Re: Why do businesses store credit cards
Because unfortunately most of us are lazy and don't want to have to enter our details every time you're ordering something.
Even then, if done properly, there is no need to store the full card details anywhere on the system.
Instead, you store an authentication token from whichever payment gateway provider you use (Verifone, World Pay, All Pay etc) which is generated on the first purchase. This authentication token is unique to the user's card and CVV, and can therefore be used for subsequent purchases.
You would typically store the last four digits of the card, simply to be able to present it visually to the user in their account details on your site, so they can identify the card, but it isn't used for transactions.
The CVV should never, ever be stored.
Biting the hand that feeds IT
