i want to clarify something. If you are integrating a credit card system in your website, doesn't matter what open source software you are using, you will still need to 'secure' it. There are no software out there that does security for you.

Another thing you might need to be aware is that all credit card facilities provided in Malaysia are similar to Paypal, that is, you do not transact the money from your website, rather, you use their 'secure' website for transaction purposes, so security wise, everything is handled for you. You just need to ensure that you are not hacked but credit card details should be pretty safe.

If Maybank decide to open such facilities and allow you to make a transaction on your website, then, there will be tons of compliances that you will need to fulfilled before anything is approve.

Therefore, just use whatever you think is the best for you and ensure that your website is secure. OpenCart vs Wordpress which is more secure really depends on the human factor of whether it is secure, rather than comparing whether the software is secure as there are all secure.

The real issue here is how 'BIG' the community between Wordpress and OpenCart, and if i were to penetrate your website , i will attack Wordpress rather than OpenCart since my robot will be able to attack more target in the market that are using Wordpress than OpenCart.But you will definitely find more information and community help in Wordpress than OpenCart.

That's not true Axis You can handle credit card payment off the website and not worry about compliance