We currently have an authorize.net account with CIM. We want users to be able to sign up with an account, but also have to flexibility to store/edit their credit card information from our website. They never actually pay online, we charge them manually after we've dropped off their laundry.
Is this feasible? Safe? Is it possible to never actually store any of the information on our servers, but rather use the authorize.net API to get/set data via their CIM?