I beleive you need to be registered in some way to being able to legally store card details. you should seek legal advice on this. one website link touches on the subject: pci.php
and if you were to store card details you would not only need a good quality SSL certificate but you would need to also encrypt the data (simular to how passwords are encrypted)..it is all easy to do but you would need to seek proper legal advice. otherwise you can be liable.