Storing credit card data for recurring billing are discouraged.
But many feels storing is necessary in order to facilitate recurring payments.
Using a third party vault provider to store credit card data for recurring billing is the best way.
It helps reduce or eliminate the need for electronically stored cardholder data while still maintaining current business processes.
For recurring billing a token can be use, by utilizing a vault. The risk is removed from your possession.
Modern payment gateways allow card tokenization.
Any business that storing data needs to review and follow PCI DSS requirement in order for the electronic storage of cardholder data to be PCI compliant.
On the primary account number, an appropriate encryption will be applied. In this situation, the numbers in the electronic file should be encrypted either at the column level, file level or disk level.