TL;DR: I’m a bit worried about the CC form and wonder if it’s implemented correctly. With all due respect to the developer that implement it! Just my 50 cent, hopefully you understand my worries.
Btw, I couldn’t believe that there is a payment method that asks YOU to put a CC form on your own website.
Then I checked Stripe, it looks that they have a widget(iframe) solution, which sounds more secure to me https://stripe.com/docs/checkout/tutorial
Like @mikenuun said, we have (Dutch) payment providers, they care about the payment method the customer is going to choose. You just basically open a popup/redirect people to their website, with a certain token.
They handle the security part , etc.
The current CC form is very insecure. The action of the form is the IP URL, which is in my test environment non-HTTPS
(Chrome even notifies you "Automatic credit card filling is disabled because this form does not use a secure connection).
So all your CC information is sent unsecured, if your IP isn’t hosted HTTPS