[ams6110]

These days the retailers don't (or shouldn't) store it. They store a token that the payment processor (e.g. Stripe) uses as a key to the card data that they store.

If you as a retailer have your checkout page set up properly, the actual card data never hits your server.

[clan]

That only makes it slightly better. It is still stored at payment provider. Hopefully they are better at safeguarding my data.

But if I only supplied a token. with a value I determined I would not have to worry.

[shimon]

If you're sufficiently motivated, you can do this today with Virtual Credit Card Numbers: https://en.wikipedia.org/wiki/Controlled_payment_number#Virt...

[owenmarshall]

> But if I only supplied a token. with a value I determined I would not have to worry.

You mean the username and password for the site you've logged on to? ;-)

[thaumasiotes]

No, your credentials don't have a defined monetary value.

A temporary card number can be configured with a fixed value you specify; most banks provide the service for free.

You can also buy a Visa or AmEx gift card, and use that.

[fulldecent]

My company does $1m in sales annually. Stripe requires 7 days to close payments (versus 1d for other merchant accounts).

The extra $16k of float that Stripe requires is not worth it for me. This is why we have credit card numbers come to our server.

[edwinwee]

If you're based in the US or AU, we have a 2-day rolling payout schedule: https://stripe.com/docs/payouts

We're working to speed this up for other countries!

[user5994461]

Stripe is a tiny payment provider that is smaller than any major e commerce site.

Most of the major sites do store cards information and they go through the annoying PCI DSS compliance to be allowed to do just that.