The European Union’s planned rules to reduce fraud by forcing the use of passwords or codes to authenticate electronic payments above 10 euros ($10.60) risk disrupting online shopping and may not increase security, Visa said on Tuesday.
As cybercrime and online fraud are on the rise, the European Banking Authority, the EU’s banking regulator, proposed in August draft technical standards to prevent illegal activities, including the passwords.
“These new proposals threaten to seriously disrupt the way we all shop online,” Visa’s (V) chief risk officer for Europe, Peter Bayley, said in a statement. “All of this inconvenience comes with no evidence that it will actually reduce fraud.”
Get Data Sheet, Fortune’s technology newsletter.
The world’s largest payments network operator said e-commerce may fall in Europe if the proposed rules where adopted, as consumers will be discouraged by the new technical hurdles while purchases outside the EU may be blocked.
It said payments to vendors outside the EU amounting to more than 6 billion euros are at risk of being declined by network operators because foreign websites, based in the United States or Japan, may not apply the EU’s new security standards.
A survey conducted by Visa said that 51% of European consumers shop online from retailers outside the EU.
E-Commerce Is Not Making a Comeback
Payments of more 10 euros with apps such as ride-hailing service Uber or on websites where consumers have registered their payment cards would also no longer be automatic, but will require verification codes.
Currently, payment services require authentication only when a shopper buys from vendors or from locations that are seen as suspicious because different from previous shopping patterns.
“The EBA had to make difficult trade-offs between various competing demands,” a spokeswoman for the regulator said. “These include the opposing objectives of achieving a high degree of security in retail payments against customer convenience.”
Europe’s Digital Fragmentation Is Becoming an Antitrust Issue
The banking authority will adopt a final proposal at the beginning of next year and is considering whether to introduce changes to its draft text, the spokeswoman told Reuters.
The European Commission, the EU’s executive arm, will have to confirm the proposed technical standards. EU states and European lawmakers will then have the last say, but only rarely they have blocked decisions on standards which apply previously agreed legislation.
