eBay 2004 Annual Report Download - page 54

Download and view the complete annual report

Please find page 54 of the 2004 eBay annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 134

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134

over a long term, these internal controls. As PayPal's business continues to grow, it must strengthen its internal
controls accordingly. PayPal's success requires signiÑcant public conÑdence in its ability to handle large and
growing transaction volumes and amounts of customer funds. Any failure to maintain necessary controls or to
manage accurately customer funds could diminish customer use of PayPal's product severely.
Our business is subject to online commerce security risks, including security breaches and identity theft.
To succeed, online commerce and communications must provide a secure transmission of conÑdential
information over public networks. Our security measures may not prevent security breaches that could harm
our business. Currently, a signiÑcant number of our users authorize us to bill their credit card accounts directly
for all transaction fees charged by us. PayPal's users routinely provide credit card and other Ñnancial
information. We rely on encryption and authentication technology licensed from third parties to provide the
security and authentication technology to eÅect secure transmission of conÑdential information, including
customer credit card numbers. Advances in computer capabilities, new discoveries in the Ñeld of cryptography
or other developments may result in a compromise or breach of the technology used by us to protect
transaction data. In addition, any party who is able to illicitly obtain a user's password could access the user's
transaction data. A number of websites have reported breaches of their security. Any compromise of our
security could harm our reputation and, therefore, our business. In addition, a party who is able to circumvent
our security measures could misappropriate proprietary information, or cause interruptions in our operations,
damage our computers or those of our users, or otherwise damage our reputation and business.
Our servers are also vulnerable to computer viruses, physical or electronic break-ins, and similar
disruptions, and we have experienced ""denial-of-service'' type attacks on our system that have made all or
portions of our websites unavailable for periods of time. We may need to expend signiÑcant resources to
protect against security breaches or to address problems caused by breaches. These issues are likely to become
more diÇcult as we expand the number of places where we operate. Security breaches could damage our
reputation and expose us to a risk of loss or litigation and possible liability. Our insurance policies carry low
coverage limits, which may not be adequate to reimburse us for losses caused by security breaches.
Our users, as well as those of other prominent Internet companies, have been and will continue to be
targeted by parties using fraudulent emails to misappropriate passwords, credit card numbers, or other
personal information. These emails appear to be legitimate emails sent by eBay or PayPal, but direct recipients
to fake websites operated by the sender of the email or request that the recipient send a password or other
conÑdential information via email. We actively pursue the parties responsible for these attempts at
misappropriation and encourage our users to divulge sensitive information only after they have veriÑed that
they are on our legitimate websites, but we cannot entirely eliminate these types of activities.
Our failure to manage growth could harm our business.
We are currently expanding our headcount, facilities, and infrastructure in the U.S. and internationally.
We anticipate that further expansion will be required to address potential growth in our customer base and
number of listings and payment transactions, as well as our expansion into new geographic areas, types of
goods, and alternative methods of sale. This expansion has placed, and we expect it will continue to place, a
signiÑcant strain on our management, operational, and Ñnancial resources. The areas that are put under strain
by our growth include the following:
Our Websites. We must constantly add new hardware, update software and add new engineering
personnel to accommodate the increased use of our and our subsidiaries' websites and the new products
and features we regularly introduce. This upgrade process is expensive, and the increased complexity of
our websites increases the cost of additional enhancements. Failure to upgrade our technology,
features, transaction processing systems, security infrastructure, or network infrastructure to accommo-
date increased traÇc or transaction volume could harm our business. Adverse consequences could
include unanticipated system disruptions, slower response times, degradation in levels of customer
support, impaired quality of users' experiences of our services, impaired quality of services for third-
party application developers using our externally accessible Application Programming Interface, or
52