I'd say the CC companies are equally to blame as well as the original key providers (e.g. indie dev stores) which don't use or provide suffienctly advanced fraud detection / prevention. E.g. some stores use an additional password linked to my CC and some don't. Also I have to confirm a 5ct sale on Steam with my phone, but not a $2000 purchase with my CC.
I suspect that there isn't really a "long term" for sites like G2A. Over the next 10 years the industry will probably move away from selling fungible "keys" to having all bought games added directly to your account. There will be little room for any 3rd party resellers.
HB did that for a while with their Steam keys, but backtracked.
There is definitly room for improvement on the part of Credit Card companies and indie dev stories but lets not try to blame them for the illegal actions of some assholes.
I agree that strenghtening the protections against card frauds and charge back scams seems like the way to go because the problems seem to originate with those illegal activities.
So, a few points on what could be done:
1. Make every card transaction require a two step autenthication. Like a phone one, or at least a password that is send to your e-mail account. Sure, it would require slightly more work on the part of the customer, but it would increase security significantly.
2. Key reselling websites should take steps to improve their vetting process for the keys that are posted on their site. Also, they should monitor and deal immidietly with any suspicious attempts to sell keys. A price that is significantly lower than market average, an number of negative comments on an account. There are sellers that have hundreds or thousands or negative comments still being able to sell keys there.
3. They should make their G2A shield protection a part of the transaction without any additional costs. Without doing it, they are trying to make it look like its your fault that your got scammed on their website, because you should have just pay that 1Euro/Dollar. Try to imagine a situation in which you had to pay extra to be able to return something to a physical retail store. Like, you didnt pay for the "Walmart Shield"? We cant take this faulty TV back, suck a dick!
4. Indie dev stories should implement both an ability to track which key was bought with which transaction, and an ability to revoke those keys immidietly.
5. People should learn to recognize that if a deal seem too good, better than anything else they can find, then they should ask how it is possible to sell it for such a low price, and what are the risks associated with such a purchase.