When we used Stripe, we opted out of all their fraud prevention stuff to save money (not sure if that's still an option). As a b2b SaaS where payment happens after a free trial (not at signup), we're just not a target for fraud, so it was totally fine.

I can't speak to why Stripe's fraud protection is so expensive. Is it because they're a target? Or maybe because they realized people will pay for it (it seems valuable for something like ecommerce)? I dunno, but I can confidently say that as of ~5 years ago, it wasn't required by any regulation, and my business was perfectly fine without it.

Now we use Paddle, and they also try to sell us a bunch of stuff we don't need at ridiculous prices. We're just using them because we wanted a merchant of record (where they handle taxes and stuff), but no, I'm not going to pay a % of my revenue for basic dunning emails, fraud prevention, vague "optimizations" that "increase conversions" (lol no they don't), etc.