I'm currently developing a complex recurring payment system. Our payment gateway does not offer a "secure vault" service, and we will need to charge customers a variable amount each month. Therefore we will need to store customers' credit card details.<p>However, ideally I would like to avoid having to be compliant with PCI level D, so I'd like to find a company which:<p>* Will allow us to securely store customers' credit card details on their PCI-compliant servers.<p>* Allow us to retrieve one or all of the stored card details via their API at any time, so we can submit new payments using them.<p>I'm pretty new in the world of payment processing. Is there a company offering this kind of service?<p>(NB: I'm not looking for a full billing service like Spreedly or Chargify. I just want secure storage for credit card details, nothing more.)
If it isn't too late to select a payment gateway that supports a secure vault, perhaps Recurly.com would fit your needs? Personally, I don't know of any services that provide only the vault without the gateway or billing logic attached.<p>Plus, if a service had an API to transmit customer credit card data to your server so you could forward it to the payment gateway for processing, I don't see how that adds much security over encrypting and storing them on your own server (yes, I know this is a bad idea). A malicious individual with access to your server could still compromise your customer data.