Corporate

Introduction to Basis Theory

On behalf of my other two co-founders, Brian Billingsley and Ben Milne, I'm excited to talk publicly for the first time about Basis Theory. We'll be pushing more content soon.

The Data Sharing Economy: A Proliferation of APIs, Data & Risk

API calls now represent 83% of all web traffic¹. It has never been easier to interact with various web systems, and it’s now clear that data is our modern-day currency. While the data being exchanged is well protected when in motion through different security protocols — HTTPS, SFTP, etc. — protecting all data at rest is the next internet-scale problem.

There are projected to be 25B+ internet-connected devices² online by the end of the decade. The sheer quantity of data creation is expected to increase to over 180 zettabytes³ (one zettabyte is equal to a trillion gigabytes) in the next 5 years. To put that in context, it was just 2012 when we crossed the 1 zettabyte threshold for the total amount of digital data existing in the world. 

The majority of that data today is either sitting in plaintext (XML, CSV, etc.) on internal servers, which bears risk and liability for your system — or locked away with a third party where it’s inaccessible and not portable, which creates inherent vendor lock-in and renders your most valuable data essentially useless. 

Basis Theory provides the most flexible platform to protect data at rest with the same ubiquity as data in transit. As was the case with HTTPS, it will likely be financial services (then⁴: online banking, stock trading, and commerce; today, “FinTech”: BaaS, embedded finance and payments) that lead the charge from plaintext to ciphertext.

Google Transparency Report · HTTPS encryption on the web

The Basis Theory Master Plan

We make encryption, tokenization, and delegation of sensitive data as easy as a config file. That means simple, developer-friendly APIs, easy-to-use SDKs, and even a low-code solution for additional flexibility. Our platform can handle any type of data, whether that be a payload consisting of payments or PII data, a document, an image, a drivers license etc. – anything that’s serializable can be tokenized. We also enable you to control the encryption keys where we are entirely blind to the data. Regardless of the path you choose, it’s all extensible and shareable with any third party, now or in the future, through the Basis Theory Token Reactor platform. 

This simple and flexible approach makes the platform a viable option for everyday developers and enterprises alike. It ensures sensitive data is being protected at all times while maintaining full usability for both analytical and operational use cases. A single platform for:

  1. Data Security: Almost every week, there is another data breach from one of our most trusted brands - to the tune of about 16 billion records between 2019-2020⁵ alone and consisting of credit card numbers and other highly sensitive information. A lack of focus on data security can result in tarnished brand reputation AND be incredibly expensive as the average cost for a single breach is $7.7 million⁶ for companies with less than 500 employees. 
  2. Data Privacy: We’re not quite at the point where ‘mom’ is asking about whether her data is encrypted or not, but we are closer than some may think. In the past few weeks alone, there have been several articles written about the lack of security & privacy associated with popular apps - “Your location data is for sale, and it can be used against you”⁷ and “The struggle to make health apps truly private”⁸. Telegram was the most downloaded non-gaming mobile app in January 2021. Customers and partners are going to demand more transparency and control of their data.
  3. Data Utility: According to Forbes, as much as 97% of data is underutilized⁹ because of the exact problems referenced above - it’s being segregated and siloed to prevent compliance scope creep. Desensitizing the data unlocks the ability to merge, interact and operate on it. 

In the coming weeks, we plan on sharing more about how we are executing this strategy and some of the initial use cases. The team we’ve assembled is world-class (as are our investors), and while we’ve been hard at work building in private for the past ~7 months, we plan on opening our doors to the public on August 23rd. The internet is vast, and we plan to open source a lot of the work we do. However, we will continue to bear the various compliance burdens and look forward to building alongside a global community of enthusiasts. You can sign up for our waitlist here, and I hope to see you soon!

Colin Luce


Sources