EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Market Segmentation and Software Security: Pricing Patching Rights

Terrence August (), Duy Dao () and Kihoon Kim ()
Additional contact information
Terrence August: Rady School of Management, University of California, San Diego, La Jolla, California 92093-0553; Korea University Business School, Seongbok-gu, Seoul 136-701, Korea; Haskayne School of Business, University of Calgary, Calgary, Alberta T2N 1N4, Canada
Duy Dao: Rady School of Management, University of California, San Diego, La Jolla, California 92093-0553
Kihoon Kim: Korea University Business School, Seongbok-gu, Seoul 136-701, Korea; Haskayne School of Business, University of Calgary, Calgary, Alberta T2N 1N4, Canada

Management Science, 2019, vol. 65, issue 10, 4575-4597

Abstract: The patching approach to security in the software industry has been less effective than desired. One critical issue with the status quo is that the endowment of “patching rights” (the ability for a user to choose whether security updates are applied) lacks the incentive structure to induce better security-related decisions. However, producers can differentiate their products based on the provision of patching rights. By characterizing the price for these rights, the optimal discount provided to those who relinquish rights and have their systems automatically updated in a timely manner, and the consumption and protection strategies taken by users in equilibrium as they strategically interact because of the security externality associated with product vulnerabilities, it is shown that the optimal pricing of these rights can segment the market in a manner that leads to both greater security and greater profitability. This policy greatly reduces unpatched populations and has a relative hike in profitability that is increasing in the extent to which patches are bundled together. Social welfare may decrease when automated patching costs are small because strategic pricing contracts usage in the market and also incentivizes loss-inefficient choices. However, welfare benefits when the policy either (1) greatly expands automatic updating in cases in which it is minimally observed or (2) significantly reduces the patching process burden of those who most value the software.

Keywords: software security; software patching; patching rights; market segmentation; security (search for similar items in EconPapers)
Date: 2019
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (5)

Downloads: (external link)
https://doi.org/10.1287/mnsc.2018.3153 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:ormnsc:v:65:y:2019:i:10:p:4575-4597

Access Statistics for this article

More articles in Management Science from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:ormnsc:v:65:y:2019:i:10:p:4575-4597