Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple's Secure Enclave targeted in patent infringement lawsuit

Last updated

Non-practicing entity Identity Security on Monday filed a lawsuit against Apple, claiming the tech giant's Secure Enclave technology, present in nearly every major Apple product line, infringes on four owned patents.

Lodged with the patent holder-friendly U.S. District Court for the Western District of Texas, Identity Security's suit takes issue with Apple's Secure Enclave, an on-device technology that protects sensitive user data by isolating it in a dedicated subsystem. The system is integrated into Apple's system-on-chip designs currently deployed in iPhone, iPad, Apple Watch, Mac, Apple TV and HomePod.

Identity Security claims Apple's implementation of a secure enclave in its various hardware solutions infringes on U.S. Patent Nos. 7,493,497, 8,020,008, 8,489,895 and 9,507,948, each of which details methods of improving user security by creating a digital identity that resides on a unique microprocessor device. Password and biometric protection are also mentioned in the intellectual property, as is encryption and the possibility of integrating such solutions with digital payments.

The IP owned by Identity Security lists use cases as including secure storage and communication of a user's name, digital picture, address, date of birth, social security number, driver's license number, digital photograph, biometric information, credit card information, bank account information, incorporation name, date and place of incorporation, name of a corporate officer, corporate partner, and a database administrator name. Patent claims in part detail implementations for corporations, not necessarily consumers.

All four patents list Aureliano Tan, Jr. as their inventor and were initially assigned to Integrated Information Solutions in applications dating back to 2000.

Apple's Secure Enclave debuted in 2013 with iPhone 5S as a way to safely store a user's fingerprint data. That year also saw the introduction of Apple's first biometric authentication apparatus — Touch ID.

As later detailed by Apple in a technology white paper, the Secure Enclave is a coprocessor built into the company's SoC designs. The component requires its own boot sequence and software update mechanism and is responsible for "all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised."

Starting with the A11 and S4 processors, Secure Enclave now includes a "memory-protected engine and encrypted memory with anti-replay capabilities, secure boot, a dedicated random number generator, and its own AES engine," according to Apple. Its processor runs a customized version of the L4 microkernel.

Identity Security does not make note of real world applications of its four owned patents, suggesting the technology was never licensed.

The suit seeks damages, court fees, and an ongoing royalty.



12 Comments

rob53 13 Years · 3312 comments

Did a quick search for "Integrated Information Solutions" and found several companies with that name worldwide. I guess Tan forgot to trademark it along with forgetting to actually license his "ideas" with anyone. The USPTO has to stop patenting general ideas that never come to fruition.

Interesting sidebar. "fruition" comes from the word fruit (state or action of producing fruit). Kind of makes sense when talking about patents.

swat671 9 Years · 157 comments

rob53 said:
Did a quick search for "Integrated Information Solutions" and found several companies with that name worldwide. I guess Tan forgot to trademark it along with forgetting to actually license his "ideas" with anyone. The USPTO has to stop patenting general ideas that never come to fruition.

Interesting sidebar. "fruition" comes from the word fruit (state or action of producing fruit). Kind of makes sense when talking about patents.

Patents are for ideas, not implementation. 

swat671 9 Years · 157 comments

My question is, why did it take them almost 8 years to sue? Shouldn't they of sued back in 2013 or 14? There should be a requirement that lawsuits of this type have to be brought with a certain amount of time- say, 5 years or something. 

j2fusion 13 Years · 153 comments

swat671 said:
My question is, why did it take them almost 8 years to sue? Shouldn't they of sued back in 2013 or 14? There should be a requirement that lawsuits of this type have to be brought with a certain amount of time- say, 5 years or something. 

Agreed…. By not having a statute of limitations these companies win either way. If their “patented” idea doesn’t sell, then they don’t have to waste time or money with suits. If they wait, the market can grow and grow potentially providing a huge payout if they’re successful.