it doesn't have to be days, most credit card fraud is found within hours. You can also allow partial use of the application during the vetting period, just exclude the parts that are being abused. Though you should probably aim to build a product that people want to sign up for, and are willing to wait for.