LGMS Berhad (LGMS) and GHL Systems Berhad (GHL) have joined forces to enhance PCI (Payment Card Industry) security standards compliance for the merchant ecosystem, which has been developed by LGMS to strengthen the security of the payments landscape for consumers and businesses. The collaboration was marked by a signing ceremony attended by LGMS Executive Chairman Fong Choong-Fook and Executive Director Goh Soon Sei, and GHL System Berhad’s Malaysia CEO Kevin Lee.
Fong stated that non-compliant merchants could be vulnerable to costly attacks and data breaches and might even face penalties ranging from US$5,000 to US$500,000 in case of a data breach. Therefore, the collaboration aims to “simplify” the process for merchants to become PCI compliant, while also reducing their cyber risks significantly.
Kevin Lee from GHL mentioned that the partnership with LGMS would benefit GHL’s merchant ecosystem, which stretches across over 145,000 payment touchpoints in Malaysia. He added that the PCI DSS security standards ensure that all companies that accept, process, store or transmit credit card information maintain secure environments at all times.
Under this partnership, GHL will be able to monitor merchants’ security posture and have access to their PCI DSS compliance report and evidence. GHL will also be able to track merchants’ yearly PCI DSS compliance status and progress, while having an automated tracking and reminder function for merchants’ PCI DSS compliance cycle.
GHL’s merchants will be offered LGMS’ PCI Compliance Wizard (code name: Mercury) to assess their PCI readiness and compliance. The Wizard platform is developed in-house by LGMS, who owns the Intellectual Property (IP), and is supported and powered by official PCI Qualified Security Assessors (QSA), simplifying the compliance process via step-by-step guidance.
Other benefits for merchants include the ability to monitor their branches’ postures, centralised and secure storage for PCI DSS compliance evidence, and the Wizard serving as a one-stop solution for all PCI DSS mandated technical assessments. Fong mentioned that LGMS plans to deploy the Wizard platform worldwide to support merchants in other regions too.
This initiative is in line with ensuring compliance with the Payment Card Industry Data Security Standard (PCI DSS), an information security standard used to handle credit card transactions from major card brands, formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International and American Express. Despite the standard being mandated by major card brands to better protect cardholder information and reduce credit card fraud, a substantial number of merchants across Malaysia are still non-compliant due to their uncertainty about the process of becoming PCI DSS compliant and the Self-Assessment Questionnaire (SAQ) they need to complete to become fully compliant.
16 March 2023