This isn't a set of security best practices. Many are simply required by PCI-DSS, along with a whole bunch of other things if you're doing card payments.
Some of them do offer security benefits (e.g. tokenization) but are often considered more because they reduce cardholder data within your network, which can make things a lot cheaper. A rare example of economic and security factors aligning!
Some of them do offer security benefits (e.g. tokenization) but are often considered more because they reduce cardholder data within your network, which can make things a lot cheaper. A rare example of economic and security factors aligning!