Skip to main content

Kim Dotcom owns two-step authentication patent and wants money from it

Kim Dotcom can reportedly add "creator of two-step authentication" to his résumé along with founding file-sharing site Megaupload.

Following Twitter's recent introduction of a two-factor verification system, Dotcom announced that he in fact invented the process and was awarded a patent for it. Now the embattled Megaupload founder wants a kickback to help pay his legal fees from any organisation using it.

The file-sharing magnate is not looking to sue Google, Microsoft, Yahoo, Twitter, Dropbox, and other companies allegedly using the security process without permission. Instead, Dotcom said he wants financial help to fight criminal copyright infringement charges and extradition to the US.

"Google, Facebook, Twitter, I ask for your help. We are all in the same DMCA [Defense Contract Management Agency] boat," Dotcom tweeted this week. "Use my patent for free. But please help in funding my defense."

Dotcom, presently out on bail in New Zealand, is fighting extradition to the US and facing a multi-million dollar legal battle, he said. But he is struggling to pay his legal fees while his assets are frozen.

"Big reveal: 1billion+ Two-Step-Authentications on the Internet weekly. I invented it. Here's proof," he tweeted, adding a link to a US patent for "Method for authorizing in data transmission systems," initially filed under the name Kim Schmitz in April 1998 and eventually granted in June 2000. Dotcom was born Kim Schmitz on 21 January 1974 in Kiel, Germany.

The patent calls for a multi-step process that "relates to a method and to a device for the authorization in data transmission systems employing a transaction authorization number (TAN) or a comparable password."

But Dotcom may not have the air-tight case he believes he does. IPCopy wrote on Thursday that while the Megaupload founder does hold a patent for a form of two-step authentication, he wasn't the first to do so.

In January 1998, AT&T was granted a patent for an "automated method for alerting a customer than a transaction is being initiated and for authorizing the transaction based on a confirmation/approval by the customer thereto." The patent application was filed in late May 1995.

"In the view of the EPO's opposition division then, Kim Dotcom's patent is not valid," IPCopy said. "And while Kim Dotcom may indeed have developed two-factor authentication himself, he was not the first inventor, having been pipped at the post (by a good 2 years!) by someone else."

Whether or not Dotcom is the rightful owner of the verification process in question, it seems unlikely any of the companies he called out will consider donating to his fund.

Dotcom has another plan for generating some much-need cash, however.

"Want to buy the world wide license to my two-factor-authentication patent? (13 countries incl. US & China) Email:," he tweeted.