If the majority of your customers are good, failing closed will cost more than the fraud during the anti-fraud system's downtime.

If that is the mindset in your company, why even bother looking for vulnerabilities?

There is _always_ fraud, and you can't stop it all. All you can do is try to minimize the cost of the fraud.

There is an "acceptable" fraud rate from a payment processor. This explains why there are different rates for "card present" and "card not present" transactions, and why things like Apple Pay and Google Pay are popular with merchants.

You are really running with scissors there. If anyone with less scrupulous morals notices, you’re an outage away from being in deep, deep shit.

The best case is having your credit card processing fees like quadruple, and the worst case is being in a regulated industry and having to explain to regulators why you knowingly allowed a ton of transactions with 0 due diligence.

The concept of due diligence recognizes the limits, past which it becomes too much, or undue.

Until any bad customer learns about the fail-open.

If bad actors learn about the fail-close, they can conceivably cause you more harm.

This is a losing money vs. losing freedom situation.

Maybe. But for a company everything is fungible.

Okay, then the “vulnerability” is de facto simply transitioning the system to an acceptable state.