Despite existing security standards and security technologies, such as secure hardware, gaps between users’ demand for security and the security offered by a payment system can still remain. These security gaps imply risks for users. In this paper, we introduce a framework for the management of those risks. As a result, we present an instrument enabling users to evaluate eventual risks related with digital payment systems and to handle these risks with technical and economic instruments.