Skip to content

    Marble Insurance Maintains PCI Compliance with Basis Theory

    Case study explaining how Marble worked with Basis Theory to get PCI Compliant
    Picture of Basis Theory ·
    Customer Story

    With dozens of personal lines of insurance and an overwhelming amount of policy options, Marble developed a Super App for all personal insurance policies. Marble is responsible for maintaining the personal insurance data of their users and, in return, provides quotes and comparisons, essentially acting as a licensed insurance agency underneath the hood of a tech company. Only this agency has partnerships with more than 60 insurance carriers. 

    “We’re able to unlock thousands of policy data points once a Marble member uploads their insurance policies,” explains Matt Donofrio, Head of Revenue at Marble. “Everything from premiums being paid to asset information helps us shop for better insurance coverage. What was missing within all that was payment data.”

    Aside from providing rewards and finding better rates for their customers, the Marble platform also acts as a digital wallet that can initiate payments to buy or pay for insurance policies. 

    “A customer going through to purchase a policy using an agency is not necessarily something that can be done in a few clicks,” Donofrio says. “We wanted to offer an experience that seamlessly lets you confirm coverage details and submit a payment.”

    Protecting that data required making a decision on building their own PCI compliant environment or working with a service provider. 

    “We knew as we built our customer experience, we always needed to remain in PCI compliance,” Donofrio explained. “It was much easier for us to offload those responsibilities to an organization that is already PCI compliant.”

    Solution

    Having a background in banking, Donofrio understood what it would take to build or buy this type of solution. Donofrio said he found Basis Theory through an organic search, and in less than 30 days, Marble was able to integrate with Basis Theory. 

    “We were able to develop some of our own forms with Basis Theory that allow people to choose their payment method to complete the purchase,” Donofrio says. “Basis Theory takes the credit card data after it’s entered, tokenizes it, routes it to the carrier, and vaults the data.” 

    “It’s such a value-add that Basis Theory handles PCI compliance for us.”

    The integration consisted of sending API documentation and creating a private Slack channel with engineering team members from Marble and Basis Theory. 

    “The Basis Theory team was always prompt with answers to our questions—and they still are,” Donofrio explained. “The integration was really as easy as it sounds, no surprises.”

    Results

    As the insurance industry continues to digitally transform itself, the Marble platform continues to expand. Today, the company delivers over 15,000 quotes each month and helps members manage nearly $100 million in premiums. 

    Donofrio says without Basis Theory, not only would maintaining PCI compliance be more costly, the lifecycle of turning a user into an active customer would look incredibly different. 

    “We needed a solution that we could implement quickly and was not super operationally heavy,” Donofrio said. “It was clear to me that Basis Theory was what we needed and I’d be hard-pressed to think there’s something more relevant to what we were trying to solve—which was to maintain PCI compliance.”

    De-Risk Payments. De-Scope Compliance.   Accelerate time-to-compliance and eliminate nearly 90% of the PCI DSS Level 1 requirements using Basis theory.  

    Stay Connected

    Receive the latest updates straight to your inbox