If the client is in the United States, a merchant account with an electronic payment gateway (Linkpoint / Yourpay, Payflow, Authorize.net / Cybersource) might be better, especially if you are doing more than $1,000 a month.

Basically: The electronic payment gateway will take the credit card number and submit it to the transaction processor. The transaction processor might authorize / decline the transaction or it will send it to the card association for processing. Once done, the process flows back downhill.

You can add the https:// to your URL as well for a secure connection. However, usually your own SSL is better, one being that the consumer sees your URL in the browser, and not a generic one. Don't be afraid to put a little money into the business.

I would not suggest emailing the credit card number, either. Just because it is https, it does not mean the email is secure. And if you have the consumer send the CCV, you will be apt to fines by Visa / MasterCard.

If you are wanting to key in these transactions because you don't think you will have many, contact your merchant account provider for an Internet merchant account. Keying in these transactions might be against your merchant account agreement and you might risk losing your merchant account, and getting on the MATCH list. Chances are it will only cost you about $15-$25 extra a month for an Internet merchant account.

Otherwise, check into Paypal's options for whatever country the merchant is in. Almost any processor will be better than emailing credit card numbers.