Working for a legacy bank (who shall remain nameless), I’ve dealt with many an issue from customers regarding 3D secure / MasterCard securecode / Verified by Visa.
Firstly asking for random characters: this is a security measure to prevent people giving away the entire password to a fraudulent website, or if some malicious key logging software has been downloaded. The weakest part of any security measure is its user.
Secondly, it’s not just checking the password. There’s also check being made on the postcode of the billing address, the MAC and IP address of the device you’re using. This benefits customers by being an invisible security layer, that you barely notice if you’re using a “trusted device”.
I’m all for 3D secure and hope it is integrated sooner, rather than later, as I begin to use my card more and more online. Ever increasing my exposure to some bad actors or middlemen who will use my card info fraudulently.