Security & Privacy

Security and privacy are built into our DNA.

PCI Level  1 Compliant

Basis Theory’s environment has been independently verified to meet or exceed the Payment Card Institute Data Security Standard (PCI DSS) for Level 1 merchants and service providers.

SOC 2 Type II Certified

External assessment have validated Basis Theory’s compliance, security, privacy, and risk posture to meet or exceed SOC 2 Type II requirements.

HIPAA Compliant

Protect, authorize, and share patient’s protected health information (PHI) in our independently certified compliant environment.
Reach out to our security, compliance, and risk teams.
Security by Design

We follow cloud native security best practices, implement continuous code delivery, system, and network monitoring and scanning.

Monitoring & Alerting

Basis Theory conducts regular risk assessments, reviewing and updating our security policies as needed.

Encryption Key Management

We use strong cryptography with industry standard key-management processes and procedures.