Find a different supplier. That's a horrible policy that signifies one of three things:
1) Idiots. They don't understand what a massive potential breach of security they are exposing their customers to.
2) Scammers. They're just going to take your details and go on a shopping spree.
3) Incompetents. They can't get a real merchant account for online transactions without being charged an arm and a leg, so they're using the "signature workaround" that has been an outdated practice for online merchants for more than ten years. Either them directly, or whomever is providing their merchant cc services. Either way, this is incompetent.
In other words, even if they aren't outright crooks, there's no upside to dealing with these people. Hell, it might be better if they were crooks -- as Alexander Dumas said, "I prefer rogues to imbeciles, because rogues sometimes take a rest."