Well, there are email setups which are supposedly secure (encrypted), so that part could be possible. Google "secure email" and start reading. Before committing to anything, make sure that kind of credit card handling meets PCI-DSS security standards. Since customer CC numbers are passing through your site, it has to meet those standards. In that case, why not have the server accepting the CC input also be the one that stores the CC numbers, rather than trying to find a secure way to email them?
Keep in mind that your server that is storing the credit card numbers needs to meet PCI-DSS standards too: physical accessibility, online (remote) accessibility, cryptography used, regular audits, etc. It ain't cheap, but it's even more expensive to be fined because you cut corners on financial information security. Then, once you decide to charge those stored cards, that process has to meet its own set of PCI-DSS standards in handling CC information.
You may want to step back and reconsider the whole payment business end-to-end, with input from your bank (merchant account). It may even be best to charge the card right away, using conventional methods (i.e., don't hang on to the card for future charging), and then refund for canceled courses.