Orders needs details from the customer service, like their credit card, to create an order.
Are you sure? Isn't it better for PCI-DSS to not pass the credit card around? If you were using an external payment service like Stripe, you wouldn't see it at all. And it would be a synchronous process of passing the order to Stripe at the right point in the flow.
And that's the key to microservice design. If you're ever designing both sides of a microservice, you're doing it wrong, and you should just design one service that contains both parts. You should imagine that every microservice is provided by a separate company.
Microservices are more an organizational tool than a deployment one. They allow different parts of the software to be worked on by completely independent teams that communicate only through published APIs.