Hi, I am new to this forum so here goes.

I run a tourism web site which promotes small b&b's. The site is working well and clients are very happy.

But, now they would like to obtain credit card information when receiving an enquiry. They do not want the cc's processed, they are just kept as a sort of security for the booking.

I am planning the following and I hope you will put me on the right path.
I will set up a new domain site with SSl certification. From the b&b page there will be a link to this site with a form asking for details and the cc number, this form will then post an email with the submitted details to the client. The visitor will then be directed to another form asking for cc expiry date, this again will be emailed to the client.

I hope that I am on the right road for security as the credit card details will be sent via separate emails.


Any suggestions greatly appreciated!!