You fail to mention the full, tedious process for reporting fraudulent card transactions, and getting them reversed. Whenever I've had to do it (recently, almost yearly), There are records to review, paperwork to fax, etc. to confirm what charges are legit and which aren't.
With my card, in most cases, I get a call where they verify a half-dozen or so purchases. There was once where they called me to say that my card was cancelled, with a new one in the mail. I've never had to fill out any paperwork from that particular bank/card, let alone had to fax anything. The policies vary company-by-company, so something that's onerous for you may be much easier for someone else.
Subsequent PSP models were not easily hacked (and I believe the later models remain unhacked today).
I don't know about the E1000 (a PAL-region barebones PSP), but the PSP-3000 and (I think) the PSP Go are both hackable without actually flashing new firmware. Some of the software signing keys were discovered about 3 years ago. You can sign custom binaries and use those to open the floodgates to whatever else you want.
Remember, UNIX spelled backwards is XINU. -- Mt.