GDPR (Swedish implementation)
Dataskyddsförordningen — GDPR applies directly; IMY is supervisory authority
Integritetsskyddsmyndigheten (IMY)
Europe & Central Asia · GDP rank #22
Sweden
SE · SEK @ 0.1069/USD
Tab 06
Fraud & security
Headline fraud totals and typology splits, the rollout of EMV chip, tokenisation, 3DS and biometrics, and the controlling data-protection and payments statutes.
Sweden has the most severe APP-fraud problem in the Nordic region — driven by scam calls exploiting Swish's frictionless UX; Finansinspektionen mandated new SCA-style flows on transactions > SEK 25,000 from January 2025.
Reported payment fraud · 2024
2.2B SEK▲ +22% vs prior year
Card-not-present share
76%
3DS adoption on CNP
96%
Trend lines
What's growing fastest
Where a full typology breakdown is not published, the authorities typically disclose year-on-year growth in specific scam categories. Authorised push-payment (APP) scams and account-takeover fraud are the canonical “wallet era” concerns in most markets.
- Card-not-present share76%
- APP scam growth YoY+54%
- Account takeover growth YoY+31%
Controlling regulation
IPR 2024/886 (non-euro application)
IPR applies to SEK-denominated instant transfers under PSD3 transposition; VoP mandatory October 2025
European Commission
DORA
Effective 17 January 2025
European Commission