QUOTE(corenfa @ May 15 2012, 01:37 PM)
Unfortunately, even if we are careful about shredding our paperwork, it only takes one company with our card details to NOT be careful about their paperwork to make this happen.
I very rarely leave my credit card number on file when I order something but I didn't want a delay, so I left it at what I thought was a large reputable department store.
Two weeks after, I got a call from my bank about a fraudulent transaction, so I suspect that someone at the store had just looked through the orders scanning for card numbers.
I'll not be doing that again. This is the only time I've ever had this happen. I do use my card online a lot but usually with things like Paypal where you don't have to give the card number to the buyer.
There are strict rules about storing credit card numbers, and businesses using card terminals have to agree to abide by them. (The so called PCI Compliance.) There are various levels, so for example, a small mail order business without online ordering might only be allowed to store card numbers that it reasonably needed on paper - but not on computer.
For retailers offering an on-line card service there are certain tests that must be carried out periodically to make sure than hackers cannot gain access to card details via the internet.
You will also note that the three digit security code on the reverse of your card is NOT printed on the Merchant Copy of card receipts, so whoever scams your card must also have this information from somewhere. The transaction cannot be completed unless this information is provided, (unless of course the customer enters their PIN number into the terminal).
I think it may be possible to process a payment without postcode and address numbers (we have never had to do so yet), but your card company will know from their records whether this security check was overridden. This check exists to protect the retailer as much as the card holder, and if either the address number of post code verification fails, the terminal will ask whether we want to continue with the transaction.