On the consumer side, I'd much rather use PayPal than put my card number into a potentially dodgy site. Protects me quite a bit, and with a easier UI.

If I can't PayPal or Apple Pay, I've at times gone elsewhere.

All banks I've using have strong 3D secure. One of the banks require biometrics approve with installed phone app. I have no issues directly use credit card on random merchant sites for years. Especially when most of them use one of the popular payment aggregators.

you have it backwards. 3d secure is not protection for you. it's for the merchant. it protects them against chargebacks. the merchants decides if it enables 3d secure or not, transaction by transaction. Most of them are using an external fraud risk assessment service. Accertify is such an example.

> All banks I've using have strong 3D secure.

I've yet to see any bank in the US implement such a thing.

Citi, Discover, American Express, Chase, and my local credit union all lack such a two-factor setup for charges.

Biometric approve sounds pretty cool, but I'm personally not going to install some untrusted proprietary app to find out.

My credit card provider allows me to create unlimited virtual card numbers with any expiration date I want, that way every transaction can be its own number and any fraud is extremely easy to detect and prevent.

Cool, but mine doesn't.

Check out https://privacy.com/. Pretty neat and gives similar/better features.

Tried it, but I'm giving up serious credit card points that way.

You could look at the Citi Double Cash card, it's 2% back on everything and they support "virtual account numbers" directly.

You have zero risk in this situation so I'm not sure why you feel protected.

It's not zero risk; changing my card numbers after a compromise is an annoying process given the number of places I have to do it. Not having to provide that number to the random e-commerce site I'm trying to buy something unusual from is helpful, and reduces the risk of me having to spend an afternoon making sure I switched cable, internet, Github, Patreon, Heroku, kids' school lunches, music lessons, and fifty other recurring payments over to a new card number.

(I also get to skip entering card and billing details every time. Given the number of sites that see fit to use a special non-standard widget for the state field, that saves me time and annoyance on every transaction of this nature, too.)