Heleket

Overview

Heleket is a fully-automated crypto payment gateway that competes directly with the product category occupied by Card2Crypto and Cryptomus. The product itself is broad and competent: 20+ supported cryptocurrencies (BTC, ETH, USDT on TRC-20 and ERC-20, USDC, LTC, TRX, BNB, SOL, DOGE, TON, Monero, and more), 0.4 % floor commission, mature WooCommerce / WHMCS / XenForo / Bot-t / PremiumExchanger / Seller.games integrations, an open API, automatic conversion of incoming payments to USDT for volatility-averse merchants, virtual Visa cards topped up in stablecoin, and a mass-payout / payroll layer on top of basic checkout.

The directory owner has personally used Heleket and confirms it works as advertised: checkouts route, funds settle, payouts arrive. This review is not a scam allegation. It is, however, a low directory score — 2.5 / 10 — for two independent reasons that any merchant should fully understand before integrating.

Reason 1 — Full AML / KYC at the merchant layer

Heleket sits at the bottom tier of this directory’s privacy ladder: KYC Tier L5 — Mandatory. The marketing language “no KYC hassle for basic onboarding” means something specific and narrow: you do not have to register a legal entity to start a Heleket account. It does not mean identity verification of the operating individual is skipped. Heleket’s own AML pages are unambiguous about the requirement, and the directory owner’s direct experience confirms the verification flow is real — passport or national ID, address / source-of-funds documentation, requested in-app and by email, with the account inactive until the documents clear.

This alone places Heleket in the same scoring bracket as Zadarma and RedotPay — services that are operationally legitimate but at the opposite end of the privacy axis the directory exists to rate. If the KYC question were the only factor, the score would land around 3.0 – 3.5 / 10. The second factor is what pulls it lower.

Reason 2 — The TRM Labs operator-risk profile (March 2026)

In March 2026 TRM Labs — one of the most-cited blockchain analytics firms in the regulatory and law-enforcement community — published a detailed intel report concluding with “high confidence” that Heleket was launched by the operators of Cryptomus (Xeltox Enterprises Ltd., Canada) as a parallel operation after Canada’s FINTRAC issued a record CAD 176 million penalty against Cryptomus in early 2025 for multiple violations of anti-money-laundering and counter-terrorist- financing legislation. The evidence cited by TRM is specific and worth quoting from the report directly:

• Heleket launched as Handy Elect LLC (Georgia) in January – March 2025, immediately after Cryptomus introduced KYC controls in February 2025
• Volume migration: Heleket traffic rose from zero to 53,000+ visits in February 2025; Cryptomus on-chain volumes dropped from USD 153M in January 2025 to USD 86M in March 2025 over the same window
• Identical branding, matching 0.4 % fees, shared privacy registrar, matching back-office terminology (“project moderation,” “set discount to payment method”), and Heleket’s business-development manager listed on Cryptomus’s Telegram
• Shared liquidity through the now-sanctioned Russian exchange Garantex documented across both platforms
• 75,000+ transactions with Iranian exchanges, including 50,000+ with Nobitex alone
• Documented migration of CSAM-vendor and ransomware cash-out actors from Cryptomus to Heleket after the Cryptomus KYC enforcement, including the USD 122,246 Sinobi Group ransom traced through both platforms
• Heleket’s 2025 illicit-inflow ratio of 0.6 % — roughly five times the payment-processor peer average

TRM’s explicit assessment of the architecture: the creation of Heleket “appears designed to provide Cryptomus with sufficient separation to claim plausible deniability — while continuing to service a high-risk user base.”

The directly relevant risk for a clean merchant is not that Heleket itself is a scam — repeat: the product works. The risk is that the operator-side regulatory and reputational exposure is material: if FINTRAC (or any other regulator with visibility into the Cryptomus appeal) determines operational linkage between the entities, Heleket’s parent infrastructure is at risk of the same enforcement actions. Funds in transit through Heleket wallets at that moment would be subject to whatever freeze, seizure or operational shutdown follows.

Why this is in the directory anyway

Three reasons. First, transparency: visitors looking up Heleket deserve a sourced, complete picture rather than discovering the TRM report after they integrate. Second, the directory owner has personally used the service successfully — that data point is real and is included in the file, not hidden. Third, the comparison value: knowing exactly why Heleket scores 2.5 / 10 and why Card2Crypto scores 7.0 / 10 makes the no-KYC payment-processor category legible at a glance. Heleket is the worked example of the same product category at the opposite end of the privacy + trust + regulatory-exposure spectrum.

Pricing and product specifics

• Commission: from 0.4 % per transaction; exact rate depends on plan tier and volume (tiers not publicly tabulated)
• Setup: no published setup fee
• Network fees: pass-through on the underlying chain
• Supported cryptocurrencies: 20+ — BTC, ETH, USDT (TRC-20 + ERC-20), USDC, LTC, TRX, BNB, SOL, DOGE, TON, Monero, and more
• Auto-conversion: incoming payments can be automatically routed to USDT to neutralise volatility
• Virtual Visa cards: available to merchants, topped up in USDT / USDC
• Payouts: USDT, BTC, ETH and other supported assets, with mass-payout / payroll tooling
• Integrations: WooCommerce, WHMCS, XenForo, Bot-t, PremiumExchanger, Seller.games / Digiseller, plus a developer API
• Support: 24/7 live chat, email, Telegram

Verdict

2.5 / 10. Heleket is a working crypto payment gateway with a mature product surface and competitive pricing, and the directory owner’s personal use confirms it functions as advertised. The directory score is low for the two independent reasons stated: (1) full AML / KYC verification of the merchant before activation is the opposite of what this directory rates highest, and (2) the TRM Labs March 2026 operator-risk profile — Heleket as a Cryptomus parallel operation, FINTRAC CAD 176M penalty against the parent, Garantex liquidity links, 75,000+ Iranian-exchange transactions, documented CSAM-vendor and ransomware-actor migration — is a material exposure that any merchant integrating Heleket should weigh consciously.

Recommended use: only if you have already weighed the TRM findings and accept the regulatory / reputational exposure, and your specific use case requires the broader asset support (Monero acceptance, in particular, is rare among regulated processors) and the auto-stablecoin-conversion / virtual-card stack that Card2Crypto and similar no-KYC peers do not yet offer.

Not recommended: if your goal is identity-free merchant onboarding and minimised regulatory exposure, browse the rest of Other Services in this directory and start with Card2Crypto (7.0 / 10 — zero KYC and zero KYB on the merchant side, USDC-Polygon settlement, 26+ aggregated on-ramp partners, no regulatory enforcement record).