I think it's called 3D-Secure for debit/credit cards. In Ukraine for example it is pretty much a normal path for online payments. Also our "credit" cards aren't the same your "credit" cards. Ours are basically the same as debit cards but with added overdraft amount and different service fees. They are created by the same banks as debit cards, not by a separate corporations.

It usually happens when someone pays with a credit or debit card. If the confirmation is not given in the app within a certain time limit, the bank rejects the card transaction.

Edit: to clarify, my comment is about the UK, and it does not happen with most card transactions; "usually" here refers instead to card transactions being the usual trigger (in my experience) for this app-based authentication flow.

"Usually" is a bit of sticky word here. Your usual is not my usual, hence my questioning of it. My experience is US centric, so I'm assuming non-US but non-US is a really big place.

Maybe. I never owned a credit card, however I also basically didn't use cash for years, only debit card

I've had a US debit card where 3D secure was triggered.