Outsource card data management - all the benefits, none of the headaches.
Collect card data, send it to processors or partners, and store it as if it's in your database without the training, systems, and 95% of the compliance requirements that come with PCI.
Develop with flexibility
Enhance card data handling and partnerships with a flexible dev stack, allowing easy payment processor switching.
Get to market fast
Launch quickly with a PCI-compliant cardholder environment and best practices, avoiding the need for in-depth PCI expertise.
Prove compliance
Satisfy as much as 95% of PCI requirements and get access to the necessary documentation to prove it.
Basis Theory made us PCI compliant in a day rather than months. The team has been a delight to work with and they beat other tokenization platforms on cost."
”
Ethan Lacey
Founder @ Union
By storing cards with Basis Theory, we have more flexibility in optimizing our payment stack and reacting to our customer’s needs. It’s made compliance a competitive advantage for us."
”
Joe Emison
CTO at Branch
I think one of the unique aspects of Basis Theory, and the tech suite they’ve built, is that it’s not a, ‘This is the product, use it like this.’ It’s almost as if we have that data in-house.”
”
Aharon Levine
Head of Payments at Melio
The best PCI-compliant
environment you'll never build
Use flexible tools and services to unlock new products, partnerships, and services without exposing your system to cardholder data.
Collect
Capture card info easily with adaptable web/mobile forms and APIs, maintaining your tech stack and design patterns.
Store
Separate cardholder data from your payment provider for secure, flexible payment flows and new partnerships.
Share
Format and enrich data payloads for compatibility with all partners and processors, using existing frameworks and SDKs.
Frequently Asked Questions
How are companies using Basis Theory today?
Securing cardholder data provides companies greater control and flexibility over their payment stack, but building and maintaining the necessary infrastructure and programs can require hundreds of thousands of dollars and months to implement and assess. Basis Theory provides the platform, infrastructure, and tools to secure cardholder data in minutes and without these costs and distractions.
This allows companies to:
Add new payment service providers to improve card authorization rates, improve redundancy, or lower transaction costs.
Split payments to multiple third parties or payment service providers
Offer wallet-like functionality to customers
Connect card issuing platforms to third-party services, like card updater services
Reduce the costs and timelines to becoming PCI Level 1 merchant
How does PCI Compliance work with Basis Theory?
As a PCI Level 1 compliant service provider, Basis Theory extends an independently assessed and approved cardholder data environment (CDE) to customers. Combined with a suite of configurable tools, services, and tokens, companies can collect, secure, and share credit cards without bringing their systems into scope. This approach allows companies to avoid the costs and distractions associated with 95% of the requirements in the Payment Card Industry Data Security Standard (PCI DSS) while retaining complete control over their cardholder data.
What is PCI 4.0?
PCI 4.0 is the latest version of the PCI DSS. It will come into force in March 2024 and, with it, bring 60 new requirements.
Basis Theory protects your roadmap by ensuring data held in your cardholder data environment maintains a continuous compliant posture with PCI 4.0.
Learn more about the PCI 4.0 timeline.
Does Basis Theory help PCI Level 1 merchants and service providers, too?
Yes. Basis Theory's scalable cardholder data environment easily replaces existing systems while its services allow customers to capture, transform, and route cardholder data with any third-party endpoint. Additionally, we provide services, partnerships, and discounts that can reduce the cost and time to become PCI Level 1 or Level 2 compliant.