       NOTE: This disposition is nonprecedential.


  United States Court of Appeals
      for the Federal Circuit
                ______________________

     INTERNATIONAL BUSINESS MACHINES
              CORPORATION,
                 Appellant

                           v.

    ANDREI IANCU, UNDER SECRETARY OF
  COMMERCE FOR INTELLECTUAL PROPERTY
   AND DIRECTOR OF THE UNITED STATES
     PATENT AND TRADEMARK OFFICE,
                  Intervenor
            ______________________

                 2018-1065, 2018-1066
                ______________________

    Appeals from the United States Patent and Trademark
Office, Patent Trial and Appeal Board in Nos. IPR2016-
00608, IPR2016-00609.
                 ______________________

                 Decided: April 1, 2019
                ______________________

   KARIM ZEDDAM OUSSAYEF, Desmarais LLP, New York,
NY, argued for appellant. Also represented by JOHN M.
DESMARAIS, KEVIN KENT MCNISH.

   MONICA BARNES LATEEF, Office of the Solicitor, United
2                                               IBM v. IANCU




States Patent and Trademark Office, Alexandria, VA, ar-
gued for intervenor. Also represented by THOMAS W.
KRAUSE, MOLLY R. SILFEN.
                ______________________

    Before MOORE, TARANTO, and CHEN, Circuit Judges.
TARANTO, Circuit Judge.
    International Business Machines Corporation (IBM)
owns U.S. Patent No. 7,631,346, entitled “Method and Sys-
tem for a Runtime User Account Creation Operation
Within a Single-Sign-On Process in a Federated Compu-
ting Environment.” At the behest of several private com-
panies (who have settled and are not parties here), the
Patent Trial and Appeal Board of the Patent and Trade-
mark Office, acting as delegee of the PTO Director, 37
C.F.R. §§ 42.4, 42.108, instituted two related inter partes
reviews (IPRs) of various claims of the ’346 patent under
35 U.S.C. §§ 311−319. In IPR2016-00608, the Board found
that claims 1, 3, 12, 14, 15, and 18 are unpatentable be-
cause they are anticipated by Japanese Publication No.
Tokkai 2004-302907A (Sunada). In IPR2016-00609, the
Board found that claims 1, 3, 12, 13, 15, and 18 are un-
patentable because they are anticipated by U.S. Patent No.
7,680,819 (Mellmer).
     We have jurisdiction to review the Board’s final written
decisions under 35 U.S.C. §§ 141(c), 319 and 28 U.S.C.
§ 1295(a)(4). We vacate the Sunada IPR decision because
it rests on an incorrect claim construction of the “federated
computing environment” limitation of all claims at issue,
and we remand for further consideration under the correct
construction. In the Mellmer IPR decision, the same claim-
construction error is present, but it does not affect our re-
sult. We reverse the Board’s decision in the Mellmer IPR
because we have been pointed to no substantial evidence to
support the Board’s finding that Mellmer discloses the sep-
arate “single-sign-on” limitation of all claims at issue.
IBM v. IANCU                                                  3



                               I
    The specification gives the background to the invention
described and claimed. It explains that “[e]nterprises” try
to give their users the benefit of being able to gain access
to multiple applications “without regard to authentication
barriers that protect each particular system supporting
those applications.” ’346 patent, col. 1, lines 14−24. Users
had come to expect reduction of authentication burdens: “A
user might assume that once he or she has been authenti-
cated by some computer system, the authentication should
be valid throughout the user’s working session, or at least
for a particular period of time, without regard to the vari-
ous computer architecture boundaries that are almost in-
visible to the user.” Id., lines 25–33. “Enterprises
generally try to fulfill these expectations in the operational
characteristics of their deployed systems . . . .” Id., lines
33–35. Among the techniques used to do so are “‘single-
sign-on’ (SSO) processes,” which aim to require of a user
“only one authentication process during a particular user
session.” Id., lines 53–61.
    The specification explains that user expectations about
ease of access are coming to extend beyond the systems
within an enterprise to Internet domains of different enter-
prises: “users are coming to expect the ability to jump from
interacting with an application on one Internet domain to
another application on another domain without regard to
the authentication barriers that protect each particular do-
main.” Id., lines 43–46. “To reduce the costs of user man-
agement and to improve interoperability among
enterprises, federated computing spaces have been cre-
ated.” Id., lines 62–64 (emphasis added). The specification
then defines the term “federated” as based on a cooperative
relationship among enterprises that falls short of the uni-
tary control available within an enterprise:
    A federation is a loosely coupled affiliation of enter-
    prises which adhere to certain standards of
4                                               IBM v. IANCU




    interoperability; the federation provides a mecha-
    nism of trust among those enterprises with respect
    to certain computational operations for the users
    within the federation.
Id., col. 1, line 64 through col. 2, line 1 (emphasis added).
The specification underscores the inter-enterprise nature
of being “federated” by stating that “[a]s enterprises move
to support federated business interactions, these enter-
prises should provide a user experience that reflects the in-
creased cooperation between two businesses.” Id., col. 2,
lines 9–11 (emphasis added). In particular, “a user may
authenticate to one party that acts as an identity provider
and then single-sign-on to a federated business partner.”
Id., lines 12–14.
    The specification discusses the special challenges of
providing single-sign-on capabilities in a “federated” envi-
ronment. Id., lines 19–42. The Background of the Inven-
tion section ends by asserting: “it would be advantageous
to have methods and systems in which enterprises can pro-
vide comprehensive single-sign-on experiences to users in
a federated computing environment in a lightweight man-
ner that does not require an extensive amount of a priori
processing.” Id., lines 44–48.
    The one-paragraph Summary of the Invention immedi-
ately follows. It begins by stating that “[a] method, system,
apparatus, and computer program product are presented
to support computing systems of different enterprises that
interact within a federated computing environment.” Id.,
lines 53−56. The Summary then describes the contem-
plated process of users getting access to multiple federation
partners through a “single-sign-on”: “Federated single-
sign-on operations can be initiated at the computing sys-
tems of federation partners on behalf of a user even though
the user has not established a user account at a federation
partner prior to the initiation of the single-sign-on opera-
tion.” Id., lines 59–60. The Summary refers to “an identity
IBM v. IANCU                                                  5



provider” as an example of initiating such a single-sign-on
user access to resources of a service provider: “For example,
an identity provider can initiate a single-sign-on operation
at a service provider while attempting to obtain access to a
controlled resource on behalf of a user.” Id., lines 60−63.
It then says what happens “[w]hen the service provider rec-
ognizes that it does not have a linked user account for the
user that allows a single-sign-on operation from the iden-
tity provider,” i.e., “the service provider creates a local user
account based at least in part on information from the iden-
tity provider.” Id., lines 63−67. It concludes: “The service
provider can also pull user attributes from the identity pro-
vider as necessary to perform the user account creation op-
eration.” Id., col. 2, line 67 through col. 3, line 2.
      The independent claims at issue are 1, 15, and 18. We
follow the parties in focusing on claim 1, which recites:
    A method for managing user authentication within
    a distributed data processing system, wherein a
    first system and a second system interact within
    a federated computing environment and sup-
    port single-sign-on operations in order to pro-
    vide access to protected resources, at least one of
    the first system and the second system comprising
    a processor, the method comprising;
    triggering a single-sign-on operation on behalf
    of the user in order to obtain access to a protected
    resource that is hosted by the second system,
    wherein the second system requires a user account
    for the user to complete the single-sign-on oper-
    ation prior to providing access to the protected re-
    source;
    receiving from the first system at the second sys-
    tem an identifier associated with the user; and
    creating a user account for the user at the second
    system based at least in part on the received
6                                               IBM v. IANCU




    identifier associated with the user after triggering
    the single-sign-on operation but before generat-
    ing at the second system a response for accessing
    the protected resource, wherein the created user
    account supports single-sign-on operations be-
    tween the first system and the second system on
    behalf of the user.
Id., col. 44, lines 38–61 (emphasis added). No separate ar-
guments are presented as to the other claims at issue.
                             II
    The disputes before us focus on the “federated compu-
ting environment” and “single-sign-on” claim limitations.
The Board and the parties agree that both phrases are lim-
iting, even though the first appears only in the preamble.
See J.A. 8, 52–53. IBM challenges, and the Director of the
Patent and Trademark Office defends, the Board’s con-
struction of “federated computing environment.” Sepa-
rately, IBM challenges, and the Director defends, the
Board’s finding that Mellmer teaches the “single-sign-on”
claim limitation.
    These inter partes reviews of an unexpired patent are
subject to the PTO regulation (since changed) providing
that the Board should give the claims their broadest rea-
sonable interpretation in light of the specification. See 37
C.F.R. § 42.100(b); Cuozzo Speed Techs. LLC v. Lee, 136 S.
Ct. 2131, 2144–46 (2016). We review the Board’s claim con-
struction de novo here, because the Board relied exclu-
sively on intrinsic evidence to construe the claims. See
Teva Pharms. USA, Inc. v. Sandoz, Inc., 135 S. Ct. 831, 841
(2015); In re Cuozzo Speed Techs., LLC, 793 F.3d 1268,
1279–80 (Fed. Cir. 2015), aff’d, 136 S. Ct. 2131 (2016).
    “To anticipate a claim, a prior art reference must dis-
close every limitation of the claimed invention, either ex-
plicitly or inherently.” In re Schreiber, 128 F.3d 1473, 1477
(Fed. Cir. 1997). What a reference discloses and therefore
IBM v. IANCU                                                 7



whether it anticipates a claim (as properly construed) pre-
sent fact questions. Id.; see Idemitsu Kosan Co. v. SFC Co.,
870 F.3d 1376, 1379 (Fed. Cir. 2017). We review the
Board’s factual findings for substantial evidence. In re
Chudik, 851 F.3d 1365, 1371 (Fed. Cir. 2017).
                              A
     We turn first to the Board’s construction of the term
“federated computing environment,” which, though it ap-
pears in both IPRs before us, we will discuss only with ref-
erence to IPR2016-00608, the Sunada IPR. The Board
recognized that both IBM and the private companies that
requested the IPRs (“Petitioner”) agreed about what a “fed-
erated computing environment” means: “a ‘loosely coupled
affiliation of enterprises which adhere to certain standards
of interoperability; the federation provides a mechanism
for trust among those enterprises with respect to certain
computational operations for the users within the federa-
tion.’” J.A. 6−7 (emphasis added) (quoting Petition). 1 Un-
der that agreed-on construction, a “federated computer
environment” must involve a plurality of “enterprises.”
    The Board rejected the parties’ agreed-on construction
“that the scope of the term is limited to an affiliation of en-
terprises.” J.A. 8 (emphasis in original). The Board did so
even while recognizing the specification passage, quoted
above, stating that “[a] federation is a loosely coupled affil-
iation of enterprises . . . .” See J.A. 8–9. Despite that pas-
sage, the Board concluded that a federated computing
environment “is not limited to enterprises.” J.A. 9.



    1   Petitioner argued that the phrase, being in the pre-
amble, was not limiting, but the Board rejected that con-
tention, explaining that IBM clearly relied on the term as
limiting during prosecution. J.A. 7−8. The parties now be-
fore us (IBM and the Director) agree with the Board. We
do not question the Board’s conclusion.
8                                                 IBM v. IANCU




     The Board relied for that conclusion entirely on two
specification passages and their use of the word “entity.”
One passage, from column 10, states that “[i]n the context
of the present invention, a federation is a set of distinct en-
tities, such as enterprises, organizations, institutions, etc.,
that cooperate to provide a single-sign-on, ease-of-use ex-
perience to a user.” ʼ346 patent, col. 10, lines 62–64. The
other passage, from column 8, states that “[t]he terms ‘en-
tity’ or ‘party’ generally refers to an organization, an indi-
vidual, or a system that operates on behalf of an
organization, an individual, or another system.” Id., col. 8,
lines 31−33; see J.A. 8.
    On those bases, the Board construed “federated compu-
ting environment” to mean
    an environment having a loosely coupled affiliation
    of entities that adhere to certain standards of in-
    teroperability; the federation provides a mecha-
    nism for trust among those entities with respect to
    certain computational operations for the users
    within the federation.
J.A. 9 (emphasis added). That construction uses the speci-
fication’s definitional passage but replaces “enterprises”
with “entities.” As the Board explained when finding this
claim element met in Sunada, the key significance of that
replacement is that, under the Board’s construction, “two
computer systems (or entities) within a single enterprise
could disclose a ‘federated computer environment.’” J.A. 30
(emphasis added); see J.A. 25, 27.
    We conclude that the Board’s construction is not rea-
sonable in light of the specification. In the key specification
passage quoted above, which is on its face definitional, the
patent states that a “federation” is “a loosely coupled affil-
iation of enterprises.” ’346 patent, col. 1, lines 64–65. That
passage demands that the phrase “federated computing en-
vironment” be construed to require a plurality of
IBM v. IANCU                                                  9



enterprises unless something else in the specification con-
tradicts the passage’s plain meaning. Nothing does.
    In fact, the passage is reinforced by two key passages
in the specification. The Summary of the Invention states
that the invention is addressed to “computing systems of
different enterprises that interact within a federal compu-
ting environment.” Id., col. 2, lines 54–56 (emphasis
added). And the Background of the Invention confirms the
point. As discussed above, the Background makes clear
that the problem addressed by the patent is to ease user
authentications, through single-sign-on techniques, when
the resources to which a user seeks access are not within
the unitary control of a single enterprise but, instead, are
controlled by a plurality of enterprises, who must make co-
operative arrangements to establish trust mechanisms to
meet the greater challenges of simplifying user access
when unitary control is missing. See id., col. 1, line 14
through col. 2, line 48. Being “federated,” these passages
make clear, presupposes the absence of the unitary control
that a single enterprise could exercise over its own re-
sources.
    The two passages that the Board relied on do not rea-
sonably support a contrary claim construction. The column
10 passage states: “In the context of the present invention,
a federation is a set of distinct entities, such as enterprises,
organizations, institutions, etc., that cooperate to provide a
single-sign-on, ease-of-use experience to a user.” Id., col.
10, lines 62–64. At least when understood in light of the
specification language already discussed, the column 10
passage is not reasonably read as an open-ended sweeping
in of all “entities,” including mere “systems” in the sense of
physical equipment. The column 10 passage refers to enti-
ties “such as” the ones listed and includes “etc.”—both of
which, in this context, indicate that only things of a type
similar to the itemized ones are covered, namely, other es-
tablishments or ventures or firms or the like. We have rec-
ognized that “such as” and “etc.” sometimes have just that
10                                               IBM v. IANCU




meaning. See Archer Daniels Midland Co. v. United States,
561 F.3d 1308, 1313 (Fed. Cir. 2009) (holding that the “rule
of ejusdem generis . . . limits the additional [things] in-
cluded by the general phrase ‘etc.’ to others of the types
listed”); United States v. Nichols Copper Co., 29 C.C.P.A.
186, 191 (1941) (holding that “by the use of the words ‘such
as’ in the paragraph we are required to determine whether
a substance not specifically named in the paragraph is like
or similar to, or belongs to the same class as, the sub-
stances therein named”). That understanding is the only
reasonable one for the passage, given the plain meaning of
the definitional and other language we have already dis-
cussed. And it is confirmed by the patent’s statement that
“[a] federated environment includes federated enterprises
or similar entities that provide a variety of services for us-
ers.” ’346 patent, col. 15, lines 55–57 (emphasis added).
    A “system,” referring to just the physical equipment
and not who controls it or deals with customers in provid-
ing access to it, is not of the same type as “enterprises, or-
ganizations, institutions.” And those words themselves
may be summarized by the term “enterprise” itself, as the
definitional passage does. The column 10 sentence just
conveys that a variety of very similar words can be used to
refer to the same thing. Indeed, the quoted passage ends
with a semicolon, and what immediately follows the semi-
colon confirms that “two enterprises” are needed. Id., col.
10, line 65–col. 11, line 1 (“[A] federated environment dif-
fers from a typical single-sign-on environment in that two
enterprises need not have a direct, pre-established, rela-
tionship defining how and what information to transfer
about a user.”).
    The Board’s claim construction finds no better support
in the one other basis the Board cited—the column 8 state-
ment that “[t]he terms ‘entity’ or ‘party’ generally refers to
an organization, an individual, or a system that operates
on behalf of an organization, an individual, or another sys-
tem.” Id., col. 8, lines 31−33. That sentence is part of a
IBM v. IANCU                                              11



general section, headed “Terminology,” that indicates how
certain words may be used anywhere in the patent. The
sentence just declares that the highly general word “entity”
can refer to quite different things—an establishment, an
individual, physical things. That declaration does not fo-
cus on defining “federated,” and it does not say which of the
types of things that can be an “entity” are the types rele-
vant to “federation” or “federated computing environment.”
The column 10 passage does that, and as explained, it must
be understood as referring only to the type of entity that is
properly summarized by the term “enterprise.”
    For those reasons, we conclude that a “federated com-
puting environment” requires a plurality of distinct enter-
prises. In light of that conclusion, we vacate the Board’s
final written decision in IPR2016-00608 and remand for
the Board to determine in the first instance whether, under
the correct claim construction, Sunada anticipates the
claims at issue in that IPR.
                             B
    In its decision in IPR2016-00609, the Board found that
Mellmer anticipates the claims at issue there. IBM seeks
reversal on the ground that Mellmer does not teach the sin-
gle-sign-on limitation. We have been shown no substantial
evidence to support the Board’s finding that Mellmer
teaches that claim limitation, and we therefore reverse the
finding of anticipation in the Mellmer IPR.
    The relevant claim limitation of the ’346 patent re-
quires “triggering a single-sign-on operation on behalf of
the user in order to obtain access to a protected resource
that is hosted by the second system.” Id., col. 44, lines 45–
47. The Board construed “single-sign-on operation” to
mean “a process by which a user is authenticated at a first
entity and subsequently not required to perform another
authentication before accessing a protected resource at a
second entity.” J.A. 56. And it adopted the specification
definition of “authentication” as meaning “the process of
12                                                IBM v. IANCU




validating a set of credentials that are provided by a user
or on behalf of a user.” ʼ346 patent, col. 9, lines 50–51; J.A.
56. It is undisputed before us that, under those definitions,
a user “perform[s]” an authentication when the user takes
an action that provides credentials, or that plays a role in
launching a provision of credentials on the user’s behalf, to
obtain access to resources. A “single-sign-on operation”
thus is one that does not require the user to take such ac-
tion to gain access to a second entity’s resources after the
user has been authenticated with a first entity.
     The Mellmer patent is titled “Managing Digital Iden-
tity Information.” In an effort to “provide better ways to
manage personal information on the Internet,” Mellmer,
col. 2, lines 36–37, Mellmer describes a “basic architecture
for managing digital identity information in a network,”
such as the Internet, Id., Abstract. Mellmer teaches
“[v]arious enhancements,” among them, techniques for “se-
curely logging in to multiple sites with a single password
and doing so from any machine on the network.” Id. More
particularly, Mellmer describes a “DigitalMe” system that,
for a user with a DigitalMe ID, eases access to various in-
dependent websites (DigitalMe partners) that participate
in the system. Id., col. 2, lines 21–35; id., col. 8, lines 40–
61. The issue before us is whether a particular part of the
described system requires a second user authentication ac-
tion to gain access to a DigitalMe partner’s resources.
     Among its many teachings, Mellmer discloses that us-
ers who have a DigitalMe identity can “view, create, edit,
and delete Profiles” containing information they may use
in their on-line activity. Id., col. 4, lines 8–10. Mellmer
calls graphical versions of that information “meCards.” Id.
Mellmer also describes “accessCards” that the DigitalMe
system uses when a user seeks access to a partner website.
Id., col. 24, line 48.
    Columns 25–28 describe a process for a user to gain ac-
cess to a target site by first logging into a DigitalMe
IBM v. IANCU                                               13



account. It is not disputed that the initial login to the Dig-
italMe site is a first authentication. What happens there-
after depends on whether the user has an accessCard for
the target site or an account on the target site. The overall
set of possibilities is shown in a flow chart, which was used
by the Board, that combines Mellmer’s Figures 31–35. J.A.
5375; J.A. 62; see Mellmer, Figs. 31–35.
14                                               IBM v. IANCU




     The steps shown in the upper left corner, involving log-
ging into DigitalMe, involve a first authorization. The par-
ties, the Board, and now the Director have all treated the
issue of whether Mellmer teaches the single-sign-on limi-
tation as reducing to the question whether a second user
authentication action is involved in the steps taken when
“no” is the answer to “User has an account on this site?”
and the target site has a relationship with DigitalMe. We
follow suit.
    Mellmer calls that scenario the “No Account On This
Site Scenario,” Mellmer col. 25, line 60 through col. 26, line
25, and the Figure 34 illustration of that scenario is em-
bedded just below the middle of the above combination
flowchart. The steps are: “DigitalMe sends blank user
login credential with unique ID” to the target site; “Digi-
talMe constructs an accessCard”; “User picks a meCard”;
and “DigitalMe logs in with new account.” Notably, the
user’s picking of a meCard for association with an ac-
cessCard is essential to the successful login to the target
site in that scenario.
    IBM argued that the user action of associating a me-
Card with an accessCard constitutes an action that
launches provision of credentials to allow access to the tar-
get site, i.e., constitutes a second user authentication ac-
tion, which means that this scenario does not teach a
“single-sign-on.” The Board found otherwise. The Board
recognized that “DigitalMe ‘will construct an accessCard,
prompt the user to associate a meCard, and re-issue the
post’ before the user is logged into the partner site in
Mellmer.” J.A. 65 (quoting Mellmer, col. 25, line 66
through col. 26, line 2). But the Board agreed with Peti-
tioner that “Mellmer ‘is silent as to what information is in-
cluded in the accessCard’ described in the ‘No Account On
This Site Scenario,’” “[t]hat is, Mellmer does not teach that
the accessCard in a ‘No Account On This Site Scenario’ in-
cludes a set of credentials.” J.A. 65–66. The Board added
that “Mellmer does not teach that a meCard includes a set
IBM v. IANCU                                                15



of credentials.” J.A. 66. Finally, the Board stated that
“DigitalMe initially attempts a login with ‘blank login
data’” in this scenario; 2 “the original test post does not in-
clude a set of credentials”; and “Mellmer does not further
disclose adding a set of credentials to the post before Digi-
talMe reissues it or before the use is logged into the partner
site.” J.A. 66–67. For those reasons, the Board found that
this scenario involved only one user authentication action,
and thus practiced a single-sign-on operation within the
relevant claim limitation of the ʼ346 patent. See J.A. 67.
     The overall finding that this portion of Mellmer teaches
a process involving only one user authentication action is
not supported by substantial evidence. To begin with, even
if the Board were correct that Mellmer is “silent” about the
content of the accessCard, that characterization would not
alone support a finding that there was no user authentica-
tion action in this scenario if, as appears, the Board meant
that it simply could not tell one way or the other whether
the accessCard contains credentials. Silence in that sense
would not by itself suffice for the Petitioner to meet its bur-
den to prove, by a preponderance of the evidence, that there
was no user authentication action in this scenario. See 35
U.S.C. § 316(e). Nor would that burden be met merely by
adding a finding that IBM did not prove the opposite, i.e.,
a finding of “the absence of sufficient evidence showing the
provision or validation of a set credentials at the partner
site” in this scenario. J.A. 67.
    In any event, the Board erred in its “silence” determi-
nation, and conclusion about the absence of evidence sup-
porting IBM’s position on this scenario, by taking too
narrow a view of Mellmer. The Board unreasonably viewed


    2   Mellmer says of the test post: “DigitalMe software
attempts a login with blank login data, except for a globally
unique identity for the DigitalMe user.” Mellmer, col. 25,
lines 61–63 (emphasis added).
16                                               IBM v. IANCU




the No Account On This Site Scenario in isolation from its
plain context in Mellmer. This particular scenario is part
of a larger single flow chart with yes-no branching at vari-
ous points. This scenario is the ending of one path through
a process that, for the user, begins with the earlier common
portions of the flow chart. Those earlier portions neces-
sarily bear on the meaning of terms found throughout the
overall flow chart.
    Once the focus is properly widened to what columns
24–26 teach for the whole set of options and scenarios
shown in the above flow chart, substantial evidence does
not support a finding that there is no user action triggering
an authentication at the target site in this particular sce-
nario. The Board did not question that the user action in
associating a meCard with an accessCard is necessary for
the logon, as the evidence undisputedly showed. Nor did
the Board question that DigitalMe then communicates
with the target site to trigger the logon to that site. The
flow chart and associated patent descriptions, together
with expert testimony, establish those facts. See J.A. 6482
(Spielman), 6362 (Olivier).
     Even as to the accessCard, the evidence is one-sided
against the Board’s finding. Consistent with the flow
chart’s indication that accessCards directly lead to login at
the target site, Mellmer, in its descriptions of accessCards
in the earlier parts of the overall flow chart, repeatedly in-
dicates that accessCards contain authenticating infor-
mation that is used for authorization at the target site.
See, e.g., Mellmer, col. 24, line 62 through col. 25, line 4;
col. 25, lines 9–13 (“Users also need only remember their
DigitalMe user ID and password; the DigitalMe software
caches and submits all other web login credentials. Also,
from the DigitalMe site, the user can list, maintain, and
launch these accessCards directly.” (emphasis added)); col.
25, lines 32–43 (at lines 40–42: “DigitalMe software will
have captured this login data as an accessCard structure
which can be applied to login automatically in the future.”);
IBM v. IANCU                                                17



col. 25, line 63 through col. 26, line 2; col. 26, lines 32–35.
IBM’s expert, in her declaration, relied on this material to
attest that, in the No Account On This Site Scenario, “when
DigitalMe re-issues the post on behalf of the user” after the
user associates a meCard with the accessCard, the Digi-
talMe service is sending the user’s newly-created ac-
cessCard for the DigitalMe partner site—which accessCard
includes the user’s login information for the partner site.”
J.A. 6482.
    The Board did not cite, and the Director in this court
has not cited, anything in Mellmer that supports a contrary
finding. Nor have we been shown any basis for discrediting
the testimony of IBM’s expert, which was grounded solidly
in consideration of the full column 24–26 passages relevant
to understanding what occurs in the No Account On This
Site Scenario. And the Petitioner, in its Reply, answered
IBM’s evidence only by insisting, incorrectly, that the No
Account On This Site Scenario be considered in isolation
from the column 24–26 material involving the other sce-
narios that are part of the overall set of options shown in
the combination flow chart. J.A. 5435–37. In these circum-
stances, we see no substantial evidence to support the
Board’s finding that Petitioner proved that Mellmer
teaches the single-sign-on limitation of the claims at issue
in this IPR.
                              III
    The Board’s decision in IPR2016-00608 is vacated be-
cause it rests on an incorrect claim construction, and the
matter is remanded for further proceedings consistent with
this opinion. The decision in IPR2016-00609 is reversed.
    Costs awarded to IBM.
     VACATED AND REMANDED in No. 18-1065
           REVERSED in No. 18-1066
