Collecting Credit Card Information - not to collect payment

Question

I am working in PHP on a Linux server with MySQL.

I have a requirement (that I have attempted to talk them out of) to collect credit card information from users so tha

Answer 1

As someone who has worked on a system like this, it is 100% illegal to store any credit card information in plain text. You must encrypt all of the data and you are not allowed to know any piece of the keys. It is quite the catch 22, the only way to validate data is to guess as sad as that sounds. This is the exact reason why accidental charges occur.