMF signalling is still used in modern telephony networks, because it is backwards-compatible with older systems. The data are, however, typically transmitted in a different way as described below at §68.
Card payment processing
Card payments are divided into two general categories: card present, or face-to-face payments, and card not present, or remote payments. The present case is concerned with remote payments, and specifically card payments processed over the telephone in a call centre environment.
There are four key parties to a credit or debit card payment transaction: (i) the cardholder, namely the customer who is paying by card; (ii) the merchant, namely the vendor that sells to the customer, and which accepts credit or debit card payments for the goods or services; (iii) the card acquirer, who acquires transactions from merchants and processes them; and (iv) the card issuer, which is the financial institution that has issued the credit or debit card to the cardholder on behalf of a particular card payment network (such as Visa or Mastercard).
The interaction between these four parties described above is shown in the following diagram (using an example in which the cardholder details are entered into an online form, rather than provided over the telephone).
Three steps are required to complete a card transaction:
Validationinvolves checking that the card details provided by the customer are valid, e.g. checking that the correct number of digits have been entered. This is done by the merchant (or “seller” in the diagram).
Authorisationis the process by which the card issuer decides whether to authorise the payment transaction. The authorisation request (“payment request” in the diagram) originates from the seller, and is sent to the card acquirer and then on to the card issuer. The card issuer validates the card details and conducts fraud checking and credit checking to make the authorisation decision.
Completion/settlementof the transactionfollows an approved authorisation by the card issuer. It is only at this point that money changes hands. Settlement is handled by the card payment scheme which calculates the financial obligations between all participants in the system. After receiving an authorisation response, a transaction is completed by providing the customer with a receipt, and entering the details of the transaction on the settlement file. Those transaction details included the last four digits of the long card number (referred to as the Primary Account Number, or PAN), the transaction ID, and card expiry date, but not the card verification code. The remaining transaction data are then deleted from the system.
Security of payment systems
Originally, remote transactions were conducted with a customer reading their card details over the telephone to a merchant staff member or call centre agent. By the priority date, card details could also be entered by a customer using their telephone keypad to generate DTMF tones as described above. Both approaches had significant security problems, and at the priority date payment card fraud for remote transactions was a well-known problem in the payment card industry. One of the major vulnerabilities was the possibility of call centre agents gathering personal and customer data from their conversation with the customer, either by writing customers’ card details down where these were provided verbally, or by recording DTMF tones and decoding them later.
The PCI DSS standard is an international set of minimum data security standards to be followed by merchants and acquirers who handle payment card data, its purpose being to limit the compromise of payment systems, to ensure cardholder data are handled securely, and to protect those data from theft and fraudulent misuse. It was developed cooperatively by the international card schemes, including Visa and Mastercard.
PCI DSS v1.1 was the applicable version of the standard at the priority date. It included the following requirements:
Requirement 3.2: “Do not store sensitive authentication data subsequent to authorisation (even if encrypted)”.
Requirement 3.3: “Mask PAN when displayed (the first six and last four digits are the maximum number of digits to be displayed)”.
Requirement 3.4: “Render PAN, at minimum, unreadable anywhere it is stored (including data on portable digital media, backup media, in logs, and data received from or stored by wireless networks) by using any of the following approaches: [various encryption techniques]”.
Requirement 4.1: “Use strong cryptography and security protocols such as secure sockets layer (SSL) / transport layer security (TLS) and Internet protocol security (IPSEC) to safeguard sensitive cardholder data during transmission over open, public networks”.
Most of the requirements relate to securing data within the call centre, while the others are concerned with protecting the perimeter of that environment. The standard approach taken for PCI DSS compliance prior to 2008 was to protect the cardholder data environment. The preface to PCI DSS v1.1 described the scope of the PCI DSS security requirements by reference to the cardholder data environment as follows:
“These security requirements apply to all ‘system components’. System components are defined as any network component, server, or application that is included in or connected to the cardholder data environment. The cardholder data environment is that part of the network that possesses cardholder data or sensitive authentication data. Adequate network segmentation, which isolates systems that store, process, or transmit cardholder data from those that do not, may reduce the scope of the cardholder data environment.”
Techniques available for addressing fraud and the PCI DSS requirements
At the priority date, the most common method of payment processing over the telephone was via a conversation with the agent in which the caller simply read out their payment card details. The second most common approach, also in widespread use, was via an IVR with a payment line.
The widespread use of call recording in call centres presented a particular challenge for both of these approaches. The UK Financial Services Authority (FSA), the predecessor to the Financial Conduct Authority, had since the early 2000s required the whole telephone conversation relating to certain financial transactions to be recorded. This conflicted with (among other things) PCI DSS requirement 3.2. The FSA therefore agreed that card payment data could be excluded from the call recordings.
Two techniques were available (and CGK) for mitigating fraud within a call centre and complying with the PCI DSS requirements (in particular requirement 3.2) whilst meeting the general FSA requirement for the recording of calls.
The primary solution available at the priority date was “pause and resume”. Where call recording was being used in a call centre, the call recording would be paused manually by an agent or by an automated process prior to the caller reading out their card details. The call recording would then be resumed after the card details had been provided, thereby avoiding the capture of card details on the call recording files.
The second commonly used solution was what the parties referred to as “mid-call transfer”, where the call was transferred from the call centre agent to an IVR, such that the agent was no longer on the call. The IVR system would then prompt the caller to enter their payment card details using DTMF. Once the transaction was completed, the call could be passed back to the agent. This solution resulted in normal voice communication between the caller and the agent being interrupted. Some implementations could, however, provide feedback to the agent showing progress on the IVR system. One perceived disadvantage of mid-call transfer was that cardholders sometimes struggled to enter data and gave up.
VoIP, SIP and RTP
Both analogue and digital telephone calls in a circuit switched network require a physical connection (i.e. a circuit) to be established from one caller to another. The PSTN contains many switches (telephone exchanges) connected by communication links (trunks) to the public network, such that when a call is made, the system finds a route from the caller through multiple switches and trunks to establish a circuit with the callee.
In the 1970s data networks were established which communicated data via the Internet Protocol (IP), i.e. the early internet system. In order to achieve high reliability and communication speeds, data were not sent via a single circuit, but were split into individual packets, with each packet sent across the network in the most efficient way. Different packets could therefore be sent by different routes. These IP based networks are called packet switched networks. By the early 2000s, telecommunications providers began to move to a packet switched approach. Businesses also started changing their circuit switched PBXs to packet switched PBXs, and moving their voice calls onto the IP network. When voice data are sent via a packet switched network, this is referred to as Voice over Internet Protocol (VoIP). The existence of VoIP technology was CGK at the priority date.
Data communication on the internet (including VoIP calling) is controlled by a number of different protocols operating at different “layers” of the network stack. These layers consist of an application layer, where network applications reside; a transport layer, which transports application-layer data between two end points of an application; the network layer, which is responsible for moving network-layer packets from one end device to another, and which runs using the Internet Protocol (IP); a link layer which supports transmission and reception of data packets across links connecting routers or end-devices, using for example WiFi; and a physical layer which moves individual bits across the transmission medium of the link, using for example copper wire, coaxial cables, fibre optics, or 4G and WiFi radio channels.
The protocol used for a particular type of communication depends on the type of data being sent. One relevant protocol is the Session Initial Protocol (SIP), first defined in 2002. SIP is an application-layer protocol which is used to set up, end or otherwise manage a VoIP call between two or more parties.
Once a call has been set up, data can be communicated using SIP signalling. For voice and video data transmitted using VoIP, however, the SIP signalling will typically direct the transfer of data using the Real-time Transport Protocol (RTP), which operates between the transport and application layers. This protocol was defined in 2003, and is specifically designed to support the transfer of media for real-time applications in light of jitter delay, loss of data packets and out-of-order packet arrivals, which often happen on the internet. RTP prioritises speed over quality, and therefore tolerates a small drop in quality through loss of some packets.
In modern telephony networks, DTMF signals are normally transmitted as digital signals using SIP signalling rather than as audible tones using RTP, since they are critical data which need to be transmitted in full to the receiving device. DTMF data may, however, still sometimes be sent using the RTP path. Transmission of DTMF data in the form of audible tones in the RTP path is referred to as “in-band” DTMF; transmission of DTMF data in the SIP signalling is referred to as “out-of-band” DTMF. “DTMF bleed” is where a DTMF signal that is expected to be carried in the SIP channel leaks into and is therefore heard in the RTP stream, which could happen (for example) where somewhere on the PSTN a node translates a SIP signal into an RTP signal.
THE PATENT
The disclosure of the Patent
I have summarised above the subject matter of the Patent. As set out above, the essential problem addressed by the Patent is that of agent fraud at call centres, having regard to the potential for DTMF tones to be recorded by call centre agents and/or stored in the call centre’s call recording files. The invention described is a system and method for allowing a user to conduct a transaction with a call centre involving the secure transmission of sensitive data, such as personal information and financial information, without interrupting the verbal communication between the user and the call centre agent. The advantage described is that a voice conversation can continue with the call centre agent, while the sensitive information is transmitted in a way that does not expose it to the risk of compromise at the call centre (pp. 3 and 11).
The sensitive information in question is described as including personal information such as address data, dates of birth and national insurance numbers, and financial information such as credit card numbers, bank account numbers, sort codes, passwords and answers to security questions (p. 11).
The specification explains that the system uses a call processor, which may be of any suitable form to process call signal data, in particular transactional information, such that it is in a form that is not ordinarily readable by the call centre agent (or, in general, anyone accessing a recording of the call) but may still be processed in order to complete the transaction (p. 13). The specification states that the call processor “may” use a telephony card (p. 5).
Figure 3(b) illustrates a modularised call processing system using a telephony card and telephony processing module located within a single unit.
Figure 2 shows a simple form of the way in which the call processor can work. As described in the specification, the call processor is the intermediary between the caller and agent, and acts to modify the characteristics of the call or signal from the caller to the agent, such that sensitive data are barred from reaching the agent and routed instead to the external entity, while allowing the agent to facilitate the interaction with the external entity. The specification states that the call processor can be made compatible with any traditional telephony network, including SIP and VoIP telephone systems (p. 18).
A slightly more complex arrangement is illustrated by Figure 5. In this version, the call processor forwards to the agent a modified version of the DTMF tones entered by the caller (labelled #), and sends the original extracted data (labelled DTMF*) to the external entity. The modified tones sent to the agent are masked so that the agent is aware of the number of DTMF tones entered by the caller, but is unable to determine which specific DTMF tones were sent.
At pp. 13–15 of the specification, an important distinction is drawn between an implementation which blocks the sensitive transactional information from reaching the call centre in any format, and an implementation which converts the sensitive data to a format that may be processed by the call centre but is not ordinarily readable by the call centre agent or operator.
The first of those arrangements is described as occurring where the system identifies and removes the transactional information from the call signal data received from the user and prevents its transmission to the call centre. The transactional information is instead transmitted to a third party for further processing to complete the transaction being conducted by the user. In the case of a financial transaction, the third party may be a credit card company or bank. An example is the removal of audible data signals, such as DTMF tones, from the call data transmitted by the system to the call centre, and the redirection of those signals to the third party, either via a third party installation adapted to process those signals, or following initial processing by the call processor to convert the data signals to a different format (pp. 14–5). The specification later notes (p. 23) that an illustration of this is given in Figure 12.
An implementation of this model described later in the specification is where a merchant outsources its payment processing to a trusted third party system, or “hosted payment gateway”. That allows the payment to be completed in a PCI DSS compliant environment, which avoids compliance implications for the call centre (pp. 27–29).
The second and alternative arrangement discussed at pp. 13–15 of the specification is for the transactional information to be processed by the call centre, but without being directly accessible by or readable by the agent. The latter may be achieved by converting audible DTMF signals into inaudible data signals, or by altering or otherwise masking the audible tones such that they are rendered meaningless to the agent (p. 13). The specification later notes (p. 23) that illustrations of this arrangement are given in Figures 14(a)–(c) and 15. Figure 14(a) is reproduced below.
Figures 14(a)–(c) and 15 are described as illustrating ways in which the call processor can be integrated into existing call centre systems for acquiring payment information and/or handling transactions at a call centre, with only minor modification to the existing transaction handling applications used by the call centre and its agents (pp. 29–30).
In both of the two alternative arrangements described above, the transactional information is processed in a way that renders it unreadable by the call centre agent or anyone accessing a recording of the call (p. 13). The difference between the two versions turns on whether the transactional information is routed directly to an external entity for processing without being processed by the call centre (as in Figure 12), or is initially processed by the call centre albeit without being readable by the call centre agent, before then being relayed to the external entity (as in Figure 14(a)).
Mr Silverleaf suggested that the two forms of implementation described at pp. 13–15 of the specification should be understood as distinguishing between systems that are inside and outside the call centre. That is not correct. The Patent specification does elsewhere make a quite separate distinction between call processors which are located within the call centre (such as in Figure 2, shown above) and arrangements where the call processor is located at a site external to the call centre. As the specification notes, the call processor can be placed at any point along the telephony network between the caller and the agent (p. 18).
But the description of the two alternative arrangements at pp. 13–15 of the specification does not require the call processing system to be inside or outside the call centre in either version. Rather, as set out above, the discussion concerns whether the sensitive information is sent to the external entity without going to the agent or the agent’s system, or whether it is sent to the agent’s system for processing albeit without being divulged to the agent. It is notable that the examples used to illustrate this distinction (Figures 12, 14(a)–(c) and 15) are all examples where the call processor is located outside the “boundary” of the call centre.
The end of the specification sets out an “overview” which provides a good summary of the disclosure of the Patent.
“A system has therefore been described in which a call processor can be used either as a hosted (voice) payment gateway (or as a customer premises or customer-provided equipment (CPE) at a call centre) which allows the collection of payment card data via the telephone keypad using the DTMF protocol (or potentially by voice recognition).
The call processor has the potential to eliminate (or reduce) the collection of card details by live agents by masking the data they receive. This means both the agent and the call recording do not ‘hear’ the DTMF data, such that pausing the call recording equipment or encrypting the data becomes unnecessary thereby removing a significant point of compromise for stolen card details.
In one implementation, the caller maintains a voice connection with the customer throughout the interaction; there is no transferring of the call to an interactive voice response (IVR) system or other impersonal automated system. The call processor effectively ‘splits’ the call into voice and DTMF channels automatically such that the caller experiences little or no difference in call, other than a beneficial reduction in handling time. A safe (or secure) mode in the call processor is automatically activated when a secure transaction is required. In the safe mode the call processor effectively removes the DTMF channel from the Call Centre Agent’s experience. The configuration of the call processor allows it to be integrated directly with existing call centre (transaction handling) applications to collect and transmit secure data.
Accordingly, aside from the communication of card details, the call between customer and merchant is entirely as normal and indeed the agent and the customer remain in voice contact throughout the call. This means that customer satisfaction levels are maintained and any input errors can be quickly identified and remedied.”
Claim 9 of the Patent
Claim 9 is as follows, with the breakdown of integers as adopted by both parties for the purposes of these proceedings:
“[9(a)] A method of processing telephone calls comprising voice signals and data signals comprising:
[9(b)] receiving voice signals and data signals at a first telephone interface and
[9(c)] transmitting the voice signals and selectively transmitting the data signals received at the first telephone interface via a second telephone interface wherein
[9(d)] if said received data signals include transaction information signals representing information relating to a transaction said transaction information signals are blocked from transmission via said second interface;
[9(e)] generating a request based on said transaction information signals;
[9(f)] transmitting said request via a data interface to an external entity;
[9(g)] receiving a message from the entity via the data interface to identify success or failure of the request; and
[9(h)] processing the transaction information signals in dependence on the success or failure of the request.”
Claim 9 is thus a method claim. The Patent has a related apparatus claim, in the form of claim 1. Claim 1 describes a call processor which (in essence) performs the functions described in integers 9(b) to 9(h) of the claim 9.
The four last integers, 9(e) to 9(h), have been referred to by the parties as the “Request Features”. They define what is done with the transaction information signals after they are blocked from transmission via the second telephone interface. It is common ground that these processing steps would be familiar to the skilled team on the basis of the CGK, although there were some issues as to the construction of these integers.
Construction issues
The law
There was no dispute as to the relevant principles of construction of the claims. In short summary, the claim must be interpreted purposively, with the purpose to be ascertained from the description and drawings. The construction of the claims should not, however, take into account equivalents, which fall to be considered separately: Saab Seaeye v Atlas Elektronic [2017] EWCA Civ 2175, §§18–19; Fiberweb Geosynthetics v Geofabrics [2021] EWCA Civ 854, §17.
While the embodiments described may be used to interpret the claims, they are merely examples of the claimed invention, and it is not normally legitimate to read into the claim limitations corresponding to details of specific embodiments if the patentee has not done so: Nokia v IPCom [2009] EWHC 3482 (Pat), §41.
Various questions of construction arise in relation to claim 9, which are addressed below.
“telephone interface” – integers 9(b), (c) and (d)
The meaning of the phrase “telephone interface” was the subject of substantial submissions on both sides. It was common ground that the phrase has no specific technical meaning. That no doubt contributed to the fact that both parties struggled to articulate what they thought that this phrase meant in the context of claim 9.
Sycurio’s starting point was that a telephone interface is simply “an interface through which telephone signals pass”. That is, however, circular and adds nothing to the understanding of the phrase. More specifically, Sycurio said that telephone interfaces described either physical or logical boundaries in the transmission chain between the endpoints of a telephone call, such that there is an interface “at any point at which two pieces of equipment or networks pass information between them”. An example of a physical interface would be the port on a telephony card. An example of a logical interface would be “a software transformation of information from one form to another”. Sycurio relied in that regard on the evidence of Prof Leung, who said that he would interpret “telephone interface” as a form of network interface.
PCI-Pal’s position was that the telephone interfaces in claim 9 cannot be understood as referring to purely logical boundaries anywhere between the endpoints of the call, but must be understood as being the inbound and outbound interfaces on a call processor. Initially, PCI-Pal said that this had to be a “localised” call processor in the form of a physical telephony card. Mr Tritton in his closing submissions accepted (eventually) that a “telephone interface” in claim 9 does not necessarily require a physical port on a physical telephony card, but might take the form of a software interface in a packet switched network. What he said there had to be, however, was something that could be described as a call processor – wherever that was located, which could be anywhere – such that the interfaces represent the connections between the call processor and the caller and agent respectively.
Once it is accepted as common ground that a telephone interface does not require a physical port, but may be a software connection, the difference between the parties comes down to the question of whether the interfaces described are the interfaces of a call processor, or whether they are simply any sort of physical or logical boundary somewhere in the call transmission network.
Mr Silverleaf said that while a call processor is the subject of claim 1 of the Patent, claim 9 does not refer to a call processor. It followed, he said, that claim 9 does not refer to a call processor with inputs and outputs, but covers all systems in which the method described in the claim is carried out.
The premise of that submission is correct: claim 9 does not in terms refer to a call processor, unlike claim 1 of the Patent. It does not, however, follow that the method described in claim 9 does not require a call processor. Quite the opposite: the method described in claim 9 is a method of “processing telephone calls” in a particular way, specifically by splitting voice and (certain) data signals so as to block (certain) data signals from transmission to one of the endpoints of the call, while continuing to transmit the voice signals. Whether the processing takes place using software, or a combination of software and hardware (such as a telephony card configurable using the supplied and/or other software), there must be some functionality which carries out that processing.
Sycurio’s submissions ultimately acknowledged this point. Its opening submissions described the telephone interfaces as “the point in the logical channel through which the call is transmitted at which the operations required by the claim are performed”. In a similar vein, Sycurio’s closing submissions referred to “identifiable interfaces at which the functional requirements of the method are met. … They may be implemented in either hardware or software”. On Sycurio’s own case, therefore, the telephone interfaces are interfaces to the system (whether hardware and/or software) which carries out the functionality of the claim. Mr Silverleaf therefore realistically accepted in his closing submissions that claim 9 required a “call processing system”. There is no substantive or functional difference between that and the term “call processor” used by PCI-Pal.
The Patent specification itself, moreover, uses the terminology of “call processor”. Every time in the Patent specification that reference is made to a telephone interface, it is a reference to the interfaces of what is described as a call processor. The telephone interfaces referred to in claim 9 are therefore the interfaces of that call processor, however it is implemented. They cannot sensibly mean anything else. Sycurio’s suggestion that the interfaces might represent any “logical boundary” anywhere between the endpoints of the call is not only inconsistent with the way that the telephone interfaces are described throughout the specification, and the way that Sycurio itself elsewhere defines the concept of telephone interfaces, but would render the references to “interfaces” utterly meaningless in the context of claim 9.
I therefore accept, essentially, PCI-Pal’s interpretation of “telephone interface”.
“transmitting the voice signals” – integer 9(c)
As with the phrase “telephone interface” it is common ground that the “voice signals” in claim 9 do not refer to signal types in a technical sense. On that basis, Sycurio’s case was that claim 9 refers to “maintaining a voice connection so that effective voice communication is maintained”.
As became apparent from Sycurio’s submissions on infringement, Sycurio’s emphasis on maintaining “effective” voice communication was designed to allow it to argue (for the purposes of its infringement case) that the Patent does not require the voice connection to be maintained throughout the call. The word “effective” is, however, a gloss on the wording of claim 9. The claim itself requires voice signals to be transmitted to the second telephone interface, whereas data signals are only selectively transmitted. There is no suggestion that only “effective” voice communication is required.
Indeed, Sycurio’s written closing submissions said that a critical feature of the claim is that “voice communication between the caller and agent is maintained whilst the transaction information being entered is blocked from transmission to the agent”. On that basis, Sycurio argued that claim 9 is not obvious over Shaffer because Shaffer “does not suggest the blocking of DTMF signalling whilst transmitting voice”. Ultimately, therefore, there was not much between the parties on this point: the requirement is for the voice signals to continue to be transmitted during the call via the second telephone interface, while the data signals are being selectively blocked.
There is, however, no requirement for any particular telephony technology to be used. Claim 9 explicitly encompasses the use of VoIP technology, and it was CGK at the priority date that a VoIP call typically transfers voice data using RTP, which tolerates some reduction in quality through incidental loss of some packets (see §67 above). It was not, therefore, PCI-Pal’s case that the technology used is required to transmit 100% of the audio frequencies without any possibility of packet loss. What is required is that the voice signals are transmitted throughout the call and are not blocked or selectively transmitted.
“selectively transmitting the data signals” – integer 9(c)
A further issue relevant to infringement is the means by which certain types of data signals are blocked from transmission via the second interface. PCI-Pal contended that claim 9 requires a “frequency-based” approach to blocking, whereby the DTMF tones are filtered out of the telephone call but other audio frequencies in the voice signal are unaffected.
Claim 9 itself does not contain any requirement for those signals to be blocked by “frequency” as opposed to some other means, nor does the specification refer to blocking by frequency, as such. It follows from my conclusions above, however, that claim 9 does require the transaction information signals to be blocked in a way that does not affect the transmission of voice signals. That requires a targeted approach to blocking the transaction information signals as opposed to, for example, the blocking of both voice and data signals simultaneously.
“transaction information signals” – integer 9(d)
Sycurio’s position was that “transaction information signals” must be understood to be payment information, consistent with its case that the Patent is concerned with secure processing of remote payments. I have already rejected the suggestion that the subject matter of the Patent is focused on remote payment processing. There is no doubt that the sensitive information envisaged by the Patent as requiring protection do include payment data. The specification notes that the transaction described is, preferably, a financial transaction (p. 9), and some of the examples in the specification specifically address situations in which payment information are being transmitted (such as the hosted payment gateway illustrated in Figure 12, shown above). But the Patent is not confined to financial transactions or payment processing. Rather, the specification refers to a system and method for allowing “personal and/or financial data and information to be provided in a secure manner” (p. 2), and states that the information required to make a transaction over the telephone may include address data, date of birth and national insurance number (p. 11, referred to at §70 above).
Claim 9 likewise does not confine itself to payment information. It differs in this regard from the dependent claim 10 of the Patent. Claim 10 does specifically claim the method of claim 9 “wherein said transaction information signals represent purchaser information (e.g. credit card details, bank account details or the like)”. Claim 9 is, however, not so limited, and no such limitation is required by the context of the Patent specification.
“transmitting said request via a data interface to an external entity” – integer 9(f)
The external entity of claim 9 is the third party to which the sensitive transaction information is sent, using the method described in claim 9. The specification gives the examples of a bank, credit card company or retailer. Sycurio attempted to limit this to a bank or card acquirer; there is, however, no reason to read such a limitation into the claim. As already discussed, claim 9 is not confined to payment transactions.
The main dispute between the parties as to the interpretation of this integer, however, concerned the question of whether (as Sycurio contended, based on the evidence of Mrs Penn) claim 9 requires the transaction information to be “isolated” in the call processor and sent directly to the external entity, without being transmitted through the equipment, software or other components of the call centre telephony system. Mr Silverleaf contended that the isolation of the sensitive transaction information is the inevitable result of the combination of integers 9(c), (d) and (f), in that what is being described is the blocking of the sensitive data signals from passing through the second telephone interface, and sending those signals via a data interface to the external entity.
There is no doubt that integers 9(c)–(f) describe the blocking of the sensitive data signals from the second telephone interface, and the transmission to an external entity of a request based on those data signals. That does not, however, mean that the claim is limited to a method which sends the relevant data signals directly to the external entity without passing through any of the other components of the call centre telephony system. Nothing in claim 9 indicates that the method described is so limited. Integer 9(f), in particular, says nothing about the format in which the data is sent or whether it has undergone any processing to get it into an appropriate format for onwards transmission.
Nor is there any basis for reading into claim 9 such a limitation. Mr Silverleaf referred to Figures 11 and 12 of the Patent specification, which are examples of embodiments where the sensitive data are not sent into the call centre. As explained at §§75–77 above, that is one possible arrangement described in the specification, but it is not described as being the only one. On the contrary, as Mr Robinson pointed out in his evidence, Figures 14(a)–(c) and 15 all provide examples of embodiments of the Patent where the sensitive data are processed within the call centre (albeit that they are not accessible to the agent) before being sent to the external entity. These examples are described in the specification as illustrating the second alternative arrangement described at §§78–79 above, the benefit of those examples being that they show ways in which the call processor can be integrated into existing call centre systems for handling transactions. The “overview” part of the specification also notes that the call processor may be configured so as to be integrated directly with the existing call centre transaction handling applications (§83 above).
Mr Silverleaf’s response was to contend that although the embodiments illustrated by Figures 14(a)–(c) and 15 are included in the Patent specification, the claims of the Patent abandoned those options because the claims only covered embodiments where the call processing system was outside the boundary of the call centre environment.
There are two problems with that submission. The first is that there is nothing in the Patent to suggest that the claims only cover the situation where the call processor or call processing system lies outside the boundary of the call centre environment, to the exclusion of the arrangements illustrated by (for example) Figures 2 and 5, shown at §§73 and 74 above.
Secondly, as I have explained above, Mr Silverleaf’s contention rested on a misunderstanding of what is described in Figures 14(a)–(c) and 15. Those figures all show arrangements where the call processor is indeed located outside the boundaries of the call centre environment. But they are expressly described as illustrating ways in which the call processor (wherever it is located) can be integrated into existing call centre transaction handling systems. Figure 14(a), for example, shows the sensitive data being sent to an application server within the call centre, bypassing the agent, before being relayed by the application server to the external entity. This is quite clearly an arrangement contemplated as being within the claims of the Patent: it is expressly described in the “overview” section of the specification, and nothing in the claims of the Patent excludes this arrangement.
I therefore reject Sycurio’s contention that claim 9 incorporates an isolation feature such that the sensitive transaction data are sent directly to the external entity via the data interface, without being processed by systems within the call centre.
“receiving a message from the entity … to identify success or failure of the request” and “processing … in dependence on the success or failure of the request” – integers 9(g) and (h)
PCI-Pal’s opening skeleton argument objected that integers 9(g) and (h) were vague, giving rise to issues of sufficiency. Those objections were not pursued in closing submissions, which on this point were made by Mr Cronan. Mr Cronan’s submissions on sufficiency were, instead, focused on the concepts of “telephone interface” and “external entity”. In light of my conclusions above, I do not consider that those expressions are uncertain. They do not, however, have the meanings ascribed by Sycurio.
Inventive concept
The inventive concept of a patent is “on the face of it what is specified by the claims”, freed from prolixity or unnecessary verbiage: Pumfrey J in Research in Motion v Inpro [2006] RPC 20, §132, and Jacob LJ in Pozzoli v BDMO [2007] EWCA Civ 588, §18. It must apply to all embodiments falling within the relevant claim, and cannot be defined in terms that apply only to a sub-group of embodiments with certain technical advantages: Arnold J in Datacard v Eagle Technologies [2011] EWHC 244 (Pat), [2011] RPC 17, §96.
The inventive concept pleaded by Sycurio (as amended) is as follows:
“The inventive concept of the aforesaid claims of the Patent is the processing of a telephone call comprising voice signals and data signals between a caller and an endpoint within the call centre so as to allow the voice communication from the caller to the call endpoint to continue throughout the call whilst blocking the data signals from transmission within the call centre if the data signals include sensitive transaction information signals so that the sensitive information is isolated within a secure environment and to transmit the data signals to an external entity for authorisation of the transaction.”
One problem with this summary is that it incorporates the isolation feature which I have already found is not part of claim 9. It follows from my conclusions as to the construction of claim 9 that the claim does not specify that data signals containing sensitive transaction information are “blocked from transmission within the call centre”, or “isolated within a secure environment”. They are merely blocked from transmission to the call centre agent. As discussed above, claim 9 encompasses embodiments such as in Figures 14(a)–(c) and 15 where the relevant data signals are sent for processing within the call centre.
It is of course right to say that some of the embodiments of the claimed invention envisage the isolation of the sensitive information within a secure environment, such as the example of a hosted payment gateway (§§76–77 above). But it would not be correct to define the inventive step solely by reference to that sub-group of embodiments, excluding other embodiments where, as discussed above, the sensitive information is processed within the call centre before being relayed to the external entity.
Sycurio’s reference to “allowing” voice communication from the caller to the call centre to continue reflects its interpretation of integer 9(c) as requiring no more than “effective” voice communication, which I have rejected. Claim 9, properly understood, requires the transmission of voice signals throughout the call, without being blocked. I have also found that claim 9 requires the voice signals to be received and transmitted by the call processor, which also receives but only selectively transmits the data signals.
As to what then happens to the data signals, it would not be accurate to say that the invention requires the transmission to an external entity of the data signals that are blocked from transmission to the call centre agent. Those data signals may, under some embodiments of the claim, be processed before transmission. Integer 9(e) simply specifies that a request is generated “based on” the transaction information signals, and that the request (not the data signals themselves) is then transmitted to an external entity.
As a final point, Sycurio’s reference to “authorisation” of the transaction suggests a payment transaction. As discussed above, the claim is not so limited.
The inventive concept of claim 9 is therefore more accurately described as being:
“The processing of a telephone call comprising voice signals and data signals between a caller and a call centre agent, such that the call processor transmits the voice signals from the caller to the agent throughout the call, but selectively blocks the data signals from transmission to the agent if those data signals include sensitive transaction information. The sensitive transaction data are then transmitted to an external entity for further processing.”
VALIDITY
PCI-Pal’s case is that the Patent is invalid for obviousness, because it lacks inventive step over the prior art. PCI-Pal also advance objections of insufficiency, excluded subject matter and added matter. I have already addressed above the question of insufficiency and do not need to consider it further here. Nor do I need to address the issues of excluded subject matter and added matter, given my conclusions on obviousness set out below.
The law
It was common ground that the question of obviousness set out in s. 3 Patents Act 1977 falls to be answered by following the approach set out by Jacob LJ in Pozzoli, §23, namely:
“(1a) Identify the notional ‘person skilled in the art’;
(1b) Identify the relevant common general knowledge of that person;
(2) Identify the inventive concept of the claim in question or if that cannot readily be done, construe it;
(3) Identify what, if any, differences exist between the matter cited as forming part of the ‘state of the art’ and the inventive concept of the claim or the claim as construed;
(4) Viewed without any knowledge of the alleged invention as claimed, do those differences constitute steps which would have been obvious to the person skilled in the art or do they require any degree of invention?”
Steps (1a), (1b) and (2) have already been addressed above. The focus of this section will therefore be on (3) and (4).
In relation to (4), it is not necessary to identify whether the difference between the prior art and the inventive concept of the claim is the only obvious step that would have been taken by the skilled person or team, since there may be a number of obvious implementations of the prior art. An obvious step arising from the prior art is therefore not rendered any less obvious simply because there are also other obvious steps which might have been taken: Laddie J in Brugger v Medic-Aid [1996] RPC 635, p. 661.
The court will commonly have reference to the evidence of properly qualified experts as to what would and would not be obvious. The expert’s conclusion in isolation (i.e. obvious or not) is, however, of little value: what matters is the reasons for that opinion: Jacob LJ in Technip France SA’s Patent [2004] EWCA Civ 381, [2004] RPC 46, §15.
It is also important to avoid hindsight on the part of the expert when considering whether a particular step would have been obvious. Hindsight may manifest itself in various ways, including where the expert focuses on parts of a prior document which would not have assumed significance to the reader unaware of the invention, but which may (with the invention in mind) be said to resemble the invention; or where steps in an obviousness argument are accepted too readily, with knowledge of the destination in mind; or where it is said that difficulties in implementing the prior art would have been overcome in particular ways, known because of the invention: Floyd J in Mishan v Hozelock [2020] EWCA 871, §98.
Hindsight “cherry-picking” from the prior art is therefore impermissible. But the skilled person is assumed to be able to assimilate the contents of long and complex documents that are cited as prior art: Henry Carr J in TQ Delta v Zyxel [2019] EWHC 562 (Ch), §224.
Prior art relied on in this case
Three pieces of prior art are relied on by PCI-Pal in this case in support of its argument that the Patent is invalid on the grounds of obviousness: the Van Volkenburgh patent, the Shaffer patent, and the LiveOps press release. A further piece of prior art, the Proctor patent, is relied on for infringement but is not said to show obviousness.
PCI-Pal’s evidence on Van Volkenburgh, Shaffer and LiveOps was given by a mixture of Mr Robinson and Mr Whittaker. Sycurio’s evidence was given by Mrs Penn. Van Volkenburgh and Shaffer are, however, highly technical documents, and as explained above Mrs Penn was not qualified to give evidence on these. Mr Silverleaf therefore (as already noted) largely abandoned reliance on Mrs Penn’s evidence in his closing submissions, and made his submissions instead by reference to criticisms of the position taken by Mr Robinson, framed as legal submissions. The difficulty with that approach was that however he sought to present the points, Mr Silverleaf’s objections to Mr Robinson’s evidence ultimately rested on submissions as to the approach that he said would have been adopted by the skilled team. But without Mrs Penn, he had no evidential foundation for those submissions.
PCI-Pal, for their part, while saying that Mrs Penn’s evidence on any technical matters could not be relied upon, nevertheless sought to rely on her evidence (such as her answers to questions put in cross-examination) when it suited their case. That is an attempt to have it both ways. Given my conclusions above, I do not consider it appropriate to place any weight on Mrs Penn’s evidence on matters falling outside her core expertise of payment card processing at an operational (non-technical) level. I will, however, refer to Mrs Penn’s evidence where necessary to explain the basis of the dispute between the parties.
Van Volkenburgh
Disclosure of Van Volkenburgh
Van Volkenburgh is a US patent application published in 2004, entitled “Device and method for concealing customer information for a customer service representative”. The abstract describes:
“A method of concealing customer-provided information from an operator during a telephone conversation between the operator and a customer includes receiving [DTMF]-encoded customer information via a telephone connection to a customer telephone and generating a request asking the customer to confirm the information. The method also includes converting the [DTMF]-encoded customer information into an ASCII data stream and sending the ASCII data stream to a computing device, whereby the operator is unable to discern the customer information.”
Mr Robinson said that the document would be of immediate interest to the skilled team; that is undoubtedly correct, and was not disputed by Sycurio.
[0004] states that the invention provides a device and method that allows a customer to provide sensitive information during a telephone conversation with a live operator in a way that conceals the sensitive information from the operator. [0003] explains that the author has in mind payment information, such as a credit card or debit card number, or account number.
The method described at [0005] is to add a data masking device to the telephone connection between the caller and agent, with an input for receiving the customer information and two outputs: one to send signals to a computing device, which may include ASCII characters or encrypted signals, and a second output to transmit masked signals indicating to an operator that the customer is entering information. The masked signals may also include masking characters directed to a display device. The customer information may be provided in the form of DTMF signals, which the masking device may convert to an ASCII data stream in order to send to a computing device: [0006]–[0007].
As for the communication between the caller and the agent, [0019] notes that the device “passes vocal frequencies through to the operator’s communication device … enabling the customer to talk to the operator in the traditional way”. A similar comment appears at [0026], noting that the device “receives and captures encoded information from a customer who is engaged in a conversation with a live operator”. If the caller enters DTMF tones, those may also be transmitted to the operator. Alternatively, if further audible masking is required, the device may instead send masking tones to the operator: [0020].
[0013]–[0014] illustrate the operation of the invention:
“As an example, a customer of a utility company contacts the utility company to pay his utility bill. The utility company may employ a system whereby the customer may pay by check, debit card, credit card, or the like by providing account information to an operator. … At the appropriate point in the conversation with the customer, the operator asks the customer for payment account information. In response, instead of providing the information verbally, the customer provides the information by ‘keying’ the information using, for example, a telephone keypad, cell phone keypad, keyboard, reader, or the like, thus encoding it into tones or other electronic signals.
The tones generated by the customer are received by a data masking device designed according to the teachings of the present invention. The data masking device converts the signals into computer-readable signals and sends the computer-readable signals to a computer. In some embodiments the computer-readable signals may be encrypted. Thus, instead of verbally providing the sensitive information to the operator who then enters it into the computer, the customer is essentially entering the information directly into the computer, thus avoiding disclosure of the information to the operator.”
Obviousness over Van Volkenburgh
In the course of Mr Silverleaf’s written and oral closing submissions, three main objections to obviousness in the light of Van Volkenburgh were advanced. The first was that it did not disclose the isolation feature. That point falls away in light of my conclusions above.
Secondly, Mr Silverleaf said that it would not be obvious to implement Van Volkenburgh with a device that allowed voice communication to continue while data were being entered. The more obvious way of implementing the invention would in his submission have been to block both the voice and data signals while the sensitive data were being entered.
I do not accept that submission. As Mr Robinson noted, [0004], [0013], [0014], [0019] and [0026] of Van Volkenburgh all indicate that the invention envisages a live call continuing between the caller and agent while the sensitive information is provided. That point emerges most obviously from [0026] which states that the device receives and captures the encoded information from a customer “who is engaged in a conversation with a live operator”. Nothing at all in Van Volkenburgh states or even suggests that the masking device blocks the voice call while the caller’s sensitive information is being keyed in. Accordingly, while Mr Robinson readily accepted that the skilled team with knowledge of Van Volkenburgh could have implemented a solution which blocked both voice and data from the agent, if they had done so it would have been a step away from Van Volkenburgh, since that is not what Van Volkenburgh itself discloses.
There is therefore in this regard, contrary to Mr Silverleaf’s submissions, no difference between the disclosure of Van Volkenburgh and the inventive concept of claim 9.
Mr Silverleaf’s third objection was that Van Volkenburgh did not disclose turning on and off the blocking of data. PCI-Pal agreed that in this regard Van Volkenburgh differed from claim 9; but, as Mr Robinson said in his second report, there is nothing inventive in turning functionality on and off: “I struggle with the idea that somehow there is something inventive about turning on functionality when you need it.”
Mr Robinson’s evidence was also that the way in which the skilled team would most likely have implemented the Van Volkenburgh masking device, in a typical call centre at the priority date, would have been to use a telephony card inserted before the rest of the call centre, as follows:
In that configuration, it would have been necessary to configure the telephony card to switch DTMF blocking on and off, to allow the call centre IVR system and other functionality to operate.
Mr Silverleaf’s response was to say that Van Volkenburgh did not envisage use of a telephony card, but described a device attached to each agent’s computer. As Mr Robinson explained, however, the skilled team implementing Van Volkenburgh at the priority date, on the basis of the CGK and available technology, would have considered the use of telephony cards to be the most straightforward route. The alternative would have been to design and build something bespoke, which he considered would be far from straightforward and unlikely: “it would be quite unlikely that they would say, ‘right, there’s no circuit diagrams here, there’s no descriptions, there’s no components listed, let’s all get out our soldering irons and work out how to do it.’ I don’t think they would do that.”
Mr Silverleaf objected that implementing the invention of Van Volkenburgh would have required “extensive modifications” to the telephony cards, but he had no evidence to support that submission, and it was squarely contradicted by Mr Robinson’s evidence. As Mr Robinson explained in some detail when cross-examined on this point, the telephony cards available at the time could be configured using the standard software which came with the cards, a point with which he was familiar because he had used telephony cards himself in installations before the priority date of the Patent. Mr Robinson’s explanations in this regard were, in my judgment, supported by detailed and coherent reasoning, and were entirely convincing.
It follows that claim 9 is obvious over Van Volkenburgh.
Shaffer
Disclosure of Shaffer
Shaffer is a US patent application by Cisco Technology, published in 2006, entitled “Method and system for providing a conference service”. The abstract describes:
“A method for providing a conference service includes hosting a conference between a plurality of endpoints and communicating at least one media stream received from at least one of the plurality of endpoints to the remaining plurality of endpoints. The method also includes receiving a request to block communication of the at least one media stream to a first endpoint of the plurality of endpoints and blocking communication of the at least one media stream to the first endpoint.”
Mr Robinson noted that Cisco was the first major manufacturer to provide VoIP telephony technology, and that the patent discusses IVR and call centres. He said that it would have therefore been clear to the skilled team that the patent application was relevant to their interests. That was not as such disputed by Sycurio, but Mr Silverleaf said that the disclosure of Shaffer was not directed to payment systems and did not contain any discussion of the application of the teaching to financial transactions. That comment reflected, however, Sycurio’s case that the skilled team would be focusing on payment systems, and Mrs Penn’s evidence based on her experience in that field. Mr Robinson’s comments as to the relevance of Shaffer were, by contrast, made from the perspective of PCI-Pal’s description of the skilled team, as including expertise in both payment processing and telephony technology. I have accepted that definition of the skilled team, and I therefore accept Mr Robinson’s evidence on the relevance of Shaffer to that team.
Shaffer explains that the background to the invention arises in “multipoint conferences”, using “conference” to mean any communication with multiple endpoints. “Endpoint” is a standard technical term to mean the final device with which one is connecting, including a standard telephone, mobile phone or IVR system. By way of example, Shaffer notes at [0003] that a multipoint conference might involve a caller, live agent and an IVR system, with the communication from the caller to the IVR system being made through either speech or DTMF signals.
Schaffer’s idea is, in summary, that a participant to a conference can control the output of a particular “media stream” to other participants, by selectively blocking communication of a media stream to one or more of the participants. That enables callers, for example, to prevent an agent from hearing confidential information when it is transmitted audibly to an IVR system conferenced in with the caller and agent: [0006]–[0010]. This is illustrated by Figure 2 of the specification, reproduced below with Mr Robinson’s annotations:
The outbound connection 81b to endpoint 71 can therefore be turned on and off by the conference unit. As shown in the figure, it is open; if this is a voice communication, then the user at endpoint 71 can talk but cannot hear anything.
The idea of blocking “media streams” is explained further at [0017], which states that:
“particular embodiments allow one or more conference participants to control the ability of a participant to receive output from the conference. The blocking of media streams to or from an endpoint may include blocking voice or video streams, including, for example, files. In particular embodiments, the control modules may block a control channel or signalling received from one endpoint from being communicated to one or more other endpoints. Such control channel or signalling may be used by a participant, for example, for call setup purposes or for transmitting information to an IVR system, such as transmitting account information through DTMF signalling.”
Mr Robinson explained that the skilled team would understand this to mean that DTMF signalling could be blocked from reaching a particular endpoint, such that it could be blocked from being transmitted to the agent without other media streams being interrupted. As he explained, at the priority date DTMF signalling was most commonly sent in the voice stream, i.e. in-band. The distinction made by Shaffer between blocking a “media stream” and blocking a “control channel or signalling” would therefore, he said, be understood by the skilled team to have referred to the ability to block DMTF signalling contained within the voice stream.
Much of the Shaffer specification is occupied with providing technical information as to the technology that may be used to implement the invention. Various examples are, however, given to illustrate the applications of the method and system described. At [0035] it is noted that:
“As indicated above, particular embodiments may allow for the control or blocking of signalling received from one or more conference participants from being communicated to other participants. For example, the control modules may disable the in-band DTMF signals from one or more endpoints and thus provide better security for the caller.”
It was common ground that “as indicated above” in this paragraph is a reference to [0017]. Mr Robinson explained that disabling “in-band DTMF” means, in technical terms, the suppression of the audio frequencies of DTMF signalling when sent in the voice stream (hence “in-band”). Both [0017] and [0035] therefore refer to the blocking of DTMF signalling sent in-band in the voice stream.
[0041]–[0042] describe a practical application of the system as being a call to a bank to receive account information in which the caller is in a conference with both a live agent and an IVR system. If the IVR system prompts the caller to speak confidential information such as their account number, password or PIN, the agent may tell the caller to key in a specified string (e.g. **5) to mute the output to the agent. The caller may then speak their password securely, following which they may enter another string (e.g. **6) to restore audio communication with the agent. This enables the caller to include the agent in an IVR session when the caller needs help, while allowing the caller to convey and receive confidential information to and from the IVR system.
Most of the claims of Shaffer (claims 1–41) refer to the communication and blocking of media streams to different endpoints. Claims 42–45 of the patent, however, refer to the communication and blocking of signalling, rather than a media stream:
“42. A method for providing a conference service, comprising:
hosting a conference between a plurality of endpoints;
communicating signalling received from at least one of the plurality of endpoints to the remaining plurality of endpoints;
receiving a request to block communication of the signalling to a first endpoint of the plurality of endpoints; and
blocking communication of the signalling to the first endpoint.
43. The method of claim 42, wherein:
the first endpoint is used by an agent;
a second endpoint of the plurality of endpoints is used by a caller;
a third endpoint of the plurality of endpoints comprises an interactive voice response (IVR) system; and
receiving a request to block communication of the signalling to the first endpoint comprises receiving a request from the caller to block communication of the signalling to the agent.
44. The method of claim 43, wherein the blocked signalling comprises confidential information of the caller.
45. The method of claim 42, wherein the signalling comprises dual tone multiple frequency (DTMF) signals.”
Obviousness over Shaffer
As with Van Volkenburgh, Mr Silverleaf’s first objection to obviousness over Shaffer was based on the absence of the isolation feature, which is not an issue in light of my conclusions above.
Mr Silverleaf’s other objection was a contention that Shaffer does not suggest the blocking of DTMF signalling whilst transmitting voice. Rather, he said, Shaffer – in particular in [0035] – discloses blocking DTMF by blocking the entire media stream which contains the DTMF signalling; that approach would block both voice and DTMF communication from the particular endpoint. Reading [0017] and [0035] as disclosing the selective blocking of DTMF signalling but not voice would, he said, require hindsight which is not a permissible approach. In his submission, properly understood there is nothing in Shaffer to direct the skilled team towards the inventive features of claim 9.
I do not accept that submission. It was apparent from Mr Silverleaf’s closing submissions that this point was based on the evidence of Mrs Penn, who said that those paragraphs of Shaffer would be understood as suggesting the blocking of DTMF by blocking an entire media stream. Mr Robinson’s view was, however, that Mrs Penn had misread Shaffer and, in particular, had not properly understood the reference in [0035] to disabling in-band DTMF signalling, therefore providing better security for the caller. In his opinion, the skilled team would understand this to disclose the suppression of the audio frequencies of DTMF signalling, while keeping voice communication open. Mr Robinson also considered that the skilled team with the relevant telephony systems knowledge would be aware of the CGK hardware which was suitable to disable in-band DTMF (see §48 above), and would understand that it could be applied to improve security where sensitive information was to be conveyed using DTMF tones.
Given that knowledge, and once Shaffer was properly understood, Mr Robinson said that there were several obvious ways of implementing the disclosure of Schaffer. One option, if confidential information was to be given through voice communication, would be to block the voice media stream from passing to the agent, but allow it to pass to the IVR system where it could be processed. He noted, however, that the second most common approach used at the time to take payments over the phone was DTMF. On that basis, he thought that a system falling within claim 9 of the Patent would be an obvious implementation of Shaffer.
I accept Mr Robinson’s evidence on this point. Shaffer is a highly technical document which, as was very apparent during the course of Mrs Penn’s cross-examination, addresses matters far beyond the scope of Mrs Penn’s expertise. That is no doubt why, when Mrs Penn was cross-examined on the document, her evidence was extremely confused. She also candidly admitted that she did not understand the concept of “in-band DTMF signals” referred to in [0035], a critical paragraph of Shaffer for present purposes. She should not have been giving evidence on Shaffer, and I consider that her evidence on the document was wholly unreliable. Mr Robinson, by contrast, clearly understood all aspects of Shaffer, and was able to explain the significance of the technical concepts referred to in the document and the technology used by the skilled team at the priority date. With the benefit of that expertise, he was able to explain how the skilled team would have implemented the disclosure of the document. His explanations were comprehensive and coherent.
I do not accept Mr Silverleaf’s submission that Mr Robinson was infected by hindsight in his interpretation of “isolated references” in [0017] and [0035] as disclosing selective blocking of DTMF signalling. Those passages provide important examples using technical terms which are then repeated in the claims of the patent. While the majority of the claims of the patent (claims 1–41) describe blocking an entire media stream to one of the endpoints, claims 42–45 are different, and are expressed in terms which refer to blocking signalling from being communicated to a particular endpoint. As set out above, claims 44 and 45 specifically refer to the signalling in question comprising DTMF tones, and the possibility that the blocked signalling comprises the caller’s confidential information, which would be of obvious interest to the skilled team. [0017] and [0035] cannot, therefore, be dismissed as isolated references that have been read out of context. Rather, they are the specific passages of the specification which foreshadow claims 42–45.
Accordingly, I accept Mr Robinson’s conclusion that Shaffer describes a flexible system which can be used in a call centre environment, in which the system can block either a stream or signalling which is used to convey confidential information. As he expressed it in cross-examination: “This is a facility that allows you to control different endpoints and the different communication methods going to them. You can block voice, you can block DTMF, you can block video, you can block files.”
There is therefore no material difference between the disclosure of Shaffer and the inventive concept of claim 9.
LiveOps
Disclosure of LiveOps
LiveOps is a one-page article entitled “LiveOps: Tell the Rep Nothing”, which was published on 15 January 2007 on “destinationCRM.com”, a website said to be related to the CRM magazine (CRM standing for Customer Relationship Management”). The article concerns the launch of a “Secure Exchange” call centre system by the call centre platform vendor LiveOps.
The first paragraph of the article explains that Secure Exchange is a call centre system which allows callers to input or receive sensitive data during a service call without the need for intervention by the call centre representative. The article then contains the following two paragraphs (which I have annotated with paragraph numbers for convenience):
“[2] Call centers equipped with Secure Exchange interact with callers as normal until information exchange (PIN, Social Security number, or health status, for example) is required. At that point the agent directs the call to Secure Exchange, an automated system that prompts the caller through any required steps and reads the information to the caller or takes it from them, as necessary. The caller has the option of requesting assistance from the agent, and the agent monitors call progress (though not its content) throughout.
[3] Matt Fisher, vice present of direct response and shared services for LiveOps, likens Secure Exchange to other venues where the agent is involved but unable to eavesdrop. ‘It’s like punching credit card info into the checkout-line keypad at the grocery store,’ Fisher says. ‘You’re talking to the cashier, but they can’t see your information.’”
Mr Robinson’s evidence (particularly in cross-examination) was that paragraph 2 read in isolation discloses a system where the caller is transferred by the agent to a conventional IVR, while allowing the agent to monitor the progress of the call. He agreed that the description of the agent monitoring the call’s progress, but not its content, indicates that there is no audio channel open to the agent. He said, however, that paragraph 3 would change the skilled team’s understanding, in that the analogy given indicates that a live conversation is continuing while the secure information is being provided by the caller. His view, therefore, was that LiveOps when read as a whole discloses the idea of a voice call between the caller and agent continuing while sensitive information is being keyed in by the caller, in a way that does not reveal that information to the agent.
Mrs Penn disagreed. She was of the view that paragraph 2 of LiveOps indicates a mid-call transfer approach, and that the Fisher quote in paragraph 3 is sufficiently inconsistent with the content of paragraph 2 that the skilled team would consider it to be a bad analogy or just marketing speech, rather than an accurate indication of how the system worked. There was in this regard no dispute as to Mrs Penn’s ability to comment on the document, which is not a technical document. Mr Tritton did, however, suggest that Mrs Penn’s reluctance to answer some of his questions about LiveOps in cross-examination undermined the reliability of her evidence.
On this point I prefer Sycurio’s position. While I accept as a premise Mr Robinson’s comment that the skilled team would expect a quote from a Vice President within LiveOps to be an informative statement, the quote in this case does not describe, in terms, the functionality of Secure Exchange, but does nothing more than provide a vague analogy from a quite different context. There is nothing in the document to explain how that analogy fits in with the system as described in paragraph 2.
I am not, therefore, persuaded by Mr Robinson’s view that the skilled team would regard the analogy as transforming their understanding of the system described. That does not, in my judgment, sufficiently take account of the inconsistency between paragraphs 2 and 3. I consider it far more likely that (as Mrs Penn said) the skilled team would consider the quote in paragraph 3 to be either a bad analogy or loose language in a marketing context. To extract from the document the proposition that a live call is continuing with the agent notwithstanding the description in paragraph 2 is, in my view, only possible with a good deal of hindsight.
The disclosure of LiveOps is therefore, in my judgment, a system which provides for a transfer of the caller to an IVR system, while allowing the agent to monitor the progress of the call, and to provide further assistance to the caller if required.
Obviousness over LiveOps
In light of my conclusion as to the disclosure of LiveOps, the question of obviousness over LiveOps can be answered shortly. Mr Robinson’s evidence as to the way in which the skilled team would implement LiveOps turned on his assessment of the disclosure of the document. If the disclosure of LiveOps is as set out above, Mr Robinson (rightly) did not suggest that it would be obvious to implement LiveOps in a way that replicated the inventive concept of claim 9.
Claim 9 is therefore not obvious over LiveOps.
Conclusion on validity
My conclusion is that claim 9 is invalid for obviousness based on both Van Volkenburgh and Shaffer. It is not, however, obvious in light of LiveOps.
In light of that conclusion it is not necessary for me to consider the further validity arguments raised by PCI-Pal concerning excluded subject matter and added matter.
It is also not, strictly speaking, necessary for me to consider the infringement arguments. These were, however, the subject of considerable evidence at the trial, which went not only to the issue of infringement of the current variants of Agent Assist but also the question of the declarations of non-infringement sought in relation to the proposed enhancements of Agent Assist. I will therefore address the issues below in case this matter goes further and these points become relevant.
INFRINGEMENT
Two issues arise in relation to infringement. The first is whether any of the Agent Assist variants infringe claim 9, either on a normal basis or under the doctrine of equivalents, and including consideration of whether a Gillette/Formstein defence is available on the basis of the Proctor prior art. The second is whether PCI-Pal should be granted a declaration of non-infringement in relation to nine proposed Agent Assist enhancements.
In relation to both of those issues, Sycurio’s evidence on infringement was given by Mrs Penn, and PCI-Pal’s evidence was given by Mr Robinson and Mr Whittaker. Mr Leung was not asked to comment on infringement. As regards Mrs Penn, I note below the main points on which she opined, but in light of my comments above regarding the scope of her expertise I do not accept any of her evidence on infringement as being reliable (or indeed properly expert evidence at all). The only reliable expert evidence before me on the infringement issues is therefore that of Mr Robinson and Mr Whittaker.
The law
There was (again) no dispute as to the legal test. Sections 60(1) and (2) of the Patents Act 1977 provide, in so far as relevant:
“(1) Subject to the provisions of this section, a person infringes a patent for an invention if, but only if, while the patent is in force, he does any of the following things in the United Kingdom in relation to the invention without the consent of the proprietor of the patent, that is to say—
…
(b) where the invention is a process, he uses the process or he offers it for use in the United Kingdom when he knows, or it is obvious to a reasonable person in the circumstances, that its use there without the consent of the proprietor would be an infringement of the patent;
…
(2) Subject to the following provisions of this section, a person (other than the proprietor of the patent) also infringes a patent for an invention if, while the patent is in force and without the consent of the proprietor, he supplies or offers to supply in the United Kingdom a person other than a licensee or other person entitled to work the invention with any of the means, relating to an essential element of the invention, for putting the invention into effect when he knows, or it is obvious to a reasonable person in the circumstances, that those means are suitable for putting, and are intended to put, the invention into effect in the United Kingdom.”
Section 60(1)(b) refers to “direct” infringement; s. 60(2) refers to “indirect” infringement by supplying a means relating to an essential element of the invention.
Sycurio alleges infringement under s. 60(1)(b) both on a normal construction of the Patent, and (in the alternative) under the doctrine of equivalents. On a normal construction of the Patent, the question of infringement is approached by interpreting the words of the claim objectively in the context of the specification as a whole: HHJ Hacon in Regen v Estar Medical [2019] EWHC 63 (Pat), §207. If there is no infringement on a normal construction, the doctrine of equivalents requires the court to consider whether the disputed product or process varies from the invention in ways that are immaterial. The steps in the reasoning are (it is common ground) those set out by the Supreme Court in Actavis v Eli Lilly [2017] UKSC 48, and subsequently reviewed and summarised by the Court of Appeal in Icescape v Iceworld International [2018] EWCA Civ 2219, as follows:
The whole approach to interpretation and scope of protection therefore involves the following steps, considered through the eyes of the notional addressee:
Does the variant infringe any of the claims as a matter of normal interpretation?
If not, does the variant nevertheless infringe because it varies from the invention in a way or ways which is or are immaterial? This is to be determined by asking these three questions:
Notwithstanding that it is not within the literal (that is to say, I interpolate, normal) meaning of the relevant claim(s) of the patent, does the variant achieve substantially the same result in substantially the same way as the invention, i.e. the inventive concept revealed by the patent?
Would it be obvious to the person skilled in the art, reading the patent at the priority date, but knowing that the variant achieves substantially the same result as the invention, that it does so in substantially the same way as the invention?
Would such a reader of the patent have concluded that the patentee nonetheless intended that strict compliance with the literal meaning of the relevant claim(s) of the patent was an essential requirement of the invention?
Of course, in order to establish infringement in a case where there is no infringement as a matter of normal interpretation, a patentee would have to establish that the answer to questions (a) and (b) above is ‘yes’ and that the answer to question (c) is ‘no’.”
PCI-Pal also raised the issue of a Gillette defence (in relation to the allegation of infringement on a normal construction of the Patent) or the related Formstein principle (for infringement under the doctrine of equivalents). The Gillette principle, derived from Gillette Safety Razor v Anglo-American Trading Company [1913] 30 RPC 465, operates as a squeeze where the alleged infringement is itself an obvious variant of the prior art at the priority date. In such a case the patent cannot be infringed, because if the obvious variant fell within the scope of the patent then the claim would be invalid: see comments of Birss LJ in Facebook Ireland v Voxer [2021] EWHC 1377 (Pat), §210.
Formstein [1991] RPC 597 was a German case where the same principle was applied in the context of an allegation of infringement by equivalents. The court’s conclusion was that there could be no such infringement if the alleged infringement was within the prior art or was not inventive in light of the prior art. HHJ Hacon in Technetix v Teleste [2019] EWHC 126 (IPEC), §§95–100, proceeded on the assumption that a Formstein defence should be recognised under English law. Birss LJ also endorsed the Formstein approach in Facebook Ireland v Voxer, §216, although it was not necessary for him to apply the principle in that case.
Sycurio accepted for the purposes of this dispute that the law is as stated by Birss LJ, but contended that on the facts neither a Gillette nor a Formstein defence is available to PCI-Pal.
Agent Assist
Agent Assist provides a remote payment system which aims to remove as much of the merchant’s environment from the scope of the PCI DSS requirements as possible. The first generation of the system was a private data centre hosted platform. Agent Assist is the second generation of the system, which is a cloud-based system. Sycurio only alleges infringement in relation to this generation of Agent Assist and does not make any allegation of infringement in relation to the first generation product.
Agent Assist includes three main variants which are the subject of the infringement claim: Quick Connect, Voice Connect (which has two subvariants: Voice Connect With Media Release and Voice Connect Without Media Release) and SIP Connect (which also has subvariants, but the differences between these are not material). The variants have been created so as to integrate with different telephony solutions used by merchants. There is only one difference between the variants which is potentially relevant to the infringement issues, which is described further below.
All three variants of Agent Assist are cloud-based systems which operate using VoIP. All three variants use PCI-Pal’s custom application called Collection and Payment (CAP). CAP is hosted entirely remotely. In order to take a payment from a customer, the call from the customer needs to be routed through one of the Agent Assist variants, and the call centre agent needs to have access to CAP either through the CAP web portal or through an application that integrates with the merchant’s systems.
As is typical for modern VoIP systems, SIP signalling is used to manage the routing of the call, but voice data are transferred using RTP. Each Agent Assist variant uses a network-layer software application known as a Session Border Controller (SBC) to handle VoIP calls and to carry both the SIP signalling and the RTP voice data.
Agent Assist seeks to route the RTP voice and SIP signalling in the most efficient and cost-effective way. When a cardholder calls the merchant, SIP signalling is used to set up the call. Once the call is answered, the RTP voice path is established. What then happens differs according to whether the system is switched to normal or active mode.
In normal mode, when no DTMF blocking is required, the SIP signalling passes through the CAP infrastructure, but the RTP voice channel passes directly between the caller and the call centre agent without going through the CAP infrastructure. [REDACTED]
[REDACTED]
[REDACTED] the RTP voice path remains within the public telephony networks in normal mode, [REDACTED]. It therefore does not pass through either PCI-Pal’s SBC or CAP. [REDACTED]
[REDACTED]
When confidential information needs to be provided, the call centre agent can initiate active mode. That causes the RTP voice path to be re-routed so that it passes through PCI-Pal’s CAP infrastructure. Accordingly, in active mode both the SIP and RTP paths pass through the CAP. [REDACTED]
[REDACTED]
[REDACTED]
PCI-Pal’s PPD explains that, whether in normal or active mode, the RTP voice path “remains open throughout the call”. In active mode, however, CAP blocks the DTMF tones and prevents them from being passed on to the call centre agent. The method of doing so differs according to whether the DTMF tone is carried out-of-band in the SIP signalling, or in-band in the RTP voice channel [REDACTED]
[REDACTED]
The effect of carriage or detection of DTMF in the RTP voice path is therefore that all audio signals are blocked for a period of time, whether those signals consist of voice data or DTMF data. In a SIP-only scenario, however, there is nothing to block or remove, because the DTMF data are carried only in the SIP signalling and are therefore not audible. In that scenario the only interruption to the audio path is the insertion of beeps corresponding to the entry of DTMF tones.
Whether DTMF is carried in the SIP signalling, RTP channel, or both (in the event of “bleed”) will depend on the various telephony systems being used by the parties to the call and the intermediate telephony infrastructure. PCI-Pal accept, however, that a more than de minimis proportion of DTMF card payment data transmitted in active mode will present to CAP in a SIP-only scenario, [REDACTED].
PCI-Pal referred to the SIP-only scenario in their opening submissions as raising a further reason why there was no infringement, which I will discuss below. Unfortunately, the implications of the different ways in which Agent Assist treats a SIP-only DTMF transmission as compared with the RTP scenarios were not then discussed further during the trial until the end of Mr Silverleaf’s closing submissions (the point noted at §5 above). The evidence before the court, and the submissions at the trial, focused almost exclusively on the RTP scenarios; and the implications of the SIP-only scenario for the infringement case were not explored at all in cross-examination. Having addressed the issue in further written submissions after the trial, neither party asked to make further oral submissions on the point or to adduce further evidence on the issue. I therefore have to address this issue on the limited materials before me.
Section 60(1)(b) infringement on a normal construction
On a normal construction of the Patent, PCI-Pal disputed infringement on three main bases. The first was that Agent Assist is not a system that works using two “telephone interfaces” through which voice is transmitted and data is selectively transmitted, as described in integers 9(b), (c) and (d). Secondly, PCI-Pal said that contrary to integer 9(c) Agent Assist does not transmit the voice signal throughout the call, but blocks the signal [REDACTED] when DTMF tones are entered. Finally, while PCI-Pal accepted that Agent Assist carries out the Request Features of claim 9, there was a minor dispute on integer 9(h).
Two additional points were advanced by PCI-Pal which turned on whether the carriage of DTMF tones follows the SIP-only scenario or one of the RTP scenarios. For the RTP scenarios, PCI-Pal relied on a Gillette squeeze based on the Proctor patent. In the remaining SIP-only scenario, PCI-Pal said that the DTMF tones are not sent as part of a “telephone call” or received at a “first telephone interface” at all, such that this scenario should be regarded as falling outside the construction of claim 9.
Telephone interfaces
As set out above, in the context of claim 9, the expression “telephone interface” must be interpreted as meaning an interface of the call processor which implements the method described in claim 9. PCI-Pal initially sought to define that call processor as a telephony card, but Mr Tritton retreated from that contention in his oral closing submissions. Mr Tritton likewise did not pursue PCI-Pal’s original contention that the claims of the Patent are limited to the use of traditional circuit-switched telephony systems. As set out above, the Patent specification states expressly (p. 18) that the call processor can be used with SIP and VoIP telephony systems.
As already discussed claim 9 does, however, require something that can be identified as the interfaces of a call processor, rather than simply logical boundaries somewhere in the telephony system. It follows that integers 9(b), (c) and (d) require that the voice and data signals arrive at a first interface of the call processor, and are then (selectively) split by the call processor such that data signals are blocked when they contain transaction information, whereas the voice signals continue to be transmitted via the second interface to the call centre agent.
I agree with PCI-Pal that integers 9(b), (c) and (d) require the voice and data signals to pass through the first interface of the call processor throughout the call. That is clear not only from the face of the claims but also from the descriptions and figures of the specification. Nothing suggests that claim 9 could encompass a system where the call, or any part of the call, does not pass through the call processor at all. Those integers likewise require both voice and data signals to depart via the second interface of the call processor save only in so far as the data include transaction information signals, in which case those signals are blocked from transmission via the second interface.
Even leaving aside the particular point on whether the SIP-only scenario falls within claim 9 (which I consider further below) Mr Silverleaf struggled to explain how these integers are met by Agent Assist, and offered numerous variants of his case. I address below the main alternative arguments, so far as I have been able to identify them, as set out in the course of the pleadings and written and oral submissions.
First, there was a suggestion in Sycurio’s re-amended Statement of Case on Infringement that the interfaces are the interfaces of CAP. CAP is, as set out above, the (remotely-hosted) software which, in active mode, blocks the DTMF tones and prevents them from being passed on to the call centre agent. Mr Robinson did not accept that the interfaces could be the interfaces of CAP, because he considered that the interfaces of claim 9 must be construed as being the ports on a telephony card. As already indicated, however, Mr Tritton did not pursue that contention in his closing submissions, and PCI-Pal’s position ultimately was that the call processor used to implement claim 9 could in principle take the form of software. On that basis, CAP could in my judgment be regarded as a call processor with interfaces to the caller and the agent.
The key difference between the functionality of Agent Assist and the functionality described in integers 9(b), (c) and (d), however, is that voice signals do not pass through CAP in normal mode. Instead, voice is carried in the RTP channel and passes directly to the merchant via PCI-Pal’s PSTN provider, as set out at §195 above, [REDACTED]. The only thing that is transmitted via the interfaces of CAP in normal mode is the SIP signalling which does not carry voice signals. Voice data do not, therefore, enter the first interface of CAP throughout the call. Integers 9(b), (c) and (d) are therefore not met by reference to the interfaces of CAP.
Secondly, Sycurio suggested that the interfaces of PCI-Pal’s SBC could be regarded as the telephone interfaces for the purposes of claim 9. This was Mr Silverleaf’s main argument in his closing submissions. There are several problems with that. The first is that [REDACTED]. More importantly, however, the interfaces of the SBC cannot properly be regarded as telephone interfaces for the purposes of claim 9, because the SBC is not on any view the call processor. It is (as Mr Robinson explained) a network device that performs particular functions required by Agent Assist’s system (including in this case connecting telephone calls), but it does not perform the operations described in claim 9.
Sycurio’s reliance on the interfaces of the SBC for this purpose also lacked evidential support. While Mrs Penn suggested, at some points in her oral evidence, that the SBC could be regarded as the location of the telephone interface, her evidence on this point was neither clear nor consistent, and for the reasons given above her views on this technical issue cannot be given any weight.
Thirdly, there was a suggestion that the telephone interfaces might be regarded as located within PCI-Pal’s PSTN provider. That would, however, give no sensible meaning to the concept of a telephone interface, and would fall well outside the proper construction of claim 9 as set out above.
Fourthly, Mr Silverleaf said that since the Patent expressly says that the claimed system can be implemented using VoIP and SIP technology (see §73 above), the PCI-Pal system must provide the functionality required of the telephone interfaces of claim 9, i.e. there must be somewhere in the PCI-Pal system an input interface which receives the DTMF signals and an output interface which transmits the call with the DTMF signals removed.
That submission is, however, a non sequitur. The fact that the Patent envisages that the system described might be implemented using VoIP and SIP technology does not mean that a VoIP system such as that of Agent Assist must be regarded as handling calls in the way described in claim 9. Mr Robinson explained in his evidence that it would be possible to create a system using VoIP and SIP technology which mirrored the functionality of the Patent, by having a fixed incoming and outgoing interface through which all calls were routed. DTMF could, in that arrangement, be sent in-band and detected and removed from the RTP packets, with the remaining audio signal conveyed to the agent. If implemented in that way, the system would operate in substantially the same way as the Patent. But Agent Assist works in a completely different way, as described above, with the result that it does not have fixed interfaces of that nature.
Ultimately, I do not consider that Sycurio was able to offer any coherent case as to how the features of Agent Assist infringed integers 9(b), (c) and (d) of the Patent, on a normal construction.
Transmission of the voice signal
The second main difference between claim 9 and Agent Assist, relied upon by PCI-Pal, turns on the requirement in integer 9(c) that the voice signal is transmitted throughout the call. Sycurio initially said that this requirement was met because of the statement in the PPD that the RTP voice path “remains open throughout the call”; on that basis it contended that voice communication “continues throughout” in active mode. That was a misunderstanding of the functionality of Agent Assist. As set out above, in active mode, at least in the RTP scenarios, Agent Assist blocks the RTP voice signal by replacing each DTMF tone with a monotone beep [REDACTED]. Mr Robinson’s evidence was that this means that voice is blocked with multiple “breaks” to the voice channel to the agent while the DTMF tones are being entered by the caller.
Mr Silverleaf’s alternative submission was to dispute the significance of the periods for which voice is blocked in these scenarios, for the purposes of maintaining an “effective conversation”. That is considered below in relation to infringement by equivalents. It cannot change the analysis for the purposes of a normal construction of claim 9.
As for the SIP-only scenario where a monotone beep is inserted in the voice path [REDACTED], Sycurio’s post-hearing submissions contended that voice transmission was “wholly transparent” in this scenario and not blocked at all. PCI-Pal disputed that, saying that in this scenario the voice signal is “suppressed” for the [REDACTED] beep for each DTMF tone entered. PCI-Pal cited (among other things) the Amended Confidential Annex to the Amended Defence and Counterclaim which referred to the insertion of the monotone beep as “[replacing] the speech waveform … coming from the Cardholder”.
Sycurio did not seek to dispute PCI-Pal’s description of Agent Assist in this regard. Nor could it sensibly have done so, without any expert evidence on the point. Neither Mr Robinson nor Mrs Penn specifically addressed the way in which Agent Assist works in the SIP-only scenario, by comparison with the RTP scenarios. As PCI-Pal also pointed out, Sycurio could have cross-examined PCI-Pal’s technical factual witness as to the way in which Agent Assist worked, but did not do so. On that basis, I am unable to accept Sycurio’s submission that there is infringement in this scenario.
On a normal construction of claim 9, therefore, there is no infringement.
The Request Features
PCI-Pal accepted that Agent Assist carries out the Request Features in integers 9(e), (f) and (g). In opening submissions, however, PCI-Pal contended that integer 9(h) was not infringed, because that integer requires different processing actions to be carried out depending on the success or failure of the request. The submission was that in Agent Assist the collected information is deleted regardless of the outcome of the request sent to the external entity.
That contention was not seriously pursued in Mr Tritton’s closing submissions, and it was not substantiated by PCI-Pal’s evidence. Mr Whittaker accepted in cross-examination that the processing of the data by Agent Assist differs depending on whether the payment response indicates success or failure. If the response indicates success, then the transaction details are processed to settle the transaction, and the credit card data are then automatically deleted from the secure memory store. If the response indicates failure, then if the cardholder wishes to try again the card data are deleted manually; otherwise the card details are deleted automatically when the call ends. That evidence shows that while in both cases the card data are deleted, the way in which those data are handled differs depending on the outcome of the request.
I therefore consider that Agent Assist carries out all of the Request Features.
Gillette squeeze based on Proctor
PCI-Pal’s first additional point was its reliance on a Gillette squeeze, contending that the functionality of Agent Assist was in this regard an obvious implementation of Proctor, a US patent application published on 3 November 2005. Proctor is titled “System and method for collecting confidential customer information in conjunction with a live conversation between customer and vendor representative”. It discloses a system for the secure collection of confidential customer information using an “adaptor” which temporarily blocks the connection between the customer and the agent while the confidential information is being collected, using either DTMF tones or (alternatively) voice recognition. PCI-Pal contended that Agent Assist was more similar to Proctor, in this regard, than it was to claim 9, and that this was an additional reason for infringement based on integer 9(c).
The dispute on this point turned on the invention disclosed by Proctor. Sycurio’s central contention was that Proctor discloses a mid-call transfer approach, where the customer is connected to an IVR system in order to collect the confidential information. PCI-Pal said that by contrast to a standard mid-call transfer as understood at the priority date (in which, as set out at §62 above, the agent would not remain on the call), Proctor discloses the use of an adaptor to temporarily block the connection between caller and agent while the confidential information was being entered, for a period similar to the period of voice suppression by Agent Assist.
Sycurio’s case relied on Mrs Penn’s evidence on the disclosure of Proctor, which I have rejected for the reasons given above. PCI-Pal’s submissions were supported by Mr Robinson’s evidence. He explained that Proctor does not simply teach a mid-call transfer, since that would be prior art (as the Proctor specification recognises). Rather, Proctor suggests an alternative approach of combining the secure collection of the confidential information (whether by DTMF tones or voice recognition) with a live conversation with an agent. Mr Robinson also said that the skilled team would consider it obvious to implement Proctor by blocking and unblocking the connection while successive pieces of information were entered. The main difference between Agent Assist and Proctor is, in his view, simply that the use of SIP and RTP by Agent Assist enables the connection to be blocked by Agent Assist for a shorter period than in Proctor.
Mr Silverleaf submitted that Mr Robinson’s evidence was based on hindsight, internally inconsistent, and inconsistent with the process as described in Proctor which does not envisage blocking and unblocking the connection successively. I do not accept those submissions. Mr Robinson’s evidence was coherent and consistent. His explanations of how the skilled team would have implemented Proctor were carefully reasoned, explaining the problems that the skilled team would be aware of when they were considering the appropriate implementation (such as customers having difficulty entering multiple pieces of information). I accept his evidence on this issue.
It is important to acknowledge, however, the problem discussed above that PCI-Pal’s evidence and submissions at trial did not distinguish between the SIP-only and RTP scenarios. [REDACTED].
As PCI-Pal therefore accepted, the evidence only supports the Gillette/Proctor point in relation to the RTP scenarios. Of itself, therefore, if this were relied on as the sole basis for a finding of non-infringement, it would not be sufficient, because it is accepted by PCI-Pal that a more than de minimis proportion of DTMF card payment data transmitted in active mode will present to CAP in the SIP path alone (§201 above). PCI-Pal’s opening submissions had, however, contended that the SIP-only scenario is outside the scope of claim 9 altogether. That is the second additional point which I now consider.
Additional construction point in SIP-only scenario
PCI-Pal’s submission was that integers 9(a)–(d) of the Patent envisage that voice and data are carried in a single voice channel to the first telephone interface, and are then split by the call processor so as to block data signals selectively. That is not, however, the case where DTMF data are sent in the SIP signalling alone. In that scenario, PCI-Pal said that CAP does not receive a “telephone call comprising voice signals and data signals”, because the voice and data signals are already split into different channels; indeed the transmission of DTMF in the SIP signalling is in PCI-Pal’s submission more akin to transmission over a data interface than transmission in a telephone call. For the same reason, in a SIP-only scenario CAP does not have to split the DTMF signals from the voice signals in order to block them selectively. Mr Robinson, in his evidence, added further reasons for saying that the processing by CAP of DTMF when carried in the SIP channel is not the same as when it is carried in or detected in the RTP path.
Sycurio’s response to this was somewhat diffusely set out at various points of its written submissions. I was able to discern essentially three arguments (which seemed to be advanced both in respect of a normal construction of the Patent and in respect of infringement by equivalents).
The first argument was that the separation of the voice and DTMF signals is a natural feature of the use of SIP signalling. It is not clear how that point assists Sycurio. The fact that SIP signalling enables voice and DTMF to be carried in different channels does not mean that the use of that functionality must inevitably be regarded as meeting the claims of the Patent. The question remains whether the relevant functionality (in this case the way in which a call is transmitted by Agent Assist in the SIP-only scenario) falls within claim 9. As discussed at §215 above, it is possible to implement a DTMF blocking system using VoIP and SIP technology in a way that closely mirrors the functionality described in claim 9, but that is not the way that Agent Assist works.
The second argument was that the SIP and RTP channels should be considered as a composite whole for these purposes, since the location of the DTMF signalling has no functional significance. I do not accept this submission: it is clear that the location of the DTMF in a VoIP/SIP call is of fundamental significance for the way in which CAP processes those signals, as set out in both PCI-Pal’s submissions and Mr Robinson’s evidence. Mr Robinson was not cross-examined on that point.
Sycurio’s third argument, set out in its written closing submissions, was that DTMF signals carried in the SIP channel are “selectively blocked in precisely the same way” as when they are carried in the RTP path. That did not really engage with PCI-Pal’s arguments on this point. In any event, the submission was inaccurate, since it is common ground that Agent Assist blocks the DTMF signalling in different ways depending on whether that signalling is only present in the SIP channel or whether audible DTMF tones are transmitted in the RTP channel. Indeed, Sycurio’s post-hearing submissions positively relied upon that difference to support its arguments about voice transmission in the SIP-only scenario.
The evidence before me therefore supports PCI-Pal’s submission that the functionality of Agent Assist in a SIP-only scenario falls outside the scope of claim 9, on a normal construction of the Patent.
The combined effect of PCI-Pal’s two additional points, therefore, is that if I had not already found there to be no infringement based on PCI-Pal’s main arguments set out above on the requirement for telephone interfaces and continuous transmission of the voice signal, I would have found non-infringement for the further reason that in the RTP scenarios, a Gillette squeeze arises since Agent Assist is an obvious implementation of Proctor, and in the remaining SIP-only scenario, Agent Assist falls outside the scope of claim 9.
Section 60(1)(b) infringement by equivalents
If the two additional points addressed in the foregoing section are correct, they are a complete answer to the allegation of infringement by equivalents. In respect of the RTP scenarios, applying the Formstein approach, there cannot be infringement by equivalents if the alleged infringement is itself an obvious variant of the prior art, in this case Proctor. In respect of the SIP-only scenarios, PCI-Pal’s construction objection was expressed to apply both as a matter of normal interpretation and in respect of the allegation of infringement by equivalents. As noted above, Sycurio’s submissions were likewise put on both bases and did not suggest any different analysis for infringement by equivalents.
If these points are incorrect, then it would be necessary to consider infringement by equivalents by reference to the Actavis questions. As set out above, these require the court to consider, first, whether Agent Assist achieves substantially the same result in substantially the same way as claim 9, looking at the inventive concept of the claim. It is then necessary to consider the issue of obviousness to the skilled team, and whether such a reader of claim 9 would have concluded that the patentee intended that strict compliance with the literal meaning of that claim was an essential requirement of the invention.
Substantially the same result
On the case as it was presented during the trial, which focused on the RTP scenarios, Mr Silverleaf contended that the periods of voice suppression introduced by Agent Assist are not significant in a voice call, because voice communication is “substantially maintained”, and as a practical matter the caller is not likely to wish to speak to the call centre agent while entering DTMF data.
I do not accept those submissions. The inventive concept of claim 9 does not, I have found, require “effective” or “substantial” voice communication, but requires the transmission of voice signals throughout the call. By contrast Agent Assist (in the RTP scenarios) inserts [REDACTED] beeps [REDACTED] in the RTP voice path. As Mr Robinson said, that is not insignificant in telephony terms, and certainly interferes with the conversation between the customer and the agent. The results are therefore substantially different both from the perspective of a telephony engineer, and from the perspective of the customer experience. Mrs Penn disagreed, but in cross-examination it was apparent that she had not understood how (technically) Agent Assist works in this regard: she was under the impression that the cardholder and the agent remain in “constant vocal communication” which is not broken by the entry of DTMF data by the cardholder.
Mr Silverleaf sought to bolster his submissions by relying on various promotional materials issued by PCI-Pal suggesting that a call through the Agent Assist system continues uninterrupted while data are being entered, or that the customer remains in conversation with the agent at that time. Mr Robinson disagreed with this description of the functionality of Agent Assist, on the basis that it was both technically inaccurate and an inaccurate description of the customer experience. His comments were, in my judgment, well-founded: given the periods of voice suppression inserted by Agent Assist in the RTP scenarios, it is apparent that the voice path is substantially interrupted while sensitive data are being entered in active mode.
That leaves the question of the SIP-only scenario [REDACTED]. Given my findings above as regards the analysis of this scenario on a normal construction of the Patent, it is difficult to see how this could differ for infringement by equivalents: the suppression of the voice signal [REDACTED] is on any view a substantially different result to the transmission of the voice signal throughout the call, [REDACTED].
Any contrary suggestion is, again, not supported by any evidence, because none of the experts addressed the nature and duration of the voice suppression specifically in the SIP-only scenario. While Mr Robinson’s second report commented that the insertion of a beep would interfere with the conversation between the customer and agent, and Mrs Penn disagreed on the basis that the beep would not interfere with “effective communication”, neither of them distinguished between the SIP-only and RTP scenarios on this point.
Sycurio has therefore not, in my judgment, established that Agent Assist achieves substantially the same result as claim 9, whether in relation to calls where DTMF tones are carried in or detected in the RTP voice path, or in relation to calls where DTMF data are carried only in the SIP signalling.
Substantially the same way
Assuming, however, that the conclusions above are wrong, the next question would be whether Agent Assist works in substantially the same way as envisaged by claim 9, i.e. the second part of the first Actavis question.
Sycurio contended, in essence, that Agent Assist is a standard VoIP/SIP implementation of the functionality of claim 9 and should therefore be regarded as at least equivalent to the invention, unless VoIP/SIP technology is outside the scope of the claim in principle (which it is not). On that basis, Mr Silverleaf said that the RTP and SIP channels should be considered as a whole and not in isolation, because they are used together to provide the functionality of a VoIP call.
I have, however, already concluded on the basis of Mr Robinson’s evidence that Agent Assist is not a standard VoIP/SIP equivalent to the functionality of claim 9. Rather, it works in a quite different way to claim 9, in the various ways already described above. I do not consider that these differences in functionality can be regarded as what Lord Neuberger in Actavis §54 described as “immaterial” variations from the invention. The technical solutions adopted by Agent Assist are a long way from what is envisaged in claim 9.
Mr Silverleaf said that the way in which calls are routed by Agent Assist (and in particular the direct routing of calls in normal mode) should be disregarded, because that simply reflects a commercial decision by PCI-Pal. There is no dispute that (as the PPD explicitly states) Agent Assist routes calls in a way that is designed to be cost effective and efficient. A non-infringing process does not, however, become infringing simply because the differences between that process and the invention were (wholly or in part) chosen for commercial reasons.
Agent Assist therefore does not, in my judgment, work in substantially the same way as envisaged by claim 9.
The other Actavis questions
In light of my conclusions on the first Actavis questions it is not necessary to go on and address the other Actavis questions. Suffice it to say that Mr Robinson’s evidence was that it would not have been obvious to the skilled team, at the priority date, that Agent Assist worked in substantially the same way as described by claim 9. His view was that the skilled team would consider that Agent Assist operated in a different technical manner from the Patent, for (essentially) the reasons that I have addressed above, in relation to the first Actavis questions. Mrs Penn was not able to comment meaningfully on these points at all, given the limitations in her expertise and her difficulties with understanding how Agent Assist worked from a technical perspective.
Section 60(2) infringement
Sycurio contended that even if there is no infringement under s. 60(1)(b), there is nevertheless infringement under s. 60(2). The argument was that the SIP signalling is used by Agent Assist to control and redirect the RTP channel, such that the invention is being performed by a combination of PCI-Pal’s system and the PSTN.
I do not accept that submission. Section 60(2) refers to a means of putting the invention into effect. The point in the present case is that the invention is not being put into effect, whether by PCI-Pal or anyone else, and whether or not a combination of systems is employed.
Conclusion on infringement
Even if I had concluded that claim 9 is valid, I would have found that it is not infringed by Agent Assist, whether on a normal construction of the claim or under the doctrine of equivalents.
The Agent Assist enhancements
The final issue is the enhancements proposed by PCI-Pal, in respect of which a declaration of non-infringement is sought. Sycurio accepts that if the court finds that none of the Agent Assist variants infringe the Patent, then the Agent Assist enhancements will also not infringe the Patent. It is therefore not necessary to address this issue.
CONCLUSIONS
For the reasons set out above, my conclusions are that:
The Patent concerns a technical solution for the problem of agent fraud at call centres. The skilled team is therefore a team with both telephony expertise and payment systems expertise.
The scope of the CGK is as described at §§42–68 above.
I prefer the submissions of PCI-Pal as to the construction of claim 9 of the Patent. I do not accept PCI-Pal’s (alternative) submission that the claim is invalid for insufficiency.
The inventive concept of claim 9 is as described at §123 above.
Claim 9 is obvious over both Van Volkenburgh and (separately) Shaffer, and therefore invalid. I do not consider that it is obvious over LiveOps.
It is therefore not necessary to consider PCI-Pal’s further invalidity arguments based on excluded subject matter and added matter.
Even if claim 9 were found to be valid, neither the current variants of Agent Assist nor the proposed enhancements infringe claim 9 either on a normal construction or under the doctrine of equivalents. To the extent necessary, I would accept PCI-Pal’s reliance on a Gillette/Formstein defence based on obviousness over Proctor.