Gift card authorization rates are estimated to be 5-10% lower than standard credit card authorization rates. While this can be frustrating for merchants and customer...

Logging mechanisms and tracked user activities are critical to preventing, detecting, or minimizing the impact of a data compromise. Implementing logs on all system ...

As a merchant, you are likely aware of the struggle to recognize identical cards across the increasing amount of payment methods consumers use today. With numerous l...

While many organizations may prioritize the digital security measures needed to protect cardholder data, physical securities shouldn’t be forgotten. All physical acc...

Happy October!

A card issuing platform enables businesses within and beyond the financial industry to easily provide branded debit and credit cards to their customers. Despite the ...

PCI DSS Requirement 8 provides detailed guidance on the two fundamental principles for identifying and authenticating users: establishing the identity of a person th...

Assigning permissions carefully is one means of protecting sensitive account data by providing the minimum level of access necessary to perform an employee’s job.

As magical as the payment process can seem when everything is going according to plan - your buyer simply types in their details, money is transferred, and you’re in...

We are thrilled to announce an enhancement to our tokenization platform: BIN Details! The BIN, or Bank Identification Number, allows access to details, a powerful to...

A risk assessment is a dedicated process evaluating the likelihood of a damaging event happening. In the medical environment, it is a statistical calculation of the ...

PCI DSS Requirement 6 highlights the importance of installing security patches in order to protect systems from being accessed by anyone with malicious intentions. F...

A one-time-use card, also known as a privacy card, is a virtual credit or debit card number that can be used once for a single purchase. Once this purchase is comple...

Malicious software, also commonly known as malware, is any software or firmware specifically designed to cause damage to, or penetrate the security systems of, a com...

As summer winds down and school starts back up for many of us in North America, Basis Theory is looking forward to an upcoming semester abroad. (Stay tuned for detai...

In the payments business, a chargeback is the reversal of a charge initiated by the issuing bank rather than the merchant, generally in response to a consumer compla...

Vulnerabilities in legacy encryption and authentication protocols for wireless networks are often targeted by malicious individuals aiming to gain access to cardhold...

Why does Payment Efficiency Matter? Processing payments is a multi-partner, multi-step endeavor, and each partner expects to be compensated for their trouble. From t...

Payment processing describes the series of steps that take place allowing one party to deliver money to another in return for goods and services, normally via a cred...

Public exposure of stored account and transaction data, either intentional or unintentional, can cause serious damage to a merchant. This is why the PCI SSC has crea...

The annual Global Payments and Fraud report produced by the Merchant Risk Council, Cybersource, and Verifi surveyed 1,072 merchants who identified as being involved ...

Despite its name, the Merchant Discount Rate (MDR) defines not a discount offered to merchants, but a fee paid by the merchant to its payment processing service. On ...

Attackers often use default passwords and other vendor default settings to compromise systems. These passwords and settings are both well known and easily accessible...

Payment Gateway Providers: An Overview A payment gateway is a specialized payment processor that serves the unique needs of a specific merchant vertical group. Payme...

Requirement 1 of the Payment Card Industry Data Security Standard (PCI DSS) is to “Install and Maintain Network Security Controls”. It is designed to help merchants ...

Any entity involved in transacting credit card business has an obligation to comply with Payment Card Industry Data Security Standards (PCI DSS), which is a publishe...

Summer is in full swing, and in July our team focused on bringing our mission to life for our customers. At Basis Theory, we believe that developing products with se...

What is PCI-DSS and what does it mean to be in scope? PCI-DSS (the Payment Card Industry Data Security Standard) is an information security standard used by every en...

At Basis Theory we’re making it easier than ever for developers to create products with sensitive data. Our new HTTP service gives developers the flexibility they ne...

As we empower our customers to build pioneering solutions for their payment systems, ensuring alignment with regulatory rules is a critical step. We've witnessed fir...

Uncovering the top resources to build your payment knowledge The payments industry and ecosystem can be daunting in its breadth and depth. Understanding not only the...

What is payments compliance? The pandemic years accelerated the growth of global e-commerce, catapulting the industry to over 26 million individual merchants doing b...

We recently released a white paper detailing the many aspects of the “Know Your Customer” (KYC) program, and what it means for businesses that interact with customer...

Welcome back, everyone! Here are the notable changes for June. We're grateful to our customers for their ingenuity and creativity in finding new ways to keep their c...

What is Payment Gateway Fraud? Payment gateway fraud occurs when a card-not-present transaction is completed using invalid card details. Fraudsters may use stolen cr...

Transferring money across borders seamlessly has opened up a realm of possibilities for businesses and individuals alike. However, many may find that cross-border pa...

In the fast-paced world of B2B software, prompt and efficient payment processing is on every vendor’s wish list. Getting paid in a timely fashion is essential for ma...

A payment service provider (PSP) is a necessary partner in the payments ecosystem, bridging the divide between the merchant, the card networks, and the buyer’s and s...

Payment reconciliation is the process of matching and verifying the payments made by customers with the corresponding invoices and receipts. This process ensures tha...

As the payments industry continues to evolve, staying on top of the latest trends is crucial for payments professionals looking to make informed decisions and drive ...

As we hear feedback from customers about the creative ways they use their payments data we constantly look for ways to unlock more use cases. We've recently released...

Electronic Benefits Transfer, or EBT, is a system that was created to allow recipients of federal support in the United States to make food purchases electronically....

Providing secure payment transactions is a shared responsibility, because so many entities are involved in an intricate chain of activities to complete a deal. Each ...

A payment aggregator is a service provider that shares their merchant account with their customers, allowing them to start accepting payments quickly and easily. Ins...

It’s easy to imagine the scariest risks of all: having your system taken over and sold back to you by ransomware, say, or a criminal ring intentionally buying all yo...

Whether you're a merchant looking to cut down on payment service fees, a startup aiming to provide solutions to an underserved region, or an online business battling...

What are Payment Analytics? Payment analytics are actionable trends organizations can identify and use to tune and accelerate their business growth. In today’s numbe...

We've been working hard this spring to provide more control, flexibility, and security to improve your data management and user experience. Our latest updates includ...

Introduction When migrating credit card data from a payment service provider (PSP) to Basis Theory, you would extract all stored card data and personally identifiabl...

What is Payment Automation? When we think about payment automation, the temptation is to think only about inbound payment - revenue, in other words. And, indeed, mak...