As summer winds down and school starts back up for many of us in North America, Basis Theory is...
Welcome back, everyone! Here are the notable changes for June. We're grateful to our customers for their ingenuity and creativity in finding new ways to keep their customers' data safe. Their efforts have helped advance our platform, allowing more and more companies to focus on value creation while avoiding compliance scope.
Introducing our new Elements HTTP Client Service
With this new service, you can send data directly to third parties using our Elements in the browser, without passing through Basis Theory's platform. You can use it alone with another service or in combination with our Vault to tokenize data using Basis Theory. This feature ensures that sensitive data is collected and transmitted securely without it ever touching your codebase, keeping your compliance needs low. HTTP Client service is in private beta and requires third-party whitelisting. If you're interested, please contact us, and we'll help you get started.
Basis Theory now supports Transactions
Similar to a database transaction, Transactions enable you to make multiple changes to your token data in a single atomic operation. As tokenizations or updates are being made they are added to a single transaction; If any of those actions fail, the entire transaction can be rolled back, allowing you to ensure your data stays in sync.
Transactions help ensure that your tokens can be updated and restructured as your business or technical needs change. To learn more, click here.
MFA enabled for customer portal
We have added an extra layer of security to our login process by implementing multi-factor authentication (MFA). This helps protect our users and their customers' credit card data. MFA is a requirement in PCI DSS 4.0, which mandates that all users must be authenticated using MFA to access the CDE, regardless of their role or location. This has been automatically turned on for all customers, who can opt-in during sign-in. We will be introducing the ability to manage and enable MFA in our portal soon.
Other updates and bug fixes
- [Documentation] We added 5 new guides to our documentation focusing on full workflows with more code examples:
- [Elements] Token properties can now be marked as nullable, enabling the creation of optional fields in forms
- [Elements] Fixed bug with Axios stripping empty lists when tokenizing
- [Elements] Added a referrer policy to card elements improving compatibility with Firefox
- [API] New proxy and reactor endpoints to support merge-patch operations
- [API] Bug fix to allow removing cvc from a card.
- [API] Bug fix to properly handle encoding of special characters in form values when sending form data requests to the Proxy
- [API] Proxy and Reactors now supports any content type, including SOAP and XML
- [Reactors] Allow Proxy Request and Response transforms manually encode body
- [Reactors] Whitelisted node:querystring module to parse or process form data
- [Reactors] Increased Proxy Transform code to be up to 50k characters
