LGMS Berhad (LGMS) and GHL Systems Berhad (GHL) have inked a partnership to boost PCI (Payment Card Industry) security standards compliance for the local merchant ecosystem.
Developed by LGMS, the solution is set to further strengthen the security of the e-payment landscape for consumers and businesses alike.
Representing LGMS at a signing ceremony to mark the collaboration today were LGMS executive chairman Fong Choong-Fook (left in pic above) and and GHL CEO (Malaysia) Kevin Lee (right in pic – with GHL’s corporate communications and marketing head Shobana Devi Jayandran at far left, and group risk management senior manager Mahathir Hassan at far right.)
“Without the protection that PCI compliance brings, merchants could be vulnerable to costly attacks and data breaches. For non-compliant merchants, should a data breach occur, they could even face paying penalties ranging from US$5,000 to US$500,000,” said Fong in a statement.
“Hence, this collaboration aims to ‘simplify’ the process for merchants to be PCI compliant, while giving them peace-of-mind that their cyber risks have been substantially reduced,” he added.
Meanwhile, GHL’s Lee said that the company was pleased to have finally concluded the partnership with LGMS, which is set to benefit its merchant ecosystem, stretching over a vast footprint of more than 145,000 payment touchpoints in Malaysia.
“The PCI DSS security standards ensure that all companies that accept, process, store or transmit credit card information maintain secure environments at all times,” he said.
Instead of assessing merchants manually, GHL would be able to better monitor merchants’ security posture and have access to their PCI DSS compliance report and evidence. In addition, GHL would also be able to track merchants’ yearly PCI DSS compliance status and progress, while having in place an automated tracking and reminder function for merchants’ PCI DSS compliance cycle.
Through this partnership, GHL’s merchants would be offered LGMS’ PCI Compliance Wizard (code name: ‘Mercury’) for them to assess their PCI readiness and compliance.
The Wizard platform, developed in-house by LGMS who owns the Intellectual Property (IP), is supported and powered by official PCI Qualified Security Assessors (QSA).
The solution simplifies the compliance process via step-by-step guidance, including for environmental, social and governance (ESG) tracking purposes as it also serves as a user-friendly tool for ESG data collection purposes.
Other key benefits for merchants include the ability to monitor their branches’ postures, centralised and secure storage for PCI DSS compliance evidence, together with the Wizard serving as a one-stop solution for all PCI DSS mandated technical assessments.
Fong also shared that, following this development, LGMS has also initiated plans to deploy the Wizard platform worldwide as it supports merchants in other regions, too.
“We chose to kick off by partnering with GHL as it is ASEAN’s leading local non-bank acquirer and payment solutions provider,” said Fong. The platform supports global use, i.e. LGMS also have plans to deploy the platform worldwide, partnering with banks and payment gateways globally.
This initiative is in respect of ensuring compliance to the Payment Card Industry Data Security Standard (PCI DSS), an information security standard used to handle credit card transactions from major card brands, having been formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International and American Express.
Although the standard is mandated by these major card brands to better protect cardholder information and reduce credit card fraud, a substantial number of merchants are still non-compliant across Malaysia.
This scenario stems from these merchants’ uncertainty about the process of getting PCI DSS compliant, coupled with them being unsure about the Self-Assessment Questionnaire (SAQ) to be fully compliant.
