a
Helcim Security hero image

Securing your data.

We prioritize keeping sensitive information secure and protected. So you can rest easy and focus on running your business.

Helcim is committed to helping our merchants stay secure and compliant.

We undergo rigorous audits, testing, and inspections to maintain the highest level of compliance in the industry. Our talented team of in-house developers, systems engineers, and security administrators work to maintain strict security standards at all times.

Data management.

Merchants trust Helcim to securely manage and protect customer payment data, removing their systems from security and compliance scope using tools like Card Vault, Helcim.js, hosted payment pages, and our developer API.

Helcim Daily Backups

Daily Backups

Databases are automatically backed up daily to protect merchants against lost, corrupted, stolen or destroyed data. Backups are performed between data centers, as well as offsite. This is part of our commitment to ensuring ongoing business continuity.

Helcim Data storage

Data storage

We use self-replicating database clusters to store transaction, cardholder, and merchant data, ensuring uptime and load balancing. Sensitive cardholder data is retained for up to 48 months of inactivity. Customer and merchant data is logically separated and inaccessible to each other. Access by authorized Helcim staff is logged for security and PCI-DSS compliance.

Network setup.

Helcim proactively safeguards data with firewalls, IDS, and IPS on servers. We conduct regular system updates and respond swiftly to major vulnerabilities by applying patches. Servers are hardened following security guidelines.

Helcim Firewalls and IDS/IPS

Firewalls and IDS/IPS

Helcim employs firewalls with Intrusion Detection and Prevention Systems to guard against active and passive threats. These systems monitor network traffic for abnormalities, malicious code, and vulnerabilities. Servers also have locally installed IDS and IPS to detect and warn system administrators of unusual activity. If suspicious activity is detected, the IPS will take the action required to protect the servers while alerting Helcim's security team for monitoring review.

Helcim System updates

System updates

The servers and networks appliances are regularly updated to ensure all software is up to date. If a major vulnerability is discovered, patches are applied immediately by Helcim's system and security team. Per our compliance, all updates are logged as part of our change-control policies.

Authentication & access controls.

To safeguard Helcim's data and systems, we enforce strict access controls, such as VPN requirements, defined user roles, multi-factor authentication, and comprehensive logging for network access and activity. Our internal office networks are isolated from platform environments and have restrict wireless access. Internal systems are only accessible by employees who are locally and physically connected to the network.

  • Deny-All Policies

    Deny-All Policies

    Firewalls deployed to our server environments have deny-all policies by default. All connections for inbound and outbound traffic must be approved and added as new firewall rules.

  • Multi-factor authentication

    Multi-factor authentication

    Helcim requires multi-factor authentication for all staff and extends it to merchants for their internal compliance and requirements

  • Password protection

    Password protection

    Helcim uses a strict password standard for security. Passwords are always complex, changed regularly, hashed, salted, and users cannot reuse their previous 13 passwords.

  • Physical access

    Physical access

    We select cloud data centre providers with 24/7 onsite security, including restricted physical access controls, multi-factor authentication, and biometrics for key personnel

Encryption.

Helcim employs AES-256 encryption for all sensitive merchant and cardholder data, such as name, card numbers, expiry dates and cardholder address in order to meet PCI compliance. We do not store CVV, PIN, EMV, or mag data.

Information in transit

Helcim safeguards data in transit with TLSv1.2 and strong cyphers, excluding outdated SSLv3, TLSv1.0, and TLSv1.1 from our systems. This ensures that data is encrypted in transit and maintains integrity.

Compliance.

Helcim is a Level 1 PCI-DSS compliant service provider, by undergoing rigorous on-site audits, vulnerability scanning, penetration testing, and adherence to NIST security practices, all aimed at ensuring the highest level of data security compliance with the Payment Card Industry Data Security Standard.

Service uptime.

Helcim devotes significant resources to ensure the most uptime possible for our networks and merchants. These safeguards include redundant virtual environments across cloud-based data centers, using service providers that utilize best industry practices including backup power generation and dual-path power distribution systems.

Saas development.

Helcim's in-house programmers develop all our systems and applications. This ensures they meet our strict security standards, and enables close collaboration with QAs and security staff to identify potential issues before they become a problem.

Helcim Secure coding practices

Secure coding practices

All in-house applications adhere to the most current secure coding guidelines, including OWASP, through our ongoing developer training. This approach gives us full control over coding standards, source code, and deployment cycles.

Helcim Penetration testing

Penetration testing

Helcim completes regular penetration tests to identify network, system, and application vulnerabilities for potential malicious activities. These tests are done by both our in-house security team and third party professionals. Any vulnerabilities are addressed immediately by our teams.

Helcim Vulnerability scanning

Vulnerability scanning

Routine vulnerability scanning of Helcim's networks and applications help find potential security concerns. We adhere to compliance requirements with internal and ASV-performed external network scans.

FAQ.

  • Why should I choose Helcim?

    Transparency, low rates, smart tools and amazing service! Many merchants have been dragged through the mud by their prior processor with hidden fees, contracts, and terrible service. We've built our reputation on being the opposite. We care about building long-term relationships with our merchants - which means offering you the payment service you've been looking for.

    Have more questions? Email or give us a call. Our in-house team of Helcim Merchant Experience Specialists are here to share their knowledge, answer your questions and point you in the right direction. No commissions, no pressure.

  • Are there any contracts or hidden fees?

    No! You can close your account anytime without any penalty and there are no hidden fees. You never again have to worry about setup fees, termination fees, quarterly fees, PCI & non-compliance fees, customer service fees, or bank deposit fees.

  • Who is Helcim for?

    If your business is looking for a better way to accept credit and debit cards online or in-person, then Helcim is the payments company for you. Helcim offers a wide range of payment tools and software solutions to make it faster and easier for you to get paid.

  • How long do funds take to be deposited?

    Deposits will appear in your bank account within 2 business days, depending on the time of day that your transactions are settled. Transactions processed over the weekend or bank holidays are initialized for deposit on the following business day. Your daily transactions are batched together and deposited to your bank account, net of processing fees.

  • Is there a monthly fee?

    No! We want to help small businesses grow and thrive, so there are no monthly fees. Your Helcim account allows you to process both in-person and online payments with great low processing rates. You also get full access to all of our merchant tools and benefit from our amazing customer service team.

  • How long should I wait to get my payment hardware?

    When you order a Helcim card reader or a Helcim Smart terminal, we work hard to ensure it reaches you as quickly as possible. Typically, shipping may take 2 - 3 business days. However, please know that shipping may take up to 5 business days for some businesses for US locations and up to 7 business days for some Canadian locations.

  • What type of funding options does Helcim offer?

    Helcim uses gross deposits, meaning your total sales are deposited directly into your bank account, with processing fees deducted as a separate line item on the same day. This ensures accurate daily revenue and cash flow data so you always know exactly how much you've earned and what's available.

  • How much are the processing rates?

    For Visa, Mastercard, Amex and other card-brands, we offer Interchange Plus pricing to give you complete transparency and greater savings. By passing the base cost directly to you and only charging for a single markup, Interchange Plus pricing gives you significant savings. By knowing our cost as well as our markup, we promote a fully transparent partnership which means no surprises on your monthly statement!

    To calculate your rates for in-person and online transactions, you can visit our pricing page.

  • Do I need to change banks?

    No! You can use your existing bank account, provided by your financial institution or credit union. Sole proprietors can use a personal bank account. Incorporated business and partnerships are required to use a business bank account

    Law firms and other businesses that require separate trust and operating bank accounts are able to customize the flow of deposits and fees to meet their needs.

  • Do you offer volume discounts?

    Yes! And there is no need to call and renegotiate rates. Our Interchange Plus margin automatically decreases the more you process, helping you save even more.

    You can view our complete volume discounts on our pricing page.

  • How does signing up work?

    You can sign up directly on our website using your computer or mobile phone. There is no need for complicated paperwork nor signatures. The signup form takes as little as 5-minutes, asking you to enter basic information about your business, address and contact information.

    Once you create your Helcim account, you can begin using it right away! Get started here.

Show All

Start accepting payments today.

Create your free account instantly with no paperwork or commitments.

Get started for free
Call to action background affiliate program image

We're always
here to help.

New to accepting card payments? We take the time to help you understand how it all works so you can make the best decisions for your business.

  • Speak to a real person, fast
  • Experts you can trust
Show more

Have us contact you.

Contact name cannot be blank
Business name cannot be blank
Please provide a valid email address
Phone number cannot be blank

The form was sent successfully!