Per your agreement with the Merchant Card services provider (The Bank) you (as the seller) must comply with digital audit procedures to ensure the customer card data is secure otherwise your services will be cancelled. If you try going over to a new provider you’ll either be refused service by them or charged higher initial rates until you’ve complied with the audit of your digital environment. So could you imagine Amazon or eBay losing the ability to take VISA and Mastercard payments at all – they would be broke overnight.

The use of online OTP (One Time PIN – sent to your phone) is ever increasing.

Also any fraudulent transactions or other chargebacks will be taken directly off your (the sellers) account and after too many such requests your merchant status will be suspended and investigated.

Many smaller sellers forego handling customer card details at all and the payments are routed via an addon to a payment processor. So although you are on XYZ website when you get to the payment screen that part of the form is directly connected to the payment processor not to XYZ. So no-one at XYZ ever has access to your card details.