Filed Pursuant to Rule 424(b)(4) Registration No. 333-70121 PROSPECTUS 2,750,000 Shares [LOGO OF VERISIGN] COMMON STOCK ---------------- VeriSign, Inc. is offering 1,185,000 shares and the selling stockholders are offering 1,565,000 shares. ---------------- VeriSign's common stock is listed on the Nasdaq National Market under the symbol "VRSN." On January 26, 1999, the reported last sale price of the common stock on the Nasdaq National Market was $81 1/2 per share. ---------------- Investing in the common stock involves risks. See "Risk Factors" beginning on page 6. ---------------- PRICE $80 1/2 A SHARE ---------------- The Securities and Exchange Commission and state securities regulators have not approved or disapproved these securities, or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense. VeriSign has granted the underwriters the right to purchase up to an additional 412,500 shares of common stock to cover over-allotments. Morgan Stanley & Co. Incorporated expects to deliver the shares to purchasers on January 29, 1999. ---------------- MORGAN STANLEY DEAN WITTER HAMBRECHT & QUIST DAIN RAUSCHER WESSELS a division of Dain Rauscher Incorporated BANCBOSTON ROBERTSON STEPHENS January 26, 1999
Underwriting Proceeds to Price to Discounts and Proceeds to Selling Public Commissions Company Stockholders -------- ------------- ----------- ------------ Per Share............... $80.50 $4.025 $76.475 $76.475 Total................... $221,375,000 $11,068,750 $90,622,875 $119,683,375 You should rely only on the information contained in this prospectus. We have not authorized anyone to provide you with information different from that contained in this prospectus. We are offering to sell shares of common stock and seeking offers to buy shares of common stock only in jurisdictions where offers and sales are permitted. The information contained in this prospectus is accurate only as of the date of this prospectus, regardless of the time of delivery of this prospectus or any sale of the common stock. ---------------- TABLE OF CONTENTS
Page ---- Prospectus Summary.................. 3 VeriSign, Inc....................... 5 Risk Factors........................ 6 Use of Proceeds..................... 17 Dividend Policy..................... 17 Price Range of Common Stock......... 17 Capitalization...................... 18 Dilution............................ 19 Selected Consolidated Financial Data............................... 20 Management's Discussion and Analysis of Financial Condition and Results of Operations...................... 21 ---------------- VeriSign(TM) is a trademark exclusively licensed to VeriSign, and SecureITSM, Digital IDSM, Digital ID CenterSM, EDI Server IDSM, Financial Server IDSM, Global Server IDSM, NetSureSM, Secure Server IDSM, VeriSign OnSiteSM, VeriSign SETSM, VeriSign Trust NetworkSM and WorldTrustSM are service marks of VeriSign. This prospectus also includes trademarks of companies other than VeriSign. Unless the context otherwise requires, the term "VeriSign" refers to VeriSign, Inc., a Delaware corporation, and its subsidiaries. On July 6, 1998, VeriSign acquired SecureIT, Inc. in a transaction accounted for as a pooling- of-interests. Accordingly, all financial information contained in this prospectus has been restated to include the operating results, financial position and cash flows of SecureIT as if it had always been a part of VeriSign. Except as otherwise noted herein, information in this prospectus assumes no exercise of the underwriters' over-allotment option. 2
Page ---- Business......................... 32 Management....................... 49 Certain Transactions............. 58 Principal and Selling Stockholders.................... 62 Description of Capital Stock..... 65 Shares Eligible for Future Sale.. 68 Underwriters..................... 69 Legal Matters.................... 71 Experts.......................... 71 Additional Information........... 71 Available Information............ 71 Index to Consolidated Financial Statements...................... F-1 PROSPECTUS SUMMARY The following summary is qualified in its entirety by the more detailed information and the Consolidated Financial Statements and notes thereto appearing elsewhere in this prospectus. VERISIGN, INC. VeriSign is the leading provider of Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over the Internet, intranets and extranets. We have established strategic relationships with industry leaders, including AT&T, British Telecommunications, or BT, Cisco, Microsoft, Netscape, Network Associates, RSA, Security Dynamics and VISA, to enable widespread utilization of our digital certificate services and to assure their interoperability with a wide variety of applications and network equipment. We have used our secure online infrastructure to issue over 100,000 of our website digital certificates and over 3.5 million of our digital certificates for individuals. We believe that we have issued more digital certificates than any other company in the world. Our Website Digital Certificate services are used by over 400 of the Fortune 500 companies. We also offer the VeriSign OnSite service, which allows an organization to leverage our trusted service infrastructure to develop and deploy customized digital certificate services for use by its employees, customers and business partners. Over 300 enterprises have subscribed to the OnSite service since its introduction in November 1997, including Bank of America, Hewlett-Packard, the Internal Revenue Service, Kodak, Sumitomo Bank, Texas Instruments and USWest. We market our Internet-based trust services worldwide through multiple distribution channels, including the Internet, direct sales, telesales, value-added resellers, or VARs, systems integrators and our affiliates, and intend to expand these distribution channels. VeriSign was incorporated in Delaware in April 1995. Our executive offices are located at 1390 Shorebird Way, Mountain View, California 94043-1338. Our telephone number at this location is (650) 961-7500. Our website is located at http://www.verisign.com. Information contained in our website is not part of this prospectus. THE OFFERING - -------- (1) Based on the number of shares outstanding as of December 31, 1998. This number does not include 4,129,094 shares issuable upon the exercise of options then outstanding, with a weighted average exercise price of $19.17 per share, and 797,496 shares reserved for issuance under VeriSign's stock plans. It also does not include 17,500 shares subject to a warrant that would be issued in the event that VeriSign borrows funds under an equipment loan agreement and 15,000 shares that would be issued to a service provider if certain milestones are met. See "Capitalization," "Management--Director Compensation," "--Employee Benefit Plans" and Notes 6 and 8 of Notes to Consolidated Financial Statements. 3
Common stock offered by VeriSign............. 1,185,000 shares Common stock offered by the Selling Stockholders................................ 1,565,000 shares Common stock to be outstanding after the offering.................................... 24,271,692 shares(1) Over-allotment option........................ 412,500 shares Use of proceeds.............................. For working capital and other general corporate purposes. See "Use of Proceeds." Dividend policy.............................. We do not anticipate paying any cash dividends in the foreseeable future. Nasdaq National Market symbol................ VRSNSUMMARY CONSOLIDATED FINANCIAL DATA (In thousands, except per share data)
Period from April 12, 1995 Year Ended Nine Months Ended (Inception) to December 31, September 30, December 31, ------------------ ------------------ 1995 1996 1997 1997 1998 -------------- -------- -------- -------- -------- Consolidated Statement of Operations Data: Revenues................ $ 382 $ 1,356 $ 13,356 $ 8,360 $ 25,719 Total costs and ex- penses................. 2,524 12,415 34,657 22,694 45,555 Operating loss.......... (2,142) (11,059) (21,301) (14,334) (19,836) Net loss................ (1,994) (10,288) (18,589) (12,268) (17,209) Basic and diluted net loss per share(1)...... $ (.43) $ (2.07) $ (2.61) $ (1.54) $ (.82) Shares used in per share computation(1)......... 4,689 4,960 7,121 7,988 21,042 - -------- Notes: (1) See Note 1 of Notes to Consolidated Financial Statements for an explanation of the determination of the number of shares used in the per share computation. (2) As adjusted to reflect the sale of the common stock offered by VeriSign after deducting underwriting discounts and commissions and estimated offering expenses payable by VeriSign. See "Use of Proceeds" and "Capitalization." RECENT DEVELOPMENT On January 19, 1999, VeriSign announced selected consolidated results of operations for the fourth quarter of 1998 and for the year ended December 31, 1998, as set forth in the following table.
September 30, 1998 ---------------------- Actual As Adjusted(2) ------- -------------- Consolidated Balance Sheet Data: Cash, cash equivalents and short-term investments....... $42,468 $132,441 Total assets............................................ 63,643 153,616 Stockholders' equity.................................... 42,356 132,329 4
Three Months Ended Year Ended December 31, December 31, -------------------- ------------------ 1997 1998 1997 1998 --------- --------- -------- -------- (In thousands, except per share data) Revenues............................ $ 4,996 $ 13,211 $ 13,356 $ 38,930 Net loss............................ (6,321) (2,534) (18,589) (19,743) Basic and diluted net loss per share.............................. $ (.82) $ (.11) $ (2.61) $ (.95) Shares used in per share computation........................ 7,690 22,393 7,121 20,873 VERISIGN, INC. VeriSign is the leading provider of Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over the Internet, intranets and extranets, which we refer to as IP networks. A digital certificate functions as an electronic credential in the digital world. It identifies the certificate owner, authenticates the certificate owner's membership in a given organization or community or establishes the certificate owner's authority to engage in a given transaction. By performing these functions, it creates a framework for trusted interaction over IP networks. We have established strategic relationships with industry leaders, including AT&T, BT, Cisco, Microsoft, Netscape, Network Associates, RSA, Security Dynamics and VISA, to enable widespread utilization of our digital certificate services and to assure their interoperability with a wide variety of applications and network equipment. We have used our secure online infrastructure to issue over 100,000 of our website digital certificates and over 3.5 million of our digital certificates for individuals. We believe that we have issued more digital certificates than any other company in the world. Our Website Digital Certificate services are used by over 400 of the Fortune 500 companies. We also offer the VeriSign OnSite service, which allows an organization to leverage our trusted service infrastructure to develop and deploy customized digital certificate services for use by its employees, customers and business partners. Over 300 enterprises have subscribed to the OnSite service since its introduction in November 1997, including Bank of America, Hewlett-Packard, the Internal Revenue Service, Kodak, Sumitomo Bank, Texas Instruments and USWest. Over the last three years, the Internet has become a widely-accepted platform for many consumer-oriented transactions such as retail purchases, auctions, online banking and brokerage for companies such as Amazon.com, Bank of America, Cisco, Dell, eBay, E*Trade and Charles Schwab. International Data Corporation (IDC) estimates that the number of Internet users will grow from 97 million in 1998 to 320 million by 2002 with commensurate growth in electronic commerce from $32 billion to $426 billion over that same period. In order for electronic commerce to continue this growth, the Internet needs a cost-effective solution that can give consumers the same sense of trust that they have in conducting commerce in the physical world. In a manner similar to the use of physical credentials, this solution must irrefutably verify the identity of a business over the Internet and ensure that the information being transmitted between the consumer and the business is kept private. Digital certificates can provide these authentication and privacy capabilities for consumers and businesses conducting commerce over the Internet. Businesses have also begun to use IP networks for advanced interactions with their employees, business partners and customers. As a result, there is a need to use digital certificates as electronic credentials to verify the identity, authority and privileges of those individuals and entities before allowing them to access confidential information or transact new business. Digital certificates are issued and managed by entities known as Certification Authorities, or CAs. The level of trust that can be associated with a digital certificate is ultimately tied to the technology, infrastructure and practices used by the CA to prepare, issue and manage the digital certificate over its lifecycle. For organizations that need to support large quantities of digital certificates, doing so themselves can be extremely expensive, requiring substantial human resources and taking years and millions of dollars to implement. The ideal solution would be a complete CA service offering that could provide businesses with a scalable and reliable CA utility to support all of their digital certificate needs including website, intranet, extranet, virtual private network, or VPN, and electronic commerce authentication. VeriSign has invested significant resources to develop a highly reliable and secure operations infrastructure, a modular software platform and a comprehensive set of security and trust practices to enable trusted and secure electronic commerce and communications over IP networks using digital certificates. Our modular WorldTrust software platform, which serves as the foundation for our Internet-based trust services, automates many aspects of digital certificate issuance and lifecycle management and provides the scalability necessary to deploy and manage millions of digital certificates for distinct communities ranging from individual corporations to the entire population of Internet users. VeriSign's objective is to enable secure electronic commerce and communications through its online trust services infrastructure. Our strategy to achieve this objective includes leveraging our leadership position to drive market penetration, leveraging and expanding strategic relationships with industry leaders, maintaining leadership in technology, infrastructure and practices, continuing to build the VeriSign brand and expanding our global marketing and distribution. We market our Internet-based trust services worldwide through multiple distribution channels, including the Internet, direct sales, telesales, VARs, systems integrators and our affiliates. We intend to continue to expand these distribution channels. 5 RISK FACTORS You should carefully consider the risks and uncertainties described below before making an investment decision. These risks and uncertainties are not the only ones facing VeriSign. Additional risks and uncertainties not presently known to us or that we currently deem immaterial may also impair our business operations. If any of the following risks actually occur, our business, financial condition or operating results could be materially harmed. In such case, the trading price of our common stock could decline and you may lose all or part of your investment. This prospectus also contains forward-looking statements that involve risks and uncertainties. Our actual results could differ materially from those anticipated in these forward-looking statements as a result of certain factors including the risks faced by us described below and elsewhere in this prospectus. We Have a Limited Operating History VeriSign was incorporated in April 1995, and we began introducing our Internet-based trust services in June 1995. Accordingly, we have only a limited operating history on which to base an evaluation of our business and prospects. Our prospects must be considered in light of the risks and uncertainties encountered by companies in the early stages of development. These risks and uncertainties are often worse for companies in new and rapidly evolving markets. Our success will depend on many factors, including, but not limited to, the following: . the rate and timing of the growth and use of IP networks for electronic commerce and communications; . the extent to which digital certificates are used for such communications and commerce; . the continued evolution of electronic commerce as a viable means of conducting business; . the demand for our Internet-based trust services; . competition levels; . the perceived security of electronic commerce and communications over IP networks; . the perceived security of our services, technology, infrastructure and practices; and . our continued ability to maintain our current, and enter into additional, strategic relationships. To address these risks we must, among other things: . successfully market our Internet-based trust services and our digital certificates to our new and existing customers; . attract, integrate, train, retain and motivate qualified personnel; . respond to competitive developments; . successfully introduce new Internet-based trust services; and . successfully introduce enhancements to our existing Internet-based trust services to address new technologies and standards. We cannot be certain that we will successfully address any of these risks. We Have a History of Losses and Anticipate Future Losses We have experienced substantial net losses in each fiscal period since we were formed. As of September 30, 1998, we had an accumulated deficit of $48.3 million. VeriSign's limited operating history, the emerging nature 6 of its market and the factors described under "--Our Business Depends on the Adoption of IP Networks" and "--Our Quarterly Operating Results May Fluctuate; Our Future Revenues and Profitability Are Uncertain," among other factors, make prediction of our future operating results difficult. In addition, we intend to increase our expenditures in all areas in order to execute our business plan. As a result, we expect to incur substantial additional losses. Although our revenues have grown in recent periods, we may be unable to sustain such growth. Therefore, you should not consider our historical growth indicative of future revenue levels or operating results. We may never achieve profitability. Even if we do, we may not be able to sustain it. See "Management's Discussion and Analysis of Financial Condition and Results of Operations" and "Business--Strategy." Our Business Depends on the Adoption of IP Networks In order for VeriSign to be successful, IP networks must be widely adopted, in a timely manner, as a means of trusted and secure electronic commerce and communications. Because electronic commerce and communications over IP networks are new and evolving, it is difficult to predict the size of this market and its sustainable growth rate. To date, many businesses and consumers have been deterred from utilizing IP networks for a number of reasons, including, but not limited to: . potentially inadequate development of network infrastructure; . security concerns including the potential for merchant or user impersonation and fraud or theft of stored data and information communicated over IP networks; . inconsistent quality of service; . lack of availability of cost-effective, high-speed service; . limited numbers of local access points for corporate users; . inability to integrate business applications on IP networks; . the need to operate with multiple and frequently incompatible products; and . a lack of tools to simplify access to and use of IP networks. The adoption of IP networks will require a broad acceptance of new methods of conducting business and exchanging information. Companies and government agencies that already have invested substantial resources in other methods of conducting business may be reluctant to adopt new methods. Also, individuals with established patterns of purchasing goods and services and effecting payments may be reluctant to change. The use of IP networks may not increase or may increase more slowly than we expect because the infrastructure required to support widespread use may not develop. The Internet may continue to experience significant growth both in the number of users and the level of use. However, the Internet infrastructure may not be able to continue to support the demands placed on it by continued growth. Continued growth may also affect the Internet's performance and reliability. In addition, the growth and reliability of IP networks could be harmed by delays in development or adoption of new standards and protocols to handle increased levels of activity or by increased governmental regulation. Changes in, or insufficient availability of, communications services to support IP networks could result in poor performance and also adversely affect their usage. Any of these factors could materially harm our business. See "-- We Could Be Affected by Government Regulation" and "Business--Industry Background" and "--Customers and Markets." Our Market is New and Evolving We target our Internet-based trust services at the market for trusted and secure electronic commerce and communications over IP networks. This is a new and rapidly evolving market that may not continue to grow. Accordingly, the demand for our Internet-based trust services is very uncertain. Even if the market for electronic commerce and communications over IP networks grows, our Internet-based trust services may not be widely 7 accepted. The factors that may affect the level of market acceptance of digital certificates and, consequently, our Internet-based trust services, include the following: . market acceptance of products and services based upon authentication technologies other than those we use; . public perception of the security of digital certificates and IP networks; . the ability of the Internet infrastructure to accommodate increased levels of usage; and . government regulations affecting electronic commerce and communications over IP networks. Even if digital certificates achieve market acceptance, our Internet-based trust services may fail to address the market's requirements adequately. If digital certificates do not achieve market acceptance in a timely manner and sustain such acceptance, or if our Internet-based trust services in particular do not achieve or sustain market acceptance, our business would be materially harmed. See "Business--Industry Background" and "--Customers and Markets." Our Quarterly Operating Results May Fluctuate; Our Future Revenues and Profitability Are Uncertain Our quarterly operating results have varied and may fluctuate significantly in the future as a result of a variety of factors, many of which are outside our control. These factors include the following: . continued market acceptance of our Internet-based trust services; . the long sales and implementation cycles for, and potentially large order sizes of, certain of our Internet-based trust services; . the timing and execution of individual contracts; . customer renewal rates for our Internet-based trust services; . the timing of releases of new versions of Internet browsers or other third-party software products and networking equipment which include our digital certificate service interface technology; . the mix of our services sold during a quarter; . our success in marketing other Internet-based trust services to our existing customers and to new customers; . continued development of our direct and indirect distribution channels, both in the U.S. and abroad; . market acceptance of our Internet-based trust services or our competitors' products and services; . our ability to attract, integrate, train, retain and motivate a substantial number of sales and marketing, research and development and technical support personnel; . our ability to expand our operations; . our success in assimilating the operations and personnel of SecureIT and any other acquired businesses; . the amount and timing of expenditures related to expansion of our operations; . the impact of price changes in our Internet-based trust services or our competitors' products and services; and . general economic conditions and economic conditions specific to IP network industries. Our limited operating history and the emerging nature of our market make it difficult to predict future revenues. Our expenses are based, in part, on our expectations regarding future revenues, and are largely fixed in nature, particularly in the short term. We may be unable to predict our future revenues accurately or to adjust spending in a timely manner to compensate for any unexpected revenue shortfall. Accordingly, any significant 8 shortfall of revenues in relation to our expectations could cause significant declines in our quarterly operating results. Due to all of the foregoing factors, our quarterly revenues and operating results are difficult to forecast. Therefore, we believe that period-to-period comparisons of our operating results will not necessarily be meaningful, and you should not rely upon them as an indication of our future performance. Also, it is likely that our operating results will fall below our expectations and the expectations of securities analysts or investors in some future quarter. In such event, the market price of our common stock could be materially adversely affected. See "Management's Discussion and Analysis of Financial Condition and Results of Operations." System Interruptions and Security Breaches Could Harm Our Business We depend on the uninterrupted operation of our secure data centers and our other computer and communications systems. We must protect these systems from loss, damage or interruption caused by fire, earthquake, power loss, telecommunications failure or other events beyond our control. Most of our systems are located at, and most of our customer information is stored in, our facilities in Mountain View, California and Kawasaki, Japan, areas susceptible to earthquakes. Any damage or failure that causes interruptions in our secure data centers and our other computer and communications systems could materially harm our business. In addition, our ability to issue digital certificates depends on the efficient operation of the Internet connections from customers to our secure data centers. Such connections depend upon efficient operation of web browsers, Internet service providers and Internet backbone service providers, all of which have had periodic operational problems or experienced outages in the past. Any of these problems or outages could adversely affect customer satisfaction. Our success also depends upon the scalability of our systems. Our systems have not been tested at the volumes that may be required in the future. Thus, it is possible that a substantial increase in demand for our Internet-based trust services could cause interruptions in our systems. Any such interruptions could adversely affect our ability to deliver our Internet-based trust services and therefore could materially harm our business. Although we periodically perform, and retain accredited third parties to perform, audits of our operational practices and procedures, we may not be able to remain in compliance with our internal standards or those set by third-party auditors. If we fail to maintain these standards, we may have to expend significant time and money to return to compliance and our business could be materially harmed. We retain certain confidential customer information in our secure data centers. It is critical to our business strategy that our facilities and infrastructure remain secure and are perceived by the marketplace to be secure. Despite our security measures, our infrastructure may be vulnerable to physical break-ins, computer viruses, attacks by hackers or similar disruptive problems. It is possible that we may have to expend additional financial and other resources to address such problems. Any physical or electronic break-ins or other security breaches or compromises of the information stored at our secure data centers may jeopardize the security of information stored on our premises or in the computer systems and networks of our customers. In such an event, we could face significant liability and customers could be reluctant to use our Internet-based trust services. Such an occurrence could also result in adverse publicity and therefore adversely affect the market's perception of the security of electronic commerce and communications over IP networks as well as of the security or reliability of our services. See "Business--The VeriSign Solution," "--Strategy," "--Infrastructure," "--Security and Trust Practices" and "--Facilities." We Face Significant Competition We anticipate that the market for services that enable trusted and secure electronic commerce and communications over IP networks will remain intensely competitive. We compete with larger and smaller companies that provide products and services that are similar to certain aspects of our Internet- based trust services. We expect that competition will increase in the near term, and that our primary long-term competitors may not yet have entered the market. Increased competition could result in pricing pressures, reduced margins or 9 the failure of our Internet-based trust services to achieve or maintain market acceptance, any of which could materially harm our business. Several of our current and potential competitors have longer operating histories and significantly greater financial, technical, marketing and other resources. As a result, we may not be able to compete effectively. For a more detailed description of the competitive threats facing us, see "Business--Competition." Technological Changes Will Affect Our Business The emerging nature of the Internet and digital certificate markets and their rapid evolution requires us to continually improve the performance, features and reliability of our Internet-based trust services, particularly in response to competitive offerings. We must also introduce any new Internet- based trust services as quickly as possible. The success of new Internet-based trust services depends on several factors, including proper new service definition and timely completion, introduction and market acceptance of our new Internet-based trust services. We may not succeed in developing and marketing new Internet-based trust services that respond to competitive and technological developments and changing customer needs. This could materially harm our business. If new Internet, networking or telecommunication technologies or standards are widely adopted or if other technological changes occur, we may need to expend significant resources to adapt our Internet-based trust services. See "Business--Trust Services" and "--Research and Development." We Must Manage Our Growth and Expansion Our historical growth has placed, and any further growth is likely to continue to place, a significant strain on our resources. VeriSign has grown from 26 employees at December 31, 1995 to 315 employees at December 31, 1998. We have also opened additional sales offices and have significantly expanded our operations, both in the U.S. and abroad, during this time period. We expanded our operations by acquiring SecureIT during 1998. To be successful, we will need to implement additional management information systems, develop further our operating, administrative, financial and accounting systems and controls and maintain close coordination among our executive, engineering, accounting, finance, marketing, sales and operations organizations. Any failure to manage growth effectively could materially harm our business. See "Management's Discussion and Analysis of Financial Condition and Results of Operations." We Depend on Key Personnel We depend on the performance of our senior management team and other key employees. Our success will depend on our ability to retain and motivate these individuals. Our success will also depend on our ability to attract, integrate, train, retain and motivate additional highly skilled technical and sales and marketing personnel, both in the U.S. and abroad. There is intense competition for these personnel. In addition, our stringent hiring practices for some of our key personnel, which consist of background checks into prospective employees' criminal and financial histories, further limit the number of qualified persons for such positions. See "Business--Security and Trust Practices." VeriSign has no employment agreements with any of its key executives that prevent them from leaving VeriSign at any time. In addition, we do not maintain key person life insurance for any of our officers or key employees other than our President and Chief Executive Officer. The loss of the services of any of our senior management team or other key employees or our failure to attract, integrate, train, retain and motivate additional key employees could materially harm our business. See "Business--Employees" and "Management." We Must Establish and Maintain Strategic Relationships One of our significant business strategies has been to enter into strategic or other similar collaborative relationships in order to reach a larger customer base than we could reach through our direct sales and marketing efforts. We may need to enter into additional relationships to execute our business plan. We may not be able to 10 enter into additional, or maintain our existing, strategic relationships on commercially reasonable terms. If we failed, we would have to devote substantially more resources to the distribution, sale and marketing of our Internet-based trust services than we would otherwise. Furthermore, as a result of our emphasis on these relationships, our success in such relationships will depend both on the ultimate success of the other parties to such relationships, particularly in the use and promotion of IP networks for trusted and secure electronic commerce and communications, and on the ability of certain of these parties to market our Internet-based trust services successfully. Failure of one or more of our strategic relationships to result in the development and maintenance of a market for our Internet-based trust services could materially harm our business. Our existing strategic relationships do not, and any future strategic relationships may not, afford VeriSign any exclusive marketing or distribution rights. In addition, the other parties may not view their relationships with us as significant for their own businesses. Therefore, they could reduce their commitment to VeriSign at any time in the future. These parties could also pursue alternative technologies or develop alternative products and services either on their own or in collaboration with others, including our competitors. If we are unable to maintain our strategic relationships or to enter into additional strategic relationships, our business could be materially harmed. See "Business--Strategy," "--Strategic Relationships" and "--Marketing, Sales and Distribution." Certain of Our Internet-based Trust Services Have Lengthy Sales and Implementation Cycles We market many of our Internet-based trust services directly to large companies and government agencies. The sale and implementation of our services to these entities typically involves a lengthy education process and a significant technical evaluation and commitment of capital and other resources. This process is also subject to the risk of delays associated with customers' internal budgeting and other procedures for approving large capital expenditures, deploying new technologies within their networks and testing and accepting new technologies that affect key operations. As a result, the sales and implementation cycles associated with certain of our Internet-based trust services can be lengthy, potentially lasting from three to six months. Our quarterly and annual operating results could be materially harmed if orders forecasted for a specific customer for a particular quarter are not realized. See "--Our Quarterly Operating Results May Fluctuate; Our Future Revenues and Profitability Are Uncertain" and "Management's Discussion and Analysis of Financial Condition and Results of Operations." Our Internet-based Trust Services Could Have Unknown Defects Services as complex as those we offer or develop frequently contain undetected defects or errors. Despite testing, defects or errors may occur in existing or new Internet-based trust services, which could result in loss of or delay in revenues, loss of market share, failure to achieve market acceptance, diversion of development resources, injury to our reputation, increased insurance costs or increased service and warranty costs, any of which could materially harm our business. Furthermore, we often provide implementation, customization, consulting and other technical services in connection with the implementation and ongoing maintenance of our Internet- based trust services and our digital certificate service agreements. The performance of these Internet-based trust services typically involves working with sophisticated software, computing and communications systems. Our failure or inability to meet customer expectations or project milestones in a timely manner could also result in loss of or delay in revenues, loss of market share, failure to achieve market acceptance, injury to our reputation and increased costs. Because customers rely on our Internet-based trust services for critical security applications, any significant defects or errors in our Internet-based trust services might discourage customers from subscribing to our services. Such defects or errors could also result in tort or warranty claims. Although we attempt to reduce the risk of losses resulting from such claims through warranty disclaimers and liability limitation clauses in our sales agreements, these contractual provisions may not be enforceable in every instance. Furthermore, although we maintain errors and omissions insurance, such insurance coverage may not adequately cover us for claims. If a court refused to enforce the liability-limiting provisions of our contracts for any reason, or if liabilities arose that were not contractually limited or adequately covered by insurance, our business could be materially harmed. See "Business-- Trust Services" and "--Research and Development." 11 Public Key Cryptography Technology Is Subject to Certain Risks Our Internet-based trust services depend on public key cryptography technology. With public key cryptography technology, a user is given a public key and a private key, both of which are required to encrypt and decode messages. The security afforded by this technology depends on the integrity of a user's private key and that it is not stolen or otherwise compromised. The integrity of private keys also depends in part on the application of certain mathematical principles known as "factoring." This integrity is predicated on the assumption that the factoring of large numbers into their prime number components is difficult. Should an easy factoring method be developed, then the security of encryption products utilizing public key cryptography technology would be reduced or eliminated. Furthermore, any significant advance in techniques for attacking cryptographic systems could also render some or all of our existing Internet-based trust services obsolete or unmarketable. Even if no breakthroughs in factoring or other methods of attacking cryptographic systems are made, factoring problems can theoretically be solved by computer systems significantly faster and more powerful than those presently available. Current or future governmental regulation regarding the use, scope and strength of public key cryptography could also limit our ability to develop and distribute digital certificates with encryption strong enough to maintain the integrity of a user's private key against factoring by more powerful computer systems. If such improved techniques for attacking cryptographic systems are ever developed, we would likely have to reissue digital certificates to some or all of our customers, which could damage our reputation and brand or otherwise harm our business. In the past there have been public announcements of the successful decoding of certain cryptographic messages and of the potential misappropriation of private keys. Such publicity could also adversely affect the public perception as to the safety of the public key cryptography technology included in our digital certificates. Such adverse public perception could harm our business. See "Business--Industry Background" and "--Trust Services." Our International Operations Are Subject to Certain Risks Revenues of VeriSign Japan K.K., or VeriSign Japan, and revenues from other international affiliates and customers accounted for approximately 9% of our revenues in 1997 and approximately 11% of our revenues for the nine months ended September 30, 1998. We intend to expand our international operations and international sales and marketing activities. Expansion into these markets has required and will continue to require significant management attention and resources. We may also need to tailor our Internet-based trust services for a particular market and to enter into international distribution and operating relationships. We have limited experience in localizing our Internet-based trust services and in developing international distribution or operating relationships. We may not succeed in expanding our Internet-based trust service offerings into international markets. Any such failure could harm our business. In addition, there are certain risks inherent in doing business on an international basis, including, among others: . regulatory requirements; . legal uncertainty regarding liability; . export and import restrictions on cryptographic technology and products incorporating that technology; . tariffs and other trade barriers; . difficulties in staffing and managing foreign operations; . longer sales and payment cycles; . problems in collecting accounts receivable; . difficulty of authenticating customer information; . political instability; . seasonal reductions in business activity; and . potentially adverse tax consequences. 12 We have licensed to certain international affiliates the VeriSign Processing Center platform, which is designed to replicate our own secure data centers and allows the affiliate to offer back-end processing of Internet-based trust services. The VeriSign Processing Center platform provides an affiliate with the knowledge and technology to offer Internet-based trust services similar to those offered by VeriSign. It is critical to our business strategy that the facilities and infrastructure used in issuing and marketing digital certificates remain secure and be perceived by the marketplace to be secure. Although we provide the affiliate with training in security and trust practices, network management and customer service and support, these practices are performed by the affiliate and are outside of our control. Any failure of an affiliate to maintain the privacy of confidential customer information could result in negative publicity and therefore adversely affect the market's perception of the security of our services as well as the security of electronic commerce and communication over IP networks generally. See "--System Interruptions and Security Breaches Could Harm Our Business" and "Business--Trust Services." All of our international revenues from sources other than VeriSign Japan are denominated in U.S. dollars. If additional portions of our international revenues were to be denominated in foreign currencies, we could become subject to increased risks relating to foreign currency exchange rate fluctuations. See "--Industry Regulation," "Management's Discussion and Analysis of Financial Condition and Results of Operations" and "Business--Strategy" and "--Marketing, Sales and Distribution." We Depend on Authentication Information We rely upon information provided by third-party sources to authenticate the identity of customers requesting certain of our digital certificates. This information is presently only available from a limited number of sources and we currently procure such information from single sources. Reliance on single sources involves certain risks and uncertainties, including the possibility of delayed or discontinued availability. Any such delay or unavailability, coupled with any inability to develop alternative sources quickly and cost- effectively, could impair our ability to deliver certain digital certificates on a timely basis and result in the cancellation of orders, increased costs and injury to our reputation. This could harm our business. Reliance on third- party information sources for authentication has also limited the distribution of certain of our digital certificates outside of the U.S., where access to such sources has been unavailable or limited. Additionally, accurate authentication of the identity of the individuals and entities to which we issue digital certificates is necessary for such digital certificates to provide security and trust. Therefore, if any authentication information that we rely upon is inaccurate, it could adversely affect our reputation and result in tort or warranty claims from customers relying upon our digital certificates for trusted and secure electronic commerce and communications. This could materially harm our business. See "--Our Internet- based Trust Services Could Have Unknown Defects" and "Business--Products and Services." We Could Be Affected By Government Regulation Exports of software products utilizing encryption technology are generally restricted by the U.S. and various non-U.S. governments. Although we have obtained approval to export our Global Server digital certificate service and none of our other Internet-based trust services are currently subject to export controls under U.S. law, the list of products and countries for which export approval is required could be revised in the future to include more digital certificate products and related services. If we do not obtain required approvals we may not be able to sell certain Internet-based trust services in international markets. There are currently no federal laws or regulations that specifically control CAs, but a limited number of states have enacted legislation or regulations with respect to CAs. If the market for digital certificates grows, the U.S. federal or state or non-U.S. governments may choose to enact further regulations governing CAs or other providers of digital certificate products and related services. Such regulations or the costs of complying with such regulations could harm our business. Many companies conducting electronic commerce over IP networks do not collect sales or other similar taxes with respect to shipments of goods into other states or foreign countries or with respect to other transactions 13 conducted between parties in different states or countries. It is possible that the U.S. federal or state or non-U.S. governments may seek to impose sales taxes on companies that engage in electronic commerce over IP networks. In the event that government bodies succeed in imposing sales or other taxes on electronic commerce, the growth of the use of IP networks for electronic commerce could slow substantially, which could materially harm our business. Due to the increasing popularity of IP networks, it is possible that laws and regulations may be enacted covering issues such as user privacy, pricing, content and quality of products and services. The increased attention focused upon these issues as a result of the adoption of other laws or regulations may reduce the rate of growth of IP networks, which in turn could result in decreased demand for our Internet-based trust services or could otherwise materially harm our business. See "Business--Industry Background." Acquisitions Could Harm Our Business During 1998, we acquired SecureIT. If we are unable to successfully complete the integration of SecureIT, our business could be materially harmed. We may acquire additional businesses, technologies, product lines or service offerings in the future. Acquisitions involve a number of risks including, among others: . the difficulty of assimilating the operations and personnel of the acquired businesses; . the potential disruption of our business; . our inability to integrate, train, retain and motivate key personnel of the acquired business; . the diversion of our management from our day-to-day operations; . our inability to incorporate acquired technologies successfully into our Internet-based trust services; . the additional expense associated with completing an acquisition and amortizing any acquired intangible assets; . the potential impairment of relationships with our employees, customers and strategic partners; and . the inability to maintain uniform standards, controls, procedures and policies. If we are unable to successfully address any of these risks, our business could be materially harmed. We Face Risks Related to Intellectual Property Rights Our success depends on our internally developed technologies and other intellectual property. Despite our precautions, it may be possible for a third party to copy or otherwise obtain and use our intellectual property or trade secrets without authorization. In addition, it is possible that others may independently develop substantially equivalent intellectual property. If we do not effectively protect our intellectual property, our business could be materially harmed. In the future we may have to resort to litigation to enforce our intellectual property rights, to protect our trade secrets or to determine the validity and scope of the proprietary rights of others. Such litigation, regardless of its outcome, could result in substantial costs and diversion of management and technical resources. We also license third-party technology, such as public key cryptography technology licensed from RSA and other technology that is used in our products, to perform key functions. These third-party technology licenses may not continue to be available to us on commercially reasonable terms or at all. Our business could be materially harmed if we lost the rights to use these technologies. A third party could claim that the licensed software infringes any patent or other proprietary right. Litigation between the licensor and a third party or between us and a third party could lead to royalty obligations for which we are not indemnified or for which such indemnification is insufficient, or we may not be able to obtain any additional license on commercially reasonable terms or at all. 14 The loss of, or our inability to obtain or maintain, any of these technology licenses could delay the introduction of our Internet-based trust services until equivalent technology, if available, is identified, licensed and integrated. This could harm our business. From time to time, we have received, and may receive in the future, notice of claims of infringement of other parties' proprietary rights. Infringement or other claims could be made against us in the future. Any such claims, with or without merit, could be time-consuming, result in costly litigation and diversion of technical and management personnel, cause product shipment delays or require us to develop non-infringing technology or enter into royalty or licensing agreements. Such royalty or licensing agreements, if required, may not be available on acceptable terms or at all. If a successful claim of product infringement were made against us and we could not develop non- infringing technology or license the infringed or similar technology on a timely and cost-effective basis, our business could be harmed. See "Business-- Intellectual Property." Year 2000 Issues Could Affect Our Business We are in the process of assessing and remediating any Year 2000 issues with the computer communications, software and security systems that we use to deliver and manage our Internet-based trust services and to manage our internal operations. Despite our testing and remediating, our systems may contain errors or faults with respect to the Year 2000. Our efforts to address this issue are described in more detail in "Management's Discussion and Analysis of Financial Condition and Results of Operations--Year 2000 Issues." If our systems do not operate properly with regard to the Year 2000 and thereafter we could incur unanticipated expenses to remedy any problems, which could adversely affect our business. Customer's purchasing plans could be affected by Year 2000 issues as they may need to expend significant resources to correct their existing systems. This situation may result in reduced funds available to implement the infrastructure needed to conduct trusted and secure electronic commerce and communications over IP networks or to purchase our Internet-based trust services. These factors could materially harm our business. See "Management's Discussion and Analysis of Financial Condition and Results of Operations" and "Business--Industry Background." We Have Implemented Certain Anti-Takeover Provisions Certain provisions of our Amended and Restated Certificate of Incorporation and Bylaws, as well as provisions of Delaware law could make it more difficult for a third party to acquire us, even if doing so would be beneficial to our stockholders. See "Description of Capital Stock." Future Sales of Shares Could Affect Our Stock Price If our stockholders sell substantial amounts of our common stock in the public market following this offering, the market price of our common stock could fall. Based on shares outstanding as of December 31, 1998, upon completion of this offering we will have outstanding 24,271,692 shares of common stock (assuming no exercise of the underwriters' over-allotment option and no exercise of outstanding options after December 31, 1998). Of these shares 18,274,562 are currently eligible for sale in the public market. After the lockup agreements with the underwriters of this offering expire 90 days from the date of this prospectus, an additional 4,745,944 shares will be eligible for sale in the public market. The remaining 1,251,186 shares will be eligible for public sale after July 6, 1999, subject to the volume limitations and other conditions of Rule 144. In addition, the former shareholders of SecureIT have the right, after January 30, 1999, to require us to file a registration statement to register the resale of 418,093 shares. These share numbers exclude 4,129,094 shares subject to outstanding stock options and 797,496 shares reserved for future issuance under our stock plans as of December 31, 1998. See "Management--Employee Benefit Plans," "Shares Eligible for Future Sale" and "Underwriters." 15 Our Stock Price May Be Volatile The market price of our common stock has fluctuated in the past and is likely to fluctuate in the future. In addition, the market prices of securities of other technology companies, particularly Internet-related companies, have been highly volatile. Factors that may have a significant effect on the market price of our common stock include: . fluctuations in our operating results; . announcements of technological innovations or new Internet-based trust services by us or new products or services by our competitors; . analysts' reports and projections; . regulatory actions; and . general market, economic or political conditions in the U.S. or abroad. Investors may not be able to resell their shares of our common stock at or above the offering price. See "Price Range of Common Stock." Existing Stockholders Will Maintain Significant Influence The present executive officers, directors and their affiliates will beneficially own approximately 25.1% of our outstanding common stock upon the completion of this offering. As a result, these stockholders could significantly influence our management and affairs and all matters requiring stockholder approval, including the election of directors and approval of significant corporate transactions such as a merger, consolidation or sale of substantially all of our assets. See "Principal and Selling Stockholders." Use of Proceeds Is Unspecified We plan to use the proceeds from this offering for general corporate purposes. Therefore, we will have discretion as to how we will spend the proceeds, which could be in ways with which the stockholders may not agree. We cannot predict that the proceeds will be invested to yield a favorable return. See "Use of Proceeds." 16 USE OF PROCEEDS We estimate that the net proceeds from the sale of the 1,185,000 shares we are selling in this offering will be approximately $90.0 million, after deducting underwriting discounts and commissions and deducting estimated offering expenses of $650,000. If the Underwriters' over-allotment option is exercised in full, we estimate that our net proceeds from this offering will be $121.5 million. VeriSign will not receive any proceeds from the sale of the shares being sold by the Selling Stockholders. We intend to use our net proceeds from this offering primarily for working capital and other general corporate purposes. We may also use a portion of the net proceeds to acquire or invest in businesses, technologies, product lines or service offerings that are complementary to our business. We have no present plans or commitments and are not currently engaged in any negotiations with respect to such transactions. As a result, we will have significant discretion as to the use of the net proceeds. Pending such uses, we intend to invest the net proceeds in short-term, interest-bearing, investment-grade securities. See "Risk Factors--Acquisitions Could Harm Our Business" and "-- Use of Proceeds Is Unspecified." DIVIDEND POLICY We have never declared or paid any cash dividends on our common stock or other securities and do not anticipate paying any cash dividends in the foreseeable future. In addition, the terms of our equipment line of credit agreement prohibit the payment of dividends on our capital stock. PRICE RANGE OF COMMON STOCK Our common stock has been traded on the Nasdaq National Market under the symbol "VRSN" since January 29, 1998, the date of our initial public offering. Prior to such time, there was no public market for our common stock. The following table sets forth, for the periods indicated, the high and low sales prices for our common stock as reported by the Nasdaq National Market. On January 26, 1999, the last reported sale price for our common stock on the Nasdaq National Market was $81.50 per share. As of December 31, 1998, there were approximately 235 holders of record of our common stock, although we estimate that there are in excess of 3,000 beneficial holders. 17
High Low ------- ------- Fiscal Year Ended December 31, 1998: First Quarter................................................. $46 7/8 $20 1/2 Second Quarter................................................ 49 26 Third Quarter................................................. 44 7/8 21 7/8 Fourth Quarter................................................ 77 1/2 19 3/8 Fiscal Year Ending December 31, 1999: First Quarter (through January 26, 1999)...................... 95 1/2 54 CAPITALIZATION The following table sets forth VeriSign's capitalization as of September 30, 1998 and as adjusted to reflect the receipt by VeriSign of the estimated net proceeds from selling 1,185,000 shares in this offering after deducting underwriting discounts and commissions and estimated offering expenses. - -------- Note: (1)The number of shares of common stock issued and outstanding does not include: . 1,686,587 shares issuable upon the exercise of options outstanding as of September 30, 1998, under the 1995 Stock Option Plan, with a weighted average exercise price of $2.46 per share; . 518,050 shares issuable upon the exercise of options outstanding as of September 30, 1998, under the 1997 Stock Option Plan, with a weighted average exercise price of $7.34 per share; . 145,098 shares issuable upon the exercise of options outstanding as of September 30, 1998, under the SecureIT 1997 Stock Option Plan, which was assumed by VeriSign, with a weighted average exercise price of $7.64 per share; . 1,116,910 shares issuable upon the exercise of options outstanding as of September 30, 1998, under our 1998 Equity Incentive Plan (the "Equity Incentive Plan"), with a weighted average exercise price of $29.09 per share, and 1,255,022 shares reserved for future issuance thereunder; . 441,775 shares reserved for issuance under our 1998 Employee Stock Purchase Plan (the "Purchase Plan"); . 37,500 shares issuable upon the exercise of options outstanding as of September 30, 1998 under our 1998 Directors Stock Option Plan (the "Directors Plan"), with a weighted average exercise price of $39.25 per share, and 87,500 shares reserved for future issuance thereunder; . 15,000 shares that would be issued to a service provider if certain milestones are met; and . 17,500 shares subject to a warrant that would be issued in the event that VeriSign borrows funds under an equipment loan agreement. See "Management--Director Compensation," "--Employee Benefit Plans," "Description of Capital Stock" and Notes 6 and 8 of Notes to Consolidated Financial Statements. 18
September 30, 1998 --------------------- Actual As Adjusted -------- ----------- (In thousands) Stockholders' equity: Preferred stock, $.001 par value; 5,000,000 shares authorized, no shares issued and outstanding .......... $ -- $ -- Common stock, $.001 par value; 50,000,000 shares authorized; actual--22,732,876 shares issued and outstanding; As adjusted--23,917,876 shares issued and outstanding(1)......................................... 23 24 Additional paid-in capital.............................. 91,496 181,468 Notes receivable from stockholders...................... (582) (582) Deferred compensation................................... (302) (302) Accumulated deficit..................................... (48,279) (48,279) -------- -------- Total stockholders' equity............................. 42,356 132,329 -------- -------- Total capitalization................................. $ 42,356 $132,329 ======== ======== DILUTION The net tangible book value of VeriSign's common stock as of September 30, 1998 was $42.4 million, or $1.86 per share. Net tangible book value per share is equal to our total tangible assets less our total liabilities, divided by the shares of common stock outstanding as of September 30, 1998. After giving effect to our issuance and sale of 1,185,000 shares of common stock in this offering after deducting underwriting discounts and commissions and estimated offering expenses payable by VeriSign, our net tangible book value as of September 30, 1998 would have been $132.3 million, or $5.53 per share. This amount represents an immediate increase in net tangible book value of $3.67 per share to existing stockholders and an immediate dilution of $74.97 per share to new public investors. The following table illustrates the per share dilution: The table above assumes no exercise of any stock options outstanding as of September 30, 1998, no exercise of a warrant to purchase 17,500 shares of common stock that would be issued in the event that VeriSign borrows funds under an equipment loan agreement, and no issuance of 15,000 shares of common stock that would be issued to a service provider if certain milestones are met. As of September 30, 1998, there were options outstanding to purchase a total of 3,504,145 shares of common stock with a weighted average exercise price of $12.27 per share. To the extent that any of these options or the warrant are exercised, there will be further dilution to new public investors. See "Capitalization," "Management--Director Compensation," "--Employee Benefit Plans" and Notes 6 and 8 of Notes to Consolidated Financial Statements. 19
Public offering price per share............................... $80.50 Net tangible book value per share at September 30, 1998..... $1.86 Increase in net tangible book value per share attributable to new public investors.................................... 3.67 ----- Net tangible book value per share after offering.............. 5.53 ------ Dilution per share to new public investors.................... $74.97 ====== SELECTED CONSOLIDATED FINANCIAL DATA The following selected consolidated financial data should be read in conjunction with VeriSign's Consolidated Financial Statements and the notes thereto and "Management's Discussion and Analysis of Financial Condition and Results of Operations" appearing elsewhere in this prospectus. The selected consolidated statement of operations data presented below for the period from April 12, 1995 (inception) to December 31, 1995 and for each of the years in the two-year period ended December 31, 1997, and the selected consolidated balance sheet data as of December 31, 1996 and 1997, are derived from consolidated financial statements that have been audited by KPMG LLP, independent auditors, and are included elsewhere in this prospectus. The selected consolidated balance sheet data as of December 31, 1995 are derived from consolidated financial statements that have been audited by KPMG LLP, independent auditors, but that are not included elsewhere in this prospectus. The selected consolidated statement of operations data for the nine months ended September 30, 1997 and 1998 and the selected consolidated balance sheet data as of September 30, 1998 are derived from consolidated financial statements that have not been audited. The unaudited consolidated financial statements reflect all normal recurring adjustments that, in the opinion of management, are necessary for a fair presentation on the financial position of VeriSign at September 30, 1998 and the results of operations for the interim periods ended September 30, 1997 and 1998. The results of operations for any interim period are not necessarily indicative of the results of our operations for any future interim period or for a full fiscal year. - -------- Note: (1) See Note 1 of Notes to Consolidated Financial Statements for an explanation of the determination of the number of shares used in per share computation. 20
Period from April 12, 1995 Year Ended Nine Months Ended (Inception) to December 31, September 30, December 31, ------------------ ----------------------- 1995 1996 1997 1997 1998 -------------- -------- -------- -------- ------------- (In thousands, except per share data) Consolidated Statement of Operations Data: Revenues ............... $ 382 $ 1,356 $ 13,356 $ 8,360 $ 25,719 ------- -------- -------- -------- -------- Costs and expenses: Cost of revenues...... 412 2,791 9,689 6,172 13,467 Sales and marketing... 790 4,885 11,826 7,732 16,449 Research and development.......... 642 2,058 5,303 3,643 6,242 General and administrative....... 680 2,681 5,039 3,147 5,842 Special charges....... -- -- 2,800 2,000 3,555 ------- -------- -------- -------- -------- Total costs and expenses............ 2,524 12,415 34,657 22,694 45,555 ------- -------- -------- -------- -------- Operating loss....... (2,142) (11,059) (21,301) (14,334) (19,836) Other income (expense).. 148 (67) 1,174 872 1,677 ------- -------- -------- -------- -------- Loss before minority interest............ (1,994) (11,126) (20,127) (13,462) (18,159) Minority interest in net loss of subsidiary..... -- 838 1,538 1,194 950 ------- -------- -------- -------- -------- Net loss............. $(1,994) $(10,288) $(18,589) $(12,268) $(17,209) ======= ======== ======== ======== ======== Basic and diluted net loss per share(1)...... $ (.43) $ (2.07) $ (2.61) $ (1.54) $ (.82) ======= ======== ======== ======== ======== Shares used in per share computation(1)......... 4,689 4,960 7,121 7,988 21,042 ======= ======== ======== ======== ======== December 31, ---------------------------- September 30, 1995 1996 1997 1998 -------- -------- -------- ------------- (In thousands) Consolidated Balance Sheet Data: Cash, cash equivalents and short-term investments............ $ 2,687 $ 30,006 $ 12,893 $ 42,468 Working capital......... 2,284 24,788 6,160 33,299 Total assets............ 4,052 36,537 26,904 63,643 Stockholders' equity.... 3,376 28,520 13,541 42,356 MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS You should read the following discussion in conjunction with the Consolidated Financial Statements and notes thereto appearing elsewhere in this prospectus. Except for historical information, the following discussion contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Such forward-looking statements involve risks and uncertainties, including, among other things, statements regarding our anticipated costs and expenses, revenue mix and plans for addressing Year 2000 issues. Such forward-looking statements include, among others, those statements including the words, "expects," "anticipates," "intends," "believes" and similar language. Our actual results may differ significantly from those projected in the forward- looking statements. Factors that might cause future results to differ materially from those discussed in the forward-looking statements include, but are not limited to, those discussed in "Risk Factors" and elsewhere in this prospectus. Overview VeriSign is the leading provider of Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over IP networks. We have established strategic relationships with industry leaders, including AT&T, BT, Cisco, Microsoft, Netscape, Network Associates, RSA, Security Dynamics and VISA, to enable widespread utilization of our digital certificate services and to assure their interoperability with a wide variety of applications and network equipment. We have used our secure online infrastructure to issue over 100,000 of our website digital certificates and over 3.5 million of our digital certificates for individuals. We believe that we have issued more digital certificates than any other company in the world. Our Website Digital Certificate services are used by over 400 of the Fortune 500 companies and all of the top 25 electronic commerce websites as listed by Jupiter Communications, an independent market research firm. We also offer the VeriSign OnSite service, which allows an organization to leverage our trusted service infrastructure to develop and deploy customized digital certificate services for use by its employees, customers and business partners. Over 300 enterprises have subscribed to the OnSite service since its introduction in November 1997, including Bank of America, Hewlett-Packard, the Internal Revenue Service, Kodak, Sumitomo Bank, Texas Instruments and USWest. We have derived substantially all of our revenues to date from fees for services rendered in connection with deploying Internet-based trust services. Revenues from our Internet-based trust services consist of fees for the issuance of digital certificates, fees for digital certificate software modules and fees for consulting, training, support and maintenance services. We defer revenues from the sale or renewal of digital certificates and recognize this revenue ratably over the life of the digital certificate, generally 12 months. We recognize revenues from the sale of digital certificate software modules to distributors and affiliates upon delivery of the software and signing of an agreement, provided the fee is fixed and determinable, collectibility is probable and the arrangement does not require significant production, modification or customization of the software. We recognize revenues from consulting and training services using the percentage- of-completion method for fixed-fee development arrangements, or as the services are provided for time-and-materials arrangements. We recoginze revenue ratably over the term of the agreement for support and maintenance services. We market our Internet-based trust services worldwide through multiple distribution channels, including the Internet, direct sales, telesales, VARs, systems integrators and our affiliates. A significant portion of our revenues to date has been generated through sales from our website, but we intend to continue increasing our direct sales force, both in the U.S. and abroad, and to continue to expand our other distribution channels. In connection with the formation of VeriSign Japan, we licensed certain technology and contributed other assets to VeriSign Japan. Subsequent to its formation, additional investors purchased minority interests in VeriSign Japan. As of September 30, 1998, we owned 50.5% of the outstanding capital stock of VeriSign Japan. Accordingly, our 21 consolidated financial statements include the accounts of VeriSign Japan and our consolidated statements of operations reflect the minority shareholders' share of the net losses of VeriSign Japan. In July 1998, we acquired SecureIT, a provider of Internet and enterprise security solutions, including a range of products and services to help clients assess, design and implement security solutions. In addition, SecureIT provides training on related subjects. The acquisition added services and technology complementary to our Internet-based trust services. We have accounted for the acquisition as a pooling-of-interests. Accordingly, we have restated all prior period consolidated financial statements to include the results of operations, financial position and cash flows of SecureIT as though it had always been a part of VeriSign. We have experienced substantial net losses in each fiscal period since our inception. As of September 30, 1998, we had an accumulated deficit of $48.3 million. These net losses and accumulated deficit resulted from our lack of substantial revenues and the significant costs incurred in the development and sale of our Internet-based trust services and in the establishment and deployment of our technology, infrastructure and practices. We intend to increase our expenditures in all areas in order to execute our business plan. As a result, we expect to incur substantial additional losses. Although our revenues have grown in recent periods, we may be unable to sustain such growth. Therefore, you should not consider our historical growth indicative of future revenue levels or operating results. We may never achieve profitability or, if we do, we may not be able to sustain it. A more complete description of these and other risks relating to our business is set forth under the caption "Risk Factors." Recent Development On January 19, 1999, VeriSign announced selected consolidated results of operations for the fourth quarter of 1998 and for the year ended December 31, 1998. Our revenues were $13.2 million for the fourth quarter of 1998, compared to revenues of $5.0 million for the fourth quarter of 1997. Net loss for the fourth quarter of 1998 was $2.5 million, or $0.11 per share, compared to a net loss of $6.3 million, or $0.82 per share, for the fourth quarter of 1997. For the full year of 1998, our revenues were $38.9 million, compared to revenues of $13.4 million for 1997. Net loss for 1998 was $19.7 million, or $0.95 per share, compared to a net loss in 1997 of $18.6 million, or $2.61 per share. Net loss for the full year of 1998 included special charges of $3.6 million. Net loss for the fourth quarter of 1997 included a special charge of $800,000, and net loss for the full year of 1997 included special charges of $2.8 million. See "--Results of Operations for the Nine-Month Periods--Costs and Expenses--Special Charges" and "--Annual Results of Operations--Costs and Expenses--Special Charges." Results of Operations for the Nine-Month Periods Revenues Revenues increased from $8.4 million in the first nine months of 1997 to $25.7 million in the first nine months of 1998. The growth in revenues resulted from increased sales of our Internet-based trust services, particularly our website digital certificates and VeriSign OnSite services, delivery of more training and services and higher sales of certain third-party products. In the third quarter of 1997, we increased our per-unit prices for digital certificate services by approximately 15%. During the first nine months of 1998, we also completed certain work required under various contracts and recognized the related portion of revenues. We adopted the American Institute of Certified Public Accountants' Statement of Position (SOP) No. 97-2, Software Revenue Recognition, for software transactions entered into beginning January 1, 1998. SOP No. 97-2 generally requires revenue earned on software arrangements involving multiple elements to be allocated to each element based on its relative fair value. The fair value of the element must be based on objective evidence that is specific to the vendor. If a vendor does not have objective evidence of the fair value of all elements in a multiple-element arrangement, all revenue from the arrangement must be deferred until such evidence exists or until all elements have been delivered. The adoption of SOP No. 97-2 did not have a material effect on our operating results. 22 No customer accounted for 10% or more of revenues during the first nine months of 1998. VISA International accounted for 12% of revenues for the first nine months of 1997. Revenues of VeriSign Japan together with revenues from other international customers accounted for 10% of revenues in the first nine months of 1997 and 11% of revenues in the first nine months of 1998. Costs and Expenses Cost of Revenues. Cost of revenues consists primarily of costs related to providing digital certificate enrollment and issuance services, customer support and training, consulting and development services and costs of facilities and computer and communications equipment used in such activities. Cost of revenues also includes fees paid to third parties to verify digital certificate applicants' identities, insurance premiums for our service warranty plans and errors and omissions insurance and the cost of software resold to customers. Cost of revenues increased from $6.2 million in the first nine months of 1997 to $13.5 million in the first nine months of 1998. The increase was due to a number of factors. We hired more employees to support the additional volume of digital certificates issued and to support SecureIT's security consulting and training activities. The cost of our service warranty plan increased partly because of greater volume and partly because this plan was not in effect during a portion of the nine-month period of 1997. In addition, we incurred increased expenses for access to third-party databases, higher support charges for our external disaster recovery program and for the cost of certain third-party software products resold to customers as part of network security solution implementations. Certain of our services require greater personnel involvement and therefore have higher costs than other services. As a result, we anticipate that cost of revenues will vary for the remainder of 1998 and in 1999 depending on the mix of services sold during each period. Sales and Marketing. Sales and marketing expenses consist primarily of costs related to sales and marketing and practices and external affairs. These expenses include salaries, sales commissions and other personnel-related expenses, travel and related expenses, cost of computer and communications equipment and support services, facilities costs, consulting fees and costs of marketing programs. Sales and marketing expenses increased from $7.7 million in the first nine months of 1997 to $16.4 million in the first nine months of 1998. The increase is a direct result of the continued growth of our direct sales force and the expansion of our efforts, particularly in lead and demand generation activities. The growth and expansion of the SecureIT sales and marketing organization also contributed to the increase in these expenses. We anticipate that sales and marketing expenses will continue to increase in absolute dollars as we expand our direct sales force, hire additional marketing personnel and increase our marketing and promotional activities both in the U.S. and abroad. Research and Development. Research and development expenses consist primarily of costs related to research and development personnel, including salaries and other personnel-related expenses, consulting fees and the cost of facilities, computer and communications equipment and support services used in service and technology development. Research and development expenses increased from $3.6 million in the first nine months of 1997 to $6.2 million in the first nine months of 1998 as a result of our investments in the design, testing and deployment of, and technical support for, our expanded Internet-based trust service offerings and technology. The increase reflects the expansion of our engineering staff and related costs required to support our continued emphasis on the development of new services, as well as enhancing existing services. During 1998, we continued to make significant investments in development of all of our services, including those targeted for the service provider market. 23 We believe that timely development of new and enhanced Internet-based trust services and technology are necessary to remain competitive in the marketplace. Accordingly, we intend to continue to recruit experienced research and development personnel and to make other investments in research and development. As a result, we expect that research and development expenses will continue to increase in absolute dollars. To date, we have expensed all research and development expenditures as incurred. General and Administrative. General and administrative expenses consist primarily of salaries and other personnel-related expenses for our administrative, finance and human resources personnel, facilities and computer and communications equipment, support services and professional services fees. General and administrative expenses increased from $3.1 million in the first nine months of 1997 to $5.8 million in the first nine months of 1998. The increase was primarily due to increased staffing levels required to support our expanded operations and to implement additional management information systems and related procedures. In addition, in 1998 we incurred additional costs related to being a public company, including investor relations programs and professional services fees. We expect to continue to invest in a more comprehensive executive and administrative infrastructure and to add additional facilities as required. As a result, we anticipate that general and administrative expenses will continue to increase in absolute dollars. Special Charges. In September 1996, VeriFone, Inc., which subsequently became a wholly-owned subsidiary of Hewlett-Packard, filed a lawsuit against VeriSign alleging, among other things, trademark infringement. In November 1997, VeriSign, Hewlett-Packard and VeriFone reached an agreement, under which, among other things, we issued 250,000 shares of our common stock, which were transferred to Hewlett-Packard, and VeriSign and VeriFone settled all claims. The settlement amount was recorded in the third quarter of 1997 as a $2.0 million charge to operations. In connection with our acquisition of SecureIT, we recorded a special charge of $3.6 million to operating expenses in the third quarter of 1998. The expenses included $2.4 million for direct and other merger-related costs pertaining to the merger transaction. Merger transaction costs consisted primarily of fees for investment bankers, attorneys, accountants, filing fees and other related charges. The remaining $1.2 million related to stock-based compensation charges in connection with the acceleration of certain performance stock options held by SecureIT employees. Other Income Other income consists primarily of interest earned on our cash, cash equivalents and short-term investments, less interest expense on bank borrowings of VeriSign Japan and the effect of foreign currency transaction gains and losses. Other income increased from $872,000 in the first nine months of 1997 to $1.7 million in the first nine months of 1998. This increase is primarily due to a higher cash and short-term investment base as a result of the proceeds from our initial public offering on January 29, 1998. Provision for Income Taxes We have not recorded any provision for federal and California income taxes for either of the nine-month periods because we have experienced net losses since inception. See "--Annual Results of Operations--Provision for Income Taxes." Minority Interest in Net Loss of Subsidiary Minority interest in the net losses of VeriSign Japan was $1.2 million in the first nine months of 1997 and $950,000 in the first nine months of 1998. The decrease was primarily due to increased revenues from VeriSign 24 Japan in the 1998 period as compared to the same period of the prior year. VeriSign Japan is still in the early stage of operations and, therefore, we expect that the minority interest in net loss of subsidiary will continue to fluctuate in future periods. Annual Results of Operations We began operations on April 12, 1995, which is also referred to as "inception." The discussion below compares the period from April 12, 1995 to December 31, 1995 (which is also referred to as "the inception period" or "1995"), 1996 and 1997. Revenues Revenues were $382,000 in 1995, $1.4 million in 1996 and $13.4 million in 1997. Revenues from inception through 1996 were primarily derived from sales of our Secure Server digital certificate services. The increase in revenues from 1995 to 1996 was due primarily to increased market acceptance of Secure Server digital certificate services and, to a lesser extent, SET digital certificate services. The increase in revenues from 1996 to 1997 was due to increased sales of Secure Server digital certificate services, increased services revenues, including revenues from digital certificate service agreements, and sales of certain third-party products. Revenues from Individual digital certificates were nominal because substantially all individual digital certificates were issued free of charge on a promotional basis. VISA accounted for approximately 21% of our revenues in 1996 and 10% of revenues in 1997. No other customer accounted for 10% or more of our revenues during 1995, 1996 or 1997. Revenues of VeriSign Japan and from other international customers accounted for less than 10% of revenues in the inception period, 1996 and 1997. Costs and Expenses VeriSign's costs and expenses increased in 1996 compared to 1995 and again in 1997 compared to 1996, primarily due to our overall growth. The total number of our employees increased from 26 at December 31, 1995 to 210 at December 31, 1997. In addition, we opened several new offices, increased our sales and marketing and research and development efforts and expanded our headquarters and secure data centers during these time periods. Cost of Revenues. Cost of revenues was $412,000 in 1995, $2.8 million in 1996 and $9.7 million in 1997. Cost of revenues was not material in 1995 because of our minimal revenues in that period. The increases in 1996 and 1997 were due to a number of factors. Facilities costs and related overhead costs increased as we built our operations infrastructure. We hired more full-time and temporary employees to support the additional volume of digital certificates issued and to support SecureIT's security consulting and training activities. We also incurred costs related to the introduction of new services as well as the costs related to certain third-party software products that were resold to our customers as part of network security solution implementations. Expenses related to our errors and omissions insurance and access to third-party databases also increased. In addition, during 1997, we implemented our service warranty program and our disaster recovery program. Sales and Marketing. Sales and marketing expenses were $790,000 in 1995, $4.9 million in 1996 and $11.8 million in 1997. The increase in sales and marketing expenses from 1995 through 1996 and 1997 was primarily due to increased headcount and increased expenditures for marketing programs. The increase in 1997 also reflects the growth and expansion of the SecureIT sales and marketing organization. Research and Development. Research and development expenses were $642,000 in 1995, $2.1 million in 1996 and $5.3 million in 1997. Our continued investment in the design, testing and deployment of, and technical support for, our expanded services and technology caused research and development expenses to increase in each period from 1995 to 1996 and 1997. The increase reflects the expansion of our engineering staff and related costs required to support our continued emphasis on developing new, and enhancing existing, services and technology. 25 General and Administrative. General and administrative expenses were $680,000 in 1995, $2.7 million in 1996 and $5.0 million in 1997. The increase in general and administrative expenses from 1995 through 1996 and 1997 was primarily a result of hiring additional staff to manage and support our expanding operations. Special Charges. The settlement amount for the VeriFone litigation was recorded in 1997 as a $2.0 million charge to operations. In November 1997 we entered into a preferred provider agreement with Microsoft whereby we agreed to jointly develop, promote and distribute a variety of client-based and server-based digital certificate solutions. Under this agreement, we have been designated as the premier provider of digital certificates for Microsoft customers. In connection with the agreement, we issued 100,000 shares of our common stock to Microsoft and recorded an $800,000 charge to operations. Other Income (Expense) We had other income of $148,000 in 1995, other expense of $67,000 in 1996 and other income of $1.2 million in 1997. The increase in other income in 1997 was due to interest earned on the cash proceeds of our November 1996 Series C preferred stock financing. Provision for Income Taxes We have not recorded any provision for federal and state income taxes because we have experienced net losses since inception. As of December 31, 1997, we had federal net operating loss carryforwards of approximately $26.9 million and state net operating loss carryforwards of approximately $27.1 million. If we are not able to use them, the federal net operating loss carryforwards will expire in 2010 through 2014 and the state net operating loss carryforwards will expire in 2003. The Tax Reform Act of 1986 imposes substantial restrictions on the utilization of net operating losses and tax credits in the event of a corporation's ownership change, as defined in the Internal Revenue Code. Our ability to utilize net operating loss carryforwards may be limited as a result of such an ownership change. We do not anticipate that a material limitation on our ability to use our carryforwards and credits will result from this offering. We have provided a full valuation allowance on our deferred tax asset because of the uncertainty regarding its realization. Our accounting for deferred taxes under Statement of Financial Accounting Standards No. 109 involves the evaluation of a number of factors concerning the realizability of our deferred tax assets. In concluding that a full valuation allowance was required, we considered such factors as our history of operating losses and expected future losses and the nature of our deferred tax assets. Although our operating plans assume taxable and operating income in future periods, our evaluation of all the available evidence in assessing the realizability of the deferred tax assets indicates that such plans were not considered sufficient to overcome the available negative evidence. See Note 9 of Notes to Consolidated Financial Statements. Minority Interest in Net Loss of Subsidiary Minority interest in the net losses of VeriSign Japan was $838,000 in 1996 and $1.5 million in 1997. The increase was due to the increased expenses incurred in establishing and expanding the operations of VeriSign Japan prior to the generation of significant revenues as well as to an increasing percentage of VeriSign Japan's capital stock being held by minority shareholders. 26 Selected Quarterly Operating Results The following table sets forth certain consolidated statement of operations data for each quarter of 1997 and the first three quarters of 1998. This information has been derived from our unaudited consolidated financial statements, which, in management's opinion, have been prepared on the same basis as the annual consolidated financial statements and include all adjustments, consisting only of normal recurring adjustments, necessary for a fair presentation of the information for the quarters presented. This information should be read in conjunction with the Consolidated Financial Statements and notes thereto included elsewhere in this prospectus. The operating results for any quarter are not necessarily indicative of the results for any future period. Revenues We have experienced quarter-to-quarter sequential growth in revenues since our inception. These quarterly increases were due to increases in all revenue areas, including our Internet-based trust services and certain third-party software products sold to our customers as part of network security solution implementations. The increase in revenues related to digital certificate services has been primarily due to the increased number of digital certificates sold. However, in the third quarter of 1997, we increased our per-unit prices for digital certificate services by approximately 15%. Revenues from contracts for our services have increased each quarter because the number of contracts has increased. Revenues related to our own and certain third-party software products have increased as the number and size of network security implementations has increased. Costs and Expenses Cost of Revenues. Cost of revenues has increased each quarter as revenues have increased. Certain of our services require greater personnel involvement and therefore have higher costs than other services. As a result, cost of revenues will fluctuate each quarter depending on the mix of services sold in each quarter. The primary reasons for the increased cost of revenues on a quarterly basis, other than increased revenues, are: . hiring additional employees, particularly for customer support and information systems and to support SecureIT's security consulting and training activities; . increased expenses for access to third-party databases to verify digital certificate applicants' identities; and . costs related to certain third-party software products that were resold to our customers as part of network security solution implementations. 27
Three Months Ended --------------------------------------------------------------------- Mar. 31, June 30, Sept. 30, Dec. 31, Mar. 31, June 30, Sept. 30, 1997 1997 1997 1997 1998 1998 1998 -------- -------- --------- -------- -------- -------- --------- (In thousands) Revenues................ $ 1,590 $ 2,931 $ 3,839 $ 4,996 $ 6,662 $ 8,552 $10,505 ------- ------- ------- ------- ------- ------- ------- Costs and expenses: Cost of revenues....... 1,517 2,081 2,574 3,517 4,020 4,257 5,190 Sales and marketing.... 2,344 2,805 2,583 4,094 4,720 5,612 6,117 Research and development........... 1,029 1,260 1,354 1,660 1,671 2,019 2,552 General and administrative........ 1,020 942 1,185 1,892 1,735 2,434 1,673 Special charges........ -- -- 2,000 800 -- -- 3,555 ------- ------- ------- ------- ------- ------- ------- Total costs and expenses............ 5,910 7,088 9,696 11,963 12,146 14,322 19,087 ------- ------- ------- ------- ------- ------- ------- Operating loss....... (4,320) (4,157) (5,857) (6,967) (5,484) (5,770) (8,582) Other income ........... 469 167 236 302 392 657 628 ------- ------- ------- ------- ------- ------- ------- Loss before minority interest............ (3,851) (3,990) (5,621) (6,665) (5,092) (5,113) (7,954) Minority interest in net loss of subsidiary..... 305 482 407 344 389 324 237 ------- ------- ------- ------- ------- ------- ------- Net loss............. $(3,546) $(3,508) $(5,214) $(6,321) $(4,703) $(4,789) $(7,717) ======= ======= ======= ======= ======= ======= ======= In addition, we implemented our service warranty program and began the implementation of our disaster recovery program in the second quarter of 1997. Sales and Marketing. The quarterly increases in sales and marketing expenses resulted primarily from building our sales and marketing organization. The addition of sales and marketing personnel resulted in higher recruiting, benefits, travel and facilities costs. In addition, during the second quarter of 1997, additional expenses were incurred as we pursued strategic relationships in the U.S. and abroad, increased our public relations activities and channel development activities. The fourth quarter of 1997 reflects expenses related to the continued development and expansion of our direct sales force and increased spending for new marketing programs. Research and Development. The quarterly increases in research and development expenses were due primarily to increased personnel and related costs to support the design, testing and deployment of, and technical support for, our expanded Internet-based trust service offerings and technology. General and Administrative. In addition to building an administrative infrastructure in the fourth quarter of 1997, we increased our allowance for doubtful accounts commensurate with the growth in accounts receivable. The 1998 quarters reflect costs related to increased staffing levels required to support our expanded operations in the U.S. and abroad, costs to implement additional management information systems and related procedures and the costs of being a public company. Special Charges. Charges in the third and fourth quarters of 1997 and the third quarter of 1998 are discussed above under "--Results of Operations-- Costs and Expenses--Special Charges." Our operating results have varied on a quarterly basis and may fluctuate significantly in the future as a result of many factors outside of our control. Period-to-period comparisons of our operating results should not be relied upon as an indication of future performance. A more complete description of factors affecting quarterly operating results is set forth in "Risk Factors--Our Quarterly Operating Results May Fluctuate; Our Future Revenue and Profitability Are Uncertain." Year 2000 Issues Background of Year 2000 Issues Many currently-installed computer and communications systems and software products are unable to distinguish between twentieth century dates and twenty- first century dates. This situation could result in system failures or miscalculations causing disruptions in the operations of any business, including, among other things, a temporary inability to process transactions, send invoices or engage in similar normal business activities. As a result, many companies' software and computer and communications systems may need to be upgraded or replaced to comply with such "Year 2000" requirements. Our State of Readiness Our business depends on the operation of numerous systems that could potentially be impacted by Year 2000 related problems. The systems include: computer and communications hardware and software systems used to deliver our Internet-based trust services (including our proprietary software systems as well as software supplied by third parties); communications networks such as the Internet and private intranets; the internal systems of our customers and suppliers; digital certificate services sold to customers; the computer and communications hardware and software systems we use internally in the management of our business; and non-information technology systems and services we use to manage our business, such as telephone, security and building management systems. Based on an analysis of all systems potentially impacted by conducting business in the year 2000 and beyond, we are pursuing a phased approach to making such systems, and accordingly our operations, ready for the year 2000. Beyond awareness of the issues and scope of systems involved, the phases of activities in progress 28 include: an assessment of specific underlying computer and communications systems, programs and/or hardware; remediation or replacement of Year 2000 non-compliant technology; validation and testing of technologically-compliant Year 2000 solutions; and implementation of Year 2000 compliant systems. The table below provides the status and timing of such phased activities. As a trusted third-party CA providing, among other services, digital certificates and related lifecycle services, we depend on the hardware and software products from third parties used to deliver such Internet-based trust services. Inoperability of such services due to Year 2000 issues could harm our business. We have completed our assessment of the underlying systems and hardware. Certain components have been replaced and we are conducting validation and testing. Costs to Address Year 2000 Issues We expect that costs directly related to Year 2000 issues will not exceed approximately $500,000 for both costs incurred to date and future costs, including cases where non-compliant information technology systems have been or need to be replaced. We would have incurred the replacement cost of non- information technology systems regardless of the Year 2000 issue due to technology obsolescence and/or our growth. We have and will continue to expense all costs arising from Year 2000 issues, funding them from working capital. We do not believe that future expenditures to upgrade internal systems and applications will materially harm our business. In addition, while we do not know the potential costs of redeployment of personnel and any delays in implementing other projects, we anticipate the costs to be immaterial and we expect minimal adverse impact to the business. Risks of the Year 2000 Issues We believe our digital certificates and Internet-based trust services are Year 2000 compliant; however, success of our Year 2000 compliance efforts may depend on the success of our customers in dealing with Year 2000 issues. We sell our Internet-based trust services to companies in a variety of industries each with different issues and Year 2000 compliance challenges. Customer difficulties with Year 2000 issues could interfere with the use of Year 2000 compliant digital certificates which might require us to devote additional resources to resolve underlying problems. If problems exists within our digital certificate technology as it relates to customers' management systems and applications, our business, financial condition and results of operations could be materially harmed. This risk is minimized by our current offering of Year 2000 compliant test digital certificates which can validate the Year 2000 operation of customer applications and systems. However, there is no method to determine which customers will validate their applications and systems for Year 2000 compliance with our technology. 29
Targeted Impacted Systems Status Implementation ---------------- ------ -------------- Internet-based trust services sold to Digital certificates tested and available for customer customers.............. trial, testing and implementation completed........... Completed Non-information technology systems and Systems upgraded or replaced as appropriate, services............... testing and implementation completed.................. Completed Hardware and software systems used to deliver Assessment completed, remediation underway, services............... conducting validation and testing..................... Q1 1999 Communication networks used to provide Assessment completed, conducting validation services............... and testing........................................... Q1 1999 Operability with internal systems of customers and Assessment completed, conducting validation suppliers.............. and testing........................................... Q1 1999 Hardware and software systems used to manage Assessment completed, remediation underway, VeriSign's business.... conducting validation and testing..................... Q1 1999 Furthermore, the purchasing patterns of these customers or potential customers may be affected by Year 2000 issues as companies expend significant resources to become Year 2000 compliant. The costs of becoming Year 2000 compliant for current or potential customers may result in fewer funds being available to purchase and implement our Internet-based trust services. Contingency Plans With the assistance of an independent consulting firm, we developed a Year 2000 project plan template. Of the template's Year 2000 recommendations, beyond those already identified through our internal review, no additional work was required. We have not yet developed a contingency plan for handling Year 2000 problems that are not detected and corrected prior to their occurrence. However, we have a comprehensive business resumption plan in the event of a failure of our digital certificate services delivered from our secure data centers. Upon completion of testing and implementation activities, we will be able to assess additional areas requiring contingency planning and we expect to institute appropriate contingency planning at that time. Any failure to address any unforeseen Year 2000 issue could harm our business. Liquidity and Capital Resources Prior to our initial public offering, we financed our operations primarily through private sales of equity securities, raising approximately $46.1 million. Our initial public offering, which closed in February 1998, yielded net proceeds of approximately $43.7 million. At September 30, 1998, our principal source of liquidity was $42.5 million of cash, cash equivalents and short-term investments, consisting principally of commercial paper, medium term notes, foreign government bonds, corporate bonds and money market funds. We also have an equipment loan agreement under which we may borrow up to $3.0 million for purchases of equipment. This equipment loan agreement expires on March 31, 1999. Any amounts borrowed under this equipment loan agreement would bear interest at the rate of 7.5% per annum and would be secured by the equipment purchased with the loan proceeds. In the event that we borrow under this loan agreement, we would be obligated to issue to the lender a warrant to purchase 17,500 shares of our common stock. We have no current plans to borrow any amounts under this loan agreement. We have had significant negative cash flows from operating activities in each period to date. Net cash used in operating activities was $1.5 million in 1995, $6.0 million in 1996, $12.8 million in 1997 and $11.6 million in the first nine months of 1998. Net cash used in operating activities in each of these periods was primarily the result of net losses and increases in accounts receivable. These amounts were partially offset in all periods by non-cash charges and increases in accounts payable, accrued liabilities and deferred revenue. On July 6, 1998, we issued approximately 1,666,000 shares of our common stock in exchange for all of the outstanding common stock of SecureIT, a provider of Internet security products and services. The business combination was accounted for as a pooling-of-interests, and we incurred approximately $3.6 million for direct and other merger-related costs pertaining to the merger transaction and certain stock-based compensation charges. Net cash used in investing activities was $1.0 million in 1995, $4.4 million in 1996, $15.3 million in 1997 and $20.0 million in the first nine months of 1998. Net cash used in investing activities in these periods was primarily the result of capital expenditures for computer and communications equipment, purchased software, office equipment, furniture, fixtures and leasehold improvements. In addition, cash used in investing activities included net purchases of short-term investments of $8.0 million in 1997 and $16.4 million in the first nine months of 1998. Capital expenditures for property and equipment totaled $1.0 million in 1995, $4.2 million in 1996, $6.8 million in 1997 and $3.5 million in the first nine months of 1998. Our planned capital expenditures for the final three months of 1998 are approximately $1.5 million and for 1999 are approximately $5 million to $7 million, primarily for computer and communications equipment and leasehold improvements. As of September 30, 1998, we also had commitments under noncancelable operating leases for our facilities for various terms through 2005. See Note 10 of Notes to Consolidated Financial Statements. 30 Net cash provided by financing activities was $5.3 million in 1995, $37.8 million in 1996, $3.1 million in 1997 and $44.8 million in the first nine months of 1998. In 1995 and 1996, cash was provided primarily from net proceeds from the sale of preferred stock. In addition, net cash provided by financing activities of VeriSign Japan was $4.2 million in 1996 and $2.5 million in 1997, resulting from the sale of capital stock to minority investors and from the proceeds of bank borrowings. In the first nine months of 1998, net cash provided by financing activities included $43.7 million from our initial public offering. We believe that the net proceeds from this offering, together with existing cash, cash equivalents and short-term investments, will be sufficient to meet our working capital and capital expenditure requirements for the foreseeable future. However, at some time, we may need to raise additional funds through public or private financing, strategic relationships or other arrangements. Such additional funding, if needed, might not be available on terms attractive to us, or at all. If we have to enter into strategic relationships to raise additional funds we might be required to relinquish rights to certain of our technologies. Our failure to raise capital when needed could materially harm our business. If additional funds are raised through the issuance of equity securities, the percentage of our stock owned by our then-current stockholders would be reduced. Furthermore, such equity securities might have rights, preferences or privileges senior to those of our common stock. Recent Accounting Pronouncements In March 1998, the AICPA issued SOP No. 98-1, Accounting for the Costs of Computer Software Developed or Obtained for Internal Use. SOP No. 98-1 requires entities to capitalize certain costs related to internal-use software once certain criteria have been met. We expect that the adoption of SOP No. 98-1 will not have a material impact on our financial position, results of operations or cash flows. We will be required to implement SOP No. 98-1 for the year ending December 31, 1999. In April 1998, the AICPA issued SOP No. 98-5, Reporting on the Costs of Start-Up Activities. SOP No. 98-5 requires that all start-up costs related to new operations must be expensed as incurred. In addition, all start-up costs that were capitalized in the past must be written off when SOP No. 98-5 is adopted. We expect that the adoption of SOP No. 98-5 will not have a material impact on our financial position, results of operations or cash flows. We will be required to implement SOP No. 98-5 for the year ending December 31, 1999. In June 1998, the Financial Accounting Standards Board issued SFAS No. 133, Accounting for Derivative Instruments and Hedging Activities. SFAS No. 133 establishes methods for derivative financial instruments and hedging activities related to those instruments, as well as other hedging activities. Because we do not currently hold any derivative instruments and do not engage in hedging activities, we expect that the adoption of SFAS No. 133 will not have a material impact on our financial position, results of operations or cash flows. We will be required to implement SFAS No 133 for the year ending December 31, 2000. 31 BUSINESS VeriSign is the leading provider of Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over IP networks. We have established strategic relationships with industry leaders, including AT&T, BT, Cisco, Microsoft, Netscape, Network Associates, RSA, Security Dynamics and VISA, to enable widespread utilization of our digital certificate services and to assure their interoperability with a wide variety of applications and network equipment. We have used our secure online infrastructure to issue over 100,000 of our website digital certificates and over 3.5 million of our digital certificates for individuals. We believe that we have issued more digital certificates than any other company in the world. Our Website Digital Certificate services are used by over 400 of the Fortune 500 companies and all of the top 25 electronic commerce websites as listed by Jupiter Communications. We also offer the VeriSign OnSite service, which allows an organization to leverage our trusted service infrastructure to develop and deploy customized digital certificate services for use by its employees, customers and business partners. Over 300 enterprises have subscribed to the OnSite service since its introduction in November 1997, including Bank of America, Hewlett-Packard, the Internal Revenue Service, Kodak, Sumitomo Bank, Texas Instruments and USWest. We market our Internet-based trust services worldwide through multiple distribution channels, including the Internet, direct sales, telesales, VARs, systems integrators and our affiliates. Industry Background Over the last three years, the Internet has become a widely-accepted platform for many consumer-oriented transactions such as retail purchases, auctions, online banking and brokerage. Companies such as Amazon.com, Bank of America, Cisco, Dell, eBay, E*Trade and Charles Schwab have enjoyed dramatic growth in their online customer bases and revenues as consumers have executed an increasing number of their transactions over the Internet. The Internet's ease of use, 24-hour availability, global reach and ability to simplify product and vendor comparisons is fueling this growth. A recent industry report from International Data Corporation (IDC) estimates that the number of Internet users will grow from 97 million in 1998 to 320 million by 2002 with commensurate growth in electronic commerce from $32 billion to $426 billion over that same period. Consumer concerns about the trustworthiness and security of the Internet have been one of the main impediments to even faster growth of electronic commerce and communications. Many of these concerns are caused by the Internet's lack of physical signposts that have traditionally created trust in everyday commerce such as face-to-face interaction, the brick and mortar of commercial buildings and officially recognized credentials such as a business license or a credit card. Without these signposts, consumers have worried about the potential for merchant impersonation and fraud or the theft of personal data, such as credit card or bank account information, as it is transmitted over the Internet. In order for electronic commerce to overcome these concerns, the Internet needs a cost-effective solution that can give consumers the same sense of trust that they have when conducting commerce in the physical world. In a manner similar to the use of physical credentials, this solution must irrefutably verify the identity of a business over the Internet and ensure that the information being transmitted between the consumer and the business is kept private. Digital certificates can provide these authentication and privacy capabilities for consumers and businesses conducting commerce over the Internet. Based on the principles of public key cryptography, digital certificates are specially prepared software files that act as electronic credentials and are unique to an individual or entity. When installed on a website's server, a digital certificate can work with the industry standard Secure Sockets Layer, or SSL, protocol now supported in virtually all web browser and server applications, to confirm the identity of the business that operates the website and to enable encryption of all information transmitted between the website and the consumer. Website digital certificates have already become the standard for establishing trust in retail transactions over the Internet with more than 100,000 issued to merchants, banks and other organizations over the last three years. There are now more than 3 million web addresses registered in Network Solutions' "dot-com" domain name system, with more than 1.3 million new addresses added in the first nine months of 1998. Therefore, we believe that the need for digital certificates for website authentication is vast. 32 Businesses have also begun to use IP networks for advanced interactions with their employees, business partners and customers. As a result, there is a need to use digital certificates as electronic credentials to verify the identity, authority and privileges of those individuals and entities before allowing them to access confidential information or transact new business. For example, enterprises can issue digital certificates to individuals in order to enable (1) employees to access privileged information on an intranet or a virtual private network, or VPN, (2) trading partners to access an extranet for business-to-business electronic commerce transactions or (3) customers to access confidential account information. In addition to authentication and privacy, many of these commercial applications also require a verifiable way to prove that a given transaction or communication occurred. Digital certificates are becoming the preferred solution for this need through their capability to support the creation and use of "digital signatures." These digital signatures are analogous to physical signatures and are viewed as a mechanism for supporting non-repudiation in electronic commerce and communications. This capability further strengthens the value of digital certificates in supporting electronic commerce and communications over IP networks. Digital certificates provide the technological foundation of trust for electronic commerce and communications on the Internet. There are now hundreds of software applications and network management devices that support digital certificates for authentication, privacy and non-repudiation. Digital certificates are also enabled in e-mail applications, electronic payment applications, security products and hardware devices such as routers, switches and smart cards. Some of the industry leaders that have enabled digital certificates in their products include 3Com, CheckPoint, Cisco, GemPlus, IBM, Lotus, Microsoft, Netscape, Network Associates, Security Dynamics and VeriFone. Given the cost-effective, convenient and robust nature of digital certificates and the wide variety of software applications and network equipment that support digital certificates, many individuals and organizations may have multiple digital certificates issued to them. Each digital certificate would validate their identity and authority for each of the digital relationships they maintain (e.g. employee, customer, citizen, account holder, etc.). As a result, there could be a need over time for hundreds of millions of digital certificates to be issued and managed for individuals and business entities. Digital certificates are issued and managed by CAs. The level of trust that can be associated with a digital certificate is ultimately tied to the technology, infrastructure and practices used by the CA to prepare, issue and manage the digital certificate over its lifecycle. CAs generally are divided into two categories--public and private. Public CAs are independent third parties that perform the appropriate due diligence to ensure that a digital certificate subscriber's identity is valid. For example, a public CA may issue digital certificates for website authentication after validating the authenticity of the business and the ownership of its Internet domain name. Private CAs generally issue digital certificates to closed communities of users. For example, an enterprise may issue, or have issued on its behalf, digital certificates which authenticate the authority and privilege of its employees, business partners or customers for use in intranet, extranet and electronic commerce applications. In order to become a CA, an entity must have a combination of technology, infrastructure and digital certificate management practices. Technology requirements include knowledge and applied use of public key cryptography, digital signatures, relational database technology, electronic messaging and web-based programming techniques. In addition, a CA must provide full support for the lifecycle of digital certificate services, including subscriber enrollment, renewal, revocation and directory services. Infrastructure requirements include computer systems, networking equipment, telecommunications and Internet access services, 24 hour, 7 days per week availability, customer support and substantial physical and network security protections. Depending on the volume of digital certificates needed and the critical nature of their use, the CA infrastructure may also need to support high levels of scalability and redundancy, as well as disaster recovery. A CA's requirements for the policies and practices that it uses are highly dependent on the intended use of the digital certificates that it issues and may include personnel screening, published operating and security policies, periodic external and internal audits, data archiving and conformance to one or more industry-recognized operating standards. For organizations that need to support large quantities of digital certificates, doing so themselves can be extremely expensive, requiring substantial human resources and taking years and millions of dollars to 33 implement. As a result, enterprises and other organizations need a better solution for digital certificate deployment. The ideal solution would be a complete CA service offering that could provide businesses with a scalable and reliable CA utility to support all of their digital certificate needs including website, intranet, extranet, VPN and electronic commerce authentication. Such a service would provide significant advantages over an enterprise developing and implementing its own CA service. These advantages include faster time-to-market for digital certificate-protected services, lower start-up and on-going costs of ownership of the CA solution, fewer internal personnel requirements and higher overall reliability of the CA service. In order to support the hundreds of millions of digital certificates that may be issued globally by the many enterprises it would need to support, the CA service provider would need to deploy and operate a robust infrastructure, with extremely high availability, scalability, security and performance. Given the mission critical nature of the technology and its complexity, the service provider would also need to offer comprehensive design and customization services, as well as training and ongoing support. The VeriSign Solution VeriSign is the leading provider of Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over IP networks. VeriSign provides both public and private CA services to organizations needing digital certificates for website authentication, intranet and extranet access control, electronic commerce services and VPN connections. These services are delivered over the Internet from secure data centers that are operated by VeriSign and its network of global affiliates, which includes as BT, CertPlus (a joint venture among France Telecom, Gemplus and Matra Hautes Technologies) and Acer HiTrust in Taiwan. We have used our secure online infrastructure to issue over 100,000 of our website digital certificates and over 3.5 million of our digital certificates for individuals. We believe that we have issued more digital certificates than any other company in the world. Our Website Digital Certificate services are used by over 400 of the Fortune 500 companies and all of the top 25 electronic commerce websites as listed by Jupiter Communications. We also offer the VeriSign OnSite service, which allows an organization to leverage our trusted service infrastructure to develop and deploy customized digital certificate services for use by its employees, customers and business partners. Over 300 enterprises have subscribed to the OnSite service since its introduction in November 1997, including Bank of America, Hewlett-Packard, the Internal Revenue Service, Kodak, Sumitomo Bank, Texas Instruments and US West. As the leading provider of Internet-based trust services, we have established strategic relationships with industry leaders, including AT&T, BT, Cisco, Microsoft, Netscape, Network Associates, RSA, Security Dynamics and VISA, to enable the widespread utilization of our digital certificate services and to assure their interoperability with a wide variety of applications and network equipment. As a result, VeriSign services can be utilized with a wide variety of software applications and network devices including millions of deployed copies of Microsoft and Netscape browsers and tens of thousands of copies of popular web servers, as well as network management devices such as Cisco routers and 3Com switches. In addition, both Microsoft and Netscape have integrated enrollment for our digital certificates into the registration process for their web browsers and prominently feature VeriSign and our digital certificate services in certain of their products and online service offerings. VeriSign has developed and deployed proprietary software, a scalable systems infrastructure and trusted operating practices that have enabled us to provide a CA service platform designed for the rapid deployment of large volumes of digital certificates and the ongoing management of such digital certificates throughout their lifecycles. These components include: . Our Modular Software Platform. We have designed our proprietary WorldTrust platform to provide the scalability necessary to support the issuance and management of millions of digital certificates for distinct communities ranging from individual corporations to the entire population of Internet users. The WorldTrust platform automates many of the processes for digital certificate issuance and lifecycle 34 management, including subscriber enrollment, authentication and administration services. This software platform is also distributable over one or many computer systems to enhance scalability and redundancy while allowing certain functions of digital certificate issuance and lifecycle management to be deployed at customer or affiliate locations. In all configurations, the WorldTrust platform maintains a secure and reliable link to VeriSign's data centers for digital certificate processing. . Our Highly Reliable and Secure Operations. Our secure data centers, which are located in Mountain View, California and Kawasaki, Japan, as well as our international affiliates located in the U.K., France, Taiwan and South Africa, operate on a 24 hour, 7 days per week basis and support all aspects of issuance and management of our digital certificate services. Through the use of state-of-the-art computer, telecommunications, networking and security equipment, our data centers are designed to provide the high levels of availability, security and scalability necessary to meet the needs of customers for high volume digital certificate issuance and lifecycle management. . Our Comprehensive Security and Trust Practices. We have been instrumental in defining comprehensive, industry-endorsed practices and procedures for the legal and business frameworks in which digital certificate relationships are established, as well as the physical security and controls that are essential to operate secure, large-scale digital certificate management operations. We believe that these practices and procedures are a critical component to the creation of a digital certificate services infrastructure. Strategy As the leading provider of Internet-based trust services, VeriSign's objective is to enable secure electronic commerce and communications through a global trusted online services infrastructure. Our strategy to achieve this objective includes the following key elements: . Leverage Our Leadership Position to Drive Market Penetration. We believe that VeriSign has become the leading provider of Internet-based trust services by being the first to market with a variety of digital certificate services for consumers, websites, enterprises and Internet- based service providers. We have built key strategic relationships with industry leaders, issued more digital certificates to a broader base of customers than any other company and enabled the interoperability of our digital certificates in a broad variety of Internet software applications and networking and security hardware. We have invested significant resources in developing our comprehensive trust infrastructure. We intend to leverage this leadership position to drive further adoption and deployment of our digital certificate services across industries such as telecommunications, financial services, healthcare, government and manufacturing. In addition, we intend to maintain our first-to-market position by applying our knowledge and experience to new services that will leverage our trusted infrastructure and which we believe will have significant market potential. . Leverage and Expand Our Strategic Relationships with Industry Leaders. We have established strategic relationships with industry leaders. We believe that these relationships, as well as others that we intend to pursue, will enable the widespread deployment of our Internet-based trust services by allowing us to capitalize on the brand recognition and broad customer bases of such strategic partners. For example, most Microsoft and Netscape browsers and certain Cisco routers are enabled to operate with our digital certificate services and each company prominently features VeriSign and our digital certificate services in their sales and marketing efforts. We believe that these types of relationships significantly enhance market awareness of VeriSign and provide a powerful endorsement of our digital certificate services. Certain of our strategic relationships also involve joint marketing activities which enhance our ability to target large customers and expand overall brand awareness. We intend to pursue additional strategic relationships that we believe will enhance the marketing and distribution of our digital certificate services. . Maintain Our Leadership in Technology, Infrastructure and Practices. We have developed technical, operational and procedural expertise for the widespread implementation of secure digital certificate solutions. We intend to continue to enhance our technology, infrastructure and distributed product architecture to provide digital certificate solutions for a variety of industries. This includes our recently 35 released solutions targeted at major electronic commerce and communication service providers with extremely high volume digital certificate issuance requirements. In order to ensure the alignment of our technology with emerging trends, we actively participate in industry consortia, standards- setting organizations and other trade groups. In addition, we are continually enhancing our internal "best practices" and controls to maintain the physical security of our facilities, ensure quality in the execution of our operations, verify the quality and consistency of our services and promote the global acceptance of our digital certificate solutions. . Continue to Build the VeriSign Brand. We will continue to promote the VeriSign brand as synonymous with trusted and secure electronic commerce and communications over IP networks. In order to accelerate the acceptance and penetration of our Internet-based trust services, we have developed joint marketing relationships with brand leaders and intend to pursue additional relationships with entities whose brands are well known and widely respected. We also utilize a variety of marketing programs to promote market awareness of VeriSign and the VeriSign brand. . Expand Our Global Marketing and Distribution. We will continue to expand our global marketing and distribution efforts to address the range of markets and applications for Internet-based trust services. We intend to add direct sales personnel and expand indirect channels, both in the U.S. and abroad. We have leveraged our technology infrastructure to establish digital certificate processing or service centers to date in France, Japan, South Africa, Taiwan and the U.K. We have recently entered into an agreement to establish an additional center in Germany. We are aggressively pursuing additional international opportunities throughout Europe, Asia and Latin America. We believe that this strategy affords the opportunity to create a global VeriSign Trust Network of digital certificate service providers operating under common technology, operations and legal practices to provide the standard for global interoperability. Trust Services VeriSign's Internet-based trust services are built upon its proprietary WorldTrust software platform, scalable operations infrastructure and comprehensive security and trust practices. Our secure data centers, designed to provide carrier-class reliability with advanced security procedures, allow the issuance and management of millions of digital certificates. Furthermore, because we have worked with industry leaders to embed our digital certificate interface technology into a wide range of software applications and network equipment, such as Netscape and Microsoft browsers and servers and Cisco routers, our services are interoperable with a wide range of IP-based applications. By providing a trusted platform for commerce and communications, we are able to offer services to customers with a wide range of needs. Our service offerings are targeted towards three primary areas: Website Digital Certificate services, Enterprise Digital Certificate services and VeriSign Affiliate Certificate services. Website Digital Certificate Services VeriSign's family of Website Digital Certificate services allows organizations to implement and operate secure websites that utilize the SSL protocol to establish their identity to customers and other websites during electronic commerce transactions and communications over the Internet. Prior to issuing a digital certificate for a website's server, we establish the authenticity of the website through a series of background checks, including corroborating an organization's authority to do business under a given name and their authority to operate a server with a specific domain name or URL. These practices protect organizations against another entity impersonating their identity and allow online visitors and customers to conduct private transactions and communications. Without a digital certificate installed on the website server the SSL protocol cannot be utilized. Our Website Digital Certificate services are utilized by a broad range of merchant, financial and government websites as well as for intranet applications. We currently offer several distinct versions of our website digital certificate services, each differentiated by the target application of the server that hosts the digital certificate. 36 . Secure Server digital certificates constitute the core service offering and enable websites to implement basic SSL security features between their sites and individual end-user browsers. . Global Server digital certificates allow U.S. corporations and certain global financial services enterprises to offer stronger 128-bit encrypted SSL sessions between their websites and specially configured end-user browsers from Netscape and Microsoft. . Financial Server digital certificates are used by financial institutions for authentication of their websites and to enable the secure exchange of data between these organizations and home banking, brokerage or insurance customers. . EDI Server digital certificates are designed for organizations or individuals who participate in large online trading networks, support a variety of Electronic Data Interchange (EDI) standards and potentially require each transaction to be digitally signed to ensure non- repudiation. . Content Signing digital certificates enable content providers, publishers and vendors to digitally sign their content or Internet subscription "channels" in order to ensure authenticity and integrity of the content delivered to end-users. Our Website Digital Certificate services are offered on an annual subscription basis for prices between $250 and $1,200 per server per year, depending on the version of digital certificate requested and the overall volume of website digital certificates used by the customer. Customers can subscribe to the Website Digital Certificate services through the VeriSign website, through selected international service providers or through VeriSign's Enterprise Digital Certificate services. Enterprise Digital Certificate Services VeriSign's Enterprise Digital Certificate services, sold predominantly under the VeriSign OnSite brand, are tailored to meet the specific needs of corporations, financial institutions, government agencies and other organizations that wish to issue digital certificates to employees, customers, citizens or trading partners. Our OnSite service is designed to support a wide range of digital certificate needs for both small and large user communities. OnSite can be used by customers to provide digital certificates for a variety of applications, including: controlling access to sensitive data and account information, enabling digitally-signed e-mail, creating an online electronic trading community, managing supply chain interaction or facilitating and protecting online credit card transactions. The OnSite service is designed to offer customers ease of use at a low initial investment combined with broad flexibility and scalability. OnSite services vary based on the nature and complexity of the application and the degree of control customers desire to maintain. To expand and complement OnSite, VeriSign's professional services group employs experts in digital certificate architecture and application integration. Our professional services group provides a variety of design, development and implementation services. These services include integration with existing applications and databases, consulting on policies and procedures related to the management and deployment of digital certificates, training classes on the latest developments in security technology and the selection of enabled software and hardware to complement a digital certificate solution. The OnSite service is offered as an annual subscription service with pricing dependent upon the number of users to be supported, the complexity of the applications and the number of additional services provided. Pricing typically ranges from $10,000 to $500,000 per year. Customers can subscribe to the OnSite service through the VeriSign website, the direct sales force, selected international service providers or system integrators. VeriSign Affiliate Certificate Services VeriSign Affiliate Certificate Services are targeted at a wide variety of organizations that provide large-scale electronic commerce and communications services over IP networks. Examples include telecommunications companies, Internet Service Providers, or ISPs, financial and other professional services firms and businesses 37 that operate Internet-based "communities of interest," such as a web portal. These companies typically desire to offer digital certificate services to their customers under either the VeriSign brand or a co-branding relationship. In many cases, these digital certificate services are integrated with other value-added services offered by the organization. For example, an ISP may offer website digital certificates in conjunction with its website hosting services for small and medium size businesses, while a community of interest operator may offer digital certificates to each member of the community in order to support user authentication and secure messaging services. VeriSign designates these types of organizations "VeriSign Affiliates" and provides them with a combination of technology, support and marketing services to facilitate their initial deployment and on-going delivery of digital certificate services. VeriSign Affiliate Certificate Services are delivered through either the VeriSign Service Center or VeriSign Processing Center offerings. Both offerings are based on the WorldTrust software platform and enable a licensed VeriSign Affiliate to offer one or more types of digital certificate services. VeriSign Service Center. The VeriSign Service Center provides a VeriSign Affiliate with all of the capabilities needed to perform subscriber enrollment and authentication, digital certificate issuance, directory hosting, customer support, billing integration and report generation from within their facilities while leveraging VeriSign's secure data centers for back-end processing. VeriSign Processing Center. The VeriSign Processing Center provides a VeriSign Affiliate with all of the capabilities of the Service Center plus the WorldTrust modules required to perform all certificate processing functions from within their own secure data center. VeriSign also provides each VeriSign Affiliate with the appropriate business readiness services to facilitate the efficient and timely roll-out of their digital certificate offerings. These readiness services may include Service or Processing Center installation and integration services, facility and network design consulting, technical and customer support documentation and training, sales and marketing support, operating practice templates and local market customization. VeriSign Affiliates that agree to conform to certain standards are also offered membership in the global VeriSign Trust Network, an international network of digital certificate service providers that operate with common technology, infrastructure and practices to enable digital certificate interoperability on a worldwide basis. Current VeriSign Trust Network members include BT in the U.K., CertPlus in France, Acer HiTrust in Taiwan, VeriSign Japan in Japan, and the South African Certification Authority (SACA) in South Africa. VeriSign has also recently entered into a similar agreement with an organization in Germany. VeriSign Affiliates typically enter into a technology licensing and revenue sharing agreement with VeriSign whereby VeriSign receives up-front licensing fees for the Service Center or Processing Center technology, as well as ongoing royalties for each digital certificate issued by the VeriSign Affiliate. Initial licensing fees typically range from $250,000 to $2 million, and royalties can range from 20% to 50% of the net revenue received by the VeriSign Affiliate for each digital certificate. 38 Customers and Markets VeriSign has a broad customer base from a variety of industry groups that require trusted and secure electronic commerce and communications over IP networks. Following is a representative list of customers that have purchased VeriSign's services: Administration VISA accounted for approximately 21% of our revenues in 1996 and 10% of our revenues in 1997. No other customer accounted for 10% or more of our revenues during 1995, 1996 or 1997. No customer accounted for 10% or more of our revenues during the first nine months of 1998. VISA accounted for 12% of our revenues for the first nine months of 1997. The following examples illustrate how certain organizations use our Internet-based trust services to enable trusted and secure electronic commerce and communications. These customers have purchased VeriSign OnSite, integration modules and professional services from VeriSign and are able to issue digital certificates to their clients, customers or employees to communicate and conduct transactions over IP networks. Banking. A large U.S.-based bank provides a variety of services for consumers, corporations and governments. The bank is utilizing IP networks and digital certificates to provide its services to existing customers as well as reaching new customers where physical branch locations do not exist. These services include cash management and treasury applications for its corporate clients, consumer-based home banking services for its customers and secure e- mail for its employees over the Internet. We believe that providing such services securely over IP networks will allow the bank to generate additional revenue, reduce operating costs and improve customer service. Global Automobile Manufacturer. A global automobile manufacturer intends to use IP networks and digital certificates for a variety of applications including: automating its requisition systems to eliminate paperwork; providing single sign-on capabilities to employees for all its disparate computer systems; participation in the Automotive Network Exchange enabling electronic transactions with global automotive parts suppliers; and connecting its retail dealer network to a centralized information system providing order information and inventory status. Global Semiconductor Manufacturer. A global semiconductor manufacturer intends to use IP networks and digital certificates for a variety of applications including: enabling customers to check order status; providing 39
Financial Services Telecommunications Manufacturing/Transportation American Skandia AT&T CSX Insurance BellSouth Eastman Kodak Barclay's Bank British Ford Motor Company Bank of America Telecommunications Gillette Deutsche Bank Japan Communication Miller Brewing First Union Bank MCI--Worldcom Company First USA Paymentech NTT Communications United Parcel Merrill Lynch US West Service Morgan Stanley Dean Witter Royal Bank of Canada Technology Government Sumitomo Bank EDS Department of TransUnion Hewlett-Packard Agriculture VISA Intuit Department of Netscape Justice NEC Federal Bureau of NTT Data Investigation Texas Instruments Internal Revenue Service National Security Agency Patent & Trademark Office Social Security Administration U.S. Army Veteran's customers and design consultants secure remote access to its proprietary design tools for the design of application specific integrated circuits; the integration of its logistics management software with a web-based interface enabling centralized monitoring of its global manufacturing operations; and the implementation of secure e-mail for all of that company's global employees. Technology VeriSign employs a modular set of software applications and toolkits, which collectively make up its proprietary WorldTrust platform, as the core platform for all of its Internet-based trust services. The modular design of the WorldTrust platform enables our trust services to be distributed over one or many co-located or dispersed computer systems, allowing certain functions of the certification process, such as registration, authentication, issuance, revocation, renewal or replacement, to be deployed at customer or affiliate locations while maintaining a secure and reliable link to one of our secure data centers for back-end processing. These modules can also be replicated in order to handle increased volumes of digital certificates. Digital certificate service modules incorporated in the WorldTrust platform include: Subscriber Services Module. Our subscriber services module supports requests for digital certificate issuance, revocation, renewal and replacement. Software toolkits are provided to permit rapid customization and integration of digital certificate services with a customer's business-specific web-based solutions. Authentication Services Module. Our authentication services module supports manual, automated and delegated authentication of subscribers by designated sources prior to digital certificate issuance. We provide software toolkits and programming interfaces to allow for integration with various process models and database systems. Administration and Support Modules. Our administration and support modules provide lifecycle services such as digital certificate revocation, renewal and reissuance, as well as a customer support knowledge base to facilitate general reporting of CA activity, and web-based and e-mail-based support for customers and end users. Directory Services Module. Our directory services module utilizes database applications typically hosted at one of our secure data centers to support the storage of and access to digital certificates and associated information for a particular customer. VeriSign OnSite customers and our affiliates can also download updated copies of their directory information to their systems. Service Control Module. Our service control module is hosted at one of our secure data centers and acts as a gatekeeper, decoding and routing all digital certificate service requests based on customer type, application type, security protocol, authentication policies, certificate content and billing rules. This module utilizes a proprietary, data-driven programming model to define each service and dispatch the appropriate control and error commands to other modules. Digital Certificate Processing Module. Our digital certificate processing module is hosted at one of our secure data centers and creates digital certificates with digital signatures on each certificate, delivers digital certificates to subscribers and stores a copy of each digital certificate for archive, audit and directory purposes. Infrastructure VeriSign believes that its highly reliable and scalable operations infrastructure represents a strategic advantage in providing Internet-based trust services. Our secure data centers are located in Mountain View, California and Kawasaki, Japan. Our international affiliates also operate secure data centers in their geographic areas. These centers operate on a 24 hour, 7 days per week basis and support all aspects of our Internet-based trust services. VeriSign guarantees that a customer's services are operational on a 24 hour, 7 days per week basis, except for scheduled downtime. By leveraging our WorldTrust platform, we can distribute certain functionality 40 of our secure data centers in optimum configurations based on customer requirements for availability and capacity. Key features of our infrastructure include: Distributed Servers. We deploy a large number of high-speed servers to support capacity and availability demands. We can add additional servers to support increases in digital certificate volumes, new services introductions, new customers and higher levels of redundancy without service interruptions or response time degradation. The WorldTrust platform provides automatic fail- over, load balancing and threshold monitoring on critical servers. Advanced Telecommunications. We deploy and maintain redundant telecommunications and routing hardware and maintain high-speed connections to multiple ISPs and throughout our internal network to ensure that our mission critical services are readily accessible to customers at all times. Network Security. We incorporate advanced architectural concepts such as protected domains, restricted nodes and distributed access control in our system architecture. We have also developed proprietary communications protocols within and between the WorldTrust platform modules that we believe can prevent most known forms of electronic attacks. In addition, we employ the latest network security technologies including firewalls and intrusion detection software, and contract with security consultants who perform periodic attacks and security risk assessments. We will continue to evaluate and deploy new technological defenses as they become available. See "Risk Factors--System Interruptions and Security Breaches Could Harm Our Business." Call Center and Help Desk. We provide a wide range of customer support services through a phone-based call center, e-mail help desk and web-based self-help system. Our call center is staffed from 5 a.m. to 6 p.m. PST and employs an automated call director system. The web-based support services are available on a 24 hour, 7 days per week basis, utilizing customized auto response systems to provide self-help recommendations and a staff of trained customer support agents. Disaster Recovery Plans. Although we believe our operations facilities are highly resistant to systems failure and sabotage, we have developed a disaster recovery and contingency operation plan. We also have an agreement with Comdisco Corporation to provide replication of customer data, facilities and systems at another site so that all of our services can be re-instated within 24 hours of a failure. In addition, all of our digital certificate services are linked to advanced storage systems that provide data protection through techniques such as mirroring and replication. See "Risk Factors--System Interruption and Security Breaches Could Harm Our Business." International Affiliates. VeriSign's international affiliates are required to build, implement and maintain their infrastructure according to VeriSign's requirements. VeriSign currently has affiliates located in France (CertPlus), Japan (VeriSign Japan), South Africa (SACA), Taiwan (Acer HiTrust) and the United Kingdom (BT). We have also recently entered into an agreement with an affiliate in Germany. Security and Trust Practices VeriSign believes that its perceived level of trustworthiness will continue to be a significant determining factor in the acceptance of its Internet-based trust services. We believe that our reputation as a trusted party is based, to a large extent, on both the security of our physical infrastructure and the special practices used in our operations, which include our secure data centers incorporating state-of-the-art physical and network security. We believe we have established a leadership role in defining and adhering to industry-endorsed trust practices and policies, a role we believe enhances our perceived trustworthiness as a provider of Internet-based trust services. Over the past three years, we have invested, and continue to invest, capital and human resources in the following key areas: Employees. We use stringent hiring and personnel management practices for all operations and certain engineering personnel as well as all executive management. We utilize a licensed private investigation firm to 41 conduct background checks into potential employees' criminal and financial histories and conduct periodic investigations of such personnel on an ongoing basis. Security Monitoring Systems. We have sophisticated access control and monitoring systems that help prevent unauthorized access to secure areas and provide 24 hour, 7 days per week monitoring and logging of activities within our facilities. These systems include electronic key and biometric access control devices, video monitoring and recording devices, deployment and automatic arming of motion detectors, glass breakage detectors and remote alarm system monitoring. Site Construction. Our secure data centers have been built using construction techniques modeled after U.S. Army specifications for facilities accredited to handle classified information and contain a robust set of physical and environmental defenses. These defenses include double layer, slab-to-slab wall design, self-closing and locking metal doors at all secure entrances, man traps, tamper proof enclosures for cryptographic materials and fire prevention systems. Back-up Power Systems. We have invested in back-up power systems that automatically activate in the event of a failure in our primary power sources. These include uninterruptible power supply systems and a diesel generator and fuel supply. To ensure reliability, these systems are tested on a periodic basis. Audits. Our Practices and External Affairs Department periodically performs, and retains accredited third parties to perform, audits of our operational procedures under both internally-developed procedures and externally- recognized standards. Practices. Our Practices and External Affairs Department is responsible for the development of VeriSign's practices for issuing and managing digital certificates. These practices are set forth in our Certification Practice Statement, which we provide in order to assure potential customers and strategic partners as to the trustworthiness of our Internet-based trust services. The Practices and External Affairs Department is also responsible for our accountability and security controls and regularly monitors all aspects of our secure data centers. Policy Making Activities. The Practices and External Affairs Department also takes a leading role in a variety of organizations that are defining standards for trusted and secure electronic commerce and communications over IP networks. For example, we actively participate in the United Nations Commission on International Trade Law, which created the United Nations Model Law on Electronic Commerce, the American Bar Association's Information Security Committee, Section of Science and Technology, which has drafted digital signature guidelines, the International Chamber of Commerce ETERM Working Party, which is chaired by VeriSign's Vice President of Practices and External Affairs, and the U.S. State Department Advisory Committee on Electronic Commerce. Strategic Relationships VeriSign has established strategic relationships with leading companies across a number of industry segments. We currently maintain strategic relationships with AT&T, BT, Cisco, Microsoft, Netscape, Network Associates, Security Dynamics and VISA. AT&T. We have an agreement with AT&T in which AT&T offers our digital certificates in conjunction with AT&T's Internet services. AT&T acts as a CA and issues digital certificates on a co-branded basis. British Telecommunications. BT is a member of our international affiliate program. BT issues digital certificates and provides a range of services for secure Internet access and electronic commerce on a co-branded basis. With our support, BT has established CA infrastructure in the U.K., including the creation of a secure data center that adheres to our site construction specifications. We have agreed to collaborate to develop legal practices and policies to maintain compliance with U.K. and European-based regulations and standards as they emerge. 42 Cisco. Our technology is incorporated in Cisco's Internetwork Operating System through the use of the jointly developed Certificate Request Syntax (CRS) protocol, which enables digital certificate functionality in a variety of Cisco's networking products. As a result, IP networks utilizing Cisco network devices such as routers and firewalls support applications that rely on VeriSign digital certificates for authentication and network management. We also engage in a variety of joint marketing efforts with Cisco. Cisco is one of our stockholders. Microsoft. We work with Microsoft to develop, promote and distribute a variety of client-based and server-based digital certificate services and we have been designated as the preferred provider of digital certificates for Microsoft customers. Our technology has been embedded in Microsoft's Internet Explorer since version 2.0, allowing users to uniquely identify themselves to web servers and securely access information over the Internet. In addition, users can easily obtain their own digital certificate for use with Explorer by registering on our website for our digital certificates. We also provide Secure Server digital certificates for Microsoft's Internet Information Server product. VeriSign's services can be used in conjunction with Microsoft Outlook 98 to enable the delivery of secure email in extranet applications. In addition, in September 1998, VeriSign and Microsoft announced plans for enhanced integration of our digital certificate services with Microsoft Exchange Server 5.5. The new capability offers a secure email extranet "gateway" service which will allow Exchange Server customers to issue and manage digital certificates within the global VeriSign Trust Network. VeriSign and Microsoft also jointly promote a set of technologies and security policies for the secure authentication and distribution of software over the Internet and engage in other joint marketing activities. Microsoft is one of our stockholders. Netscape. We work with Netscape on a variety of technology projects and joint marketing activities. Our technology has been embedded in Netscape's Navigator since version 1.1 and in Netscape's Communicator since version 4.0. We also have an agreement with Netscape that provides that Netscape feature us as a premier provider of digital certificates on the Netscape website and also provides for VeriSign to have a first right of participation for any new Netscape products incorporating digital certificate technology. Users of Netscape browsers can easily enroll for standard VeriSign digital certificates using Netscape products. Netscape's SuiteSpot product, including versions with 128-bit encryption capabilities, can also utilize our Secure Server and Global Server digital certificates. We also support Netscape's object-signing technology, enabling software developers to digitally sign Java and JavaScript objects in order to authenticate the developer's identity and assure end users that the downloaded objects have not been tampered with or modified. Network Associates. We have a strategic relationship with Network Associates with the goal of enabling cross product support and promotion of each company's digital certificate-based enterprise security solutions. Network Associates' Net Tools Secure products will be able to communicate securely with each other using our Internet-based trust services and will be enabled to automatically administer the essential functions of running a digital certificate infrastructure. Our digital certificate services will be used with Network Associates' applications to allow customers to deploy and manage a security solution in which their firewalls, security vulnerability scanners, encryption applications and virtual private network products are integrated to more effectively prevent security breaches. Customers utilizing this joint product integration will be able to use our services to manage digital certificates for Network Associates' Net Tools Secure product suite, thereby allowing enterprise customers to establish themselves as a CA. We also engage in a variety of joint marketing efforts with Network Associates. We currently have no written agreement with Network Associates. Security Dynamics. We have an agreement with Security Dynamics under which Security Dynamics will incorporate custom digital certificate technology developed by VeriSign into Security Dynamics' future products. Security Dynamics has also agreed to be a reseller of certain VeriSign OEM technology. We believe Security Dynamics is a market leader in enterprise security and that, by including our technology in Security Dynamics' products, we will have a broader potential market for our digital certificate services. Security Dynamics, through a controlled entity, holds more than 5% of our common stock. See "Certain Transactions" and "Principal and Selling Stockholders." VISA. We have an agreement with VISA under which we provide SET digital certificate services to VISA on behalf of its member banks, enabling them to offer branded SET-compliant digital certificates to their cardholders and merchants. VISA is a stockholder of VeriSign. 43 Marketing, Sales and Distribution Marketing VeriSign utilizes a variety of marketing programs to increase brand awareness. In addition to joint marketing arrangements, we also engage in a variety of direct marketing programs focused on owners of web servers, home and business PC users and enterprise professionals in mid-sized and large organizations. We address these customers through outbound e-mail, telemarketing and printed mail campaigns to stimulate product trial, purchase and usage. We also use banner ads that link to our website and participate in industry-specific events, trade shows, executive seminars, industry association activities and various national and international standards bodies. Sales and Distribution VeriSign markets its Internet-based trust services worldwide through multiple distribution channels. These sales and service groups are based in our headquarters in Mountain View, California, and in several field offices in the United States. We also market our Internet-based trust services through other distribution channels, including telesales, VARs, systems integrators and our affiliates. Outside the United States, VeriSign markets its Internet-based trust services directly over the Internet and through reseller and affiliate relationships--the global VeriSign Trust Network. Except for VeriSign Japan, the members of the global VeriSign Trust Network sell and support VeriSign Internet-based trust services both within their local countries and certain other foreign countries where we do not operate through a direct sales subsidiary. In Japan, we market our Internet-based trust services through VeriSign Japan, which maintains a secure data center in Kawasaki, Japan, and employed 27 persons as of September 30, 1998. Revenues from VeriSign Japan and other international customers were 4% in 1996, 9% in 1997 and 11% for the first nine months of 1998, respectively. See Note 12 of the Notes to the Consolidated Financial Statements of this prospectus for a summary of operations by geographic region. Internet Sales. VeriSign distributes many of its Internet-based trust services through its website. We believe that Internet distribution is particularly well-suited for sales of certain of our website authentication products and Internet-based trust services. We also use our website to assist in disseminating services information and in generating services trials. Direct Sales. VeriSign's direct sales force targets mid-sized and large corporations, financial institutions, commercial Web sites and federal and state government agencies. We believe that these organizations have a substantial installed base of PCs, web servers, IP networks and high-speed access to the Internet and are most likely to be able to benefit quickly from the use of digital certificates. The direct sales force also targets international organizations that we believe are the most suitable to act as VeriSign affiliates. As of September 30, 1998, we had 90 direct sales and sales support employees in the United States, while the international direct sales and sales support groups consisted of 14 employees. Telesales. During 1998 we commenced our own internal telemarketing operation that is responsible for customer prospecting, lead generation and lead follow- up. This marketing activity qualifies leads for further follow up by the direct sales force or inside sales team or leads the prospect to our website so that the prospect can access information and enroll for our Internet-based trust services. VARs and Systems Integrators. VeriSign works with VARs and systems integrators to package and sell its Internet-based trust services. We also have a VeriSign Business Partner Program that allows ISPs to offer Secure Server digital certificates as an integral part of their secure web hosting services. Research and Development We believe that our future success will depend in large part on our ability to continue to maintain and enhance our current technologies and Internet- based trust services. To this end, we leverage the modular nature 44 of our WorldTrust platform to enable us to develop enhancements rapidly and to deliver complementary new Internet-based trust services. In the past, we have developed Internet-based trust services both independently and through efforts with leading application developers and major customers. We have also, in certain circumstances, acquired or licensed technology from third parties, including public key cryptography technology from RSA. Although we will continue to work closely with developers and major customers in our development efforts, we expect that most of our future enhancements to existing services and new Internet-based trust services will be developed internally. As of September 30, 1998, VeriSign had 66 employees dedicated to research and development. We also employ independent contractors for documentation, usability, artistic design and editorial review. Research and development expenses were $642,000 in the period from our inception to December 31, 1995, $2.1 million in 1996, $5.3 million in 1997 and $6.2 million in the first nine months of 1998. To date, all development costs have been expensed as incurred. We believe that timely development of new and enhanced Internet-based trust services and technology are necessary to remain competitive in the marketplace. Accordingly, VeriSign intends to continue recruiting and hiring experienced research and development personnel and to make other investments in research and development. The market for digital certificate products and related services is an emerging market characterized by rapid technological developments, frequent new product introductions and evolving industry standards. The emerging nature of this market and its rapid evolution will require that we continually improve the performance, features and reliability of our Internet-based trust services, particularly in response to competitive offerings and that we introduce new Internet-based trust services or enhancements to existing Internet-based trust services as quickly as possible and prior to our competitors. The success of new introductions is dependent on several factors, including proper new definition, timely completion and introduction of new services, differentiation of new services from those of our competitors and market acceptance of our new Internet-based trust services. There can be no assurance that we will be successful in developing and marketing new Internet- based trust services that respond to competitive and technological developments and changing customer needs. Our failure to develop and introduce new Internet-based trust services successfully on a timely basis and to achieve market acceptance for such Internet-based trust services could have a material adverse effect on our business, operating results and financial condition. In addition, the widespread adoption of new Internet, networking or telecommunication technologies or standards or other technological changes could require that we make substantial expenditures to modify or adapt our Internet-based trust services. To the extent that a specific method other than digital certificates is adopted to enable trusted and secure electronic commerce and communications over IP networks, sales of VeriSign's existing and planned Internet-based trust services would be adversely affected and our Internet-based trust services could be rendered unmarketable or obsolete, which would have a material adverse effect on our business, operating results and financial condition. We believe that there is a time-limited opportunity to achieve market share. We may not be successful in achieving widespread acceptance of our Internet-based trust services or in achieving market share before competitors offer products and services with features similar to our current offerings. Any such failure by us could materially harm our business. See "Risk Factors--Technological Changes Will Affect Our Business." Customer Support We believe that a high level of customer support for customers as well as end users of digital certificates is necessary to achieve acceptance of our Internet-based trust services. We provide a wide range of customer support services through a staff of customer service personnel, call center, e-mail help desk and a web-based self-help system. Since we first introduced our Internet-based trust services over three years ago, we have developed a substantial knowledge base of customer support information based on our customer interactions and we believe that this offers us a competitive advantage. Our call center is staffed from 5 a.m. to 6 p.m. PST and employs an automated call director system to provide self-help services and, if necessary, to route support calls to available support personnel. We also offer web-based support services that are available on a 24 hour, 7 days 45 per week basis and that are frequently updated to improve existing information and to support new services. Our e-mail customer support service utilizes customized auto response systems to provide self-help recommendations and also utilizes a staff of trained customer support agents who typically respond to customer inquiries within 24 hours. As of September 30, 1998, we had 79 employees in our customer support organization. We also employ technical support personnel who work directly with our direct sales force, distributors and customers of our electronic commerce and enterprise solutions. Our annual maintenance agreements for our electronic commerce and enterprise solutions include technical support and upgrades. We also provide training programs for enterprise customers of our Internet-based trust services. Competition Our Internet-based trust services are targeted at the new and rapidly evolving market for trusted and secure electronic commerce and communications over IP networks. Although the competitive environment in this market has yet to develop fully, we anticipate that it will be intensely competitive, subject to rapid change and significantly affected by new product and service introductions and other market activities of industry participants. Our principal competitors generally fall within one of three categories: (1) companies such as Entrust Technologies which offer software applications and related digital certificate products that customers operate themselves; (2) companies such as Digital Signature Trust Company (a subsidiary of Zions Bancorporation) that primarily offer digital certificate and CA related services; and (3) companies focused on providing a bundled offering of products and services such as GTE CyberTrust and IBM (working jointly with Equifax). We also experience competition from a number of smaller companies, and we believe that our primary long-term competitors may not yet have entered the market. Netscape has introduced software products that enable the issuance and management of digital certificates, and we believe that other companies could introduce such products. Additional companies could offer digital certificate solutions that are competitive with ours. Several of our current and potential competitors have longer operating histories and significantly greater financial, technical, marketing and other resources than we do and therefore may be able to respond more quickly than we can to new or changing opportunities, technologies, standards and customer requirements. Many of these competitors also have broader and more established distribution channels that may be used to deliver competing products or services directly to customers through bundling or other means. If such competitors were to bundle competing products or services for their customers, the demand for our products and services might be substantially reduced and our ability to distribute our products successfully and the utilization of our services would be substantially diminished. In addition, browser companies that embed our interface technologies or otherwise feature VeriSign as a provider of digital certificate solutions in their web browsers or on their websites could also promote our competitors or charge VeriSign substantial fees for such promotions in the future. New technologies and the expansion of existing technologies may increase the competitive pressures on us. There can be no assurance that competing technologies developed by others or the emergence of new industry standards will not adversely affect our competitive position or render our Internet-based trust services or technologies noncompetitive or obsolete. In addition, the market for digital certificates is nascent and is characterized by announcements of collaborative relationships involving our competitors. The existence or announcement of such relationships could adversely affect our ability to attract and retain customers. As a result of the foregoing and other factors, we may not be able to compete effectively with current or future competitors and competitive pressures that we face could materially harm our business. In connection with our first round of financing, RSA contributed certain technology to us and entered into a noncompetition agreement with us pursuant to which RSA agreed that it would not compete with our CA business for a period of five years. This noncompetition agreement will expire in April 2000. We believe that, because RSA, which is now a wholly-owned subsidiary of Security Dynamics, has already developed expertise in the area of cryptography, its barriers to entry would be lower than those that would be encountered by our 46 other potential competitors should it choose to enter any of our markets. If RSA were to enter into the digital certificate market, our business could be materially harmed. Intellectual Property We rely primarily on a combination of copyrights, trademarks, trade secret laws, restrictions on disclosure and other methods to protect our intellectual property and trade secrets. We also enter into confidentiality agreements with our employees and consultants, and generally control access to and distribution of our documentation and other proprietary information. Despite these precautions, it may be possible for a third party to copy or otherwise obtain and use our intellectual property or trade secrets without authorization. In addition, there can be no assurance that others will not independently develop substantially equivalent intellectual property. There can be no assurance that the precautions we take will prevent misappropriation or infringement of our technology. We have also filed five applications for patents with respect to certain of our technology. However, the U.S. Patent and Trademark Office may not award any patents with respect to these applications. Even if patents are issued, they may not adequately protect this technology from infringement or prevent others from claiming our technology infringes that of third parties. Our failure to protect our intellectual property in a meaningful manner could materially harm our business. In addition, litigation may be necessary in the future to enforce our intellectual property rights, to protect our trade secrets or to determine the validity and scope of the proprietary rights of others. Such litigation could result in substantial costs and diversion of management and technical resources, either of which could materially harm our business. We also rely on certain licensed third-party technology, such as public key cryptography technology licensed from RSA and other technology that is used in our Internet-based trust services to perform key functions. In particular, RSA has granted VeriSign a perpetual, royalty free, nonexclusive, worldwide license to distribute Internet-based trust services we develop that contain or incorporate the RSA BSAFE and TIPEM products and that relate to digital certificate issuing software, software for the management of private keys and for digitally signing computer files on behalf of others, software for customers to preview and forward digital certificate requests to us, or such other services that, in RSA's reasonable discretion, are reasonably necessary for the implementation of a digital certificate business. Our agreement with RSA also requires RSA to provide us maintenance and technical support for these services. RSA's BSAFE product is a software tool kit that allows for the integration of encryption and authentication features into software applications. TIPEM is a secure e-mail development tool kit that allows for secure e-mail messages to be sent using one vendor's e-mail product and read by another vendor's e-mail product. These third-party technology licenses may not continue to be available to VeriSign on commercially reasonable terms or at all. The loss of any of these technologies could materially harm our business. Moreover, in our current license agreements, the licensor has agreed to defend, indemnify and hold VeriSign harmless with respect to any claim by a third party that the licensed software infringes any patent or other proprietary right. Although these licenses are fully paid, there can be no assurance that the outcome of any litigation between the licensor and a third party or between VeriSign and a third party will not lead to obligations for us to pay royalties for which we are not indemnified or for which such indemnification is insufficient, or that we will be able to obtain any additional license on commercially reasonable terms or at all. In the future, we may seek to license additional technology to incorporate in our Internet- based trust services. Third party technology licenses that we may need to obtain in the future may not be available to us on commercially reasonable terms or at all. The loss of or inability to obtain or maintain any of these technology licenses could result in delays in introduction of our Internet- based trust services until equivalent technology, if available, is identified, licensed and integrated. This could materially harm our business. From time to time, we have received, and may receive in the future, notice of claims of infringement of other parties' proprietary rights. Infringement or other claims could be asserted or prosecuted against us in the future, and it is possible that past or future assertions or prosecutions could harm our business. Any such claims, with or without merit, could be time-consuming, result in costly litigation and diversion of technical and management personnel, cause delays in the release of new Internet-based trust services or require us to develop non-infringing technology or enter into royalty or licensing agreements. Such royalty or licensing agreements, if 47 required, may not be available on terms acceptable to us, or at all. In the event of a successful claim of infringement against VeriSign and our failure or inability to develop non-infringing technology or license the infringed or similar technology on a timely basis, our business could be materially harmed. See "Risk Factors--There are Risks Related to Intellectual Property Rights." Employees As of September 30, 1998, VeriSign had 301 full-time employees. Of the total, 101 were employed in sales and marketing, 66 in research and development, 79 in customer support, five in practices and external affairs, four in federal markets and 46 in finance and administration, including information services personnel. We have never had a work stoppage, and no employees are represented under collective bargaining agreements. We consider our relations with our employees to be good. Our ability to achieve our financial and operational objectives depends in large part upon our continued ability to attract, integrate, train, retain and motivate highly qualified sales, technical and managerial personnel, and upon the continued service of our senior management and key sales and technical personnel, none of whom is bound by an employment agreement. Competition for such qualified personnel in our industry and geographical location in the San Francisco Bay Area is intense, particularly in software development and product management personnel. See "Risk Factors--We Depend on Key Personnel." Facilities VeriSign's principal administrative, sales, marketing, research and development and operations facilities are located in two adjacent buildings in Mountain View, California, where we occupy approximately 44,000 square feet under leases expiring in 2001. We have leased through June 30, 2005, additional office space contiguous to our headquarters that will be available for occupancy in the first quarter of 1999. We believe that with this additional space of approximately 52,000 square feet, our office space will be adequate to meet our needs for the foreseeable future. VeriSign also leases space for sales and support offices in Norcross, Georgia; Rosemont, Illinois; Linthicum, Maryland; Wakefield, Massachusetts; Novi, Michigan; Uniondale, New York; and Irving, Texas. In addition, we lease space in Kawasaki, Japan for our offices and secure data center and we lease space for sales and support in Upplands Vasby, Sweden. VeriSign's success is largely dependent on the uninterrupted operation of its secure data centers and computer and communication systems. See "Risk Factors--System Interruptions and Security Breaches Could Harm Our Business." 48 MANAGEMENT Executive Officers and Directors The following table sets forth certain information regarding the executive officers and directors of VeriSign as of December 31, 1998. - -------- Notes: (1) Member of the Compensation Committee (2) Member of the Audit Committee D. James Bidzos has served as Chairman of the Board of VeriSign since its founding in April 1995 and served as Chief Executive Officer of VeriSign from April 1995 to July 1995. He has also served as President and Chief Executive Officer of RSA since 1986. RSA was acquired by Security Dynamics in July 1996 and has been a wholly-owned subsidiary of Security Dynamics since that time. Mr. Bidzos has been an Executive Vice President and a director of Security Dynamics since its acquisition of RSA. Stratton D. Sclavos has served as President and Chief Executive Officer and as a director of VeriSign since he joined VeriSign in July 1995. From October 1993 to June 1995, he was Vice President, Worldwide Marketing and Sales of Taligent, Inc., a software development company that was a joint venture among Apple Computer, Inc., IBM and Hewlett-Packard. From May 1992 to September 1993, Mr. Sclavos was Vice President of Worldwide Sales and Business Development of GO Corporation, a pen-based computer company. Prior to that time, he served in various sales and marketing capacities for MIPS Computer Systems, Inc. and Megatest Corporation. Mr. Sclavos is also a director and a member of the compensation committee of Network Solutions, Inc. Mr. Sclavos holds a B.S. degree in Electrical and Computer Engineering from the University of California at Davis. Jagtar S. Chaudhry has served as Vice President and General Manager of Security Services of VeriSign since VeriSign acquired SecureIT in July 1998. Mr. Chaudhry founded SecureIT in January 1997 and served as its President and Chief Executive Officer until it was acquired by VeriSign. Prior to founding SecureIT, from January 1995, Mr. Chaudhry served as Vice President of Worldwide Marketing at IQ Software, a database reporting tools company. Mr. Chaudhry was the Vice President of Sales and Marketing--Software Products Group at Unisys from March 1993 to January 1995. Mr. Chaudhry holds a B.S. degree in Electrical Engineering from Institute of Technology, Varanasi, India and two M.S. degrees in Computer Engineering and Industrial Engineering, and an M.B.A. from the University of Cincinnati. Dana L. Evan has served as Vice President of Finance and Administration and Chief Financial Officer of VeriSign since she joined VeriSign in June 1996. From 1988 to June 1996, she worked as a financial consultant in the capacity of chief financial officer, vice president of finance or corporate controller for various public and private companies and partnerships, including VeriSign from November 1995 to June 1996, Delphi Bioventures, a venture capital firm, from 1988 to June 1995, and Identix Incorporated, a manufacturer of biometric identity 49
Name Age Position ---- --- -------- D. James Bidzos (1).............. 43 Chairman of the Board Stratton D. Sclavos.............. 37 President, Chief Executive Officer and Director Jagtar S. Chaudhry............... 40 Vice President and General Manager of Security Services Dana L. Evan..................... 39 Vice President of Finance and Administration and Chief Financial Officer Quentin P. Gallivan.............. 41 Vice President of Worldwide Sales Arnold Schaeffer................. 35 Vice President of Engineering Richard A. Yanowitch............. 42 Vice President of Marketing Timothy Tomlinson (2)............ 48 Secretary and Director William Chenevich (1)(2)......... 55 Director Kevin R. Compton (2)............. 40 Director David J. Cowan (1)............... 33 Directorverification and imaging products, from 1991 to August 1993. Prior to 1988, she was employed by KPMG LLP, most recently as a senior manager. Ms. Evan is a certified public accountant and holds a B.S. degree in Commerce with a concentration in Accounting and Finance from the University of Santa Clara. Quentin P. Gallivan has served as Vice President of Worldwide Sales of VeriSign since he joined VeriSign in October 1997. From April 1996 to October 1997, he was Vice President for Asia Pacific and Latin America of Netscape, a software company. Prior to that time, Mr. Gallivan was with General Electric Information Services, an electronic commerce services company, most recently as Vice President, Sales and Services for the Americas. Arnold Schaeffer has served as Vice President of Engineering of VeriSign since he joined VeriSign in January 1996. From March 1992 to December 1995, he was employed by Taligent, most recently as Vice President of Engineering, CommonPoint Products. Prior to working at Taligent, he served as a software engineer for Apple, Intellicorp and Hewlett-Packard. Mr. Schaeffer holds a B.S. degree in Information and Computer Science from the Georgia Institute of Technology and an M.B.A. degree from the University of California at Berkeley. Richard A. Yanowitch has served as Vice President of Marketing of VeriSign since he joined VeriSign in May 1996. From July 1995 to May 1996, he was a management consultant to private software companies. From 1989 to June 1995, he held a series of marketing positions with Sybase, Inc., a software company, most recently as Vice President of Corporate Marketing. Prior to that time, he held various sales, marketing and operating positions with The Santa Cruz Operation, Inc., Digital Equipment Corporation, Lanier Harris Corporation and Brooks International Corporation. Mr. Yanowitch holds a B.A. degree in History from Swarthmore College and an M.B.A. degree in Entrepreneurial Management and Marketing from Harvard Business School. Timothy Tomlinson has been Secretary and a director of VeriSign since its founding in April 1995. He has been a partner of Tomlinson Zisko Morosoli & Maser LLP, a law firm, since 1983. Mr. Tomlinson is also a director of Portola Packaging, Inc. and Oak Technology, Inc. Mr. Tomlinson holds a B.A. degree in Economics, an M.B.A. degree and a J.D. degree from Stanford University. William Chenevich has been a director of VeriSign since its founding in April 1995. He has been the Group Executive Vice President, Data Processing Systems of VISA, a financial services company, since October 1993. From May 1992 to October 1993, he was Executive Vice President and Chief Information Officer of Ahmanson Corporation, a financial services company. Mr. Chenevich holds a B.B.A. degree in Business and an M.B.A. degree in Management from the City College of New York. Kevin R. Compton has been a director of VeriSign since February 1996. He has been a general partner of Kleiner Perkins Caufield & Byers, a venture capital firm, since January 1990. Mr. Compton is also a director of Citrix Systems, Inc., Corsair Communications, Inc., Digital Generation Systems, Inc. and One World Systems, Inc. (formerly Global Village Communication, Inc.). Mr. Compton holds a B.S. degree in Business Management from the University of Missouri. David J. Cowan has been a director of VeriSign since its founding in April 1995. He has been a general partner of Bessemer Venture Partners, a venture capital investment firm, since August 1996. Mr. Cowan has also been a manager of Deer IV & Co. LLC, a venture capital investment firm, since August 1996. Previously he was an associate with Bessemer Venture Partners from August 1992 to August 1996. Mr. Cowan also served as President and Chief Executive Officer of Visto Corporation, a computer software and service firm, from August 1996 to April 1997, and as Chief Financial Officer of VeriSign from April 1995 to June 1996. Mr. Cowan is also a director of Worldtalk Communications Corporation. Mr. Cowan holds an A.B. degree in Mathematics and Computer Science and an M.B.A. degree from Harvard University. VeriSign's Amended and Restated Bylaws currently authorize no fewer than five and no more than seven directors. VeriSign's Board of Directors (the "Board") is currently comprised of six directors. One class of directors is elected by the stockholders at each annual meeting of stockholders to serve a three-year term or until 50 their successors are duly elected and qualified. The existing directors were elected pursuant to the provisions of the Stockholders' Agreement which has terminated. VeriSign's Amended and Restated Bylaws divide the Board into three classes, Class I, Class II and Class III, with members of each class serving staggered three-year terms. The Class I directors, Messrs. Sclavos and Tomlinson, will stand for reelection or election at the 1999 annual meeting of stockholders. The Class II directors, Messrs. Compton and Cowan will stand for reelection or election at the 2000 annual meeting of stockholders and the Class III directors, Messrs. Bidzos and Chenevich will stand for reelection or election at the 2001 annual meeting of stockholders. Executive officers are elected by, and serve at the discretion of, the Board. Board Committees The Board has established an Audit Committee to meet with and consider suggestions from members of management, as well as VeriSign's independent accountants, concerning the financial operations of VeriSign. The Audit Committee also has the responsibility to review audited financial statements of VeriSign and consider and recommend the employment of, and approve the fee arrangements with, independent accountants for both audit functions and for advisory and other consulting services. The Audit Committee is currently comprised of Messrs. Chenevich, Compton and Tomlinson. The Board has also established a Compensation Committee to review and approve the compensation and benefits for VeriSign's key executive officers, administer VeriSign's stock purchase, equity incentive and stock option plans and make recommendations to the Board regarding such matters. The Compensation Committee is currently comprised of Messrs. Bidzos, Chenevich and Cowan. Director Compensation Directors do not receive any cash fees for their service on the Board or any Board committee, but they are entitled to reimbursement of all reasonable out- of-pocket expenses incurred in connection with their attendance at Board and Board committee meetings. All Board members are eligible to receive stock options under VeriSign's stock option plans, and outside directors receive stock options pursuant to automatic grants of stock options under the 1998 Directors Stock Option Plan, or the Directors Plan. In October 1997, the Board adopted, and in January 1998 the stockholders approved, the Directors Stock Option Plan and reserved a total of 125,000 shares of VeriSign's common stock for issuance thereunder. As of December 31, 1998, options to purchase 37,500 shares of common stock had been granted under the Directors' Plan and 87,500 shares remained available for future grant. Members of the Board who are not employees of VeriSign, or any parent, subsidiary or affiliate of VeriSign, are eligible to participate in the Directors Plan. The option grants under the Directors Plan are automatic and nondiscretionary, and the exercise price of the options is 100% of the fair market value of the common stock on the date of grant. Each new director who is eligible to participate will initially be granted an option to purchase 15,000 shares on the date such director first becomes a director. These grants are referred to as "Initial Grants." On each anniversary of a director's Initial Grant or most recent grant if such director did not receive an Initial Grant, each eligible director will automatically be granted an additional option to purchase 7,500 shares if such director has served continuously as a member of the Board since the date of such director's Initial Grant or most recent grant if such director did not receive an Initial Grant. The term of such options is ten years. They will terminate seven months following the date the director ceases to be a director or, if VeriSign so specifies in the grant, a consultant of VeriSign (twelve months if the termination is due to death or disability). All options granted under the Directors Plan will vest as to 6.25% of the shares each quarter after the date of grant, provided the optionee continues as a director or, if VeriSign so specifies in the grant, as a consultant of VeriSign. Additionally, immediately prior to the dissolution or liquidation of VeriSign or a "change in control" transaction, all options granted pursuant to the Directors Plan will accelerate and will be exercisable for a period of up to six months following the transaction, after which period any unexercised options will expire. In July 1998, VeriSign granted to each of Messrs. Bidzos, Chenevich, Compton, Cowan and Tomlinson an option to purchase 7,500 shares of its common stock under the Directors Plan with an exercise price of $39.25 per share. Prior to the adoption of the Directors Plan, outside directors received stock options pursuant to automatic grants under the 1995 Stock Option Plan. In June 1997, VeriSign granted to each of Messrs. Bidzos, Compton, Cowan and Tomlinson an option to purchase 3,500 shares of common stock under VeriSign's 1995 Stock Option 51 Plan with an exercise price of $8.00 per share. In July 1996, VeriSign granted to each of Messrs. Bidzos, Chenevich, Compton, Cowan and Tomlinson an option to purchase 10,000 shares of common stock under VeriSign's 1995 Stock Option Plan with an exercise price of $8.00 per share. Compensation Committee Interlocks and Insider Participation Mr. Bidzos, a member of the Compensation Committee, is an Executive Vice President and a director of Security Dynamics. Mr. Bidzos and Security Dynamics, with its wholly-owned subsidiaries, together beneficially own approximately 16.5% of VeriSign's common stock. Mr. Bidzos also served as VeriSign's Chief Executive Officer from April to July 1995. See "Certain Transactions." No interlocking relationship exists between the Board or Compensation Committee and the board of directors or compensation committee of any other company, nor has any such interlocking relationship existed in the past. Executive Compensation The following table sets forth certain summary information concerning the compensation awarded to, earned by, or paid for services rendered to VeriSign in all capacities during 1997 and 1998 by VeriSign's Chief Executive Officer and the four most highly compensated executive officers, other than the Chief Executive Officer, who were serving as executive officers at the end of 1998 (collectively, the "Named Executive Officers"). Summary Compensation Table - -------- Note: (1) Reflects actual bonuses earned and paid for the first three quarters of 1998 and an estimate of the bonus earned for the fourth quarter of 1998. 52
Long-Term Compensation ------------ Annual Compensation Awards --------------------------------- ------------ Securities Other Annual Underlying Name and Principal Position Year Salary Bonus Compensation Options(#) --------------------------- ---- -------- -------- ------------ ------------ Stratton D. Sclavos......... 1998 $250,000 $122,813(1) -- 400,000 President and Chief Executive Officer 1997 200,000 183,022 -- 100,000 Quentin P. Gallivan......... 1998 150,000 150,000 -- 45,000 Vice President of Worldwide Sales 1997 40,866 -- -- 115,000 Richard A. Yanowitch........ 1998 166,667 67,070(1) -- 45,000 Vice President of Marketing 1997 140,000 59,084 -- -- Dana L. Evan................ 1998 167,708 65,046(1) -- 60,000 Vice President of Finance 1997 145,000 46,349 -- 45,000 and Administration and Chief Financial Officer Arnold Schaeffer............ 1998 167,708 41,611(1) -- 90,000 Vice President of Engineering 1997 145,000 30,226 -- 58,000 Option Grants in Fiscal 1998 The following table sets forth certain information regarding stock options granted to each of the Named Executive Officers during the year ended December 31, 1998. - -------- Notes: (1) Options granted in 1998 were granted under VeriSign's 1998 Equity Incentive Plan. These options become exercisable with respect to 25% of the shares covered by the option on the first anniversary of the date of grant and with respect to an additional 6.25% of these shares each quarter thereafter. These options have a term of seven years. Upon certain changes in control of VeriSign, this vesting schedule will accelerate as to 50% of any shares that are then unvested. See "--Employee Benefit Plans" and "--Compensation Arrangements" for a description of the material terms of these options. (2) Potential realizable values are net of exercise price but before taxes, and are based on the assumption that the common stock of VeriSign appreciates at the annual rate shown (compounded annually) from the date of grant until the expiration of the seven-year term. These numbers are calculated based on Securities and Exchange Commission requirements and do not reflect VeriSign's projection or estimate of future stock price growth. (3) VeriSign granted options to purchase 2,433,756 shares of common stock to employees during 1998. (4) Options were granted at an exercise price equal to the fair market value per share of VeriSign common stock, as quoted on the Nasdaq National Market System. 53
Individual Grants(1) ---------------------------------------------------- Potential Realizable Value at Assumed Number of Percent of Annual Rates of Securities Total Options Stock Price Appreciation Underlying Granted to Exercise For Option Terms(2) Options Employees in Price Expiration ------------------------- Name Granted Fiscal Year(%)(3) Per Share(4) Date 5% 10% - ---- ---------- ----------------- ------------ ---------- ------------ ------------ Stratton D. Sclavos..... 100,000 4.1% $30.69 10/30/05 $ 1,249,390 $ 2,911,376 100,000 4.1 49.25 12/15/05 2,004,970 4,672,432 200,000 8.2 51.13 12/18/05 5,363,008 9,701,582 Quentin P. Gallivan..... 45,000 1.8 30.69 10/30/05 562,180 1,310,119 Richard A. Yanowitch.... 45,000 1.8 30.69 10/30/05 562,180 1,310,119 Dana L. Evan............ 60,000 2.5 30.69 10/30/05 749,574 1,746,825 Arnold Schaeffer........ 90,000 3.7 30.69 10/30/05 1,124,360 2,620,238 Aggregate Option Exercises in Fiscal 1998 and Fiscal Year-End Option Values The following table sets forth for each of the Named Executive Officers the shares acquired and the value realized on each exercise of stock options during the year ended December 31, 1998 and the year-end number and value of exercisable and unexercisable options: - -------- Notes: (1) Options shown were granted under VeriSign's 1995 Stock Option Plan, 1997 Stock Option Plan and 1998 Equity Incentive Plan, and are subject to vesting as described in footnote (1) to the option grant table above. See "--Employee Benefit Plans" and "-- Compensation Arrangements" for a description of the material terms of these options. (2) Based on a value of $59.13, the closing price per share of VeriSign's common stock on The Nasdaq National Market on December 31, 1998, net of the option exercise price. No compensation intended to serve as incentive for performance to occur over a period longer than one year was paid pursuant to a long-term incentive plan during 1998 to any Named Executive Officer. VeriSign does not have any defined benefit or actuarial plan under which benefits are determined primarily by final compensation and years of service with any of the Named Executive Officers. Employee Benefit Plans 1995 Stock Option Plan. At December 31, 1998, options to purchase 1,420,984 shares of common stock were outstanding under the 1995 Stock Option Plan. The 1995 Stock Option Plan was terminated on January 29, 1998, the effective date of VeriSign's initial public offering, at which time the 1998 Equity Incentive Plan became effective. As a result, no options have been granted under the 1995 Stock Option Plan since VeriSign's initial public offering. However, termination did not affect any outstanding options, all of which will remain outstanding until exercised or until they terminate or expire in accordance with their terms. Options granted under the 1995 Stock Option Plan are subject to terms substantially similar to those described below with respect to options to be granted under the 1998 Equity Incentive Plan. 1997 Stock Option Plan. At December 31, 1998, options to purchase 467,751 shares of common stock were outstanding under the 1997 Stock Option Plan. The 1997 Stock Option Plan was terminated on January 29, 1998, the effective date of VeriSign's initial public offering, at which time VeriSign's 1998 Equity Incentive Plan became effective. As a result, no options have been granted under the 1997 Stock Option Plan since VeriSign's initial public offering. However, termination did not affect any outstanding options, all of which will remain outstanding until exercised or until they terminate or expire in accordance with their terms. Options granted under the 1997 Stock Option Plan are subject to terms substantially similar to those described below with respect to options granted under the Equity Incentive Plan. 1998 Equity Incentive Plan. In October 1997, the Board adopted, and in January 1998 the stockholders approved, the Equity Incentive Plan. In addition to the 2,000,000 shares reserved for issuance under the Equity Incentive Plan, all shares remaining available under the 1995 Stock Option Plan and the 1997 Stock Option Plan were transferred to the Equity Incentive Plan. As of December 31, 1998, options to purchase 2,187,456 shares of common stock had been granted under the 1998 Equity Incentive Plan and 268,221 shares remained available for future grant. The Equity Incentive Plan will terminate in October 2007, unless sooner terminated in 54
Number of Securities Value of Unexercised Shares Underlying Unexercised In-the-Money Options Acquired Options at 12/31/98(1) at 12/31/98(2) on Value ------------------------- ------------------------- Name Exercise Realized Exercisable Unexercisable Exercisable Unexercisable - ---- -------- -------- ----------- ------------- ----------- ------------- Stratton D. Sclavos..... -- $ -- 25,000 475,000 $1,303,125 $9,340,625 Quentin P. Gallivan..... 28,744 745,184 6 131,250 319 5,861,719 Richard A. Yanowitch.... -- -- -- 45,000 -- 1,279,688 Dana L. Evan............ -- -- 11,250 93,750 597,656 3,499,219 Arnold Schaeffer........ 7,000 202,988 7,500 133,500 398,438 4,870,313 accordance with the terms of the Equity Incentive Plan. The Equity Incentive Plan authorizes the award of options, restricted stock awards and stock bonuses (each an "Award"). No person will be eligible to receive more than 400,000 shares in any calendar year pursuant to Awards under the Equity Incentive Plan other than a new employee of VeriSign who will be eligible to receive no more than 1,000,000 shares in the calendar year in which such employee commences employment. The Equity Incentive Plan is administered by the Compensation Committee. The Compensation Committee has the authority to construe and interpret the Equity Incentive Plan and any agreement made thereunder, grant Awards and make all other determinations necessary or advisable for the administration of the Equity Incentive Plan. The Equity Incentive Plan provides for the grant of both incentive stock options ("ISOs") that qualify under Section 422 of the Internal Revenue Code, and nonqualified stock options ("NQSOs"). ISOs may be granted only to employees of VeriSign or of a parent or subsidiary of VeriSign. All Awards other than ISOs may be granted to employees, officers, directors and consultants. The exercise price of ISOs must be at least equal to the fair market value of the common stock on the date of grant. The exercise price of NQSOs must be at least equal to 85% of the fair market value of the common stock on the date of grant. The maximum term of options granted under the Equity Incentive Plan is ten years. Awards granted under the Equity Incentive Plan generally vest as to 25% of the shares on the first anniversary of the date of grant and as to 6.25% of the shares each of the next 12 quarters. Options granted under the Equity Incentive Plan generally expire three months after the termination of the optionee's service, except in the case of death or disability, in which case the options generally may be exercised for up to 12 months following the date of death or termination of service due to disability. Options will generally terminate immediately upon termination for cause. In the event of the dissolution or liquidation of VeriSign or a "change in control" transaction, outstanding Awards may be assumed or substituted by the successor corporation (if any). If a successor corporation does not assume or substitute the Awards, they will expire upon the effectiveness of the transaction. The Committee, in its discretion, may provide that the vesting of any or all Awards will accelerate prior to the effectiveness of the transaction. 1998 Employee Stock Purchase Plan. In December 1997, the Board adopted, and in January 1998 the stockholders approved, the Purchase Plan and reserved 500,000 shares of common stock for issuance thereunder. As of December 31, 1998, 58,225 shares had been issued under the Purchase Plan and 441,775 shares remained available for future issuance under the Purchase Plan. The Purchase Plan is administered by the Compensation Committee of the Board. The Compensation Committee has the authority to construe and interpret the Purchase Plan. Employees generally will be eligible to participate in the Purchase Plan if they are customarily employed by VeriSign for more than 20 hours per week and more than five months in a calendar year and are not 5% stockholders of VeriSign. These employees may select a rate of payroll deduction between 2% and 10% of their compensation and are subject to certain maximum purchase limitations. Participation in the Purchase Plan will end automatically upon termination of employment for any reason. Except for the first offering, each offering under the Purchase Plan will be for a period of 24 months (the "Offering Period") and will consist of six-month purchase periods (each a "Purchase Period"). The first Offering Period began on January 29, 1998 and will last until January 31, 2000. Offering Periods thereafter will begin on February 1 and August 1. Each participant will be granted an option on the first day of the Offering Period and such option will be automatically exercised on the last day of each Purchase Period during the Offering Period. The purchase price for the common stock purchased under the Purchase Plan is 85% of the lesser of the fair market value of the common stock on the first day of the applicable Offering Period and on the last day of the applicable Purchase Period. The Committee will have the power to change the duration of Offering Periods and Purchase Periods without stockholder approval, if such change is announced at least 15 days prior to the beginning of the Offering or Purchase Period to be affected. The Purchase Plan is intended to qualify as an "employee stock purchase plan" under Section 423 of the Internal Revenue Code. Rights granted under the Purchase Plan are not transferable by a participant other than by will or the laws of descent and distribution. The Purchase Plan provides that, in the event of the proposed dissolution or liquidation of VeriSign, the Offering Period will terminate immediately prior to the consummation of such proposed action, provided that the Compensation Committee may fix a different date for termination of 55 the Purchase Plan and may give each participant the opportunity to purchase shares under the Purchase Plan prior to such termination. The Purchase Plan provides that, in the event of certain "change of control" transactions, the Purchase Plan will continue for all Offering Periods that began prior to the transaction and shares will be purchased based on the fair market value of the surviving corporation's stock on each Purchase Date. The Purchase Plan will terminate in December 2007, unless earlier terminated pursuant to the terms of the Purchase Plan. The Board has the authority to amend, terminate or extend the term of the Purchase Plan, except that no such action may adversely affect any outstanding options previously granted under the Purchase Plan and stockholder approval is required to increase the number of shares that may be issued or change the terms of eligibility under the Purchase Plan. 401(k) Plan. The Board maintains the VeriSign, Inc. 401(k) Plan (the "401(k) Plan"), a defined contribution plan intended to qualify under Section 401 of the Internal Revenue Code. All eligible employees who are at least 18 years old and have been employed by VeriSign for one month may participate in the 401(k) Plan. An eligible employee of VeriSign may begin to participate in the 401(k) Plan on the first day of January, April, July or October of the plan year coinciding with or following the date on which such employee meets the eligibility requirements. In connection with the acquisition of SecureIT, VeriSign added an additional enrollment date in August 1998. A participating employee may make pre-tax contributions of a whole percentage (not more than 15%) of his or her eligible compensation and up to 100% of any cash bonus, subject to limitations under the federal tax laws ($10,000 in 1998). Employee contributions and the investment earnings thereon are fully vested at all times. The 401(k) Plan permits, but does not require, additional matching and profit-sharing contributions by VeriSign on behalf of the participants. VeriSign has not made matching or profit-sharing contributions. Contributions by employees or VeriSign to the 401(k) Plan, and income earned on plan contributions, are generally not taxable to employees until withdrawn, and contributions by VeriSign, if any, should be deductible by VeriSign when made. The trustee under the 401(k) Plan, at the direction of each participant, invests the assets of the 401(k) Plan in selected investment options. Executive Loan Program of 1996. In November 1996, the Compensation Committee adopted VeriSign's Executive Loan Program of 1996 (the "Executive Loan Program"). Pursuant to the Executive Loan Program, VeriSign's Chief Executive Officer and each Vice President (each a "Qualified Borrower") are each entitled to borrow an aggregate of up to $250,000 from VeriSign. Each loan made under the Executive Loan Program is a full recourse loan and bears interest at the then-minimum interest rate to avoid imputation of income under federal, state and local tax laws. Interest on any loan made under the Executive Loan Program is due and payable on December 31 of each year in which such loan is outstanding. Principal and accrued interest are payable in full on any such loan upon the earlier of December 31, 2005 or 90 days after the termination of the Qualified Borrower's employment, unless extended by a separate written agreement approved by the Board. Each loan made under the Executive Loan Program must be secured by collateral represented by common stock or other marketable securities acceptable to the Board having a fair market value equaling or exceeding the principal amount of the loan. Compensation Arrangements Mr. Sclavos's employment offer letter of June 1995, as amended in October 1995, provided for an initial annual salary of $175,000 and an initial annual bonus of up to $50,000 per year. In addition, it provided for a loan to Mr. Sclavos of $48,000 which was to be forgiven after the first anniversary of Mr. Sclavos's employment with VeriSign. This loan was forgiven by the Board in October 1996. Mr. Sclavos was also granted an option to purchase 616,000 shares of common stock with an exercise price of $.12 per share. In October 1996, this option was amended such that it became immediately exercisable. Mr. Sclavos exercised this option in full in November 1996. In connection with this exercise, VeriSign loaned Mr. Sclavos $73,920 pursuant to the terms of the Executive Loan Program, representing the full exercise price of such option. Mr. Sclavos has repaid in full his loan under the Executive Loan Program. As of December 31, 1998, 115,500 of the shares Mr. Sclavos received upon exercise of the option were subject to a right of repurchase on behalf of VeriSign. This right lapses as to 38,500 shares per quarter. Mr. Sclavos's employment is "at will" and thus can be terminated at any time, with or without cause. 56 Dana L. Evan, Arnold Schaeffer and Richard A. Yanowitch were granted options to purchase 170,000, 200,000 and 290,000 shares, respectively, of common stock under the 1995 Stock Option Plan, at exercise prices ranging from $.12 to $6.00. Each of these options is subject to the standard four-year vesting schedule under the 1995 Stock Option Plan or, in certain circumstances, is immediately exercisable, subject to VeriSign's right to repurchase shares subject to such options, which repurchase right lapses on a schedule similar to the vesting schedule for options granted under the 1995 Stock Option Plan. However, upon the occurrence of certain change-in-control transactions, 50% of each such Named Executive Officer's then-unvested options will become vested or, if applicable, the right of repurchase will lapse as to 50% of the shares covered by such right of repurchase. Indemnification of Directors and Executive Officers and Limitation of Liability As permitted by the Delaware General Corporation Law (the "DGCL"), VeriSign's Certificate of Incorporation, includes a provision that eliminates the personal liability of its directors for monetary damages for breach of fiduciary duty as a director, except for liability: . for any breach of the director's duty of loyalty to VeriSign or its stockholders; . for acts or omissions not in good faith or that involve intentional misconduct or a knowing violation of law; . under section 174 of the DGCL (regarding unlawful dividends and stock purchases); or . for any transaction from which the director derived an improper personal benefit. As permitted by the DGCL, VeriSign's Amended and Restated Bylaws provide that: . VeriSign must indemnify its directors and officers to the fullest extent permitted by the DGCL, subject to certain very limited exceptions; . VeriSign may indemnify its other employees and agents to the extent that it indemnifies its officers and directors, unless otherwise required by law, its Certificate of Incorporation, its Amended and Restated Bylaws, or agreement; . VeriSign is required to advance expenses, as incurred, to its directors and executive officers in connection with a legal proceeding to the fullest extent permitted by the DGCL, subject to certain very limited exceptions; and . the rights conferred in the Amended and Restated Bylaws are not exclusive. VeriSign has entered into Indemnification Agreements with each of its current directors and certain of its executive officers and intends to enter into such Indemnification Agreements with each of its other executive officers to give such directors and executive officers additional contractual assurances regarding the scope of the indemnification set forth in the Certificate of Incorporation and Amended and Restated Bylaws and to provide additional procedural protections. At present, there is no pending litigation or proceeding involving a director, officer or employee of VeriSign regarding which indemnification is sought, nor is VeriSign aware of any threatened litigation that may result in claims for indemnification. 57 CERTAIN TRANSACTIONS In April 1995, VeriSign sold an aggregate of 4,688,333 shares of common stock at a purchase price of $.12 per share to certain individuals and entities. Among the purchasers was RSA, which acquired 4,000,000 shares. In consideration for these shares, RSA assigned and transferred to VeriSign equipment, assets and technology, which assets and technology included certain specified software developed or under development by RSA relating to digital certificate issuance and management, certain tangible personal property, consisting mostly of computer and communications equipment, and all of RSA's right, title and interest in certain specified agreements to provide digital certificate services. In connection with the contribution of these assets to VeriSign, RSA entered into a BSAFE/TIPEM OEM Master License Agreement with VeriSign. VeriSign was granted a perpetual, royalty free, nonexclusive, worldwide license to other services that VeriSign develops that contain or incorporate the RSA BSAFE and TIPEM products and that relate to digital certificate issuing software, software for the management of private keys and for digitally signing computer files on behalf of others, software for customers to preview and forward digital certificate requests to VeriSign, or such other products that, in RSA's reasonable discretion, are reasonably necessary for the implementation of a digital certificate business. RSA is also required to provide VeriSign with maintenance and technical support for these products. RSA's BSAFE product is a software tool kit that allows for the integration of encryption and authentication features into software applications and TIPEM is a secure e-mail development tool kit that allows for secure e-mail messages to be sent using one vendor's e-mail product and read by another vendor's e-mail product. In December 1998, VeriSign and RSA amended the BSAFE/TIPEM OEM Master License Agreement to provide that VeriSign will subscribe to RSA's maintenance program and pay to RSA a yearly maintenance fee equal to 50% of RSA's standard published maintenance fees. In addition, RSA will have the right to include root keys other than VeriSign's in products manufactured by third parties that include RSA products which process digital certificates. Also in connection with this contribution of assets, RSA entered into a Non- Compete and Non-Solicitation Agreement pursuant to which RSA agreed, for a five-year period, not to compete with VeriSign's CA business. Since January 1, 1996, there has not been nor is there currently proposed, any transaction or series of similar transactions to which VeriSign or any of its subsidiaries was or is to be a party in which the amount involved exceeded or will exceed $60,000 and in which any director, executive officer, holder of more than 5% of the common stock of VeriSign or any member of the immediate family of any of the foregoing persons had or will have a direct or indirect material interest other than (1) compensation agreements and other arrangements, which are described where required in "Management," and (2) the transactions described below. Transactions with Directors, Executive Officers and 5% Stockholders Prior to its initial public offering, VeriSign financed operations through a series of private common stock and preferred stock financings. All shares of preferred stock converted into shares of common stock at a conversion rate of one share of common stock for each share of preferred stock upon the closing of VeriSign's initial public offering in February 1998. Series B Preferred Stock. In February 1996, VeriSign sold an aggregate of 2,099,123 shares of Series B Preferred Stock at a cash purchase price of $2.45 per share to 12 entities. Among the purchasers were the following 5% stockholders and entities affiliated with directors of VeriSign, who purchased the number of shares set forth opposite their respective names: Kleiner Perkins Caufield & Byers VII--1,153,207 shares; Bessemer Venture Partners DCI--187,819 shares; KPCB VII Founders Fund--125,947 shares; Security Dynamics-- 72,026 shares; KPCB Information Science Zaibatsu Fund II--32,799 shares; and First TZMM Investment Partnership--17,554 shares. Mr. Compton, a director of VeriSign, is a general partner of the general partner of Kleiner Perkins Caufield & Byers VII, KPCB VII Founders Fund and KPCB Information Science Zaibatsu Fund II. 58 Co-Sale Agreement. In February 1996, VeriSign, each of the purchasers of Series B Preferred Stock and RSA entered into a Co-Sale Agreement, pursuant to which the holders of Series B Preferred Stock were granted rights to participate in certain sales of capital stock of VeriSign owned by RSA. Such co-sale rights terminated upon the closing of VeriSign's initial public offering. Investors' Rights Agreement. In November 1996, VeriSign, all of the current holders of preferred stock and the purchasers of common stock in April 1995 entered into an Amended and Restated Investors' Rights Agreement (the "Investors' Rights Agreement") pursuant to which the holders of all such preferred or common stock (the "Investors") have certain registration rights with respect to their shares of common stock following this offering. See "Description of Capital Stock--Registration Rights." Pursuant to the terms of the Investors' Rights Agreement, each of the Investors and Stratton Sclavos, VeriSign's President and Chief Executive Officer and a director of VeriSign, were granted a right of first offer with respect to certain future sales of securities by VeriSign. Officer Loans. In November 1996, in connection with the exercise of stock options granted under the 1995 Stock Option Plan, VeriSign permitted three executive officers, Richard A. Yanowitch, Dana L. Evan and Stratton D. Sclavos to purchase shares of common stock in exchange for promissory notes issued under its Executive Loan Program in the amounts of $217,500, $93,750 and $73,920, respectively. See "Management--Employee Benefit Plans--Executive Loan Program of 1996." Each note is a recourse note that is secured by the shares purchased with that note. The notes bear interest at the rate of 6.95% per annum, payable on December 31 of each year, and are due and payable on the earlier of December 31, 2005 or the date the borrowers' employment relationship with VeriSign is terminated, unless otherwise extended by a separate written agreement approved by the Board. During 1997 and 1998, VeriSign paid bonuses in the amount of the interest accrued under each such executive officer's promissory note. Mr. Yanowitch received bonuses of $23,603 in 1997 and $19,857 in 1998. Ms. Evan received bonuses of $10,174 in 1997 and $6,904 in 1998. Mr. Sclavos received bonuses of $8,022 in 1997 and $5,625 in 1998. Mr. Sclavos and Ms. Evan have repaid their loans in full. Development Agreement. In September 1997, VeriSign and Security Dynamics, the parent company of RSA, entered into a Master Development and License Agreement (the "Development Agreement"). Mr. Bidzos, the Chairman of the Board of VeriSign, is also a director of Security Dynamics. Pursuant to the Development Agreement, VeriSign will develop a customized CA service based upon VeriSign's WorldTrust platform in order to enable Security Dynamics to offer a product with encryption and digital certificate functionality. VeriSign has retained the ownership rights to the technology developed under this agreement, except to the extent such technology constitutes derivatives of Security Dynamics's pre-existing technology or such technology is solely created by Security Dynamics. However, VeriSign granted Security Dynamics a non-exclusive, royalty-free, perpetual, worldwide license to VeriSign's intellectual property rights in VeriSign technology to the extent that the technology is incorporated in the customized product being developed for Security Dynamics, for the purpose of facilitating Security Dynamics' derivative works or distributing the customized product to end users. In December 1998, VeriSign and Security Dynamics amended the Development Agreement to grant Security Dynamics an exclusive license to incorporate the developed technology into original equipment manufacturers', or OEMs, products in order to create products incorporating the technology and to sublicense the technology to licensees of the OEMs. In addition, VeriSign will use its best efforts to transfer customer support services to Security Dynamics and to assist in transferring its sales prospects to Security Dynamics. The Development Agreement provides that Security Dynamics will pay VeriSign an aggregate of $2.7 million as an initial license fee, $900,000 of which was paid in October 1997 and $1.4 million of which was paid during 1998. The remaining $360,000 is scheduled to be paid upon completion of a milestone during early 1999. At the time of the execution of the amendment in December 1998, Security Dynamics paid VeriSign $500,000. Once Security Dynamics has received net revenues of $2.8 million from OEMs, it will pay VeriSign a royalty equal to 18% of net revenues from the sale to OEMs or, if it is greater, 18% of 60% of the current list price for the product. Security Dynamics will not be obligated to pay any royalties to VeriSign with respect to sales to VARs. 59 In order for Security Dynamics to maintain its exclusivity rights, it must make aggregate annual payments, which will be paid on a quarterly basis, of: (1) $1.1 million during the first year of the agreement; (2) $2.3 million during the second year of the agreement; (3) $3.0 million during the third year of the agreement; and (4) $4.0 million during each of the fourth and fifth years of the agreement. Security Dynamics may also elect not to maintain the exclusivity so long as it gives 90 days notice prior to the end of a year and also pays to VeriSign an amount equal to the remaining pre-payments to be made during that year as well as an amount equal to the first two quarterly payments due for the subsequent year. In addition VeriSign will be obligated to pay Security Dynamics an amount equal to 8% of net revenue recognized by VeriSign during a VeriSign OnSite customer's first year using VeriSign OnSite if the new VeriSign OnSite customer had previously purchased products from Security Dynamics which incorporate the developed technology. Commencing in March 1998, Security Dynamics is also required to pay VeriSign a monthly product support fee for a three-year period, and thereafter for successive annual terms. Either of the parties may elect to terminate such product support within 60 days prior to the end of the term. Security Dynamics may terminate support services at any time on 60 days prior written notice to VeriSign. For a yearly fee, Security Dynamics can purchase product maintenance services. During 1998 Security Dynamics paid both support and maintenance fees, which were $105,000 in the aggregate. If Security Dynamics pays both support and maintenance fees in future periods, such fees would aggregate approximately $195,000 for a one-year period. For so long as Security Dynamics is paying such maintenance fees, VeriSign will be obligated, at no additional cost, to provide Security Dynamics with updates and enhancements that VeriSign develops to the customized product and with non-exclusive first-to-market access to new technologies developed by VeriSign that are relevant to the business of providing enterprise security solutions or solutions for secure business communications. VeriSign is also obligated, upon the request of Security Dynamics, to make VeriSign's other technology available to Security Dynamics and to offer maintenance after the term of the agreement on certain "most favored pricing" terms. VeriSign believes that the terms of the Development Agreement, taken as a whole, were no less favorable to VeriSign than VeriSign could have obtained from unaffiliated third parties. Sublease with Security Dynamics. Since September 1996, VeriSign has sublet approximately 12,700 square feet of space for its offices in Cambridge, Massachusetts. This space is subleased from Security Dynamics pursuant to a sublease that expired in March 1998. VeriSign made lease payments to Security Dynamics of $17,646 during 1996, $179,000 during 1997 and $4,825 during 1998. VeriSign also paid all electricity, heating, ventilation and air conditioning costs for the subleased premises. Acquisition of SecureIT, Inc. In July 1998, VeriSign acquired SecureIT. In connection with this acquisition, VeriSign issued approximately 1,666,000 shares of its common stock in exchange for all of the issued and outstanding capital stock of SecureIT. Jagtar S. Chaudhry, the Vice President and General Manager of Security Services of VeriSign, received 210,951 shares of VeriSign's common stock in exchange for his shares of SecureIT stock. P. Jyoti Chaudhry, his wife, received 1,071,239 shares of VeriSign common stock in exchange for her shares of SecureIT stock. Three Chaudhry Family Trusts received 65,922 shares of VeriSign common stock in exchange for their SecureIT stock and a fourth Chaudhry Family Trust received 3,296 shares of VeriSign common stock in exchange for its shares of SecureIT stock. In addition, VeriSign granted the former shareholders of SecureIT certain registration rights with respect to the VeriSign common stock they received in the transaction. See "Description of Capital Stock--Registration Rights." Of the 1,666,186 shares issued in the SecureIT acquisition, 176,619 shares are being held in escrow to secure the indemnification obligations under the Agreement and Plan of Reorganization relating to the acquisition of SecureIT. Of these shares, 10,000 are being held to secure an indemnification obligation with respect to income taxation, which we refer to as the "Tax Escrow." These escrow shares were withheld from the shares distributed to the former SecureIT shareholders on a pro-rata basis based on their ownership of SecureIT 60 shares. This escrow will terminate on May 1, 1999. However, the escrow will terminate with respect to the Tax Escrow when the applicable statute of limitations pertaining to any taxes due expires. VeriSign also entered into an Employment and Non-Competition Agreement with Mr. Chaudhry. This employment agreement, which became effective on July 6, 1998, has a term of one-year and provides for a minimum annual base salary of $125,000. In addition, Mr. Chaudhry will be eligible to receive an annual bonus in an amount up to 30% of his base salary. Mr. Chaudhry was also granted an option to purchase 100,000 shares of common stock at an exercise price of $27.50 per share. In the event Mr. Chaudhry's employment is terminated without cause or upon a "constructive termination" of his employment, he will be entitled to receive the base salary remaining to be paid to him for the term of the employment agreement. Once the initial term of this employment agreement expires, Mr. Chaudhry's employment will be on an "at-will" basis. Certain Business Relationships Legal Fees. During 1996, 1997 and 1998, the law firm of Tomlinson Zisko Morosoli & Maser LLP, of which Mr. Tomlinson is a partner, provided legal services to VeriSign on a variety of matters. VeriSign paid to or accrued for Tomlinson Zisko Morosoli & Maser LLP an aggregate of $344,120 in 1996, $239,051 in 1997 and approximately $617,000 in 1998. VeriSign believes that the terms of each of the transactions described above, taken as a whole, were no less favorable to VeriSign than VeriSign could have obtained from unaffiliated third parties. 61 PRINCIPAL AND SELLING STOCKHOLDERS The following table sets forth certain information with respect to the beneficial ownership of VeriSign's common stock as of December 31, 1998 and as adjusted to reflect the sale of the shares of common stock offered hereby by: (i) each person who is known by VeriSign to own beneficially more than 5% of VeriSign's common stock, (ii) each director of VeriSign, (iii) each of the Named Executive Officers, (iv) all directors and executive officers of VeriSign as a group and (v) each Selling Stockholder. - -------- * Less than 1% of VeriSign's outstanding common stock Notes: (1) Percentage ownership is based on 23,086,692 outstanding as of December 31, 1998, and 24,271,692 shares outstanding after the offering. Shares of common stock subject to options currently exercisable or exercisable within 60 days of December 31, 1998, are deemed outstanding for the purpose of computing the percentage ownership of the person holding such options but are not deemed outstanding for computing the percentage ownership of any other person. Unless otherwise indicated below, the persons and entities named in the table have sole voting and sole investment power with respect to all shares beneficially owned, subject to community property laws where applicable. (2) Assumes the underwriters' over-allotment option to purchase 412,500 shares of common stock is not exercised. (3) Represents 3,611,591 shares held of record by Security Dynamics or by wholly-owned subsidiaries thereof, 93,000 shares held of record by D. James Bidzos, 83,750 shares held of record by Kairdos L.L.C. and 23,333 shares subject to options held of record by D. James Bidzos that are exercisable within 60 days of December 31, 1998. The number of shares being offered represents 10,000 shares offered for the account of Mr. Bidzos and 10,000 shares offered for the account of Kairdos L.L.C. Mr. Bidzos, the Chairman of the Board of VeriSign, is the President of RSA, an Executive Vice President and a director of Security Dynamics and the General Manager and a member of Kairdos L.L.C. Mr. Bidzos disclaims beneficial ownership of the shares held by Kairdos L.L.C. except for 62
Shares Beneficially Shares Beneficially Owned Prior to Offering Number of Owned After Offering ---------------------------- Shares -------------------- Name of Beneficial Owner Number Percent(1) Being Offered Number Percent(2) - ------------------------ -------------- ------------- ------------- --------- ---------- Named Executive Officers, Directors and 5% Stockholders - ------------------------------------------ D. James Bidzos (3)....................... 3,811,674 16.5% 20,000 2,791,674 11.5% Security Dynamics Technologies, Inc. (3).. 3,611,591 15.6 1,000,000 2,611,591 10.8 Jagtar Chaudhry (4)....................... 1,483,252 6.4 269,436 1,113,816 4.6 William Chenevich (5)..................... 604,115 2.6 -- 604,115 2.5 Stratton D. Sclavos (6)................... 502,250 2.2 53,153 449,097 1.8 Kevin R. Compton (7)...................... 462,360 2.0 -- 462,360 1.9 David J. Cowan (8)........................ 284,189 1.2 -- 284,189 1.2 Richard A. Yanowitch (9).................. 229,997 1.0 23,153 206,844 * Arnold Schaeffer (10)..................... 115,625 * 23,153 92,472 * Dana L. Evan (11)......................... 107,963 * 23,153 84,810 * Quentin P. Gallivan (12).................. 13,438 * 7,388 6,050 * Timothy Tomlinson (13).................... 23,269 * -- 23,269 * All officers and directors as a group (11 persons) (14)........................ 7,638,132 32.9 1,419,436 6,118,696 25.1 Other Selling Stockholders - -------------------------- P. Jyoti Chaudhry (4)..................... 1,483,252 6.4 100,000 1,113,816 4.6 Jay W. Johnson ........................... 97,531 * 22,040 75,491 * George and Lana Valente Foundation ....... 82,403 * 20,524 61,879 * Messiah Lutheran Church................... 3,000 * 3,000 -- * his proportional interest therein, and disclaims beneficial ownership of the shares held by Security Dynamics or its wholly-owned subsidiaries. The address for Mr. Bidzos and Security Dynamics is 20 Crosby Drive, Bedford, Massachusetts 01730. (4) Represents 60,951 shares held by Jagtar Chaudhry, 921,239 shares held by P. Jyoti Chaudhry, his wife, 300,000 shares held by Chaudhry Enterprises and 65,922, 65,922, 65,922 and 3,296 shares held by four Chaudhry Family Trusts for the benefit of Simran D. Chaudhry, Yash P. Chaudhry, Samir R. Chaudhry and Manpreet Bains, respectively. Jagtar Chaudhry is the Vice President of and General Manager of Security Services of VeriSign. Includes an aggregate of 519,000 shares subject to the "zero-cost collar" arrangements described below. Mr. Chaudhry's wife and the trusts for the benefit of Simran Chaudhry, Yash P. Chaudhry and Samir R. Chaudhry entered into "zero-cost collar" arrangements pursuant to which such person wrote a call option and purchased a put option. These options become exercisable on January 5, 2000 and also expire on that date. Only one of the options can be "in the money" on the expiration date, at which time, the "in the money" option will be exercised and settled for cash and the other option will expire. If neither option is "in the money," both options will expire. Mr. Chaudhry's wife entered into such an arrangement with respect to 342,198 shares and each of the trusts entered into an arrangement with respect to 58,934 shares. Also includes 143,238 shares held by Mr. and Mrs. Chaudhry, the Chaudhry Family Trusts and Chaudhry Enterprises which are subject to the escrow to secure the indemnification obligations contained in the Agreement and Plan of Reorganization relating to the acquisition of SecureIT. The escrow is described under "Certain Transactions." The address for P. Jyoti and Jagtar Chaudhry, Chaudhry Enterprises and the Chaudhry Family Trusts is c/o SecureIT, 5550 Triangle Parkway Suite 100, Norcross, Georgia 30092. The number of shares being offered represents 100,000 shares offered for the account of Mrs. Chaudhry, 266,489 shares offered for the account of Chaudhry Enterprises and 2,947 shares offered for the account of the Chaudhry Family Trust for the benefit of Manpreet Bains. (5) Represents 594,052 shares held by VISA International Service Association, 7,563 shares subject to options held of record by VISA International Service Association that are exercisable with 60 days of December 31, 1998, and 2,500 shares held of record by William Chenovich, director of VeriSign. Mr. Chenevich is the Group Executive Vice President, Data Processing Systems of VISA. (6) Includes 5,000 shares held of record by Stratton or Jody Sclavos as Custodians under UTMA for Nicholas L. Sclavos, 5,000 shares held of record by Stratton or Jody Sclavos as Custodians under UTMA for Alexandra C. Sclavos and an aggregated 2,010 shares held in trust for the six nieces and nephews of Stratton Sclavos. Also includes 31,250 shares subject to options held of record by Stratton D. Sclavos that are exercisable within 60 days of December 31, 1998. Mr. Sclavos is President, Chief Executive Officer and a director of VeriSign. Of the shares shown in the table, as of December 31, 1998, 115,500 were subject to a repurchase right that lapses as to 38,500 of the shares each quarter. The number of shares being offered represents 43,143 shares offered for the account of Mr. Sclavos, 4,000 shares offered for the account of Stratton or Jody Sclavos as Custodians under UTMA for Alexandra C. Sclavos, 4,000 shares offered for the account of Stratton or Jody Sclavos as Custodians under UTMA for Nicholas L. Sclavos and an additional 2,010 shares, representing 335 shares offered for the accounts of each of the six nieces and nephews of Mr. Sclavos. (7) Represents 437,318 shares held of record by Kleiner Perkins Caufield & Byers VII L.P., 16,541 shares held of record by Kevin Compton, 6,250 shares subject to options held of record by Kevin Compton that are exercisable within 60 days of December 31, 1998, and 2,251 shares subject to options held of record by Kleiner Perkins Caufield & Byers VII L.P. that are exercisable within 60 days of December 31, 1998. Mr. Compton, a director of VeriSign, is a general partner of the general partner of each of these entities. Mr. Compton disclaims beneficial ownership of shares held by such 63 entities except for his proportional interest therein. The address for Mr. Compton and these entities is c/o Kleiner Perkins Caufield & Byers, 2750 Sand Hill Road, Menlo Park, California 94025. (8) Represents 247,966 shares held of record by Bessemer Venture Partners DCI, 3,750 shares held by Deer III & Co. and 7,563 shares subject to options held of record by Deer III & Co. LLC that are exercisable within 60 days of December 31, 1998. Mr. Cowan, a director of VeriSign, is a general partner of the general partner of Bessemer Venture Partners DCI and is a manager of Deer III & Co. LLC. Mr. Cowan disclaims beneficial ownership of shares held by Bessemer Venture Partners DCI except for his proportional interest therein. The address for Mr. Cowan and Bessemer Venture Partners DCI is 535 Middlefield Road, Menlo Park, California 94025. (9) Mr. Yanowitch is Vice President of Marketing of VeriSign. Of the shares shown in the table, as of December 31, 1998, 108,750 were subject to a repurchase right that lapses as to 18,125 of the shares each quarter. (10) Includes 11,125 shares subject to options held of record by Arnold Schaeffer that are exercisable within 60 days of December 31, 1998. Mr. Schaeffer is Vice President of Engineering of VeriSign. Of the shares shown in the table, as of December 31, 1998, 45,000 were subject to a repurchase right that lapses as to 8,875 of the shares each quarter. (11) Includes 5,000 shares held of record by Ms. Evan as Custodian under UTMA for Christopher Thomas Evan, 5,000 shares held of record by Ms. Evan as Custodian under UTMA for Ryan Joseph Evan and 14,063 shares subject to options held of record by Dana Evan that are exercisable within 60 days of December 31, 1998. Ms. Evan is Vice President of Finance and Administration and Chief Financial Officer of VeriSign. Of the shares shown in the table, as of December 31, 1998, 46,875 were subject to a repurchase right that lapses as to 7,812 of the shares each quarter. (12) Includes 7,194 shares subject to options held of record by Quentin Gallivan that are exercisable within 60 days of December 31, 1998. Mr. Gallivan is Vice President of Worldwide Sales of VeriSign. (13) Includes 500 shares held of record by the Joy E. Tomlinson 1996 Trust, 500 shares held of record by the Tucker Tomlinson 1996 Trust and 3,813 shares subject to options held of record by TZM Investment Fund that are exercisable within 60 days of December 31, 1998. Mr. Tomlinson is a general partner of TZM Investment Fund and a trustee of each trust. (14) Includes the shares described in footnotes (3)-(13). 64 DESCRIPTION OF CAPITAL STOCK As of December 31, 1998, there were outstanding 23,086,692 shares of common stock, each with a par value of $.001, held of record by approximately 235 stockholders, and outstanding options to purchase 4,129,094 shares of common stock. The following summary of certain provisions of the common stock and preferred stock does not purport to be complete and is subject to, and qualified in its entirety by, the provisions of VeriSign's Certificate of Incorporation, which is included as an exhibit to the registration statement, of which this prospectus forms a part, and by the provisions of applicable law. Common Stock VeriSign is authorized to issue 50,000,000 shares of common stock. Subject to preferences that may be applicable to any preferred stock outstanding at the time, the holders of outstanding shares of common stock are entitled to receive dividends out of assets legally available therefor at such times and in such amounts as the Board from time to time may determine. Holders of common stock are entitled to one vote for each share held on all matters submitted to a vote of stockholders. Cumulative voting for the election of directors is authorized by the Certificate of Incorporation, which means that the holders of a majority of the shares voted can elect all of the directors then standing for election. The common stock is not entitled to preemptive rights and is not subject to conversion or redemption. Upon liquidation, dissolution or winding-up of VeriSign, the assets legally available for distribution to stockholders are distributable ratably among the holders of the common stock and any participating preferred stock outstanding at that time after payment of liquidation preferences, if any, on any outstanding preferred stock and payment of other claims of creditors. Each outstanding share of common stock is, and all shares of common stock to be outstanding upon completion of this offering will be upon payment therefor, duly and validly issued, fully paid and nonassessable. Preferred Stock VeriSign is authorized to issue up to 5,000,000 shares of "blank check" preferred stock. The Board is authorized, subject to any limitations prescribed by Delaware law, to provide for the issuance of preferred stock in one or more series, to establish from time to time the number of shares to be included in each such series, to fix the rights, preferences and privileges of the shares of each wholly unissued series and any qualifications, limitations or restrictions thereon, and to increase or decrease the number of shares of any such series (but not below the number of shares of such series then outstanding), without any further vote or action by the stockholders. The Board may authorize the issuance of preferred stock with voting or conversion rights that could adversely affect the voting power or other rights of the holders of common stock. The issuance of preferred stock may have the effect of delaying, deferring or preventing a change in control of VeriSign and may adversely affect the market price of the common stock, and the voting and other rights of the holders of common stock. VeriSign has no current plan to issue any shares of preferred stock. Registration Rights The holders of approximately 5,132,218 shares of common stock (the "Holders") have certain rights to cause VeriSign to register those shares (the "Registrable Securities") under the Securities Act. The holders of at least a majority of the Registrable Securities may require that VeriSign use best efforts to effect up to two registrations. Holders not part of the initial registration demand are entitled to notice of such registration and are entitled to include shares of Registrable Securities therein. These registration rights are subject to certain conditions and limitations, including the right, under certain circumstances, of the underwriters of an offering to limit the number of shares included in such registration and the right of VeriSign to delay the filing of a registration statement for not more than 120 days after receiving the registration demand. VeriSign is obligated to pay all registration expenses incurred in connection with such registration, other than underwriters' discounts and commissions, and the reasonable fees and expenses of a single counsel to the selling Holders. 65 In addition, if VeriSign proposes to register any securities under the Securities Act in connection with the sale of such securities solely for cash, the Holders are entitled to notice of such registration and are entitled to include Registrable Securities therein. These rights do not apply to a registration relating to securities to be sold under one of VeriSign's stock plans or common stock issuable upon conversion of debt securities. These rights are subject to certain conditions and limitations, including the right of the underwriters of an offering to limit the number of shares included in such registration under certain circumstances. VeriSign is obligated to pay all registration expenses incurred in connection with such registration other than underwriters' discounts and commissions. The Holders may also require VeriSign, on no more than two occasions in any twelve-month period, to register all or a portion of their Registrable Securities on Form S-3 under the Securities Act when such form becomes available for use by VeriSign, if the securities to be so registered represent an aggregate selling price to the public of not less than $1.0 million. The Holders who are not part of the initial registration demand are entitled to notice of such registration and are entitled to include shares of Registrable Securities therein. These registration rights are subject to certain conditions and limitations, including the right of VeriSign to delay the filing of a registration statement on Form S-3 for a period of not more than 60 days after receiving the registration demand. VeriSign is obligated to pay all registration expenses incurred in connection with such registration, other than underwriters' discounts and commissions. Each stockholder's registration rights will expire upon the earlier of February 4, 2003, or at such time as the stockholder can sell all of its securities under Rule 144(k). The former shareholders of SecureIT have certain registration rights with respect to the approximately 1,666,000 shares of VeriSign common stock issued to them in connection with the acquisition of SecureIT. These stockholders have "piggy back registration rights" which require VeriSign to use its best efforts to include up to 416,547 shares in any registration statement filed prior to January 30, 1999. In addition, anytime after January 30, 1999, these stockholders may require VeriSign to file a registration statement on Form S-3 and keep such registration statement continuously effective until July 6, 1999. This registration statement could cover up to 833,094 shares of VeriSign common stock, less any shares for which these holders have exercised piggyback registration rights. Since these holders have elected to exercise their piggyback registration rights with respect to 415,000 shares in this offering, VeriSign would be required to include 418,094 shares, plus any shares included in the registration statement of which this prospectus is a part which remain unsold. Delaware Anti-Takeover Law and Certain Charter and Bylaw Provisions VeriSign is subject to the provisions of Section 203 of the Delaware General Corporation Law (the "Anti-Takeover Law") regulating corporate takeovers. The Anti-Takeover Law prevents certain Delaware corporations from engaging, under certain circumstances, in a "business combination," which includes a merger or sale of more than 10% of the corporation's assets with any "interested stockholder." An "interested stockholder" is a stockholder who owns 15% or more of the corporation's outstanding voting stock, as well as affiliates and associates of any such persons. This restriction applies for three years following the date that such stockholder became an "interested stockholder" unless: . the transaction is approved by the Board of Directors prior to the date the "interested stockholder" attained such status; . upon consummation of the transaction that resulted in the stockholder's becoming an "interested stockholder," the "interested stockholder" owned at least 85% of the voting stock of the corporation outstanding at the time the transaction commenced (excluding those shares owned by (1) persons who are directors and also officers and (2) employee stock plans in which employee participants do not have the right to determine confidentially whether shares held subject to the plan will be tendered in a tender or exchange offer); or 66 . if on or subsequent to that date the "business combination" is approved by the Board of Directors and authorized at an annual or special meeting of stockholders by the affirmative vote of at least two-thirds of the outstanding voting stock that is not owned by the "interested stockholder." A Delaware corporation may "opt out" of the Anti-Takeover Law with the approval of a majority of the corporation's outstanding shares, however VeriSign has not done so. The statute could prohibit or delay mergers or other takeover or change-in-control attempts with respect to VeriSign and, accordingly, may discourage attempts to acquire VeriSign. VeriSign's Certificate of Incorporation and Amended Restated Bylaws provide for the division of the Board into three classes as nearly equal in size as possible with staggered three-year terms. The classification of the Board could have the effect of making VeriSign more difficult for a third party to acquire, or of discouraging a third party from acquiring, control of VeriSign. In addition, the Amended and Restated Bylaws provide that any action required or permitted to be taken by the stockholders at an annual meeting or special meeting of stockholders may only be taken if it is properly brought before such meeting and may not be taken by written action in lieu of a meeting. The Amended and Restated Bylaws provide that special meetings of the stockholders may only be called by the Chairman of the Board, the Chief Executive Officer or, if none, VeriSign's President or by the Board. VeriSign's Certificate of Incorporation and Amended and Restated Bylaws provide that VeriSign will indemnify officers and directors against losses that they may incur in investigations and legal proceedings resulting from their services to VeriSign, which may include services in connection with takeover defense measures. Such provisions may have the effect of preventing changes in the management of VeriSign. Transfer Agent and Registrar The Transfer Agent and Registrar for VeriSign's common stock is ChaseMellon Shareholder Services, L.L.C. 67 SHARES ELIGIBLE FOR FUTURE SALE Future sales of substantial amounts of common stock in the public market could adversely affect prevailing market prices from time to time. Upon completion of this offering, VeriSign will have outstanding an aggregate of 24,271,692 shares of common stock, assuming no exercise of the underwriters' over-allotment option and no exercise of outstanding options. Of these shares, 18,274,562 shares, including all of the shares sold in the offering, are freely tradeable without restriction or further registration under the Securities Act, unless such shares are purchased by "affiliates" of VeriSign as that term is defined in Rule 144 under the Securities Act (the "Affiliates"). As a result of certain contractual restrictions described below, 4,745,944 additional shares will be eligible for sale 90 days after the date of this prospectus, with all of such shares subject to the volume limitations and other conditions of Rule 144 described below; and the remaining 1,251,186 of the shares will become eligible for sale in July 1999, subject to the volume limitations and other conditions of Rule 144. All executive officers and certain directors and stockholders of VeriSign have agreed not to offer, pledge, sell, contract to sell, sell any option or contract to purchase, purchase any option or contract to sell, grant any option, right or warrant to purchase, or otherwise transfer or dispose of, directly or indirectly (or enter into any swap or other arrangement that transfers to another, in whole or in part, any of the economic consequences of ownership of), any shares of common stock or any securities convertible into or exercisable or exchangeable for shares of common stock, for a period of 90 days after the date of this prospectus, without the prior written consent of Morgan Stanley & Co. Incorporated. Morgan Stanley & Co. Incorporated may in its sole discretion choose to release a certain number of these shares from such restrictions prior to the expiration of such 90 day period. In general, under Rule 144 as currently in effect, a person (or persons whose shares are aggregated) who has beneficially owned Restricted Shares for at least one year including the holding period of any prior owner except an Affiliate would be entitled to sell within any three-month period a number of shares that does not exceed the greater of: (i) 1% of the number of shares of common stock then outstanding (which will equal approximately 242,717 shares immediately after this offering); or (ii) the average weekly trading volume of the common stock on the Nasdaq National Market during the four calendar weeks preceding the filing of a notice on Form 144 with respect to such sale. Sales under Rule 144 are also subject to certain manner of sale provisions and notice requirements and to the availability of current public information about VeriSign. Upon completion of this offering, the holders of approximately 5,132,218 shares of common stock will be entitled to certain rights with respect to the registration of such shares under the Securities Act. Of these holders, the former shareholders of SecureIT have the right to require VeriSign to file a registration statement on Form S-3 to register for resale an aggregate of approximately 418,000 shares of common stock held by them. See "Description of Capital Stock--Registration Rights." Registration of such shares under the Securities Act would result in such shares becoming freely tradable without restriction under the Securities Act immediately upon the effectiveness of such registration. VeriSign filed registration statements under the Securities Act covering 5,461,389 shares of common stock subject to outstanding options or reserved for future issuance under its stock plans. See "Management--Employee Benefit Plans." VeriSign also filed a registration statement on Form S-8 with respect to the 208,809 shares of common stock subject to stock options assumed in connection with the acquisition of SecureIT. As of December 31, 1998, options to purchase a total of 4,129,094 shares were outstanding and 797,496 shares were reserved for future issuance under VeriSign's stock plans. Accordingly, shares registered under such registration statements will, subject to Rule 144 volume limitations applicable to Affiliates, be available for sale in the open market, beginning 90 days after the date of the prospectus, unless such shares are subject to vesting restrictions. 68 UNDERWRITERS Under the terms and subject to the conditions contained in an Underwriting Agreement dated the date hereof (the "Underwriting Agreement"), the underwriters named below, for whom Morgan Stanley & Co. Incorporated, Hambrecht & Quist LLC, Dain Rauscher Wessels, a division of Dain Rauscher Incorporated ("Dain Rauscher Wessels") and BancBoston Robertson Stephens Inc. are acting as representatives, have severally agreed to purchase, and VeriSign and the Selling Stockholders have agreed to sell to them, severally, the respective number of shares of common stock set forth opposite the names of such underwriters below: The Underwriting Agreement provides that the obligations of the several underwriters to pay for and accept delivery of the shares of common stock offered hereby are subject to the approval of certain legal matters by their counsel and to certain other conditions. The underwriters are obligated to take and pay for all of the shares of common stock offered hereby (other than those covered by the underwriters' over-allotment option described below) if any such shares are taken. The underwriters initially propose to offer part of the shares of common stock directly to the public at the public offering price set forth on the cover page hereof and part to certain dealers at a price that represents a concession not in excess of $2.42 a share under the public offering price. Any underwriter may allow, and such dealers may reallow, a concession not in excess of $.10 a share to other underwriters or to certain dealers. After the initial offering of the shares of common stock, the offering price and other selling terms may from time to time be varied by the representatives. VeriSign has granted to the underwriters an option, exercisable for 30 days from the date of this prospectus, to purchase up to an aggregate of 412,500 additional shares of common stock at the public offering price set forth on the cover page hereof, less underwriting discounts and commissions. The underwriters may exercise such option solely for the purpose of covering over- allotments, if any, made in connection with the offering of the shares of common stock offered hereby. To the extent such option is exercised, each underwriter will become obligated, subject to certain conditions, to purchase approximately the same percentage of such additional shares of common stock as the number set forth next to such underwriter's name in the preceding table bears to the total number of shares of common stock set forth next to the names of all underwriters in the preceding table. Each of VeriSign and the directors, executive officers and certain other stockholders of VeriSign has agreed that, without the prior written consent of Morgan Stanley & Co. Incorporated on behalf of the underwriters, it will not during the period ending 90 days after the date of this prospectus (i) offer, pledge, sell, contract to sell, sell any option or contract to purchase, purchase any option or contract to sell, grant any option, right or warrant to purchase or otherwise transfer, lend or dispose of, directly or indirectly, any shares of common stock or any securities convertible into or exercisable or exchangeable for common stock or (ii) enter into any swap or other 69
Number of Name Shares ---- --------- Morgan Stanley & Co. Incorporated..................................... 943,000 Hambrecht & Quist LLC................................................. 451,000 Dain Rauscher Wessels ................................................ 451,000 BancBoston Robertson Stephens Inc. ................................... 205,000 Donaldson, Lufkin & Jenrette Securities Corporation................... 100,000 A.G. Edwards & Sons, Inc. ............................................ 100,000 Edward D. Jones & Co., L.P. .......................................... 100,000 Nationsbanc Montgomery Securities LLC................................. 100,000 SoundView Technology Group, Inc. ..................................... 100,000 Warburg Dillon Read LLC............................................... 100,000 Thomas Weisel Partners LLC............................................ 100,000 --------- Total............................................................. 2,750,000 ========= arrangement that transfers to another, in whole or in part, any of the economic consequences of ownership of the common stock, whether any such transaction described in clause (i) or (ii) above is to be settled by delivery of common stock or such other securities, in cash or otherwise, except under certain limited circumstances. The restrictions described in this paragraph to not apply to (a) the sale of shares to the underwriters, (b) the issuance by VeriSign of shares of common stock upon exercise of an option or a warrant outstanding on the date of this prospectus and described as such in the prospectus, (c) the issuance by VeriSign of shares of common stock under the Equity Incentive Plan, the Directors Plan and the Purchase Plan or (d) transactions by any person other than VeriSign relating to shares of common stock or other securities acquired in open market transactions after the completion of the offering of the shares. In order to facilitate the offering of the common stock, the underwriters may engage in transactions that stabilize, maintain or otherwise affect the price of the common stock. Specifically, the underwriters may over-allot in connection with the offering, creating a short position in the common stock for their own account. In addition, to cover over-allotments or to stabilize the price of the common stock, the underwriters may bid for, and purchase, shares of common stock in the open market. Finally, the underwriting syndicate may reclaim selling concessions allowed to an underwriter or a dealer for distributing the common stock in the offering, if the syndicate repurchases previously distributed common stock in transactions to cover syndicate short positions, in stabilization transactions or otherwise. Any of these activities may stabilize or maintain the market price of the common stock above independent market levels. The underwriters are not required to engage in these activities, and may end any of these activities at any time. The underwriters and dealers may engage in passive market making transactions in the common stock in accordance with Rule 103 of Regulation M promulgated by the Securities and Exchange Commission. In general, a passive market maker may not bid for, or purchase, the common stock at a price that exceeds the highest independent bid. In addition, the net daily purchases made by any passive market maker generally may not exceed 30% of its average daily trading volume in the common stock during a specified two month period, or 200 shares, whichever is greater. A passive market maker must identify passive market making bids as such or maintain the market price of the common stock above independent market levels. Underwriters and dealers are not required to engage in passive market making and may end passive market making activities at any time. VeriSign, the Selling Stockholders and the underwriters have agreed to indemnify each other against certain liabilities, including liabilities under the Securities Act. 70 LEGAL MATTERS Fenwick & West LLP, Palo Alto, California, will pass upon the validity of the shares of common stock offered by VeriSign in this prospectus. Wilson Sonsini Goodrich & Rosati, Professional Corporation, Palo Alto, California will pass upon certain legal matters in connection with this offering for the underwriters. EXPERTS VeriSign has included the consolidated financial statements of VeriSign, Inc. and subsidiaries as of December 31, 1996 and 1997, and for the period from April 12, 1995 (inception) to December 31, 1995, and for each of the years in the two-year period ended December 31, 1997 in the prospectus and the Registration Statement in reliance upon the report of KPMG LLP, independent auditors, appearing elsewhere herein, and upon the authority of said firm as experts in accounting and auditing. ADDITIONAL INFORMATION VeriSign has filed with the Securities and Exchange Commission (the "Commission"), Washington, D.C. 20549, a Registration Statement on Form S-1 under the Securities Act with respect to the shares of common stock offered by this prospectus. This prospectus, which constitutes a part of the Registration Statement, does not contain all of the information set forth in the Registration Statement and the exhibits thereto. VeriSign has omitted certain items in accordance with the rules and regulations of the Commission. For further information with respect to VeriSign and the common stock offered by this prospectus, reference is made to the Registration Statement and the exhibits thereto. Statements contained in this prospectus regarding the contents of any contract or any other document to which the prospectus makes reference are not necessarily complete. In each instance, we advise you to refer to the copy of the contract or other document filed as an exhibit to the Registration Statement. Each such statement is qualified in all respects by such reference. You may inspect a copy of the Registration Statement, and the exhibits and schedule thereto, without charge at the public reference facilities maintained by the Commission in Room 1024, 450 Fifth Street, N.W., Washington, D.C. 20549, and at the Commission's regional offices located at the Northwestern Atrium Center, 500 West Madison Street, Suite 1400, Chicago, Illinois 60661 and Seven World Trade Center, 13th Floor, New York, New York 10048. You may obtain copies of all or any part of the Registration Statement from any of those offices by paying the fees prescribed by the Commission. The Commission maintains a World Wide Web site that contains reports, proxy and information statements and other information regarding registrants that file electronically with the Commission. The address of the site is http://www.sec.gov. AVAILABLE INFORMATION VeriSign is subject to the informational requirements of the Exchange Act and, in accordance therewith, files reports, proxy statements and other information with the Commission. Such reports, proxy statements and other information filed by VeriSign can be inspected and copied at the public reference facilities maintained by the Commission at Room 1024, 450 Fifth Street, N.W., Washington D.C. 20549 and at the Commission's regional offices located at 7 World Trade Center, Suite 1300, New York, New York 10048 and 500 West Madison Street, Suite 1400, Chicago, Illinois 60661. Copies of such material can also be obtained from the Public Reference Section of the Commission at 450 Fifth Street, N.W., Washington, D.C. 20549, at prescribed rates. The Commission also makes electronic filings publicly available on the Internet within 24 hours of acceptance. The Commission's Internet address is http://www.sec.gov. The Commission website also contains reports, proxy and information statements and other information regarding registrants that file electronically with the Commission. 71 VERISIGN, INC. INDEX TO CONSOLIDATED FINANCIAL STATEMENTS F-1
Page ---- Independent Auditors' Report............................................... F-2 Consolidated Balance Sheets................................................ F-3 Consolidated Statements of Operations...................................... F-4 Consolidated Statements of Stockholders' Equity............................ F-5 Consolidated Statements of Cash Flows...................................... F-7 Notes to Consolidated Financial Statements................................. F-8 INDEPENDENT AUDITORS' REPORT To the Board of Directors and Stockholders of VeriSign, Inc.: We have audited the accompanying consolidated balance sheets of VeriSign, Inc. and subsidiaries as of December 31, 1996 and 1997, and the related consolidated statements of operations, stockholders' equity, and cash flows for the period from April 12, 1995 (inception) to December 31, 1995, and for each of the years in the two-year period ended December 31, 1997. These consolidated financial statements are the responsibility of the Company's management. Our responsibility is to express an opinion on these consolidated financial statements based on our audits. We conducted our audits in accordance with generally accepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of VeriSign, Inc. and subsidiaries as of December 31, 1996 and 1997, and the results of their operations and their cash flows for the period from April 12, 1995 (inception) to December 31, 1995, and for each of the years in the two-year period ended December 31, 1997, in conformity with generally accepted accounting principles. KPMG LLP Mountain View, California December 18, 1998 F-2 VERISIGN, INC. AND SUBSIDIARIES CONSOLIDATED BALANCE SHEETS (In thousands, except share data) See accompanying Notes to Consolidated Financial Statements. F-3
December 31, ------------------ September 30, 1996 1997 1998 -------- -------- ------------- (Unaudited) Assets Current assets: Cash and cash equivalents.................. $ 30,006 $ 4,942 $ 18,102 Short-term investments..................... -- 7,951 24,366 Accounts receivable, net of allowance for doubtful accounts of $35, $286 and $455, respectively.............................. 762 3,390 8,470 Prepaid expenses and other current assets.. 786 994 2,351 -------- -------- -------- Total current assets..................... 31,554 17,277 53,289 Property and equipment, net.................. 4,617 8,756 9,378 Other assets, net............................ 366 871 976 -------- -------- -------- $ 36,537 $ 26,904 $ 63,643 ======== ======== ======== Liabilities and Stockholders' Equity Current liabilities: Notes payable.............................. $ 258 $ -- $ -- Accounts payable........................... 2,468 3,504 5,505 Accrued liabilities........................ 2,096 2,346 4,024 Deferred revenue........................... 1,944 5,267 10,461 -------- -------- -------- Total current liabilities................ 6,766 11,117 19,990 -------- -------- -------- Minority interest in subsidiary.............. 1,251 2,246 1,297 -------- -------- -------- Commitments Stockholders' equity: Preferred stock, $.001 par value; 5,000,000 shares authorized in 1998; no shares issued.................................... -- -- -- Convertible preferred stock, $.001 par value; 10,282,883 shares authorized in 1996 and 1997; 10,031,006 shares issued and outstanding in 1996 and 1997.......................... 10 10 -- Common stock, $.001 par value; 21,592,117 shares authorized in 1996 and 1997, 50,000,000 shares authorized in 1998; 7,859,962, 8,786,426 and 22,732,876 shares issued and outstanding, respectively...... 8 9 23 Additional paid-in capital................. 41,327 45,417 91,496 Notes receivable from stockholders......... (543) (644) (582) Deferred compensation...................... -- (380) (302) Accumulated deficit........................ (12,282) (30,871) (48,279) -------- -------- -------- Total stockholders' equity............... 28,520 13,541 42,356 -------- -------- -------- $ 36,537 $ 26,904 $ 63,643 ======== ======== ======== VERISIGN, INC. AND SUBSIDIARIES CONSOLIDATED STATEMENTS OF OPERATIONS (In thousands, except per share data) See accompanying Notes to Consolidated Financial Statements. F-4
Period from April 12, 1995 Year Ended Nine Months Ended (Inception) to December 31, September 30, December 31, ------------------ ------------------ 1995 1996 1997 1997 1998 -------------- -------- -------- -------- -------- (Unaudited) Revenues................ $ 382 $ 1,356 $ 13,356 $ 8,360 $ 25,719 ------- -------- -------- -------- -------- Costs and expenses: Cost of revenues...... 412 2,791 9,689 6,172 13,467 Sales and marketing... 790 4,885 11,826 7,732 16,449 Research and development.......... 642 2,058 5,303 3,643 6,242 General and administrative....... 680 2,681 5,039 3,147 5,842 Special charges....... -- -- 2,800 2,000 3,555 ------- -------- -------- -------- -------- Total costs and expenses........... 2,524 12,415 34,657 22,694 45,555 ------- -------- -------- -------- -------- Operating loss...... (2,142) (11,059) (21,301) (14,334) (19,836) Other income (expense).. 148 (67) 1,174 872 1,677 ------- -------- -------- -------- -------- Loss before minority interest........... (1,994) (11,126) (20,127) (13,462) (18,159) Minority interest in net loss of subsidiary..... -- 838 1,538 1,194 950 ------- -------- -------- -------- -------- Net loss............ $(1,994) $(10,288) $(18,589) $(12,268) $(17,209) ======= ======== ======== ======== ======== Basic and diluted net loss per share......... $ (.43) $ (2.07) $ (2.61) $ (1.54) $ (.82) ======= ======== ======== ======== ======== Shares used in per share computation............ 4,689 4,960 7,121 7,988 21,042 ======= ======== ======== ======== ======== VERISIGN, INC. AND SUBSIDIARIES CONSOLIDATED STATEMENTS OF STOCKHOLDERS' EQUITY (In thousands, except share data) (Continued) See accompanying Notes to Consolidated Financial Statements. F-5
Convertible Notes Preferred Stock Common Stock Additional Receivable Deferred Accumu- Total ----------------- ----------------- Paid-in from Compen- lated Stockholders' Shares Amount Shares Amount Capital Stockholders sation Deficit Equity ---------- ------ --------- ------ ---------- ------------ -------- ------- ------------- Issuance of common stock to founders............ -- $ -- 688,333 $ 1 $ 82 $ -- $ -- $ -- $ 83 Issuance of common stock to a founder in exchange for equipment, other assets and technology............. -- -- 4,000,000 4 115 -- -- -- 119 Issuance of common stock.................. -- -- 4,500 -- -- -- -- -- -- Issuance of Series A convertible preferred stock.................. 4,306,883 4 -- -- 5,164 -- -- -- 5,168 Net loss................ -- -- -- -- -- -- -- (1,994) (1,994) ---------- ---- --------- --- ------ ---- ---- ------- ------- Balances as of December 31, 1995............... 4,306,883 4 4,692,833 5 5,361 -- -- (1,994) 3,376 Issuance of Series B convertible preferred stock.................. .2,099,123 2 -- -- 5,141 -- -- -- 5,143 Issuance of Series C convertible preferred stock.................. 3,625,000 4 -- -- 28,192 -- -- -- 28,196 Exercise of common stock options................ -- -- 1,637,375 2 559 (543) -- -- 18 Issuance of common stock.................. -- -- 1,529,754 1 11 -- -- -- 12 Issuance of capital stock by subsidiary to minority interest...... -- -- -- -- 2,063 -- -- -- 2,063 Net loss................ -- -- -- -- -- -- -- (10,288) (10,288) ---------- ---- --------- --- ------ ---- ---- ------- ------- Balances as of December 31, 1996............... 10,031,006 10 7,859,962 8 41,327 (543) -- (12,282) 28,520 Deferred compensation related to common stock options, net of amortization of $34.... -- -- -- -- 414 -- (380) -- 34 Exercise of common stock options and advance to stockholder............ -- -- 532,781 1 244 (116) -- -- 129 Issuance of common stock.................. -- -- 121,808 -- 642 -- -- -- 642 Issuance of common stock for litigation settlement............. -- -- 250,000 -- 2,000 -- -- -- 2,000 Issuance of common stock for preferred provider agreement.............. -- -- 100,000 -- 800 -- -- -- 800 Repurchase of common stock.................. -- -- (78,125) -- (10) 10 -- -- -- Payments on notes receivable from stockholders........... -- -- -- -- -- 5 -- -- 5 Net loss................ -- -- -- -- -- -- -- (18,589) (18,589) ---------- ---- --------- --- ------ ---- ---- ------- ------- Balances as of December 31, 1997............... 10,031,006 10 8,786,426 9 45,417 (644) (380) (30,871) 13,541 VERISIGN, INC. AND SUBSIDIARIES CONSOLIDATED STATEMENTS OF STOCKHOLDERS' EQUITY--(Continued) (In thousands, except share data) See accompanying Notes to Consolidated Financial Statements. F-6
Convertible Notes Preferred Stock Common Stock Additional Receivable Deferred Accumu- Total ------------------- ----------------- Paid-in from Compen- lated Stockholders' Shares Amount Shares Amount Capital Stockholders sation Deficit Equity ----------- ------ ---------- ------ ---------- ------------ -------- -------- ------------- Balances as of December 31, 1997...... 10,031,006 $10 8,786,426 $ 9 $45,417 $(644) $(380) $(30,871) $13,541 Amortization of deferred compensation related to common stock options (unaudited)............ -- -- -- -- -- -- 78 -- 78 Compensation charge related to acceleration of performance-based stock options (unaudited)............ -- -- -- -- 1,176 -- -- 1,176 Exercise of common stock options (unaudited).... -- -- 385,569 -- 392 -- -- -- 392 Issuance of common stock (unaudited)............ -- -- 21,650 -- 79 -- -- -- 79 Issuance of common stock for initial public offering, net of expenses of $4,561 (unaudited)............ -- 3,450,000 4 43,739 -- -- -- 43,743 Issuance of common stock under employee stock purchase plan (unaudited)............ -- -- 58,225 -- 693 -- -- -- 693 Conversion of preferred stock to common stock (unaudited)............ (10,031,006) (10) 10,031,006 10 -- -- -- -- -- Subchapter S distributions of SecureIT, Inc. (unaudited)............ -- -- -- -- -- -- -- (199) (199) Payments on notes receivable from stockholders (unaudited)............ -- -- -- -- -- 62 -- -- 62 Net loss (unaudited).... -- -- -- -- -- -- -- (17,209) (17,209) ----------- --- ---------- --- ------- ----- ----- -------- ------- Balances as of September 30, 1998 (unaudited)............ -- $-- 22,732,876 $23 $91,496 $(582) $(302) $(48,279) $42,356 =========== === ========== === ======= ===== ===== ======== ======= VERISIGN, INC. AND SUBSIDIARIES CONSOLIDATED STATEMENTS OF CASH FLOWS (In thousands) See accompanying Notes to Consolidated Financial Statements. F-7
Period from April 12, 1995 Year Ended Nine Months Ended (Inception) to December 31, September 30, December 31, ------------------ ------------------ 1995 1996 1997 1997 1998 -------------- -------- -------- -------- -------- (Unaudited) Cash flows from operating activities: Net loss.............. $(1,994) $(10,288) $(18,589) $(12,268) $(17,209) Adjustments to reconcile net loss to net cash provided by operating activities: Special charges..... -- -- 2,800 2,000 -- Depreciation and amortization....... 52 559 2,621 1,546 2,862 Minority interest in net loss of subsidiary......... -- (838) (1,538) (1,194) (950) Stock-based compensation....... -- -- 34 13 1,254 Loss on disposal of property and equipment.......... -- -- 63 156 40 Changes in operating assets and liabilities: Accounts receivable....... (195) (567) (2,628) (2,261) (5,080) Prepaid expenses and other current assets........... (79) (708) (208) 59 (1,357) Accounts payable.. 437 2,054 1,036 (810) 2,001 Accrued liabilities...... 216 1,880 250 83 1,678 Deferred revenue.. 42 1,898 3,323 1,386 5,194 ------- -------- -------- -------- -------- Net cash used in operating activities... (1,521) (6,010) (12,836) (11,290) (11,567) ------- -------- -------- -------- -------- Cash flows from investing activities: Purchases of short- term investments..... -- -- (11,209) (11,208) (48,500) Maturities and sales of short-term investments.......... -- -- 3,258 3,498 32,085 Purchases of property and equipment........ (1,008) (4,168) (6,823) (5,655) (3,506) Other assets.......... (35) (281) (505) (480) (122) ------- -------- -------- -------- -------- Net cash used for investing activities... (1,043) (4,449) (15,279) (13,845) (20,043) ------- -------- -------- -------- -------- Cash flows from financing activities: Proceeds from bank borrowings........... -- 258 2,420 1,167 -- Repayment of bank borrowings........... -- -- (2,678) -- -- Proceeds from issuance of convertible preferred stock...... 5,168 33,339 -- -- -- Proceeds from issuance of common stock, net of repurchases....... 83 30 771 636 44,907 Collections on notes receivable from stockholders -- -- 5 -- 62 Subchapter S distributions by SecureIT, Inc. ...... -- -- -- -- (199) Issuance of capital stock by subsidiary to minority interest............. -- 4,151 2,533 -- -- ------- -------- -------- -------- -------- Net cash provided by financing activities... 5,251 37,778 3,051 1,803 44,770 ------- -------- -------- -------- -------- Net increase (decrease) in cash and cash equivalents............ 2,687 27,319 (25,064) (23,332) 13,160 Cash and cash equivalents at beginning of period.... -- 2,687 30,006 30,006 4,942 ------- -------- -------- -------- -------- Cash and cash equivalents at end of period................. $ 2,687 $ 30,006 $ 4,942 $ 6,674 $ 18,102 ======= ======== ======== ======== ======== Noncash investing and financing activities: Issuance of common stock to a founder for equipment, other assets and technology........... $ 119 $ -- $ -- $ -- $ -- ======= ======== ======== ======== ======== Conversion of convertible preferred stock to common stock $ -- $ -- $ -- $ -- $ -- ======= ======== ======== ======== ======== Issuance of notes receivable collateralized by common stock......... $ -- $ 543 $ 116 $ 116 $ -- ======= ======== ======== ======== ======== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) (1) Description of Business and Summary of Significant Accounting Policies VeriSign, Inc. (the "Company") was incorporated in Delaware in April 1995 when RSA Data Security, Inc. ("RSA") contributed equipment, other assets, and technology for common stock. This transfer of nonmonetary assets was recorded at the founder's historical cost basis. The Company provides Internet-based trust services needed by websites, enterprises and individuals to conduct trusted and secure electronic commerce and communications over the Internet, intranets and extranets ("IP Networks"). The Company provides both public and private certificate authority services to organizations needing digital certificates for website authentication, intranet and extranet access control, electronic commerce services and virtual private network connections. Consolidation The accompanying consolidated financial statements include the accounts of the Company and its subsidiaries after elimination of intercompany accounts and transactions. As of December 31, 1997 and September 30, 1998, the Company owned approximately 50.5% of the outstanding shares of capital stock of its subsidiary, VeriSign Japan. The Company accounts for changes in its proportionate share of the net assets of VeriSign Japan resulting from sales of capital stock by the subsidiary as equity transactions. Interim Financial Information The financial information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited but includes all adjustments, consisting only of normal recurring adjustments, that the Company considers necessary for the fair presentation of the Company's operating results and cash flows for such periods. Results for the nine months ended September 30, 1998 are not necessarily indicative of the results to be expected for the full fiscal year of 1998 or for any future period. Foreign Currency Translation The functional currency for the Company's international subsidiaries is the U.S. dollar; however, the subsidiaries' books of record are maintained in local currency. As a result, the subsidiaries' financial statements are remeasured into U.S. dollars using a combination of current and historical exchange rates and any remeasurement adjustments are included in net loss, along with all transaction gains and losses for the period. Cash, Cash Equivalents and Short-Term Investments The Company considers all highly liquid investments with maturities of three months or less at the date of acquisition to be cash equivalents. Cash and cash equivalents include money market funds, commercial paper and various deposit accounts. Investments held by the Company are classified as "available-for-sale" and are carried at fair value based on quoted market prices. Such investments consist of commercial paper, medium term notes, foreign government bonds and corporate bonds with original maturities beyond 3 months and less than 12 months. Unrealized gains and losses as of December 31, 1996 and 1997 and September 30, 1998, and realized gains and losses for the periods presented were not material. F-8 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) Property and Equipment Property and equipment are stated at cost less accumulated depreciation. Depreciation is calculated using the straight-line method over the estimated useful lives of the assets, generally three to five years. Revenue Recognition Revenues from the sale or renewal of digital certificates are deferred and recognized ratably over the life of the digital certificate, generally 12 months. Revenues from the sale of digital certificate software modules to distributors and affiliates are recognized upon delivery of the software and signing of an agreement, provided the fee is fixed and determinable, collectibility is probable and the arrangement does not require significant production, modification or customization of the software. Revenues from consulting and training services are recognized using the percentage-of- completion method, based on the ratio of costs incurred to total estimated costs for fixed-fee development arrangements or as the services are provided for time-and-materials arrangements. Revenues are recognized ratably over the term of the agreement for support and maintenance services. To the extent costs incurred and anticipated costs to complete fixed-fee contracts in progress exceed anticipated billings, a loss is accrued for the excess. To date, the Company has not experienced such losses. Deferred revenue principally consists of payments for unexpired digital certificates. For software transactions entered into after January 1, 1998, the Company adopted the American Institute of Certified Public Accountants' ("AICPA") Statement of Position ("SOP") No. 97-2, Software Revenue Recognition. SOP No. 97-2 generally requires revenue earned on software arrangements involving multiple elements to be allocated to each element based on its relative fair value. The fair value of the element must be based on objective evidence that is specific to the vendor. If a vendor does not have objective evidence of the fair value of all elements in a multiple-element arrangement, all revenue from the arrangement must be deferred until such evidence exists or until all elements have been delivered. The adoption of SOP No. 97-2 did not have a material effect on the Company's operating results. Research and Development Costs Research and development costs are expensed as incurred. Costs incurred subsequent to establishing technological feasibility, in the form of a working model, are capitalized and amortized over their estimated useful lives. To date, software development costs incurred after technological feasibility has been established have not been material. Income Taxes The Company uses the asset and liability method to account for income taxes. Deferred tax assets and liabilities are recognized for the future tax consequences attributable to differences between the financial statement carrying amounts of existing assets and liabilities and their respective tax bases. Deferred tax assets and liabilities are measured using enacted tax rates expected to apply to taxable income in the years in which those temporary differences are expected to be recovered or settled. The effect on deferred tax assets and liabilities of a change in tax rates is recognized in income in the period that includes the enactment date. A valuation allowance is recorded for deferred tax assets whose realization is not sufficiently likely. Stock-Based Compensation The Company accounts for its equity-based compensation plan using the intrinsic value method. F-9 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) Net Loss Per Share Basic and diluted net loss per share has been computed using the weighted- average number of common shares outstanding during the period. The Company has excluded all convertible preferred stock and outstanding stock options from the calculation of diluted net loss per share because such securities would have been anti-dilutive for all periods presented. For the year ended December 31, 1995, 4,306,883 shares of convertible preferred stock and for each of the years ended December 31, 1996 and 1997 and the nine months ended September 30, 1997, 10,031,006 shares of convertible preferred stock were excluded from the calculation of diluted net loss per share in each period. There were no shares of convertible preferred stock outstanding at September 30, 1998. For the years ended December 31, 1995, 1996 and 1997 and the nine months ended September 30, 1997 and 1998, 1,274,750 shares, 1,608,075 shares, 2,592,789 shares, 2,164,956 shares and 3,504,145 shares, respectively, related to outstanding stock options were excluded from the calculation of diluted net loss per share. Other Comprehensive Income (Loss) The Company has no material components of other comprehensive income (loss). Concentration of Credit Risk, Related Party Transactions and Significant Customers Financial instruments that potentially subject the Company to significant concentrations of credit risk consist principally of cash, cash equivalents, short-term investments, and accounts receivable. The Company maintains its cash, cash equivalents, and short-term investments with high quality financial institutions and, as part of its cash management process, performs periodic evaluations of the relative credit standing of these financial institutions. The Company also performs ongoing credit evaluations of its customers and, generally, requires no collateral from its customers. The Company maintains an allowance for potential credit losses, but to date has not experienced significant write-offs. For the years ended December 31, 1995, 1996 and 1997 the Company added approximately $30,000, $22,000 and $387,000, respectively, to its allowance for doubtful accounts through charges to bad debt expense. Write-offs of uncollectible amounts totaled zero, $17,000 and $136,000 in these periods, respectively. The Company provided services to VISA International Services Association ("VISA"), a 4% stockholder of the Company, under an agreement that included development and ongoing operations of a digital certificate system for VISA's member banks. VISA accounted for approximately 21%, 10%, 12% and 4% of the Company's revenues for the years ended December 31, 1996 and 1997 and the nine months ended September 30, 1997 and 1998, respectively, and 13%, 7% and 8% of accounts receivable as of December 31, 1996 and 1997 and September 30, 1998, respectively. The Company entered into a development agreement in September 1997 with Security Dynamics Technologies, Inc. ("Security Dynamics"), the parent company of RSA, a 19% stockholder of the Company, to develop a customized certificate authority product in order to enable Security Dynamics to offer a product with encryption and digital certificate authority functionality. The development agreement provided that Security Dynamics pay the Company an aggregate of $2.7 million as an initial license fee, $900,000 of which was paid in October 1997 and the remainder of which is payable upon the achievement of certain milestones. The Company records revenue related to the development agreement using the percentage-of-completion method. Revenue from the development agreement accounted for approximately 4%, 3% and 6% of the Company's revenues for the year ended December 31, 1997 and the nine months ended September 30, 1997 and 1998, respectively. Security Dynamics accounted for approximately 9% of accounts receivable at September 30, 1998. F-10 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) At December 31, 1996, the Company had two customers, a South African systems integrator and a financial services provider, that accounted for approximately 28% and 13%, respectively, of accounts receivable. The Company had no other customers that accounted for more than 10% of accounts receivable or more than 10% of revenues for any of the dates or periods presented. Impairment of Long-Lived Assets The Company reviews property and equipment for impairment whenever events or changes in circumstances indicate that the carrying amount of an asset may not be recoverable. Recoverability of property and equipment is measured by comparison of its carrying amount to future net cash flows the property and equipment are expected to generate. If such assets are considered to be impaired, the impairment to be recognized is measured by the amount by which the carrying amount of the property and equipment exceeds its fair market value. To date, no adjustments to the carrying value of the Company's long- lived assets have been required. Use of Estimates The preparation of consolidated financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the consolidated financial statements and reported amounts of revenues and expenses during the reporting period. Actual results could differ from those estimates. Recent Accounting Pronouncements In March 1998, the American Institute of Certified Public Accountants ("AICPA") issued Statement of Position ("SOP") No. 98-1, Accounting for the Costs of Computer Software Developed or Obtained for Internal Use. SOP No. 98- 1 requires that entities capitalize certain costs related to internal-use software once certain criteria have been met. The Company expects that the adoption of SOP No. 98-1 will have no material impact on its financial position, results of operations or cash flows. The Company will be required to implement SOP No. 98-1 for the year ending December 31, 1999. In April 1998, the AICPA issued SOP No. 98-5, Reporting on the Costs of Start-Up Activities. SOP No. 98-5 requires that all start-up costs related to new operations must be expenses as incurred. In addition, all start-up costs that were capitalized in the past must be written off when SOP No. 98-5 is adopted. The Company expects that the adoption of SOP No. 98-5 will have no material impact on its financial position, results of operations or cash flows. The Company will be required to implement SOP No. 98-5 for the year ending December 31, 1999. In June 1998 the Financial Accounting Standards Board issued Statement of Financial Accounting Standards ("SFAS") No. 133, Accounting for Derivative Instruments and Hedging Activities. SFAS No. 133 established methods of accounting for derivative financial instruments and hedging activities related to those instruments as well as other hedging activities. Because the Company currently holds no derivative instruments and does not engage in hedging activities, the Company expects that the adoption of SFAS No. 133 will have no material impact on its financial position, results of operations or cash flows. The Company will be required to implement SFAS No. 133 for the year ending December 31, 2000. F-11 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) (2) Business Combination In July 1998, VeriSign completed a merger with SecureIT, Inc. ("SecureIT") (hereafter collectively referred to as the "Company"). SecureIT is a provider of Internet and enterprise security solutions comprising a full range of products and services to assist clients with assessing, designing and implementing security solutions. The merger was effected by exchanging approximately 1,666,000 shares of VeriSign common stock for all of the outstanding common stock of SecureIT. Each share of SecureIT was exchanged for 0.164806 of one share of VeriSign common stock. In addition, outstanding SecureIT employee stock options were converted at the same exchange ratio into options to purchase approximately 190,000 shares of VeriSign common stock. The merger constituted a tax-free reorganization and has been accounted for as a pooling-of-interests under Accounting Principles Board Opinion No. 16, "Business Combinations." Accordingly, all prior period financial statements have been restated to include the combined results of operations, financial position and cash flows of SecureIT as if it had always been a part of VeriSign. There were no intercompany transactions between VeriSign and SecureIT prior to the combination that required elimination and there were no material adjustments required to conform SecureIT's accounting policies to those of VeriSign. The Company recognized special charges of approximately $3.6 million in connection with the acquisition (see Note 11). The results of operations previously reported by the separate companies and the combined amounts presented in the consolidated financial statements are summarized below. F-12
Year Ended Six Months December 31, Ended ------------------ June 30, 1996 1997 1998 -------- -------- ----------- (Unaudited) (In thousands) Revenues: VeriSign, Inc.............................. $ 1,351 $ 9,382 $ 9,303 SecureIT, Inc.............................. 5 3,974 5,911 -------- -------- -------- Combined................................. $ 1,356 $ 13,356 $ 15,214 ======== ======== ======== Net income (loss): VeriSign, Inc.............................. $(10,243) $(19,195) $(10,092) SecureIT, Inc.............................. (45) 606 600 -------- -------- -------- Combined................................. $(10,288) $(18,589) $ (9,492) ======== ======== ======== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) (3) Cash, Cash Equivalents and Short-Term Investments Available-for-sale securities included in cash, cash equivalents and short- term investments are as follows: (4) Property and Equipment Property and equipment are summarized as follows:
December 31, ----------- September 30, 1996 1997 1998 ---- ------ ------------- (Unaudited) (In thousands) Corporate bonds.................................... $ -- $3,244 $ 1,999 Money market funds................................. 521 4,300 1,644 U.S. government and agency securities.............. 84 1,000 -- Commercial paper................................... -- 1,060 23,479 Foreign government bonds........................... -- -- 4,028 Medium term notes.................................. -- -- 8,306 ---- ------ ------- $605 $9,604 $39,456 ==== ====== ======= Included in cash and cash equivalents.............. $605 $1,653 $15,090 ==== ====== ======= Included in short-term investments................. $ -- $7,951 $24,366 ==== ====== ======= (5) Accrued Liabilities A summary of accrued liabilities follows:
December 31, -------------- September 30, 1996 1997 1998 ------ ------- ------------- (Unaudited) (In thousands) Computer equipment and purchased software..... $3,501 $ 8,107 $10,565 Office equipment, furniture and fixtures...... 792 1,444 1,714 Leasehold improvements........................ 934 2,425 3,128 ------ ------- ------- 5,227 11,976 15,407 Less accumulated depreciation and amortization................................. 610 3,220 6,029 ------ ------- ------- $4,617 $ 8,756 $ 9,378 ====== ======= ======= F-13
December 31, ------------- September 30, 1996 1997 1998 ------ ------ ------------- (Unaudited) (In thousands) Employee compensation........................... $ 566 $1,443 $1,994 Professional fees............................... 354 95 381 Financing charges............................... 732 -- -- Other........................................... 444 808 1,649 ------ ------ ------ $2,096 $2,346 $4,024 ====== ====== ====== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) (6) Notes Payable The Company's Japanese subsidiary had an available credit facility of 250,000,000 yen with a bank, which bore interest at a rate of 1.625% per annum and expired in December 1997. Borrowings were secured by certain assets of the subsidiary. As of December 31, 1996, borrowings under this facility aggregated $258,000. The Company's Japanese subsidiary had available a revolving line of credit with a bank that provided up to $500,000, bore interest at 1.625% per annum and expired in May 1998. The line of credit was secured by a letter of credit in the same amount from the Company. There were no borrowings under this arrangement as of December 31, 1997. In January 1997, the Company entered into an agreement for a non-revolving equipment line of credit with a financing company that provides up to $3,000,000, bears interest at 7.50% per annum and expires in March 1999. The line of credit is secured by the Company's fixed assets. The Company is obligated to grant a warrant to purchase up to 17,500 shares of common stock at $8.00 per share in the event the Company borrows funds under the equipment line of credit. There were no borrowings under this arrangement as of December 31, 1997. (7) Stockholders' Equity Initial Public Offering On January 30, 1998, the Company completed its initial public offering (the "IPO"), issuing 3,450,000 shares of its common stock (including 450,000 shares issued upon the exercise of the underwriters' over-allotment option) at an initial public offering price of $14 per share. The net proceeds to the Company from the offering, after deducting underwriting discounts and commissions and offering expenses incurred by the Company, were approximately $43.7 million. Concurrently with the IPO, each outstanding share of the Company's convertible preferred stock was automatically converted into one share of common stock. Preferred Stock The Company is authorized to issue up to 5,000,000 shares of preferred stock. As of September 30, 1998, no shares of preferred stock had been issued. Convertible Preferred Stock In April 1995, the Company issued 4,306,883 shares of Series A convertible preferred stock to previously unrelated third parties, except for 425,000 shares issued to Security Dynamics. In February 1996, the Company issued 2,099,123 shares of Series B convertible preferred stock. A majority of the shares were issued to a previously unrelated third party venture capitalist and the remainder were issued to existing investors, including Security Dynamics and VISA. In November and December 1996, the Company issued 3,625,000 shares of Series C convertible preferred stock to previously unrelated third parties. F-14 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) As of December 31, 1997, convertible preferred stock consisted of the following: The rights preferences and privileges of the holders of convertible preferred stock were as follows: . The holders of Series A, B and C preferred stock were entitled to noncumulative dividends, if and when declared by the Board of Directors, of $.10, $.20 and $.64 per share, respectively. . Shares of preferred stock were convertible to common stock at any time at the rate of one share of common stock for each share of convertible preferred stock. The convertible preferred stock automatically converted to common stock upon the closing of the IPO. . The holders of convertible preferred stock were protected by certain antidilutive provisions. . The shares of Series A, B and C convertible preferred stock had a liquidation preference of $1.20, $2.40 and $8.00 per share, respectively, plus any declared and unpaid dividends. . The convertible preferred stock generally voted equally with shares of common stock on an "as if converted" basis. No dividends have been declared or paid on the convertible preferred stock or common stock since inception of the Company. SecureIT paid a Subchapter S distribution of $199,000 to its stockholders for minimum tax obligations during the nine months ended September 30, 1998. Notes Receivable From Stockholders In November 1996, the Company loaned several officers an aggregate of $543,000, due December 31, 2005, bearing interest at a rate per annum of 6.95%, payable quarterly. In August 1997, the Company loaned an officer an aggregate of $116,000, due December 31, 2006, bearing interest at a rate per annum of 6.87%, payable quarterly. The loans are full recourse, are collateralized by pledges of shares of common stock of the Company that were purchased and may be prepaid in part or in full without notice or penalty. (8) Stock Compensation Plans Stock Option Plans As of December 31, 1997, a total of 7,278,809 shares of common stock were reserved for issuance under the Company's equity incentive plans (the "Plans"), including 4,145,000 shares authorized under the 1995 Stock Option Plan, 800,000 shares authorized under the 1997 Stock Option Plan, an additional 2,000,000 shares authorized under the 1998 Equity Incentive Plan, 125,000 shares authorized under the 1998 Directors Plan and 208,809 shares authorized under SecureIT's 1997 Stock Option Plan. F-15
Shares Shares Issued and Liquidation Series Authorized Outstanding Preference ------ ---------- ----------- ----------- A........................................ 4,306,883 4,306,883 $ 5,168,260 B........................................ 2,101,000 2,099,123 $ 5,037,895 C........................................ 3,875,000 3,625,000 $29,000,000 ---------- ---------- ----------- 10,282,883 10,031,006 $39,206,155 ========== ========== =========== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) Concurrent with the Company's IPO, the 1995 Stock Option Plan and the 1997 Stock Option Plan (the "1995 and 1997 Plans") were terminated. Options to purchase common stock granted under the 1995 and 1997 Plans remain outstanding and subject to the vesting and exercise terms of the original grant. All shares that remained available for future issuance under the 1995 and 1997 Plans at the time of their termination were transferred to the 1998 Equity Incentive Plan. No further options can be granted under the 1995 and 1997 Plans. Options granted under the 1995 and 1997 Plans are subject to terms substantially similar to those described below with respect to options granted under the 1998 Equity Incentive Plan. In October 1997 the Board of Directors (the "Board") adopted, and in January 1998 the stockholders approved, the 1998 Equity Incentive Plan (the "1998 Plan"). The 1998 Plan authorizes the award of options, restricted stock awards and stock bonuses. Options may be granted at an exercise price not less than 100% of the fair market value of the Company's common stock on the date of grant for incentive stock options and 85% of such fair market value for nonqualified stock options. All options are granted at the discretion of the Company's Board and have a term not greater than 7 years from the date of grant. Options issued generally vest 25% on the first anniversary date and ratably over the following 12 quarters. In October 1997 the Board adopted, and in January 1998 the stockholders approved the 1998 Directors Stock Options Plan (the "Directors Plan"). Members of the Board who are not employees of the Company, or any parent, subsidiary of affiliate of the Company, are eligible to participate in the Directors Plan. The option grants under the Directors Plan are automatic and nondiscretionary, and the exercise price of the options is 100% of the fair market value of the common stock on the date of the grant. Each eligible director who becomes a director on or after January 28, 1998 will initially be granted an option to purchase 15,000 shares on the date such director first becomes a director (the "Initial Grant"). On each anniversary of a director's Initial Grant or most recent grant if such director was ineligible to receive an Initial Grant, each eligible director will automatically be granted an additional option to purchase 7,500 shares of common stock if the director has served continuously as a director since the date of his Initial Grant or most recent grant. The term of the options under the Directors Plan is ten years and options vest as to 6.25% of the shares each quarter after the date of the grant, provided the optionee remains a director of the Company. In connection with the acquisition of SecureIT, the Company assumed SecureIT's 1997 Stock Option Plan (the "SecureIT Plan"). The SecureIT Plan provided for the grant of both fixed and performance-based stock options. Options granted under the SecureIT Plan generally have a term of 7 years and vest over a four-year period, 25% on each anniversary of the grant date. No further options can be granted under the SecureIT Plan. F-16 VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) A summary of stock option activity under the Plans follows: The following table summarizes information about stock options outstanding as of December 31, 1997:
Period from April 12, 1995 Year Ended December 31, (Inception) to ---------------------------------------- December 31, 1995 1996 1997 ------------------- -------------------- ------------------- Weighted Weighted Weighted Average Average Average Exercise Exercise Exercise Shares Price Shares Price Shares Price --------- -------- ---------- -------- --------- -------- Outstanding at beginning of period.............. -- $ -- 1,274,750 $.12 1,608,075 $ .80 Granted................. 1,398,750 .12 2,022,700 .83 1,601,652 4.23 Exercised............... -- -- (1,637,375) .34 (532,781) .46 Canceled................ (124,000) .12 (52,000) .13 (84,157) .93 --------- ---------- --------- Outstanding at end of period................. 1,274,750 .12 1,608,075 .80 2,592,789 3.00 ========= ========== ========= Exercisable at end of period................. 86,457 .12 152,167 .12 258,088 .80 ========= ========== ========= Weighted average fair value of options granted during the period................. .03 .17 1.03 ==== ==== ===== 1998 Employee Stock Purchase Plan In December 1997, the Board adopted, and in January 1998, the stockholders approved, the 1998 Employee Stock Purchase Plan ("Purchase Plan"), for which 500,000 shares of the Company's common stock have been reserved. Eligible employees may purchase the Company's common stock through payroll deductions by electing to have between 2% and 10% of their compensation withheld. Each participant is granted an option to purchase the Company's common stock on the first day of each 24 month offering period and such option is automatically exercised on the last day of each six month purchase period during the offering period. The purchase price for the Company's common stock under the Purchase Plan is 85% of the lesser of the fair market value of the Company's common stock on the first day of the applicable offering period and the last day of the applicable purchase period. The first offering period began on January 30, 1998. Offering periods thereafter will begin on February 1 and August 1 of each year. F-17
Weighted- Average Weighted- Weighted- Remaining Average Average Shares Contractual Exercise Shares Exercise Outstanding Life Price Exercisable Price ----------- ----------- --------- ----------- --------- $ .01--$ .25...... 389,500 5.2 years $ .14 116,159 $ .13 $ .61--$ .75 ..... 612,258 5.7 years .75 118,304 .75 $1.50--$2.75...... 678,925 6.3 years 2.13 14,250 1.50 $4.00--$6.00...... 530,800 6.8 years 5.62 -- -- $6.06--$8.00...... 381,306 6.7 years 7.34 9,375 8.00 --------- ------- $ .01--$8.00...... 2,592,789 6.1 years 3.00 258,088 .80 ========= ======= VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) Pro Forma Information The Company applies the intrinsic value method in accounting for its equity- based compensation plan. Had compensation cost for the Company's equity-based compensation plans been determined consistent with the fair value approach set forth in SFAS No. 123, Accounting for Stock-Based Compensation, the Company's net loss would have been as follows: The fair value of options granted during the period from April 12, 1995 (inception) to December 31, 1995 and the years ended December 31, 1996 and 1997 was estimated on the date of grant using the minimum value method using the following weighted-average assumptions for options granted under all plans except the SecureIT Plan: no dividend yield; risk-free interest rates of 6.11%, 6.21% and 6.14%, respectively; and an expected life of 5 years. Options granted under the SecureIT Plan during the year ended December 31, 1997 were valued using the minimum value method and weighted-average assumptions of no dividend yield, risk-free interest rate of 6.34% and an expected life of 4 years. (9) Income Taxes The tax effects of temporary differences that give rise to significant portions of the Company's deferred tax assets are as follows:
Period from April 12, 1995 Year Ended December 31, (inception) to ------------------------ December 31, 1995 1996 1997 ----------------- ----------- ----------- (In thousands, except per share data) Net loss as reported............ $(1,994) $ (10,288) $ (18,589) Pro forma net loss under SFAS No. 123........................ (1,999) (10,332) (18,904) Basic and diluted net loss per share as reported.............. (.43) (2.07) (2.61) Pro forma basic and diluted net loss per share under SFAS No. 123................... (.43) (2.08) (2.65) As of December 31, 1997, the Company has available net operating loss carryforwards for federal and California income tax purposes of approximately $26,900,000 and $27,100,000, respectively. The federal net operating loss carryforwards will expire, if not utilized, in 2010 through 2014. The California net operating loss carryforwards will expire, if not utilized, in 2003. As of December 31, 1997, the Company has available for carryover research and experimental tax credits for federal and California income tax purposes of approximately $411,000 and $248,000, respectively. The federal research and experimental tax credits will expire, if not utilized, in 2010 through 2014. California F-18
December 31, ----------------- 1996 1997 ------- -------- (In thousands) Deferred tax assets: Net operating loss carryforwards and deferred start-up costs................................................ $ 4,016 $ 11,579 Tax credit carryforwards.............................. 177 839 Other................................................. 162 507 ------- -------- 4,335 12,925 Valuation allowance..................................... (4,355) (12,925) ------- -------- Net deferred tax assets............................. $ -- $ -- ======= ======== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) research and experimental tax credits carry forward indefinitely until utilized. The Company also has federal foreign tax credits of approximately $180,000, which expire, if not utilized, in 2001 and 2002. The Tax Reform Act of 1986 imposed substantial restrictions on the utilization of net operating losses and tax credits in the event of an "ownership change" of a corporation. Accordingly, the Company's ability to utilize net operating loss and credit carryforwards may be limited as a result of such an "ownership change" as defined in the Internal Revenue Code. (10) Commitments Leases The Company leases its facilities under operating leases that extend through 2002. Future minimum lease payments under the Company's noncancelable operating leases as of December 31, 1997, are as follows: In April 1998, the Company entered into a five-year operating lease for facilities for its SecureIT subsidiary in Norcross, Georgia. The annual minimum commitment for this lease is $156,000. In September 1998, the Company entered into a 6 1/2-year operating lease agreement for additional space contiguous to its headquarters facility. The annual minimum commitment related to this lease, which begins in January 1999, is $1.8 million. Net rental expense under operating leases for the period from April 12, 1995 (inception) to December 31, 1995 and the years ended December 31, 1996 and 1997 was $141,000, $621,000 and $1,722,000, respectively. (11) Special Charges Merger-related expenses In connection with the acquisition of SecureIT in July 1998 (see Note 2), the Company recorded a special charge of $3.6 million for direct and other merger-related costs pertaining to the merger transaction and certain stock- based compensation charges. Merger transaction costs totaled $2.4 million and consisted primarily of fees for investment bankers, attorneys and accountants, filing fees and other related charges. The stock-based compensation charges of $1.2 million related to certain performance stock options held by SecureIT employees whose vesting either automatically accelerated upon change of control or were accelerated by VeriSign's Board of Directors subsequent to the merger. VeriFone In September 1996, VeriFone, Inc., which subsequently became a wholly-owned subsidiary of Hewlett-Packard Company, filed a lawsuit against the Company alleging, among other things, trademark infringement. In F-19
(In thousands) 1998....................................................... $1,645 1999....................................................... 1,667 2000....................................................... 1,679 2001....................................................... 1,293 2002....................................................... 9 ------ Total minimum lease payments............................... $6,293 ====== VERISIGN, INC. AND SUBSIDIARIES NOTES TO CONSOLIDATED FINANCIAL STATEMENTS--(Continued) December 31, 1995, 1996 and 1997 and September 30, 1998 (Information as of September 30, 1998 and for the nine months ended September 30, 1997 and 1998 is unaudited.) November 1997, both parties executed a definitive agreement under which, among other things, the Company issued an aggregate of 250,000 shares of common stock, which were transferred to Hewlett-Packard, and the Company and VeriFone settled such claims. The settlement amount was recorded during the year ended December 31, 1997 as a $2.0 million charge to operations. Microsoft In November 1997, the Company entered into a preferred provider agreement with Microsoft Corporation ("Microsoft") whereby the companies will develop, promote and distribute a variety of client-based and server-based digital certificate solutions and the Company will be designated as the premier provider of digital certificates for Microsoft customers. In connection with the agreement, the Company issued 100,000 shares of common stock to Microsoft resulting in an $800,000 charge to operations. (12) Geographic Information Financial information by geographic area for the years ended December 31 was as follows: Intergeographic transactions have not been significant to date. Other revenues derived from international customers aggregated $861,000 for the year ended December 31, 1997. F-20
United 1996 States Japan Consolidated ---- -------- ------- ------------ (In thousands) Revenues................................... $ 1,301 $ 55 $ 1,356 Operating loss............................. (9,326) (1,733) (11,059) Total assets, excluding cash and cash equivalents............................... 5,933 598 6,531 1997 ---- Revenues................................... 12,983 373 13,356 Operating loss............................. (18,166) (3,135) (21,301) Total assets, excluding cash and cash equivalents............................... 18,202 3,760 21,962 [LOGO OF VERISIGN]