The decision T 1072/09 of 13 November 2014 is a good example that data encryption methods are technical and therefore generally patent-eligible at the European Patent Office. To overcome the inventive step hurdle, however, more is needed than the general idea of using encryption.
The patent application underlying the decision dealt with a secure scheme for making payments over a non-secure computer network. The scheme verifies a consumer’s account number (e.g. ATM card number) with the help of an associated personal identification number (PIN). The consumer supplies his account number to an on-line merchant and the PIN to a third party (bank). The third party receives both numbers from the merchant computer and the consumer computer, verifies the correctness of the numbers, checks for sufficiency of funds, and either authorises or denies the transaction. Fig. 4 of the underlying patent application WO 01/18719 illustrates this communication scheme:
Fig. 4 of WO 01/18719
A central feature of the application was that the numbers (card number and PIN) are transmitted via encrypted connections.
According to the Board of Appeal, using an encrypted data communication protocol is indeed a technical feature and therefore generally patent-eligible (in line with this earlier decision). However, it was considered to be conventional at the priority date (1999) and therefore eventually not inventive.
As the skilled reader will expect, the decision closely follows the COMVIK approach for assessing the patentability of inventions consisting of a mix of technical and non-technical features:From the reasons
2. In the light of Article 52(1)(2)(3) EPC, Article 56 EPC 1973 requires a non-obvious technical contribution (see e.g. T 641/00-Two identities/COMVIK, Headnote 1, OJ EPO 2003, 352; T 1784/06-Classification method/COMPTEL).
Zum vollständigen Artikel