Security and Privacy is built in our DNA.

Learn more on how Basis Theory cares about security.

PCI logo connected to a lock

PCI  Level 1 Compliant

The Payment Card Industry Security Standards Council is a global forum owned and managed by the major card networks.  PCI develops and drives the adoption of data security for payment card data - ensuring that all participants in the card payments value chain keep data safe.

SOC 2  Type I Compliant

SOC 2 is an auditing framework and procedure created by the AICPA that ensures a company has appropriate controls for security, availability, processing integrity, confidentiality, and privacy. Assuring there is proper oversight, vendors/third party compliance, and proper governance and risk management practices.
SOC 2 logo connected to a lock

Security by Design

We follow cloud native security best practices, implement continuous code delivery, system, and network monitoring and scanning.

Monitoring & Alerting

Basis Theory conducts regular risk assessments, reviewing and updating our security policies as needed.

Encryption Key Management

We use strong cryptography with industry standard key-management processes and procedures.

Audit Logging

Our audit logs to enable your security team to reconstruct events after a problem occurs.

Open Source SDKs

Our code is public enabling you to assess the code against your security standards.

Privacy at the Core

We take user privacy very seriously. Review our Privacy Policy to learn more about how we collect and use personal information.
START TOKENIZING NOW

Ready to try Basis Theory?

Create an account and start right away. Want more information? Reach out to us.