8x8 2015 Annual Report Download - page 24

Download and view the complete annual report

Please find page 24 of the 2015 8x8 annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 107

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107

We could be liable for breaches of security on our website, fraudulent activities of our users, or the failure of third party vendors to
deliver credit card transaction processing services.
A fundamental requirement for operating an Internet-based, worldwide communication and collaboration service and electronically billing our
customers is the secure transmission of confidential information and media over public networks. Although we have developed systems and
processes that are designed to protect consumer information and prevent fraudulent credit card transactions and other security breaches, failure to
mitigate such fraud or breaches may adversely affect our operating results. The law relating to the liability of providers of online payment
services is currently unsettled and states may enact their own rules with which we may not comply. We rely on third party providers to process
and guarantee payments made by our subscribers up to certain limits, and we may be unable to prevent our customers from fraudulently
receiving goods and services. Our liability risk will increase if a larger fraction of transactions effected using our cloud-based services involve
fraudulent or disputed credit card transactions. Any costs we incur as a result of fraudulent or disputed transactions could harm our business. In
addition, the functionality of our current billing system relies on certain third party vendors delivering services. If these vendors are unable or
unwilling to provide services, we will not be able to charge for our services in a timely or scalable fashion, which could significantly decrease
our revenue and have a material adverse effect on our business, financial condition and operating results.
We must maintain Payment Card Industry Data Security Standard, or PCI DSS, compliance to bill our customers via credit card. If we fail to
meet minimum-security standards for PCI DSS compliance, credit card providers such as American Express Company or Visa Inc. could refuse
to process credit card transactions on our behalf and our ability to collect payments from our customers would be adversely impacted.
We may also experience losses due to subscriber fraud and theft of service. Subscribers have, in the past, obtained access to our service without
paying for monthly service and international toll calls by unlawfully using our authorization codes or by submitting fraudulent credit card
information. To date, such losses from unauthorized credit card transactions and theft of service have not been significant. We have implemented
anti-
fraud procedures in order to control losses relating to these practices, but these procedures may not be adequate to effectively limit all of our
exposure in the future from fraud. If our procedures are not effective, consumer fraud and theft of service could significantly decrease our
revenue and have a material adverse effect on our business, financial condition and operating results. In addition, software and security flaws in
our software can result in unauthorized access to our core network resulting in damages such as fraudulent toll usage on our network.
Additionally, third parties have attempted in the past, and may attempt in the future, to fraudulently induce domestic and international
employees, consultants or customers into disclosing sensitive information, such as user names, passwords or customer proprietary network
information, or CPNI, or other information in order to gain access to our customers' data or to our data. CPNI includes information such as the
phone numbers called by a consumer, the frequency, duration, and timing of such calls, and any services/features purchased by the consumer,
such as call waiting, call forwarding, and caller ID, in addition to other information that may appear on a consumer's bill.
Natural disasters, war, terrorist attacks or malicious conduct could adversely impact our operations that could degrade or impede our
ability to offer services.
As a provider of "cloud-based" services, our services rely on uninterrupted connection to the Internet through data centers and networks. Any
interruption or disruption to our network, or the third parties on which we rely, could adversely impact our ability to provide service. Our
network could be disrupted by circumstances outside of our control including natural disasters, acts of war, terrorist attacks or other malicious
acts including, but not limited to, cyber-attacks. Our headquarters, global networks operations center and one of our third-party data center
facilities are located in the San Francisco Bay Area, a region known for seismic activity. Should any of these events occur and interfere with our
ability to operate our network even for a limited period of time, we could incur significant expenses, lose substantial amounts of revenue, suffer
damage to our reputation, and lose customers. Such an event may also impede our customers' connections to our network, since these
connections also occur over the Internet, and would be perceived by our customers as an interruption of our services, even though such
interruption would be beyond our control. Any of these events could have a material adverse impact on our business.
We may also be subject to negative search engine optimization attacks intended to impair our visibility on search engines such as Google,
Yahoo! and Bing. Such attacks generally involve generating a high volume of poor-quality inbound links to a company's website in order to
cause the company's website ranking to decline due to the operation of a spam-detecting penalty function in the search engine's algorithm. We
depend on search engine visibility for a significant portion of our revenue, so any degradation in our search engine rankings could have a
material adverse impact on our revenue and profits.
20