[scrollaway]

In this case, government regulation makes SCA required; but in Europe most banks already practiced SCA. For free.

Here payment card fees are also far far lower because we don't have a credit card mentality of always seeking that tiny percent cashback, so these are much rarer in Europe. We also have banks themselves competing with Visa and MasterCard, for example in Belgium with bancontact. The banks offer merchants even lower fees for these.

So yes in some worlds the fees are passed down to the consumers. In other worlds, you have the United States.

[TazeTSchnitzel]

What's interesting to me is that, in my experience, it seems that SCA not being used is more of a merchant than a bank problem. My previous bank (NatWest in UK) and my current bank (Nordea in SE) both support it, but a lot of merchants, especially UK ones, don't bother, which undermines the system.

[AnssiH]

Here in Finland essentially all local web merchants have used Verified By Visa and Mastercard SecureCode for at least 10 years now (authentication via bank credentials that use one-time codes or nowadays other 2-factor methods).

But I don't think I've ever seen them used on foreign stores.

Also: Local merchants here tend to use local payment service providers instead of Stripe etc. as the merchants need support for local payment methods, like "bank buttons" which have traditionally been the most common payment method (and much cheaper to merchant than cards).