An economic analysis of the software market with a risk-sharing mechanism

Byung Cho Kim, Pei Yu Chen, Tridas Mukhopadhyay

Research output: Contribution to journalArticlepeer-review

16 Scopus citations


Inadequate software security is blamed for poor network security when viruses and worms cause major disruptions. However, software vendors have little incentive to improve the security quality of their products because they are not directly liable for losses incurred due to poor security. The concept of software liability has been intensely discussed by computer scientists and jurists for years as a possible solution for improving software security. This paper examines a risk-sharing mechanism between a software vendor and its customers as a way to implement software liability. It considers both the software vendor's incentive to share risks with customers and the question of whether risk-sharing leads to better software security. The model provides evidence of underprovided security quality under monopoly with complete information, as has been observed in the market. The policy implications of the risk-sharing mechanism and the possible impact of competition on software vendors' incentive for risk-sharing are examined. Information asymmetry is found to be a key factor in voluntary risk-sharing under monopoly; the risk-sharing level can be a signal of unobservable security quality.

Original languageEnglish (US)
Pages (from-to)7-40
Number of pages34
JournalInternational Journal of Electronic Commerce
Issue number2
StatePublished - Dec 1 2009
Externally publishedYes


  • Economics of IS
  • Information asymmetry
  • Security policies
  • Software liability
  • Software security

ASJC Scopus subject areas

  • Business and International Management
  • Economics and Econometrics


Dive into the research topics of 'An economic analysis of the software market with a risk-sharing mechanism'. Together they form a unique fingerprint.

Cite this