We work on a site with a similar issue. The items sold are live plants and customers order them in one batch and the plants get shipped and charged when the are sent (at different times, sometimes months later, depending on a whole host of factors).
We don't store the credit card numbers in a database online. We encrypt them using PGP, then write the info to a file and send it via FTP to our clients secure internal network where they then decrypt the numbers and store them for future billing. Only the client has the private key to decrypt. We encrypt on the server using the public key and the CFX_PGP tag. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:229486 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
