Well, part of it is that even a small payment can still incur a psychologically large cost.
That's certainly true in my experience. It's probably the second thing you rapidly discover when building your first B2C web site, right after "If you build it, they probably still won't come."
I think the main requirements for a micropayment system to be successful would probably be simplicity and transparency. Anything that requires lots of interactions, like paying x cents for each and every post on a site like Slashdot, is doomed before it even starts because it's far too much hassle. On the other hand, something where the user's experience was reading a one-liner that said access to the site for a week cost x cents and then making literally one or two clicks to accept this might actually catch on, particularly if there was a very limited number of payment types and all participating sites were required to comply with some simple, transparent, universal terms set by the micropayment service so users could trust that they weren't getting scammed.
I think given such a simple but effective foundation, you could then build sensible policies about access control, security, and the like on top. But I think you need simplicity, transparency, and of course trust in the system before anything else matters.