|European Case Law Identifier:||ECLI:EP:BA:2018:T165013.20180515|
|Date of decision:||15 May 2018|
|Case number:||T 1650/13|
|IPC class:||G07C 9/00
|Language of proceedings:||EN|
|Download and more information:||
|Title of application:||Method of modification of authorization details for a biometrics authentication device, biometrics authentication method, and biometrics authentication device|
|Applicant name:||FUJITSU LIMITED
Fujitsu Frontech Limited
|Relevant legal provisions:||
|Keywords:||Inventive step - (no)
Inventive step - mixture of technical and non-technical features
Summary of Facts and Submissions
I. The appeal is against the decision of the Examining Division refusing European patent application No. 06 250 510 on the grounds that the subject-matter of the main and first auxiliary requests then on file did not involve an inventive step within the meaning of Article 56 EPC. The second auxiliary request was not admitted into the procedure pursuant to Rule 137(3) EPC.
At the end of the oral proceedings held before the Board the appellant requested that the decision under appeal be set aside and that a patent be granted on the basis of its main request or subsidiarily on the basis of its auxiliary request, both filed with the grounds of appeal.
II. The following document is referred to:
D2: US 2002/0095386 A1.
III. The sole independent claim of the main request (which will be referred to as claim 1, although it is in fact labelled claim 7) reads as follows:
"An automated transaction machine (6), which detects biometrics characteristic data from a body, verifies the data against biometrics characteristic data registered in advance in an IC card (5), and performs individual authentication, comprising:
a detection unit (1-1) for detecting the biometrics characteristic data from the body; and
a verification unit (67) for verifying the detected biometrics characteristic data against biometrics characteristic data of the principal, registered in advance in the IC card (5),
wherein the verification unit (67), when the verification result is satisfactory, permits modification of the authorization details of an authorized agent other than the principal, set by the principal who is the owner of the IC card (5), and registers the modified authorization details for the authorized agent in the IC card (5), and wherein
the verification unit (67) verifies the biometrics characteristic data, registered in advance, of the principal and of the authorized agent, against the detected biometrics characteristic data, and when the verification result for the authorized agent is satisfactory, permits modification of the authorization details of the authorized agent within the range of authorization details for the authorized agent other than the principal, set in the IC card (5) by the principal, and when the verification result for the principal is satisfactory, permits modification of the authorization details of the authorized agent set in the IC card (5) by the principal."
The sole independent claim of the auxiliary request (which will be referred to as claim 1, although it is also labelled claim 7) differs from the independent claim of the main request only in the following feature (in bold) in the final clause:
"... permits modification of the authorization details of the authorized agent within the range of transaction details for the principal, set in the IC card (5), by the principal."
IV. With the summons to oral proceedings, the Board sent a communication under Article 15(1) RPBA setting out its provisional views. The Board indicated inter alia that the question whether the distinguishing features were of a technical or a non-technical character would be discussed, and that the appellant would also be asked to explain the purpose of the invention, which was not apparent. In particular, the claimed subject-matter appeared to envisage a proxy having access rights which he or she could extend or restrict at any time, without the principal being present or having to give permission, up to some maximum set of access rights allowed by the principal. It was not clear to the Board what was supposed to be achieved by this.
V. The appellant's arguments, insofar as they are relevant to the present decision, may be summarised as follows:
The invention related to an automated transaction machine (ATM) intended for use with an IC card bearing authorization details of the card owner (the "principal") and of a a proxy ("authorized agent"). D2 disclosed a broadly similar arrangement to that of the present invention, but claim 1 of the main request differed from D2 in three ways.
(a) A first difference was that, according to the present invention, the authorized agent could modify his or her own authorization details. None of the proxies identified in D2 (e.g. categories A, B and C defined in paragraphs -) could perform any modification of their authorization details. Only the "master account" (the "principal" of the present invention) had the power to create or modify accounts.
Another user was always needed in order to change the settings of a first user's account, and this was a cumbersome way to manage access rights of authorized agents.
(b) A second difference was that the present invention allowed an authorized agent to vary authorization details only within a range set by the principal.
In Fig. 14, a proxy was initially registered with access (transaction flags set to "1") to all the transaction types available to the principal. Fig. 15 showed the result of modification by the proxy within the range initially set by the principal. One of the transaction flags ("withdrawal") had been set to "0", and hence removed as a permitted transaction type. However, at some later time, the proxy was able to broaden his/her authorization details again, within the range set by the principal.
Thus the proxy was able to modify his/her authorization details without requiring the presence of the principal, but within limits set by the principal. By contrast, in D2 the master account holder could not control the actions of another Category C user in setting access controls for other accounts, which caused a lack of security.
(c) A third difference was that the present invention required an authorized agent to undergo biometric authentication before he/she is allowed to modify their authorization details. In D2, although a master account holder registered via a PKI-enabled biometric device, there was no corresponding disclosure about similarly requiring the authorized agents to undergo biometric authentication prior to setting access controls. The present invention therefore provided greater security as well as increased flexibility.
Even if flexibility of transaction processing constituted an aim in a non-technical field, as asserted by the Examining Division, this did not apply to flexibility of transaction processing when combined with increased security, as in the present invention.
Moreover, while the distinguishing features might have a purpose which is business-related, the claim was directed to an automated transaction machine, which is clearly technical.
In addition, the present invention led to a lower power consumption when compared with the prior art, as fewer biometric checks were required. This represented a clear technical advantage.
The Auxiliary Request differed in that the verification unit permitted modification of the authorization details of the authorized agent within the range of transaction details for the principal, which further improved security when permitting modification of authorization details.
Reasons for the Decision
1. The appeal is admissible.
2. Main Request: Inventive Step
2.1 The sole issue to be decided is whether claim 1 involves an inventive step within the meaning of Article 52(1) EPC and Article 56 EPC 1973.
2.2 Document D2 is the closest prior art. In the statement of grounds of appeal and in the oral proceedings, the appellant argued that the claimed automated transaction machine differed from those of D2 essentially in being arranged to allow the following actions:
(a) an authorized agent can modify his or her own authorization details;
(b) an authorized agent can vary his or her authorization details only within a range set by the principal; and
(c) an authorized agent is required to undergo biometric authentication before being allowed to modify his/her authorization details.
The Board sees no reason to disagree with this analysis.
2.3 In the communication under Article 15(1) RPBA, the question was raised whether the above features had any practical utility or provided any actual advantage. The Board is not convinced that the appellant's subsequent submissions have satisfactorily answered this question.
In the oral proceedings it was argued that the principal and authorized agent (or "proxy") could, for example, be father and son, and that the father might arrange the initial settings so that both of them have access to the same transaction types, as shown in Fig. 14. Later, as shown in Fig. 15, the son might set the transaction flag for withdrawal to "0", thereby denying himself the possibility of withdrawing funds. However, at any time, and without the father being present or having given permission, the son may reset the transaction flag for withdrawal back to "1" and withdraw funds. It is difficult to see what practical utility this has, or what it achieves which could not be equally achieved by simply leaving the flags as they are in Fig. 14. The Board does not believe that the appellant has offered any persuasive explanation in this regard.
2.4 The chief argument of the appellant is that the distinguishing features offer the advantages of greater flexibility and increased security, and since they provide improved security they make a technical contribution over the prior art. As mentioned above, the Board sees no reason to believe that the distinguishing features would actually lead to these advantages. However, even if some circumstances could be identified in which the distinguishing features might be regarded as contributing to an improvement in security, the Board does not believe that they could constitute a basis for acknowledging an inventive step.
2.5 The problem of improving security in an automated transaction machine may be addressed by technical or non-technical means. An example of a technical solution would be to provide an improved algorithm for biometric recognition; an example of a non-technical solution would be to set (or reduce) a limit on the amount of money which may be withdrawn from an account per day. The distinguishing features recited above are, in the judgement of the Board, of a manifestly non-technical nature.
2.6 This may be illustrated by taking the example of banking, which appears to be the principal application envisaged in the description. A bank must decide the different characteristics of the financial products which it offers to the public, and these may include, for example, the number of people who may be registered to a particular type of account, the transactions which those registered are authorised to make, whether (and if so, when and how) such authorisations may be modified, the transactions for which an identity check is required and the type of identity check to be employed (e.g. PIN, biometric).
These decisions will typically be taken by professionals in, for example, banking, finance and marketing, and not by engineers and technologists, and the features of the financial products they devise by making such decisions are not technical features. In the present case, deciding to provide an account in which an authorized agent may modify his access rights within set limits following a biometric ID check, is not a choice which would be made by an engineer, but by those responsible for the financial products of the bank.
2.7 Claim 1 therefore comprises a mixture of technical and non-technical features, and the principles set out in T 641/00 will be applied, according to which features which do not contribute to the technical character of the invention cannot support the presence of inventive step, but may legitimately appear in the formulation of the problem as part of the framework of the technical problem that is to be solved, in particular as a constraint that has to be met.
Hence, for the purpose of applying the problem-solution approach, the technical problem may be seen as providing an automated transaction machine adapted to implement a procedure whereby an authorized agent may modify his access rights within limits set by the principal, and following a biometric ID check.
2.8 The appellant has not argued that the practical implementation of the distinguishing features would be outside the normal capabilities of the person skilled in the art, and, in the opinion of the Board, a skilled person capable of implementing the access control arrangements of the prior art (D2, for example) would be equally capable of adapting the software (and possibly hardware) to enable the claimed possibilities for modifying access rights. The solution to the technical problem cited above would therefore be obvious to a person skilled in the art.
2.9 The appellant's other arguments are also not found persuasive for the following reasons:
2.10 The appellant argued that the claim is directed to an automated transaction machine, which is a technical entity and represents a technical invention. However, the appellant has acknowledged that D2 also discloses automated transaction machines, and an argument for inventive step can only be based on claimed features which go beyond the closest prior art. It is also acknowledged by the appellant that the claimed machine differs from those of D2 in that it is arranged to allow an authorized agent to perform the actions listed under point 2.2, above. These are business-related actions which, for the reasons given above, do not render the claimed subject-matter inventive.
2.11 The appellant argued that the distinguishing features also solve the technical problem of reducing power consumption, in that modifying proxy access rights would require fewer biometric checks compared to prior art arrangements in which only the principal was permitted to make such changes.
In the present invention (indeed in any arrangement for controlling access to transactions) it is implicit that no person will be permitted to perform any transaction (whether a normal transaction such as withdrawing funds or an administrative transaction such as creating or modifying access rights) without undergoing an identity check to determine whether they are authorised to do so (either as principal or proxy). The Board does not therefore see how the present invention would reduce the total number of biometric checks.
For example, Fig. 14 shows the initial flags for an account, which are later modified to those shown in Fig. 15. According to the invention, this modification is made by the proxy, following a biometric check on the proxy. According to prior art arrangements in which all account changes are in the hands of the principal, this modification could only be made by the principal, following a biometric check on the principal. There is therefore a difference in who is required to undergo a biometric check, but the Board does not see any reduction in the number of biometric checks required for this transaction, or any saving in energy.
The appellant appeared to argue that, according to the prior art, each modification of the access rights of the proxy would require biometric checks on both the principal and the proxy. The Board finds no suggestion of this in D2, nor does it see why this would be necessary, or why the proxy would even need to be present during such a modification.
2.12 Finally, the argument that feature (c), above, is technical as it involves biometric authentication is not accepted. While features setting out how a biometric check is performed might be technical, the claimed feature merely defines circumstances under which a known type of identity check (biometric) shall be required (namely, prior to an authorized agent being permitted to modify his access rights). As noted above, this is a business choice, and hence feature (c) is not a technical feature.
2.13 For the above reasons, the subject-matter of claim 1 of the main request is judged not to involve an inventive step within the meaning of Article 52(1) EPC and Article 56 EPC 1973.
3. Auxiliary Request
3.1 Claim 1 of the auxiliary request comprises the following additional feature (in bold) in the final clause:
"... permits modification of the authorization details of the authorized agent within the range of transaction details for the principal, set in the IC card (5), by the principal."
The Board presumes that the meaning is that the principal may not authorise the agent to perform actions which are not available to him (the principal).
3.2 In the opinion of the Board, this feature is present in the closest prior art. D2 discloses that the principal may create accounts of various levels and categories, and the principal (or a Category C account holder) may change the levels or categories (see e.g. Fig. 7). However, none of these accounts have transaction rights which go beyond those of the principal (in fact it would be somewhat absurd for the principal to be allowed to authorise a proxy to perform transactions which he himself is not authorised to perform).
3.3 For completeness, it is noted that even if this feature were not disclosed in D2 (as argued by the appellant), it merely defines additional restrictions on the permitted behaviour of the principal and proxy, and is therefore a commercial or business feature. Such a feature could not render the claimed subject-matter inventive for the reasons set out under points 2.6 and 2.7, above, mutatis mutandis.
3.4 The subject-matter of claim 1 of the auxiliary request is therefore judged not to involve an inventive step within the meaning of Article 52(1) EPC and Article 56 EPC 1973.
For these reasons it is decided that:
The appeal is dismissed.