Digital finance research has long assumed that trust is the primary mechanism enabling consumer participation in online markets. We challenge this assumption in the context of embedded digital credit by proposing the Heuristic Authorisation Model (HAM), which argues that in threat-salient, low-deliberation environments, consumers authorise financial exposure through vulnerability-reduction heuristics rather than relational trust. When credit is embedded at checkout and decisions unfold within seconds, perceived exposure not institutional belief governs behavioural thresholds. Using survey data from 150 Buy Now Pay Later (BNPL) users in Australia, a high cybersecurity-salience market, we test whether perceived cybersecurity influences authorisation through trust formation or through reductions in perceived vulnerability. Results show that perceived cybersecurity increases both trust and perceived risk reduction; however, only perceived risk reduction significantly predicts authorisation intention. The indirect effect operates primarily through perceived vulnerability rather than relational trust. These findings suggest that, in embedded credit contexts, vulnerability appraisal may function as a more proximal determinant of authorisation than trust