Optimal online-payment security system and the role of liability sharing

We examine how security level and liability shares in online transactions are determined. Buyers typically bear significant hassle costs for self-authentication, but do not consider positive externalities generated for the seller. If a monopolistic seller knows the buyers' costs, it can choose a socially optimal security level by adjusting the liability share properly. Conversely, social inefficiency in the case of competition may rationalize regulation. If buyers are heterogeneous in terms of hassle costs and the seller cannot determine each individual's cost, they can attain the second-best solution by providing two options; a high security level and a high liability offer, and a low security level and a low liability offer. Contrary to full information cases, the inefficiency due to asymmetric information is eliminated by competition. The analysis has important implications on regulation policies in the security market.