From a merchant perspective, there is a significant group that view this as a feature. Not a bug. Once a merchant gathers you credit card info, they can submit basically any transaction they want at any time. Yes, if you do this enough your payment processor will cut you off. But for businesses like gym membership, NYTimes subscription, car rentals, etc. it's a core feature.
The product in that case is not "payments as a service" to the consumer but in fact "payer as a service" to the business. If consumers didn't represent an unbounded ability to generate recurring revenue there are lots of profitable businesses that would go under overnight.
> they can submit basically any transaction they want at any time
This can be generally be accommodated in my suggested model, they just have to specify upfront how much & how often they'd want to charge. If the gym membership is 50 bucks a month, then the token has a monthly limit of 50 (or maybe a bit more, to account for potential extras). The token lifetime could be set for the membership duration.
> car rentals
Get 1 token with your rental fee + a separate token (scoped until car return date + some time to inspect/discover any damage) for the deposit amount?
You're thinking technical solutions to a sociological problem. Businesses like this are built on the fact that they can charge you an unspecified amount for an indefinite amount of time. Any attempt at a technical solution means those businesses refuse to adopt that solution.
I suppose in this system you could white list such things. It would be a box to click when it directs you through the Auth process. I guess you could directly implement this in stuff like Norway's bank id system.
The product in that case is not "payments as a service" to the consumer but in fact "payer as a service" to the business. If consumers didn't represent an unbounded ability to generate recurring revenue there are lots of profitable businesses that would go under overnight.