well, it's definitely a fault of Apple, if my card works on all 3d secure sites, but when I use it on Apple, the process is as follows:
1- it states that additional verification is needed and I click ok
2 - requests to enter your Apple password (no, it won't be cached, even though I entered it 1 minute ago on that device and no, FaceID is not allowed)
3 - I get transferred to iTunes (what? why?)
4 - I get transferred to a pop-up that loads a financial page on apple.com site
5 - requests to enter your apple ID second time, this time at least I can use FaceID
6 - get transferred to the 2nd page at Apple, refreshed a couple of times and get a pop up which states "contacting card issuer" that loads forever (well, maybe not forever, but I tried waiting 5 minutes). I mean, timeout and tell me what to do, if you think it's a fault of the Bank, for christ's sake..
Who in their sane minds would think that this process is anywhere near good enough for a 2 trillion USD company? Maybe if two students who are not too bright would do this customer journey on their e-shop, you could say - it's ok guys, for a first try, now try to do it better. But the most valuable company in the world? Not being able to do 3DS properly? This is a proper joke!
Those guys here who try to defend this nonsense - you need to go get some fresh air. The issue is at Apple and it's a shame. Steve Jobs would've never allowed it and would've fired whole departments for this. It's not a "gmail icon wrong background color" story, it's a shameful, disgusting, buggy process.