New Campaign Targets OAuth 2.0 Protocol for Website User Authentication

TransactionSecure, L.L.C. has launched a second litigation campaign over a decade after its first one ended. The Utah plaintiff accuses DeviantArt (2:19-cv-05836), Fitbit (3:19-cv-04075), and Stripe (3:19-cv-04052) of infringing a single patent generally related to authenticating a user’s identity using a “trusted entity” with a repository that holds the user’s personal information. (TransactionSecure also filed a case, since removed from PACER, over the same patent against Microsoft (GitHub) (3:19-cv-04050).) At issue in each case is the defendant’s use of the OAuth 2.0 protocol, a user authentication framework, on its website.