Since January 1, 2021, the EU Payment Services Directive PSD2 has required strong authentication for online card payments, which must meet two of three security factors: knowledge (e.g. password, PIN), possession (e.g. mobile phone) and Inherence (e.g. fingerprint, Face ID).
Which two of the three security factors are queried depends on your bank.
Click yes to return to the FAQ, click no to ask your question.