Skip to main content


Basis Theory Elements are simple and secure inputs that empower developers to collect sensitive data from users or to reveal sensitive data back to users, all without having direct access to the plaintext data. This last point is key - any application code that interacts with sensitive regulated data can be subject to costly and time-consuming audits to prove that your application meets various compliance standards (e.g., PCI-DSS, HIPAA, SOC 2, ISO-27001). Using Elements can completely remove your frontend applications from compliance scope, saving your development team time and money.

Think about it as an isolated sandbox within your frontend application that your end users are able to seamlessly interact with, and which securely communicates with the Basis Theory vault to tokenize or detokenize data. Sensitive data is not directly exposed to your application code, and only the non-sensitive token identifiers are exposed to be referenced within your systems.

Here's how Basis Theory Elements make this possible:

  • Install one of our Elements SDKs into your web or mobile application
  • Build forms using our Element input components
  • Interact with the Basis Theory API using Element references, not plaintext data
  • Own your UI/UX by fully customizing how Elements are styled

Collect Sensitive Data

Data entered by your end users into an Element is tokenized and secured within the Basis Theory vault, without your application needing to have direct access to this data.

Our SDKs provide several types of inputs to collect various types of data, such as the CardElement for collecting credit card data and TextElement for collecting arbitrary textual data.

Elements can be configured to support custom input masking, validation, and transformation rules to satisfy your unique requirements.

To get started collecting data, check out one of our guides that best suits your use case:

Reveal Sensitive Data

Tokens stored within the Basis Theory Vault can be securely revealed to end users without accessing the plaintext data directly within your application code.

Using one of our SDKs, sensitive data can be securely retrieved and applied to one or more Elements within your UI. The SDK will manage encapsulating the sensitive data so that your application can reference these value without having direct access to it.

To get started revealing sensitive data to your users, check out our Reveal Tokenized Data guide.

Elements SDKs

JavaScript Elements SDK


React Elements SDK


iOS Elements SDK


Android Elements SDK