[TazeTSchnitzel]

What's interesting to me is that, in my experience, it seems that SCA not being used is more of a merchant than a bank problem. My previous bank (NatWest in UK) and my current bank (Nordea in SE) both support it, but a lot of merchants, especially UK ones, don't bother, which undermines the system.

[AnssiH]

Here in Finland essentially all local web merchants have used Verified By Visa and Mastercard SecureCode for at least 10 years now (authentication via bank credentials that use one-time codes or nowadays other 2-factor methods).

But I don't think I've ever seen them used on foreign stores.

Also: Local merchants here tend to use local payment service providers instead of Stripe etc. as the merchants need support for local payment methods, like "bank buttons" which have traditionally been the most common payment method (and much cheaper to merchant than cards).