Outsource card data management - all the benefits, none of the headaches.

Collect card data, send it to processors or partners, and store it as if it's in your database without the training, systems, and 95% of the compliance requirements that come with PCI.

Card information

1234 1234 1234 1234

MM/YY

CVV

Pay

Card information

1234 1234 1234 1234

MM/YY

CVV

Pay

Card information

1234 1234 1234 1234

MM/YY

CVV

Pay

Card information

1234 1234 1234 1234

MM/YY

CVV

Pay

•••• •••• •••• 1234

Expiry Date

02/26

CVV

312

Card Number

1234 1234 1234 1234

Develop with flexibility

Enhance card data handling and partnerships with a flexible dev stack, allowing easy payment processor switching.

Get to market fast

Launch quickly with a PCI-compliant cardholder environment and best practices, avoiding the need for in-depth PCI expertise.

Prove compliance

Satisfy as much as 95% of PCI requirements and get access to the necessary documentation to prove it.

Basis Theory made us PCI compliant in a day rather than months. The team has been a delight to work with and they beat other tokenization platforms on cost."

Ethan Lacey

Founder @ Union

By storing cards with Basis Theory, we have more flexibility in optimizing our payment stack and reacting to our customer’s needs. It’s made compliance a competitive advantage for us."

Joe Emison

CTO at Branch

I think one of the unique aspects of Basis Theory, and the tech suite they’ve built, is that it’s not a, ‘This is the product, use it like this.’ It’s almost as if we have that data in-house.”

Aharon Levine

Head of Payments at Melio

The best PCI-compliant
environment you'll never build

Use flexible tools and services to unlock new products, partnerships, and services without exposing your system to cardholder data.

Basis Theory data flow diagram
Basis Theory data flow diagram
Basis Theory data flow diagram
Basis Theory data flow diagram
Collect

Capture card info easily with adaptable web/mobile forms and APIs, maintaining your tech stack and design patterns.

Store

Separate cardholder data from your payment provider for secure, flexible payment flows and new partnerships.

Share

Format and enrich data payloads for compatibility with all partners and processors, using existing frameworks and SDKs.

Frequently Asked Questions

How are companies using Basis Theory today?

Securing cardholder data provides companies greater control and flexibility over their payment stack, but building and maintaining the necessary infrastructure and programs can require hundreds of thousands of dollars and months to implement and assess. Basis Theory provides the platform, infrastructure, and tools to secure cardholder data in minutes and without these costs and distractions.

This allows companies to:

  • Add new payment service providers to improve card authorization rates, improve redundancy, or lower transaction costs.

  • Split payments to multiple third parties or payment service providers

  • Offer wallet-like functionality to customers

  • Connect card issuing platforms to third-party services, like card updater services

  • Reduce the costs and timelines to becoming PCI Level 1 merchant

How does PCI Compliance work with Basis Theory?

As a PCI Level 1 compliant service provider, Basis Theory extends an independently assessed and approved cardholder data environment (CDE) to customers. Combined with a suite of configurable tools, services, and tokens, companies can collect, secure, and share credit cards without bringing their systems into scope. This approach allows companies to avoid the costs and distractions associated with 95% of the requirements in the Payment Card Industry Data Security Standard (PCI DSS) while retaining complete control over their cardholder data.

What is PCI 4.0?

PCI 4.0 is the latest version of the PCI DSS. It will come into force in March 2024 and, with it, bring 60 new requirements.

Basis Theory protects your roadmap by ensuring data held in your cardholder data environment maintains a continuous compliant posture with PCI 4.0.

Learn more about the PCI 4.0 timeline.

Does Basis Theory help PCI Level 1 merchants and service providers, too?

Yes. Basis Theory's scalable cardholder data environment easily replaces existing systems while its services allow customers to capture, transform, and route cardholder data with any third-party endpoint. Additionally, we provide services, partnerships, and discounts that can reduce the cost and time to become PCI Level 1 or Level 2 compliant.

Safely

accept

collect

manage

share

accept

share

card data.

Jump out to an early lead. Explore, iterate, and scale regulated products faster than the competition.

Safely

accept

collect

manage

share

accept

collect

card data.

Jump out to an early lead. Explore, iterate, and scale regulated products faster than the competition.

Safely

accept

collect

manage

share

accept

accept

card data.

Jump out to an early lead. Explore, iterate, and scale regulated products faster than the competition.