For our credit card processing, we use an online service called ‘Authorize.net’.  They are a popular and well respected interface in the industry because of their high standards for credit card security compliance.  When you enter your information, it is sent directly to them through a portal on our site.  Nothing is stored on our website, other than the last four digits of the card so that you know which card you used.  Not even the expiration date is stored.  It is the same as if you are sitting in front of a credit card machine yourself and swiping your own card.

Authorize.Net does store customer payment information in a highly secured database for a limited period of time.  After 120 days (from the date it was originally received), Authorize.Net purges the full information and stores only masked information.   All sensitive or personally identifying customer information that is stored by Authorize.Net is masked in the Merchant Interface and in merchant reporting, meaning that anyone who gains access can not readily read the information.  It is encrypted and can only be read by the code that created the encryption.  So hackers would first have to steal the encryption code first.  These multiple layers of security is what deters hackers and makes Authorize.net one of the leaders in the industry.   

I hope that helps to address your concerns.  In the 23 years that we have been in business, we have never had a credit card compromised.  The alternative would be for you to send me a personal check or pay via Paypal.  It can delay your renewals as we are not fully staffed.  But if that is what you would prefer to do, I would be happy to accommodate that request.

Please let us know if you have any other questions or concerns about credit card security compliance.
info.cd@collectiblesdatabase.com