Helcim Logo Support & Tutorials

© Copyright 2006-2018 Helcim Inc.

All Rights Reserved.

PCI Compliance »

TLS 1.2 Helcim Legacy Virtual Terminal and Gateway Migration

TLS is the protocol used to make a secure connection when visiting “HTTPS” websites or making server-to-server connections (formerly SSL), with the most up-to-date version of TLS being 1.2.

What is happening

In order to remain PCI-DSS compliant, we’re making changes to the Helcim (Legacy) Virtual Terminal and Gateway. Older versions of TLS (1.0 and 1.1) are being deactivated on June 30, 2018. This will not impact our new merchant platform, Helcim Commerce, as it is already exclusively using TLS 1.2

What you need to do by June 30, 2018

You are receiving this email because our systems detected that your business made a connection to the legacy Helcim Virtual Terminal or Gateway using TLS1.1 or TLS1.0 in the past 6 months. This means that your ability to accept payments may be interrupted unless you make the needed changes.

If you login manually to Virtual Terminal

If you manually login to the Helcim Virtual Terminal to process your payments, no changes are needed. Modern web-browsers including Chrome, Internet Explorer, Safari and Firefox already support TLS1.2.

If you use the Hosted Payment Pages or Helcim.js

If you’re accepting transactions using the Hosted Payment Pages or Helcim.js, no changes should be needed as the TLS1.2 connection is established between your customers’ web-browser and our server. If you’re using the hosted payment pages or Helcim.js v1 in an unconventional way, please contact our support team to see if your payments will be interrupted.

If you Integrate Via Payment Gateway API

IMPORTANT! If you’re processing transactions using the legacy Helcim Payment Gateway API, you will need to make sure that your server is establishing a TLS 1.2 connection when sending POST data. This page contains code samples in PHP and C# to test your server. Failure to update your code will cause your server to no longer be able to connect to Helcim.

Linux vs. Windows Servers

By default, most Linux servers will automatically use the latest TLS standard (1.2) when making a CURL network connection. When it comes to Windows Servers however, we've seen numerous instances where Windows Servers will default to older standards, such as SSLv3 or TLS 1.0. Merchants using Windows Servers making gateway API transactions are the most likely to be impacted. Please refer to the code samples on how to force a TLS 1.2 connection using C#.

About Code Samples

The code samples on the right are made for you to download and execute on your server to see if it can successfully establish a TLS 1.2 connection. Please note that the URL used in the code is for Helcim Commerce, not the legacy Helcim Gateway. The reason for this URL is because Helcim Commerce only accepts TLS 1.2 connections, and therefore is a good API to use to see if a connection can be succesfully established. The code samples do not process any payments, instead they just connect to Helcim. Once you've been able to successfully establish a connection, you should update your current Helcim (legacy) Gateway code to force the TLS 1.2 connection, but leave the legacy URL unchanged (https://gateway.helcim.com/).

Now is a good time to switch to Helcim Commerce

Now would be a good time to consider switching your processing over to Helcim Commerce! Helcim Commerce is our new merchant platform that features mobile apps, invoicing, better recurring payments and even a hosted online store. All existing Helcim merchants can access Helcim Commerce without impacting their current pricing. We can also migrate your data from the legacy Helcim Virtual Terminal to Helcim Commerce. Please contact our support team to get migrated.

We’re here to help

Feel free to reach out if you have any questions or need any assistance. You can reach our Support Team by phone at 1-877-643-5246 or e-mail at help@helcim.com.

Thank you,

 

Helcim Support Team
Email: help@helcim.com
Phone: 1-877-643-5246

Code Samples

PHP Testing TLS 1.2 Connection PHP

<?php

	// SET URL
	$url = "https://secure.myhelcim.com/api/";

	// BUILD POST ARRAY
	$postArray = array(
		'action' => 'connectionTest'
		);
	
	// CREATE POST STRING
	$postString = http_build_query($postArray);

	// SET CURL OPTIONS
	$curlOptions = array(	
		CURLOPT_RETURNTRANSFER => 1,
		CURLOPT_AUTOREFERER => TRUE,
		CURLOPT_FRESH_CONNECT => TRUE,
		CURLOPT_HEADER => FALSE,
		CURLOPT_POST => TRUE,
		CURLOPT_SSLVERSION => CURL_SSLVERSION_TLSv1_2,
		CURLOPT_POSTFIELDS => $postString,
		CURLOPT_TIMEOUT => 30 
	);

	// CREATE NEW CURL RESOURCE
	$curl = curl_init($url);

	// SET CURL OPTIONS
	curl_setopt_array($curl,$curlOptions);

	// PROCESS TRANSACTION - GET RESPONSE
	$response = curl_exec($curl);

	// CLOSE CURL REOURCE
	curl_close($curl);

	//CREATE XML OBJECT
	$xmlObject = @simplexml_load_string($response);

	// CHECK FOR XML OBJECT
	if(is_object($xmlObject)){

		//
		// XML DATA READY
		//

		echo 'TLS Version 1.2 Valid';

	}else{

		//
		// ERROR OCCURED 
		//

		echo 'Error: TLS Version 1.2 Invalid';

	}

?>

ASP.net Submitting The Form HTML

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.vb" Inherits="_Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <asp:Label ID="lblResult" runat="server"></asp:Label>
        </div>
    </form>
</body>
</html>

C# Testing TLS 1.2 Connection C#

using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Linq;
using System.Net;
using System.Text;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Xml;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        using (var client = new WebClient())
        {
            // SET UP POST FIELDS
            var values = new NameValueCollection();
            values["accountId"] = "CHANGEME";
            values["apiToken"] = "CHANGEME";
            values["action"] = "connectionTest";

            // FORCE TLS 1.2
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

            try
            {

                // EXECUTE REQUEST
                var response = client.UploadValues("https://secure.myhelcim.com/api/", values);

                // BUILD RESPONSE STRING
                var responseString = Encoding.Default.GetString(response);

                // BUILD XML DOCUMENT FROM RESPONSE
                XmlDocument doc = new XmlDocument();
                doc.LoadXml(responseString);

                // PRINT XML
                Console.WriteLine(responseString);

                // CHECK RESPONSE
                if (doc != null)
                {

                    //
                    // XML DATA READY
                    //

                    // PASS
                    lblResult.Text = "TLS1.2 Valid!";



                }

            }
            catch (Exception ex)
            {
                lblResult.Text = "Invalid!";
            }

        }
    }
}

C# Forcing TLS 1.2 C#

// FORCE TLS 1.2
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;