PERHAPS
By storing credit card information on a separate computer, you reduce the likelihood that successful hacking of one server (or "system") will lead to the loss of many (hundreds / thousands) of users. An ideal solution would entail a similar (or lower) risk of data storage on the server, but distributes the attack surface and, therefore, significantly reduces the impact.
Here is a brief overview of the proposed approach (which I posed completely as a SO question HERE until poo-poos exists:
Retrieve the encryption key from the server via HTTPS.
Use it (in javascript) to encrypt credit card data in local storage at the same time that it is entered by the user.
Drop the key when the user navigates from the page.
If the user returns later, he can retrieve the same key from the server, as well as a new key for caching data in the future (to avoid reusing the same key).
The server does not need to save a copy of the credit card data, and the hacker will need to obtain an access level so that they can in any case view the information entered by the user on the page.