Helcim Credit Card Data Migration
We believe that our merchants own their stored credit card data, and offer the ability to import or export stored credit card information without fees or penalties. Please note that you should never email credit card numbers to Helcim, even if encrypted. Below are step-by-step instructions for importing and exporting cards. Because of the sensitive nature of the information and the manual processes involved, data migration is a one-time service per merchant. Please allow 5 business days for completion. Software requirements:
Importing Credit Cards to Helcim
At minimum, you need to provide us with a full credit card number and expiry date, as well as some type of identifier (such as customer ID or customer code) so that each credit card can be linked to a particular customer in your Helcim database. Each credit card entry should have its own row (line), and the file should be in a CSV or Excel format. Below are the steps to complete an import:
- Generate a private key and public key using your GPG client.
- Send your public key to your Helcim representative by email.
- Helcim will use your public key to encrypt the login credentials to our SFTP server. These encrypted credentials will be emailed back to you. You will decrypt these using your private key.
- Using Helcim's public key (shown below), encrypt your CSV or Excel file containing the data.
- Upload the encrypted data to our SFTP server and notify Helcim of the file's transfer.
- Helcim will decrypt the file using our private key and import the data.
Exporting Credit Cards to Another Provider
In order to transfer your credit card data to another provider, we will need their attestation of compliance (AOC). They must be a PCI-DSS Level-1 service provider and be accredited on Visa's CISP list. The export data is in CSV format, and will contain the full credit card information as well as corresponding customer information (if available). Below are the steps to complete an export:
- Helcim will email your new service provider with its public key, and ask for them to do the same.
- Helcim will request from the new service provider their SFTP credentials. Service provider should encrypt the SFTP credentials using Helcim's public key.
- Using the new service provider's public key, Helcim will encrypt the data and upload the encrypted file to the new service provider's SFTP server.
- The new service provider will have the ability to decrypt the data using their private key.
Helcim Public Key
Length: 4096 Date Issued: April 26, 2019 Expiry Date: April 26, 2021 (expand code window to the right to see key)