With PSD2 and GDPR, why send more data if the issuers are going to challenge the consumer anyway?
In the European Union, the PSD2 mandates that all transactions, except those exempted, require a strong customer authentication (SCA) that includes at least two of the three factors (knowledge, possession, and inherence).
To follow the mandate, those transactions will require customers to authenticate themselves. However, even if the customer passes the authentication steps, issuers are still free to decline a transaction if they suspect there is a risk of fraud – or not enough intelligence. To avoid this scenario, sharing more transaction data with the issuer can help dissipate doubts.