Home » General Interest » Kim Dotcom and the Two-Factor Authentication patent: Inventor or not?

Kim Dotcom and the Two-Factor Authentication patent: Inventor or not?

Keltie LLP

K2 IP Limited

About IPcopy

IPcopy is an intellectual property related news site covering a wide variety of IP related news and issues. We will also take the odd lighthearted look at IP. Feel free to contact us via the details on the About Us page. Disclaimer: Unless stated otherwise, the contributors to IPcopy (the "IPcopy writers") are patent and trade mark attorneys or patent and trade mark assistants at Keltie LLP or are network attorneys at K2 IP Limited. Guest contributors will be identified. This news site is the personal site of the contributors and is not edited by the authors' employer in any way. From time to time however IPcopy may publish practice notes, legal updates and marketing news from Keltie LLP or K2 IP Limited. Any such posts will be clearly marked. This news site is for information purposes only. Information posted to this news site is not legal advice and should not be taken as such. If you require IP related legal advice please contact your legal representative.

Twitter has finally got itself two-factor authentication in a bid to help stem the flow of account hacking. Following Twitter’s announcement, Kim Schmitz (better known as Kim Dotcom), the man behind Megaupload (you know, that file sharing site in a spot of hot water over in the US right now), made an announcement of his own: he, in fact, was the inventor of two-factor authentication, and holds a patent for it.

So is this true? IPCopy delves into the public records…

Well, Kim Schmitz does indeed hold US patent US6078908 which is directed to two-factor authentication. The priority date is impressively early: 29 April 1997. A quick look at the public record tells us that there are equivalent patents and applications all over the place, including Taiwan, Japan, Europe, China, Brazil, and Australia.

It seems on the face of it, then, to be a fair claim: Kim Schmitz holds a granted US patent, and we might therefore presume that he invented the two-factor authentication system.

But was he the first inventor? And, more importantly, is the patent actually valid?

A question rather too complicated for a Thursday lunch time’s blog post, but we’ll take it for a quick spin in any case. A look at the EPO register for the equivalent European patent reveals that the European patent was granted, but subsequently opposed and then revoked in its entirety in 2011.

The key prior art document in the opposition was EP0745961, owned by AT&T, with an earlier priority date of 31 May 1995. Interestingly, AT&T’s US equivalent US5708422 is granted, and still appears to be in force.

In the view of the EPO’s opposition division then, Kim Dotcom’s patent is not valid, and while Kim Dotcom may indeed have developed two-factor authentication himself, he was not the first inventor, having been pipped at the post (by a good 2 years!) by someone else.

Kim Dotcom claims not to have enforced his patent against a string of alleged infringers because he believes in sharing knowledge and ideas. Noble indeed, but this IPCopy writer wonders if dubious validity might just have been an influencing factor too?

Update (24 May 2013): Kim Dotcom confirmed via Twitter last night that his EP patent was challenged and revoked but that 14 other territories (including the US) “remain intact”. He also suggested that the claims of his revoked EP patent were broader and different those in the other territories. This may well be the case but without an exhaustive analysis of each granted patent (which we’ve not done) it would be difficult to tell. All IPcopy can confirm is that the EP patent is no more. The US patent and the other granted patents may be valid over the known prior art. Perhaps other blogs in these other territories will take a look?

Emily Weal 23 May 2013


9 Comments

  1. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  2. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  3. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  4. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  5. RC says:

    An interesting aspect is that, contrary to what he claims, Mr. Dotcom clearly didn’t start pondering just now the idea of suing everybody in sight with that patent. Looking in the opposition file, Dotcom’s patent attorneys asked for the proceedings to be accelerated already in January 2010 because, according to them, “the patentee is considering legal enforcement of his US patent”. It’s here, in German:
    https://register.epo.org/espacenet/application?documentId=EPV3JPRS0966J10&number=EP98100688&lng=en&npl=false

    So, the “evil Yanks made me do it” defence doesn’t hold. Also, if he can’t afford to pay his defence in the criminal proceedings against him, it seems a little strange to threaten with patent litigation, which is a far more expensive game for everyone involved…

  6. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  7. […] Dotcom does have a US patent (using his original name of Kim Schmitz) on two-factor authentication, filed in 1998 and granted in 2000. He also used to have an equivalent patent in Europe. But Dotcom’s European patent was revoked in 2011 largely because AT&T had a patent on the same technology with a priority date from 1995. (Thanks to Emily Weal of patent law firm Keltie for pointing out Dotcom’s European patent travails in the IP Copy blog.) […]

  8. […] Dotcom may not have the air-tight case he believes he does. IPCopy wrote on Thursday that while the Megaupload founder does hold a patent for a form of two-step authentication, he […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 970 other followers

%d bloggers like this: