Long answer: See the following discussions
http://news.ycombinator.com/item?id=470128
http://news.ycombinator.com/item?id=389692
http://news.ycombinator.com/item?id=115723
http://news.ycombinator.com/item?id=12010
Also, if you store your customers' credit card information, you have to do implement all sorts of access & privacy controls, a ritual otherwise known as PCI compliance. You probably don't want to go through all that trouble.
Long answer: See the following discussions
http://news.ycombinator.com/item?id=470128
http://news.ycombinator.com/item?id=389692
http://news.ycombinator.com/item?id=115723
http://news.ycombinator.com/item?id=12010
Also, if you store your customers' credit card information, you have to do implement all sorts of access & privacy controls, a ritual otherwise known as PCI compliance. You probably don't want to go through all that trouble.