[twic]

A sensible person would implement the use of the captcha to fail open - if Google is down, then let the user in without passing a captcha.

Was this a mistake on the bank's part, or Google's?

[wpietri]

Only if the probability of failure makes the extra effort worth it. Since this is a pretty rare event, a sensible person could well wait until they see actual impact before putting in the work. Hypothetical problems always vastly outnumber actually experienced ones.