Digital Doors, Inc. v. Frost Bank: Dismissed With Prejudice in Cybersecurity Patent Dispute

A cybersecurity patent infringement lawsuit targeting a major financial institution ended quietly but consequentially in July 2025, when the Eastern District of Texas dismissed Digital Doors, Inc. v. Frost Bank with prejudice following a joint stipulation of settlement between the parties. Filed on May 2, 2024, and closed on July 8, 2025 — after 432 days of litigation — Case No. 2:24-cv-00315 centered on four issued U.S. patents covering digital access control and data security technologies, asserted against Frost Bank’s use of Sheltered Harbor Certified systems.

While the case resolved without a published merits decision, its trajectory carries meaningful implications for cybersecurity patent infringement litigation strategy, NPE (non-practicing entity) assertion patterns in the financial services sector, and the growing intersection of data protection standards with patent risk. For patent attorneys, IP professionals, and R&D teams navigating the rapidly evolving cybersecurity patent landscape, this case offers an instructive case study in how high-stakes patent disputes against regulated financial institutions are litigated — and settled — in one of the nation’s most patent-plaintiff-friendly venues.

Case Overview

The Parties

The Patents at Issue

Digital Doors asserted four issued U.S. patents spanning digital access control, network security, and data management:

• • U.S. Patent No. 10,250,639 (App. No. 14/597,345)
• • U.S. Patent No. 10,182,073 (App. No. 14/597,314)
• • U.S. Patent No. 9,734,169 (App. No. 13/900,728)
• • U.S. Patent No. 9,015,301 (App. No. 11/746,440)

These patents, searchable via the USPTO Patent Full-Text Database, collectively cover technologies related to securing digital access, managing protected data environments, and controlling network entry points — core functionalities relevant to modern banking infrastructure and data vault architecture.

The Accused Product

The accused technology is Frost Bank’s implementation of Sheltered Harbor Certified systems. Sheltered Harbor is a financial industry standard designed to protect customer data and ensure rapid recovery from catastrophic cyber events, including ransomware attacks. Its certification requires adoption of specific data vaulting and restoration protocols — architecture that Digital Doors alleged practiced one or more claims of its asserted patents.

Legal Representation

Plaintiff (Digital Doors, Inc.): Represented by attorney Michael Scott Fuller of Garteiser Honea PLLC, a Texas-based IP litigation boutique known for patent assertion work in the Eastern District.

Defendant (Frost Bank): Represented by a three-attorney team — Christa Joyce Brown-Sanford, Douglas Mark Kubehl, and Morgan Grissum Mayne — from Baker Botts LLP, a premier global law firm with deep IP litigation capabilities and extensive experience defending financial sector clients.

Litigation Timeline & Procedural History

Digital Doors filed suit in the U.S. District Court for the Eastern District of Texas — a deliberate venue choice reflecting that court’s established reputation for patent-plaintiff-friendly procedural rules, experienced patent dockets, and relatively high trial rates compared to other districts. The Eastern District of Texas remains one of the most frequently selected venues for patent infringement litigation nationally, particularly for NPE plaintiffs.

The case proceeded at the district court (first instance) level and was resolved before trial. The joint stipulation of dismissal — filed under Federal Rule of Civil Procedure 41(a)(1)(A)(ii) — was docketed as Document No. 88, indicating substantial pre-dismissal activity including motion practice, likely early discovery, and potentially claim construction proceedings. The 432-day duration is consistent with cases that reach advanced pre-trial stages before resolution, suggesting meaningful litigation investment by both sides prior to settlement.

No specific damages figures, claim construction orders, or summary judgment rulings were published as part of the case record provided.

The Verdict & Legal Analysis

Outcome

On July 8, 2025, the Eastern District of Texas accepted a Joint Stipulation of Dismissal With Prejudice pursuant to Rule 41(a)(1)(A)(ii). All claims and causes of action asserted by Digital Doors against Frost Bank were dismissed with prejudice, meaning Digital Doors is permanently barred from re-asserting the same claims arising from the same operative facts against Frost Bank in any future proceeding. Each party was ordered to bear its own attorneys’ fees, costs, and expenses. All pending motions were denied as moot.

No damages award, injunctive relief order, or published merits ruling resulted from this case.

Verdict Cause Analysis

The stipulated dismissal with prejudice in a cybersecurity patent infringement case of this profile almost certainly reflects a confidential settlement agreement between the parties — a common resolution mechanism when defendants in regulated industries (such as banking) seek finality without public exposure of licensing terms or system vulnerabilities. The mutual decision to bear individual attorneys’ fees, rather than seek fee-shifting under 35 U.S.C. § 285, suggests a negotiated resolution rather than a finding of exceptional case circumstances.

The assertion of four patents against a Sheltered Harbor Certified system raises complex claim construction questions: specifically, whether a compliance-driven, industry-standard data vaulting architecture — designed collaboratively by the financial sector — practices the specific claim limitations of Digital Doors’ access control and data security patents. These are precisely the types of nuanced infringement questions that often drive parties toward settlement as claim construction proceedings reveal the practical scope of disputed patent claims.

Legal Significance

Because the case resolved without a merits decision, it carries no direct precedential value regarding claim validity, infringement, or claim construction of the asserted patents. However, the dismissal with prejudice does establish that Digital Doors cannot re-litigate these specific claims against Frost Bank — a meaningful legal boundary for future assertion strategy.

For practitioners tracking cybersecurity patent litigation, this case is notable as an example of NPE assertion against financial industry compliance infrastructure — a relatively novel theory that tests whether standardized, third-party-certified security architectures can constitute patent infringement even when adopted primarily for regulatory compliance purposes.

Strategic Takeaways

For Patent Holders and NPEs:

• Asserting patents against compliance-mandated infrastructure (such as Sheltered Harbor) creates unique litigation risk — defendants can argue lack of commercial motivation and invoke industry-standard defenses
• Multi-patent assertion strategies (four patents here) increase negotiation leverage but also expand invalidity exposure during discovery
• Venue selection in E.D. Texas remains strategically valuable for plaintiff-side IP litigation

For Accused Infringers (Particularly Financial Institutions):

• Engaging a sophisticated defense team early (as Frost Bank did with Baker Botts) is critical when accused technology is embedded in regulatory compliance frameworks
• A dismissal with prejudice — each party bearing its own fees — is often the optimal resolution when litigation costs approach or exceed license value
• Document the regulatory necessity and third-party certification basis for any accused technology from day one

For R&D and Compliance Teams:

• Adoption of industry-standard security certifications (such as Sheltered Harbor) does not automatically confer patent immunity — FTO analysis should accompany all compliance-driven technology deployments
• Maintain detailed records of the independent development, third-party design, and regulatory basis for certified system implementations

Industry & Competitive Implications

The Digital Doors v. Frost Bank dispute reflects a broader trend of cybersecurity patent assertion targeting financial institutions as they modernize data protection infrastructure. Banks and financial services firms face a compounding challenge: mounting regulatory pressure to adopt advanced cybersecurity frameworks while simultaneously navigating an active NPE assertion environment targeting those very frameworks.

Sheltered Harbor, administered by the Financial Services Information Sharing and Analysis Center (FS-ISAC), represents exactly the kind of industry-collaborative compliance infrastructure that patent assertion entities increasingly target — because adoption is widespread, financially material, and difficult to design around without departing from regulatory requirements.

For companies operating in the financial technology and cybersecurity sectors, this case signals the importance of conducting Freedom to Operate (FTO) analyses before adopting any certified security standard or third-party data protection framework. IP portfolios in digital access control, data vaulting, and network security remain active enforcement targets.

The retention of Baker Botts — a Tier 1 IP litigation firm — by Frost Bank underscores that even regional financial institutions are prepared to invest significantly in patent defense when core operational infrastructure is accused.

Frequently Asked Questions

What patents were involved in Digital Doors, Inc. v. Frost Bank?

Four U.S. patents were asserted: US10250639, US10182073, US9734169, and US9015301, covering digital access control and data security technologies.

Why was the case dismissed with prejudice?

The parties filed a Joint Stipulation of Dismissal under Fed. R. Civ. P. 41(a)(1)(A)(ii), indicating a mutual resolution. Dismissal with prejudice permanently bars re-assertion of these claims against Frost Bank.

How does this case affect cybersecurity patent litigation in financial services?

It highlights the patent risk associated with adopting industry compliance frameworks like Sheltered Harbor, reinforcing the need for FTO analysis alongside regulatory compliance planning.