fraud: the online retailer requests a copy of the credit card and the driver's license

This weekend I placed an order for a part of an online retailer ($ 300-400). Soon after, I received an email from your sales team that said something similar to the following:

Hello, we have received your order # 12345 and it has been activated by
Our fraud alert system. Please send us a copy of your driver's license
and credit card used in the transaction. You are my personal forgiveness
details like the DL # but leave the last 4 digits of the credit
Card, name and address.

This is no different than presenting your identification in a brick and mortar
to stock. Thanks for your cooperation, blah, blah, blah.

My answer to them was basically:

Hello, I would be happy to make any verification through the bank
It issues the card but unfortunately it does not feel comfortable sending.
copies of my DL and credit card by email to an online retailer.

Basically, his response reiterated his first email, but insisting that they already had all this information and that they only needed to verify it. So I ended up canceling the order and buying the same part from a different retailer. In fact, they are legitimate retailers. His name bounces on the forums without any problem and I found them, they did not find me.

My question is, Did I make a problem of something that was reasonable for me to fulfill?

Some points that crossed my mind:

1) I have had "fraud alerts" on my credit card before making a purchase larger than normal. They come in the form of an email from my bank asking me to confirm whether I made a certain purchase or not. Sometimes they even require you to call to verify. This "fraud alert" was only from the retailer. My bank did not raise this issue.

2) As far as I'm concerned, I should never take a picture of my credit card. Even if I block important details, the original photo was probably synchronized with the cloud, which means I have to make sure it was deleted everywhere and trust that our google / apple / amazon masters did remove it. I'm sure there are ways to mitigate this, but every hoop I throw at is an opportunity to make mistakes.

3) If I were a scammer, I'm pretty sure I could fake a credit card and the corresponding identification through Photoshop from which I could take a horrible picture with my phone and satisfy them. I do not think there is much security in their process.