I am interested in web application security, and the last few months I was studing the shopping cart software which is used in the online shopping sites. Many of the shopping sites are under continious attack by malicious people in order to obtain credit card information from there, so in order to protect some shopping sites simply do not store the credit card information in their databases, but some of the sites do. I guess it depends of the shopping cart software.
So can you tell me more about this - which shopping cart applications store the credit card info and which don't? Are there any other methods of securing these applications against attacks ? How safe are some of the most popular shopping scripts out there ?