Overview of HelcimPay.js

Embed payments into your website without handling sensitive information, with a single API call. HelcimPay.js is the ideal solution for developers looking to implement a seamless experience while reducing security and PCI-DSS scope.

With access to Helcim Fee Saver and improved performance, HelcimPay.js can be used by your customers to process Credit Card or ACH payments, or simply verify and tokenize card details to your Helcim Card Vault for use through the Helcim API.

With our prebuilt payment modal, HelcimPay.js enables you to easily accept payments without facing the typical security drawbacks of using payment gateway integrations. Get started with HelcimPay.js by creating an API access token.

Helcim.js

Technical Overview

  • HelcimPay.js is a payment processing tool that can be easily set up with a single API call (please refer to the Initialization API reference documentation for more details). A successful initialization request will return a checkout token and a secret token in the response.
  • The HelcimPay.js modal can be easily implemented and rendered by adding a script tag to your web browser’s HTML code (please refer to the Implementation section for more details).
  • All requests to initialize a HelcimPay checkout session should be done from your website or applications backend server, using your API Access token to establish your connection. This ensures a secure connection between your server and Helcim.
  • All successful transactions processed through HelcimPay will create a basic Customer and Invoice object in your Helcim account for record keeping, and return a customerCode and invoiceNumber in the transaction response.
  • HelcimPay.js uses JavaScript scripts in order to render the payment modal on your website or application, and requires a browser to work. When integrating into mobile applications, your application must utilize a WebView wrapped in a native app.

The checkout token is the key to the HelcimPay.js modal. This token ensures a secure connection between the cardholder’s web browser and Helcim’s endpoint. Please note, the checkout token is a unique value for each payment instance, and it expires after 60 minutes, or once the transaction is processed. Having unique and recent checkout tokens reduces the likelihood that an unauthorized payment is processed.

The secret token is used for verification after a transaction has been processed successfully. This token, along with transaction data in the response are used to create a hash. You can use this to verify that the data in the transaction response is valid and has not been tampered with.

Transaction Flow

The steps below outline the transaction flow through HelcimPay.js

  1. The merchant initializes HelcimPay to obtain their checkoutToken and secretToken.
  2. A customer clicks on a button configured with the checkoutToken that displays the HelcimPay.js modal.
  3. A customer enters their card information (or bank information), or if a customer code is provided in the initialization process, selects an existing card (or existing bank account) tied to their account.
  4. Customer clicks on the “Process Payment” button.
  5. The required payload for a transaction is received and processed by Helcim.
  6. When the transaction is successful, a payload is returned to you and an approval or error message is displayed based on the outcome of the transaction.
  7. The merchant redirects the customer once a transaction response is received.