That's still not true. Pull-based schemes are widely used across the SEPA region and in national schemes such as the UK's Direct Debits.

A notorious celebrity in the UK famously revealed his bank details as a stunt to show that a large-scale data loss incident wasn't a big deal and he ended up making an unexpected payment to a healthcare charity shortly afterwards.

I don’t know about the UK but in my SEPA country only companies can create pull-based schemes and they can’t do it without authorization of the bank account owner. Mostly used for things like utility bills. So there’s zero danger in sharing your bank account number with someone.

1. It's easy to setup a company 2. There's no validation that the direct debit is being setup by the account owner

1. It’s a bureaucratic mess. And scammers will also need to deal with the bank first. 2. With a paper form they need your autograph and other ID data. Or when it’s digital you need to authorize the request with your banking app.

In the UK it's £10 to register a company online in minutes.

Direct debit instructions require nothing beyond a name and account number.

Quite the opposite – SEPA direct debit is an extremely successful payment scheme in many European countries.

Note that, at least in France, you can't do a SEPA direct debit with only the account number.

You need a SEPA dd "mandate" which is a (paper or electronic) document account owner asks their bank for, containing a unique identifier