no, but it is _tremendously_ more difficult than email or even ID scans (unless you're doing actual verification, which is both more expensive and complicated than just charging a nominal fee or even just attaching a Card object to a stripe customer). Just getting to stand on top of an extremely robust existing system (payments) gets you so much adjacent help in keeping bad actors out, or at least getting it down to a human-team manageable level. It can be the difference between a viable business and not.
The first part is its goal: identity is secondary, the main purpose is money. It means a customer can put a fake name and address as long as the money part is considered OK. Most PSPs won't check the cardholder name (it can be used for fuzzy scoring, but exact match is a fool's errand). Address is usually only required for physical goods and won't be checked otherwise. And 3DSecure will shift the blame enough that the PSP won't need to care that much about the details.
The second part is the whole mess that comes with payments. You'll become a card testing pot in no time, and you'll be dealing with all the fuss just to check identities, you'll soon be rising the token payment to a significant amount to cover the costs, and before you realize it half your business has shifted into payment handling.
Especially if you only deal in government issued currency and refuse to use crypto. The US dollar is the world's reserve currency for a reason - we have tons of opaque and invisible systems in place to make sure it's rock solid. Systems that other countries either don't have entirely or rely on a series of privately owned systems that feel like chewing gum and string.
> you act like it's impossible to get payment credentials that have nothing to do with the user
This is incorrect. The parent acts like it isn't trivial to obtain payment methods that aren't linked to the payer. It seems like a reasonable possibility.
For whom? For people willing to be an asshole on the internet? For people willing to stalk other people online? This sounds exactly like the group of people that would look for ways of paying for something in ways not linked to them, even if that means "borrowing" someone else's identity