Triangulation fraud is a complicated fraud scheme that occurs, predominantly in ecommerce, between three parties: an unsuspecting customer, a fraudulent seller, and ...

Merchants that want to integrate payments directly into their website or application have several options for doing so, but will often eventually look to iframe (inl...

Tokens: What is a Token Vault? A token is a non-exploitable identifier that references sensitive data. Tokens can take any shape, are safe to expose, and are easy to...

Payments become delinquent when they are not made according to a pre-agreed schedule. Almost by definition, then, they are almost always associated with recurring pa...

What is Payments Vaulting? Merchants are said to be ‘vaulting payments’ when they contract with a partner, which stores sensitive cardholder data securely and provid...

What is Vendor Lock-in? Vendor lock-in describes a situation where a customer becomes entirely dependent on a specific vendor for products or services, and switching...

The Payments Card Industry Data Security Standard (PCI DSS) outlines hundreds of requirements for storing, processing, and transmitting cardholder data. Any business...

What is a Universal Payment Vault? A payment vault is a storage facility where merchants securely manage customer payment details, and transmit them to payment partn...

Estimates suggest that somewhere between 36% and 50% of all transactions worldwide are now completed digitally. While this may not come as a surprise to many, what m...

Merchants strive to have a seamlessly integrated payment flow for customers. From the outside looking in, many may assume that this is achievable through a light and...

Frictionless payments offer the least amount of effort to get a transaction closed. There is no universally accepted definition of a frictionless payment, it is more...

Why Does 3D-Secure Matter? 3D Secure (3DS) provides an additional layer of security for online transactions, adding an identity confirmation partner to the standard ...

This November, Basis Theory introduced several enhancements geared toward expanding our Payment Stack capabilities. With a focus on providing adaptable payment solut...

Merchants, especially online, have no choice but to contract with at least one payment service provider (PSP) to ensure they can execute transactions with credit car...

In any subscription business, there is inevitably churn - subscribers who end their contract and move on. There is, however, a difference between those who choose to...

In the first four posts of this five-part series, we covered the rules of payment processing for high risk merchants, what causes processors to shut down merchants, ...

Sophisticated high-risk merchants understand that de-risking their payments operations can truly be a game changer for their business. They see that not only is it i...

As a high-risk merchant, you know that hedging your risks can make it easier for your business to remain operational. One important way to achieve this when using a ...

Why it’s Crucial to Constantly Improve Payments Performance For any business, revenue growth is key to continued development and opportunity. And revenue growth can ...

Operating as a high-risk merchant, one of the most feared experiences is getting shut down. Even the looming threat of this happening is enough to keep many merchant...

This is blog post one of a five-part series on the ins and outs of high-risk merchants and high-risk payment processing.

How Credit and Debit Cards Compare The fundamental difference between a credit and debit card is whose money is being used in the transaction: with a credit card, th...

October was dedicated to enhancing the developer experience at Basis Theory.

The Basis Theory team joined a webinar hosted by the Merchant Risk Council (MRC) on November 1 titled “AI Solutions to Simplify Payment Management and Compliance”.

The world of payment processing can be bewildering and esoteric, with its vast range of participants, processes, and industry jargon. This (admittedly incomplete!) g...

What many people miss about the payment process is that there are actually a series of steps - it’s not a one-stop shop! Merchants generally will run some amount of ...

As outlined in sub-requirements of the other 11 requirements, documenting expectations of the security posture of an organization is fundamental to the success of th...

System vulnerabilities can serve as an open door for attackers to walk right into secure systems and cause significant harm. The best prevention method is to consist...

Gift card authorization rates are estimated to be 5-10% lower than standard credit card authorization rates. While this can be frustrating for merchants and customer...

Logging mechanisms and tracked user activities are critical to preventing, detecting, or minimizing the impact of a data compromise. Implementing logs on all system ...

As a merchant, you are likely aware of the struggle to recognize identical cards across the increasing amount of payment methods consumers use today. With numerous l...

While many organizations may prioritize the digital security measures needed to protect cardholder data, physical securities shouldn’t be forgotten. All physical acc...

Happy October!

A card issuing platform enables businesses within and beyond the financial industry to easily provide branded debit and credit cards to their customers. Despite the ...

PCI DSS Requirement 8 provides detailed guidance on the two fundamental principles for identifying and authenticating users: establishing the identity of a person th...

An issuer processor manages key payment transaction activities for issuing entities: issuing cards, authorizing and settling transactions, and acting as a system of ...

Assigning permissions carefully is one means of protecting sensitive account data by providing the minimum level of access necessary to perform an employee’s job.

Method Financial is a startup on a mission: to streamline the way fintech developers integrate key functionalities like real-time financial data, repayment, balance ...

As magical as the payment process can seem when everything is going according to plan - your buyer simply types in their details, money is transferred, and you’re in...

We are thrilled to announce an enhancement to our tokenization platform: BIN Details! The BIN, or Bank Identification Number, allows access to details, a powerful to...

A risk assessment is a dedicated process evaluating the likelihood of a damaging event happening. In the medical environment, it is a statistical calculation of the ...

PCI DSS Requirement 6 highlights the importance of installing security patches in order to protect systems from being accessed by anyone with malicious intentions. F...

A one-time-use card, also known as a privacy card, is a virtual credit or debit card number that can be used once for a single purchase. Once this purchase is comple...

Malicious software, also commonly known as malware, is any software or firmware specifically designed to cause damage to, or penetrate the security systems of, a com...

As summer winds down and school starts back up for many of us in North America, Basis Theory is looking forward to an upcoming semester abroad. (Stay tuned for detai...

In the payments business, a chargeback is the reversal of a charge initiated by the issuing bank rather than the merchant, generally in response to a consumer compla...

Vulnerabilities in legacy encryption and authentication protocols for wireless networks are often targeted by malicious individuals aiming to gain access to cardhold...

Why does Payment Efficiency Matter? Processing payments is a multi-partner, multi-step endeavor, and each partner expects to be compensated for their trouble. From t...

Payment processing describes the series of steps that take place allowing one party to deliver money to another in return for goods and services, normally via a cred...

Public exposure of stored account and transaction data, either intentional or unintentional, can cause serious damage to a merchant. This is why the PCI SSC has crea...