|European Case Law Identifier:||ECLI:EP:BA:2011:T052208.20110218|
|Date of decision:||18 February 2011|
|Case number:||T 0522/08|
|IPC class:||G06K 19/073
|Language of proceedings:||EN|
|Download and more information:||
|Title of application:||ELECTRONIC CREDIT CARD - ECC|
|Applicant name:||Ong, Yong Kin (Michael)|
|Relevant legal provisions:||
|Keywords:||Added subject-matter (yes)|
Summary of Facts and Submissions
I. The appeal lies from the decision of the examining division to refuse European patent application No. 01 905 512.8. The decision was dispatched on 4 October 2007.
II. The original disclosure, as published under the PCT under No. WO-A-01/61640, consisted of 3 pages of description, 17 independent claims and 6 pages of drawings.
III. The examining division had to decide on the allowability of a main request and three auxiliary requests which had been filed in the course of the examination procedure. In the reasons for its decision, it held that the subject-matter of claim 1 of the main request and auxiliary requests 2 and 3 contained added subject-matter, contrary to Article 123(2) EPC, and that claim 1 of auxiliary request 1 did not fulfil the requirements of Article 54(1)(2) EPC 1973 as to novelty.
IV. The appellant (applicant) lodged an appeal against this decision by notice received at the EPO on 13 December 2007. The prescribed appeal fee was paid on the same day. The statement setting out the grounds of appeal was filed on 14 February 2008.
The appellant requested that the impugned decision be set aside and a patent be granted on the basis of the claims according to a main request or, alternatively, on the basis of various sets of claims according to auxiliary requests 1 to 8, all requests filed with the statement of grounds of appeal.
V. At the appellant's request, the Board issued a summons to attend oral proceedings, scheduled to take place on 18 February 2011.
In preparation of the oral proceedings, the Board issued a communication pursuant to Article 15(1) Rules of Procedure of the Boards of Appeal (RPBA) on 25 November 2010, expressing its provisional opinion with regard to the requests then on file. The Board expressed particular concern with regard to the requirements of Article 123(2) EPC in relation to all the requests. A detailed analysis of claims 1 to 9 and 19-26 of the main request was also provided, drawing the attention of the appellant to various aspects in the claims which, in the Board's preliminary opinion, revealed the existence of added subject-matter. More generally, the basis for the combinations of features provided by the dependent claims of the requests on file was questioned.
VI. Under cover of a letter dated 18 January 2011, a new main request and amended auxiliary requests 1 to 8 were filed, taking into account some of the Board's comments. In the accompanying letter, the appellant provided arguments which, in his view, established that some of the objections raised by the Board were not justified.
Claim 1 of the main request reads:
"1. An electronic credit card comprising
a user verification means for verifying the identity of a user; and
a communication means for communicating with a transaction station, characterised in that the electronic credit card further comprises:
a means that generates a unique authorisation code when the user's identity is verified;
a storage means that stores the user's account details for use in an electronic funds transfer transaction;
wherein communication means securely communicates the account details of the user and the authorisation code to facilitate an electronic fund transfer transaction."
The auxiliary requests 1 to 8 differ from the main request by the wording of the independent claims and various dependent claims. As far as they are relevant to the present decision, the amendments to claim 1 of auxiliary requests 1 to 8 can be summarised as follows (with emphasis on the differences added in bold type by the Board):
The feature relating to the user verification means has been amended in claim 1 of auxiliary requests 3 to 8 so as to specify "user verification means for receiving a security authorisation code input from a user and verifying the identity of the user from the security authorisation code".
The reference to a "unique authorisation code" has been replaced in claim 1 of auxiliary requests 2 to 8 by a reference to "a unique transaction identifier".
The feature relating to the communication means has been amended in claim 1 of auxiliary request 2 by reciting: "wherein the communication means securely communicates the account details of the user and the transaction identifier to authorise and facilitate an electronic fund transfer transaction". In claim 1 of auxiliary request 3, a similar amendment was made specifying, however, "wherein the communication means securely communicates the account details of the user and the security authorisation code using the transaction identifier to authorise and facilitate an electronic fund transfer transaction".
The corresponding feature was further amended in claim 1 of auxiliary requests 4 to 8 by deleting the terms "to authorise".
All the requests include a plurality of dependent claims and two additional independent claims relating, respectively, to a method of performing an electronic fund transfer transaction and a system for conducting such a transaction.
VII. During the oral proceedings before the Board on 18 February 2011, the appellant filed a modified claim 1 according to a new auxiliary request 9. The claim reads:
"An electronic credit card comprising:
one of a keypad (1), a fingerprint scanner pad (10), or a [sic] eyeball retina scanner pad (11), the electronic credit card being configured to perform a user identification process based on a security authorisation code received from the user in the form of (i) a personal identification number input via the keypad (1) of the electronic credit card, or (ii) a fingerprint signature input via the fingerprint scanner pad (10) of the electronic credit card, or (iii) a [sic] eyeball retina signature input via the eyeball retina scanner pad (11);
a communication means for communicating with a transaction station;
a storage means that stores at least one credit card/ debit card account for use in an electronic funds transfer transaction;
wherein said communication means communicates, for an electronic fund transfer transaction, to said transaction station said security authorisation code using a unique transaction identifier for each transaction."
VIII. This decision is issued after the entry into force of the EPC 2000 on 13 December 2007. Reference is thus made to the relevant transitional provisions for the amended and new provisions of the EPC, from which it may be derived which Articles of the EPC 1973 are still applicable to the present application and which Articles of the EPC 2000 are to apply.
In the reasons for the present decision, all relevant provisions refer to the EPC 2000.
Reasons for the Decision
1. The appeal and the corresponding statement of grounds comply with the requirements of Articles 106 to 108 EPC and Rule 99 EPC. The appeal is, thus, admissible.
2. Added subject-matter - Article 123(2) EPC
Reference is made in the following to the original application as published under the PCT under number
2.1 "User verification means"
2.1.1 The feature of "a user verification means for verifying the identity of a user" in claim 1 of the main request and auxiliary requests 1 and 2 is not disclosed in the application as filed.
The original disclosure refers on page 1, lines 26-28, to three different processes to make the electronic credit card (ECC) operational: "1. A user controlled PIN (personal identification number) and/or
2. A user identified fingerprint signature (digital signature) and/or
3. A user eyeball retina signature (digital signature)." In the absence of any suggestion in the application as filed for the skilled person to generalise these processes, the reference in the claim to "user verification means" constitutes a non-allowable generalisation of the original teaching.
The appellant argued that the existence of three different alternatives in order to fulfil the very same function, namely, the verification of the user's identity, constituted a clear indication that the invention was not limited to one specific form of verification but encompassed all kinds of equivalent processes. In this respect, the appellant underlined that this approach was widely accepted by the EPO and its boards of appeal and explicitly acknowledged in the Guidelines for examination.
In the Board's judgement, this argument does however not apply under the present circumstances since it is, in effect, undermined by the statement on page 1, lines 24 and 25, of the application as filed, introducing the passage reproduced above, which specifies: "ECC is only operational through one of the following process (hereafter known as SAC [security authorisation code])". This statement emphasizes the fact that the ECC has to be rendered operational and that this can be achieved only by one of three specific processes. There is no indication as to whether other processes could serve the same purpose, let alone as to which kind of process this could be.
2.1.2 The same argumentation applies mutatis mutandis to the feature of "a user verification means for receiving a security authorisation code input from a user and verifying the identity of the user from the security authorisation code" in claim 1 of auxiliary requests 3 to 8.
2.2 "Means that generates a unique authorisation code / unique transaction identifier when the user's identity is verified"
2.2.1 The original disclosure does not contain any reference to a "unique authorisation code" as referred to in claim 1 of the main request and auxiliary request 1. Even if it is agreed that a literal basis is not required under Article 123(2) EPC for an amendment to be allowable, as put forward by the appellant, such an amendment should nevertheless be directly and unambiguously derivable from the original application documents.
The term "unique authorisation code" has no clearly recognised meaning in the field of electronic credit cards. It is therefore not possible to establish any clear relationship between the concept of a unique code serving for authorisation and the notions of "security authorisation code", "transaction number", or "unique transaction identifier", which are in fact referred to in the original disclosure. This is all the more true as these latter notions are also not clear per se and not defined in the original disclosure. For this reason, the view that the notion of a "unique authorisation code" actually encompassed the two alternatives corresponding to the unique transaction identifier when used alone or in association with the security authorisation code, respectively, must a fortiori be rejected under Article 123(2) EPC.
2.2.2 Independently of the new matter resulting from the use of the term "unique authorisation code", the reference to the corresponding "means" that generates this code, in claim 1 of the main request and auxiliary request 1, or to the "means" that generates a (or the electronic credit card's) unique transaction identifier in claim 1 of auxiliary requests 2 to 8, also constitutes as such added subject-matter.
The Board notes, in this respect, that the original disclosure does not establish beyond any doubt that the means generating said "unique transaction identifier" are indeed incorporated in the electronic credit card. The indication on page 2, line 18, of the description that the "ECC has the capability to generate its own transaction number..." is not pertinent since it does not refer to a transaction identifier but to a number having possibly a different function. The further indication on page 3, line 8, according to which "ECC sending SAC uses a unique transaction identifier for each transaction" relates to the step of sending data and does not allow to conclude that the means that actually generate the unique transaction identifier are indeed provided within the electronic credit card.
The appellant stressed the point that the presence of said means derived from pure logic when applied to the disclosed transaction process which required, as an essential feature, that a unique code or identifier be issued for each transaction. This argument does not convince the Board. Firstly, the unique identifiers to be used for each transaction could be loaded and stored in the electronic card when it is issued by the financial institution, organisation or company. In that case, the presence in the credit card of means for generating such identifiers would not be required. The view that the claimed means would be implicitly disclosed must therefore be rejected. Secondly, the question whether it would have been logical to have said means provided in the credit card relates to the issue of obviousness of this feature and not to the question to be answered in relation with added subject-matter, namely, whether this feature is indeed disclosed or not.
2.2.3 The original application documents do not contain any indication establishing that a unique transaction code or identifier is generated "when" the user's identity is verified. The presence of the term "when", in the definition of the means to generate said code or identifier in claim 1 of each request, can be construed so as to imply that either the two actions referred to in this phrase are simultaneous or that the generation of the code is somehow related to the verification of the user's identity. However, none of these two interpretations is disclosed by the application as filed.
The Board cannot subscribe to the appellant's view that the skilled person would have understood that simply a sequence of actions was meant, since this was the only interpretation which made technical sense. It was stressed, in this respect, that the generation of a code would have indeed been useless if it subsequently became apparent that the identity of the user could not be confirmed.
Although the interpretation made by the appellant may indeed reflect a probable course of actions taking place in the electronic card, it is not, in the Board's view, the only technically meaningful interpretation. It is observed, in this respect, that independent claim 1 of each request makes a distinction between the step of generating a unique identifier and the step of communicating said information: this latter step providing in effect the key actually required for performing a transaction. The skilled person would have thus recognised from the application documents as originally filed that what really matters is that the act of communicating said information follows the generation of the identifier only in the case that the user's identity has been successfully ascertained. Whether the preceding actions of generating said identifier and verifying the identity are simultaneous, or carried out in sequence, is in that respect irrelevant. It can therefore even not be unambiguously established from the original disclosure that the generation of the authorisation code/transaction identifier follows the step of verifying the identity of the user, as submitted by the appellant.
2.3 "A storage means that stores the user's account details"
The notion of "account details" is deprived of any basis in the original disclosure, which merely refers to the credit card/debit card account (page 2, line 30; page 3, line 9), to the approved credit card/debit card financial limit, or to information regarding the user's financial balance or account limit (page 3, lines 11-13).
In the Board's judgement, the notion of "account details" cannot be equated with the concept of credit card/debit card account, as put forward by the appellant. More specifically, it is not possible to derive from the mere mention of a credit card/debit card account that a rather large set of data relating to an actual credit card number, such as the name of the bank, the SWIFT number, etc. was meant. As a consequence, the generalisation resulting from the use of the term "account details" in claim 1 of the main request and auxiliary requests 1 to 8 extends beyond the disclosure of the original application.
2.4 "Wherein communication means securely communicates..."
2.4.1 Claim 1 of the main request and auxiliary requests 1 to 8 includes a limitation relating to the ability of the communication means to "securely communicate" for which no basis can be found in the original application.
The passage on page 2, lines 10-13, of the description as originally filed refers to four different communication processes. It reads: "ECC is an intelligent device that communicates with TS via one of the following modes or a combination of the following modes:
1. Infra-red telecommunication process (Figure 4) and/or
2. Radio frequency telecommunication process (Figure 5) and/or
3. Magnetic induction telecommunication process (Figure 6) and/or
4. Wire contact telecommunication (Figure 7) process."
The description does not provide any further details as to the means or processes which would permit to render these communication modes secure (Figures 4 to 7 referred to in said paragraph constitute schematic representations of the card layout including one element illustrating in each figure the corresponding telecommunication means). In the description, these communication processes are not even associated with the aspect of security.
The sweeping statement on page 1, lines 1 and 2, of the description according to which the "invention relates to the provision of a secure, controlled, and reliable transaction of funds using electronic controlled credit card" concerns the invention as a whole and does not permit to draw any conclusion with regard specifically to the communication means. This statement can therefore not support the view that the communication means contribute or include additional means which permit to communicate in a somehow particular secure manner. This conclusion is all the more true as claim 1 in all the requests on file does not even specify the nature of the security which is to be achieved. It is, in particular, unclear whether the quality of the communication is meant, in the sense that alteration of the signal to be transmitted should be prevented, or whether the aspect regarding the confidentiality of the data transferred is addressed, as suggested by the appellant in his submissions of 18 January 2011. Since the teaching of the original disclosure appears to be limited to the sole evocation of the four alternative communication processes, it cannot constitute a valid basis for the introduction of the general notion of "secure communication".
2.4.2 The evocation of the "account details" of the user in association with the "authorisation code", in claim 1 of the main request and auxiliary request 1, or with the "transaction identifier", in claim 1 of auxiliary request 2, or with the "security authorisation code", in claim 1 of auxiliary requests 3 to 8, implies that the feature under consideration pertains to the communication of two distinct sets of data. Independently of the aspect of added matter associated with the notions of unique authorisation code and account details raised above under sections 2.2.1 and 2.3, respectively, the Board notes that the original disclosure is quite general and does not provide any clue as to the relationship which exists between the credit card/debit card account and the unique transaction identifier, the transaction number or the security authorisation code. In other words, it is not possible to determine on the basis of the original application documents whether these sets of data are indeed relating to distinct pieces of information or whether the transaction identifier or the security authorisation code, respectively, incorporates the credit card/debit card account data or elements of these data. There is a fortiori no indication to be found in the application as filed with regard to the relation between the non-disclosed concept of (unique) authorisation code and account details.
Consequently, since claim 1 of the main request and auxiliary requests 1 to 8 establishes a distinction between these various categories of data which was not originally present, it is considered to refer to new subject-matter.
2.4.3 The wording "to facilitate an electronic fund transfer transaction", in claim 1 of the main request and auxiliary requests 1 and 4 to 8, or "to authorise and facilitate", in claim 1 of auxiliary requests 2 and 3, is unclear and, as a consequence, also leads to an unallowable generalisation of the original disclosure.
Although the terms "facilitate" and "facilitates" appear at various places throughout the description (cf. page 2, line 16; page 3, line 5, and the corresponding original claims 6 and 15), they are associated there to other aspects of the invention, namely, the capability of the ECC to download information to a computer system or the provision of keypads on the front of the card, respectively, which do not constitute a valid basis for the amended wording. The former measure tends to facilitate transactional history, whereas the latter facilitates SAC telecommunications.
The new wording now also encompasses applications wherein the communication of the account details and authorisation code/transaction identifier would somehow participate in the electronic fund transfer transaction, for example, as sole confirmation that the identity of the card's user has been successfully checked. It, thus, extends beyond the original teaching according to which the communication of the unique transaction identifier constitutes, more specifically, the key for the electronic funds transfer to take place.
2.5 As a consequence of the various aspects discussed above, claim 1 of the main request and of each of auxiliary requests 1 to 8 contains subject-matter extending beyond the content of the original application, contrary to the requirements of Article 123(2) EPC.
3. Auxiliary request 9 - Admittance (Rule 13 RPBA)
Claim 1 according to auxiliary request 9 was filed during the oral proceedings before the Board as a reaction to the debate which had taken place with regard to claim 1 of the preceding requests. Although the Board acknowledges that claim 1 of auxiliary request 9 solves some issues relating to added subject-matter, it also notes that the wording "the electronic credit card being configured to perform a user identification process based on a security authorisation code received from the user in the form of (i) a personal identification number input via the keypad (1) of the electronic credit card, or (ii) a fingerprint signature input via the fingerprint scanner pad (10) of the electronic credit card, or (iii) a [sic] eyeball retinal signature input via the eyeball retina scanner pad (11)" has no clear and unambiguous basis in the application as filed (Article 123(2) EPC).
More specifically, the Board observes that the passage of the published application on page 1, lines 24-28, implies that the security authorisation code be activated or generated after one of the verification processes (i), (ii) or (iii) has been carried out. However, some further processing would be required in the case of a verification relying on the fingerprint or retina signature to subsequently generate said security authorisation code, as acknowledged by the appellant. Hence, the security authorisation code cannot be defined as being "received from the user". In the case of a verification relying on a personal identification number, nothing in the description permits to establish that this number is identical to the security authorisation code.
Consequently, in exercising its discretion under Article 13 RPBA, the Board decided not to admit auxiliary request 9 into the proceedings considering that its admittance would have been contrary to the principle of procedural economy, because it is prima facie apparent that it cannot form the basis for the grant of a European patent.
For these reasons it is decided that:
The appeal is dismissed.