It's called Strong Customer Authentication in the UK. I'm merely repeating what I understand of it, and what I have actually read on bank websites. For example:
"In a ‘card present’ scenario, the convenience of contactless at point-of-sale would remain, however customers will be asked to complete a Chip and PIN transaction when they reach the maximum total contactless spend, or have exceeded the card issuer's limits for consecutive contactless transactions since they were last authenticated." [1]
"When you spend around £100 in shops (across multiple payments, not just in one go) without having used Chip & PIN , we’ll do an extra security check by declining the next contactless payment and asking you to use Chip & PIN instead. " [2]
There is a transaction / amount limit for contactless transactions. Banks generally keep it secret for security - but it can be something like "transactions over x EUR need PIN and also ever fifth will need PIN".
It is pretty annoying because there are a lot of terminals that don't have the PIN keyboard, e.g. on vending machines. If you card decides it needs PIN, you are not buying, unless you can sidestep it using a phone.
>There is a transaction / amount limit for contactless transactions.
It doesn't seem to be universal though. I paid for multiple hotels in Europe (so hundreds of pounds/Euros) with contactless payments and--although I actually made a point of making sure my card had a PIN after a problem on my previous trip--I never needed it.
Most (if not, all) banks will send the transaction to a risk management solution such as LexisNexis including a bunch of metadata. It then assigns a risk score and your bank will factor that in with their risk appetite when deciding whether to ask for your PIN.
Apple Pay does not force the above, as you have already identified yourself via mandatory biometrics or device PIN.