Blog

Merchants, especially online, have no choice but to contract with at least one payment service provider (PSP) to ensure they can execute transactions with credit car...

In any subscription business, there is inevitably churn - subscribers who end their contract and move on. There is, however, a difference between those who choose to...

In the first four posts of this five-part series, we covered the rules of payment processing for high risk merchants, what causes processors to shut down merchants, ...

Sophisticated high-risk merchants understand that de-risking their payments operations can truly be a game changer for their business. They see that not only is it i...

As a high-risk merchant, you know that hedging your risks can make it easier for your business to remain operational. One important way to achieve this when using a ...

Why it’s Crucial to Constantly Improve Payments Performance For any business, revenue growth is key to continued development and opportunity. And revenue growth can ...

Operating as a high-risk merchant, one of the most feared experiences is getting shut down. Even the looming threat of this happening is enough to keep many merchant...

This is blog post one of a five-part series on the ins and outs of high-risk merchants and high-risk payment processing.

How Credit and Debit Cards Compare The fundamental difference between a credit and debit card is whose money is being used in the transaction: with a credit card, th...

October was dedicated to enhancing the developer experience at Basis Theory.

The Basis Theory team joined a webinar hosted by the Merchant Risk Council (MRC) on November 1 titled “AI Solutions to Simplify Payment Management and Compliance”.

The world of payment processing can be bewildering and esoteric, with its vast range of participants, processes, and industry jargon. This (admittedly incomplete!) g...

What many people miss about the payment process is that there are actually a series of steps - it’s not a one-stop shop! Merchants generally will run some amount of ...

As outlined in sub-requirements of the other 11 requirements, documenting expectations of the security posture of an organization is fundamental to the success of th...

System vulnerabilities can serve as an open door for attackers to walk right into secure systems and cause significant harm. The best prevention method is to consist...

PCI-DSS is the set of standards all participants in the online payment process must adhere to. Failure to comply with its strictures can lead to higher costs, busine...

Gift card authorization rates are estimated to be 5-10% lower than standard credit card authorization rates. While this can be frustrating for merchants and customer...

Logging mechanisms and tracked user activities are critical to preventing, detecting, or minimizing the impact of a data compromise. Implementing logs on all system ...

As a merchant, you are likely aware of the struggle to recognize identical cards across the increasing amount of payment methods consumers use today. With numerous l...

While many organizations may prioritize the digital security measures needed to protect cardholder data, physical securities shouldn’t be forgotten. All physical acc...

Happy October!

A card issuing platform enables businesses within and beyond the financial industry to easily provide branded debit and credit cards to their customers. Despite the ...

PCI DSS Requirement 8 provides detailed guidance on the two fundamental principles for identifying and authenticating users: establishing the identity of a person th...

An issuer processor manages key payment transaction activities for issuing entities: issuing cards, authorizing and settling transactions, and acting as a system of ...

Assigning permissions carefully is one means of protecting sensitive account data by providing the minimum level of access necessary to perform an employee’s job.

Method Financial is a startup on a mission: to streamline the way fintech developers integrate key functionalities like real-time financial data, repayment, balance ...

As magical as the payment process can seem when everything is going according to plan - your buyer simply types in their details, money is transferred, and you’re in...

We are thrilled to announce an enhancement to our tokenization platform: BIN Details! The BIN, or Bank Identification Number, allows access to details, a powerful to...

A risk assessment is a dedicated process evaluating the likelihood of a damaging event happening. In the medical environment, it is a statistical calculation of the ...

PCI DSS Requirement 6 highlights the importance of installing security patches in order to protect systems from being accessed by anyone with malicious intentions. F...

A one-time-use card, also known as a privacy card, is a virtual credit or debit card number that can be used once for a single purchase. Once this purchase is comple...

A credit card vaulting service is a third party that stores, protects, and provides access to stored cardholder data for merchants. Using a credit card vaulting serv...

Malicious software, also commonly known as malware, is any software or firmware specifically designed to cause damage to, or penetrate the security systems of, a com...

As summer winds down and school starts back up for many of us in North America, Basis Theory is looking forward to an upcoming semester abroad. (Stay tuned for detai...

In the payments business, a chargeback is the reversal of a charge initiated by the issuing bank rather than the merchant, generally in response to a consumer compla...

Vulnerabilities in legacy encryption and authentication protocols for wireless networks are often targeted by malicious individuals aiming to gain access to cardhold...

Why does Payment Efficiency Matter? Processing payments is a multi-partner, multi-step endeavor, and each partner expects to be compensated for their trouble. From t...

Payment processing describes the series of steps that take place allowing one party to deliver money to another in return for goods and services, normally via a cred...

Public exposure of stored account and transaction data, either intentional or unintentional, can cause serious damage to a merchant. This is why the PCI SSC has crea...

The annual Global Payments and Fraud report produced by the Merchant Risk Council, Cybersource, and Verifi surveyed 1,072 merchants who identified as being involved ...

Despite its name, the Merchant Discount Rate (MDR) defines not a discount offered to merchants, but a fee paid by the merchant to its payment processing service. On ...

Tokenization is a process by which sensitive data is exchanged for a unique, but completely different, identifier. The sensitive data can be securely stored, and the...

Attackers often use default passwords and other vendor default settings to compromise systems. These passwords and settings are both well known and easily accessible...

Payment Gateway Providers: An Overview A payment gateway is a specialized payment processor that serves the unique needs of a specific merchant vertical group. Payme...

Requirement 1 of the Payment Card Industry Data Security Standard (PCI DSS) is to “Install and Maintain Network Security Controls”. It is designed to help merchants ...

Any entity involved in transacting credit card business has an obligation to comply with Payment Card Industry Data Security Standards (PCI DSS), which is a publishe...

Summer is in full swing, and in July our team focused on bringing our mission to life for our customers. At Basis Theory, we believe that developing products with se...

When people think of self storage, technology-forward isn’t the first thing that comes to mind. Traditionally, renting a storage unit can be arduous for the consumer...

What is PCI-DSS and what does it mean to be in scope? PCI-DSS (the Payment Card Industry Data Security Standard) is an information security standard used by every en...

At Basis Theory we’re making it easier than ever for developers to create products with sensitive data. Our new HTTP service gives developers the flexibility they ne...