Security & Privacy
Security and privacy are built into our DNA.
PCI Level 1 Compliant
Basis Theory’s environment has been independently verified to meet or exceed the Payment Card Institute Data Security Standard (PCI DSS) for Level 1 merchants and service providers.

SOC 2 Type II Certified
External assessment have validated Basis Theory’s compliance, security, privacy, and risk posture to meet or exceed SOC 2 Type II requirements.

HIPAA Compliant
Protect, authorize, and share patient’s protected health information (PHI) in our independently certified compliant environment.

Questions?
Reach out to our security, compliance, and risk teams.
Security by Design
We follow cloud native security best practices, implement continuous code delivery, system, and network monitoring and scanning.
Monitoring & Alerting
Basis Theory conducts regular risk assessments, reviewing and updating our security policies as needed.
Encryption Key Management
We use strong cryptography with industry standard key-management processes and procedures.