• Anthony Lawson

Bonafide Rockstar

When Derek, Nick, and I started AND we knew we wanted to educate merchants on how to better navigate the world of credit card processing. It started with our “Merchant Horror Stories” - a playful way to educate our merchants about what not to do. Stories like these can be fascinating; they're personal, and they stick in our memories longer, eliciting strong emotions. They transmit valuable information that can save our skin at a later point.


In the Post-Covid world, we also felt we needed to shine a spotlight on feel-good stories, too. Stories that made us smile, made us feel pride in bringing a small amount of joy or peace of mind for someone else. I have to admit, these stories are way harder to remember for me. Not because they are insignificant, but because it just feels the way it should always be. Since they don’t depart from what’s expected, I don’t process the information as deeply. My role in each success seems microscopic because I was just doing what I was supposed to do, and I had the benefit of working with someone awesome on the other end. For me that’s what a merchant success story is, honoring the awesome merchants I’ve had the pleasure of working with and gave my job more meaning.


For my first merchant story I'd like to celebrate a small business owner. Perhaps small is an understatement, she was the first and only employee for two websites customizing promotional materials for other businesses. Upon completing a new policy requiring merchant’s to complete a quarterly PCI scan she discovered major vulnerabilities in the security of her customer’s data while completing transactions. This issue was made more complex by the fact that her website was custom built by a web developer, and offered no standard fix some out the box web hosts provide. Failing a PCI scan alone has no major repercussion. Failing doesn’t prevent you from processing payments. It's more or less an alarm telling you something bad could happen if not fixed. To my merchant’s credit, she treated this very seriously and made a great decision in getting her web developer involved.


Over the next few weeks, I worked with her and her web developer to secure her two websites. This is the part of the story where the merchant became the real MVP. Most merchants, when faced with a PCI situation that demands true attention like this... they give as little effort as possible. They do the bare minimum required to "make the problem go away". While I understand the sentiment - you have important things to do - PCI is also important. Failure to follow regulations can result in stiff penalties and huge data losses, that can overwhelm a business. Lucky for me, this merchant spent the time to take this matter seriously, and follow my recommendations. She didn't brush off suggestions, or just " go through the motions" when filling out complicated questionnaires. She implemented recommended changes, and verified them with me - instead of taking the path of least resistance.


I appreciate how much trust she gave me. I didn’t always have the answers, but it was very clear how dedicated I was to finding them out. Through it all, she was remarkably patient and cheerful - a bonafide rockstar. I feel like an unfortunate circumstance only strengthened our business relationship. We went from sharing bad news to sharing jokes. It’s remarkable how some choose to react positively to the world around them and I have a lot of gratitude for being able to help and be present to a true success.