MasterCard 2013 Annual Report Download - page 33

Download and view the complete annual report

Please find page 33 of the 2013 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

29
our protective measures or to investigate and remediate any information security vulnerabilities. Any of the risks
described above could materially adversely affect our overall business and results of operations.
If our transaction processing systems and other services are disrupted or we are unable to process transactions
or service our customers efficiently or at all, our results of operations would be materially reduced.
Our transaction processing systems and other key service offerings may experience interruptions as a result of a disaster
including, but not limited to, technology malfunctions, fire, weather events, power outages, telecommunications
disruptions, terrorism, workplace violence, accidents or other catastrophic events. Our visibility in the global payments
industry may also put us at greater risk of attack by terrorists, activists, or hackers who intend to disrupt our facilities
and/or systems. A disaster that occurs at, or in the vicinity of, our primary and/or back-up facilities in any global
location could interrupt our services. Although we maintain a business continuity program to analyze risk, assess
potential impacts, and develop effective response strategies, we cannot ensure that our business would be immune to
these risks.
Additionally, we rely on third-party service providers for the timely transmission of information across our global data
network. Inadequate infrastructure in lesser-developed markets could also result in service disruptions, which could
impact our ability to do business in those markets. If one of our service providers fails to provide the communications
capacity or services we require, as a result of natural disaster, operational disruptions, terrorism, hacking or any other
reason, the failure could interrupt our services. Because of the intrinsic importance of our processing systems to our
business, any interruption or degradation could adversely affect the perception of the reliability of products carrying
our brands and materially reduce our results of operations.
Account data breaches involving card data stored, processed or transmitted by us or third parties could adversely
affect our reputation and results of operations.
We, our issuers and acquirers, merchants and other third parties process, transmit or store cardholder account and other
information in connection with payment cards and devices. In addition, our customers may sponsor (or we may certify
as PCI-compliant) third-party processors to process transactions generated by cards carrying our brands and merchants
may use third parties to provide services related to card use. A breach of the systems on which sensitive cardholder
data and account information are processed, transmitted or stored could lead to fraudulent activity involving cards
carrying our brands, damage our reputation and lead to claims against us, as well as subject us to regulatory actions.
We routinely encounter account data compromise events, some of which have been high profile, involving merchants
and third-party payment processors that process, store or transmit payment card data, which affect millions of
MasterCard, Visa, Discover, American Express and other types of cardholders. These events typically involve external
agents hacking the merchants’ or third-party processors’ systems and installing malware to compromise the
confidentiality and integrity of those systems. Further data security breaches may subject us to reputational damage
and/or lawsuits involving payment cards carrying our brands. While most of these lawsuits do not involve direct claims
against us, we could face damage claims in various circumstances, which, if upheld, could materially and adversely
affect our results of operations. Damage to our reputation or that of our brands resulting from an account data breach
of either our systems or the systems of our customers, merchants and other third parties could decrease the use and
acceptance of our cards and other payment devices, as well as the trend toward electronic payments, which in turn
could have a material adverse impact on our transaction volumes, results of operations and prospects for future growth,
or increase our costs by leading to additional regulatory burdens being imposed upon us.
An increase in fraudulent activity using our cards could lead to reputational damage to our brands and/or
regulatory intervention, which could reduce the use and acceptance of our cards and other payment devices.
Criminals are using increasingly sophisticated methods to capture cardholder account information to engage in illegal
activities such as counterfeiting or other fraud. As outsourcing and specialization become commonplace in the payments
industry, there are more third parties involved in processing transactions using our cards. In addition, fraud is more
likely to occur in transactions where the card is not present, such as e-commerce and mobile commerce transactions,
which are becoming increasingly prominent. Increased fraud levels involving our cards, or misconduct or negligence
by third parties processing or otherwise servicing our cards, could lead to regulatory intervention, such as enhanced
security requirements, as well as damage to our reputation, which could reduce the use and acceptance of our cards or
increase our compliance costs, and thereby have a material adverse impact on our business.