I have been searching trying to find information about best practices around storing transient credit card data. My use case is as follows:
After clicking "Checkout" in the cart to begin the checkout process, users enter their shipping address, billing address, and credit card info. They are then taken to a "Review Order" page to make sure that the order is correct. If they do not have changes, they may click the "Place Order" button. Once the order is placed, their card is authorized via Authorize.net. The store ships physical goods, so a capture will be issued at a later date, once the products are shipped.
In order to store the credit card info securely between entering the credit card data and placing the order (i.e. in order to supply CC data and then have the "Review Order" page, allowing the user to cancel the order if incorrect) I plan to use CIM.
I hope to support users with accounts on my site as well as "guest" users. "Guest" users will end up with an account since they will supply an email address which will be, in turn, used for the CIM profile. Registered users will be able to reuse their payment information since it is stored in CIM. Registered users should also have the ability to choose to not save their credit card info for future use.
My main concern is storing the credit card data indefinitely, particularly in the case of a "guest" user or a registered user that has declined to store their payment information. I think I will have to store the payment profile in CIM until the capture occurs, although I would like to get rid of the credit card info as soon as the authorization happens if the customer does not want it stored. In this case, will refunds be a problem without the customer profile or customer payment profile?
I know that using CIM is secure, PCI compliant storage but what are the best practices around storing this data? Also, are there other ways to implement a "review order" flow without authorizing the credit card prior to placing the order?
