# Generate Secure Hash - Recurring Payment ## **How to generate a secure hash** The secure hash is generated by using sha256 on a string consisting of (according to sequence): * Secret Key * Recurring ID * Order ID For example, if the values for the parameters are as in the PHP shown below: ```php ?php /$secret_key = ‘21245-957’; $recurring_id = ‘1234’; $order_id = ’12’; $hash = hash(‘sha256’,$secret_key.$recurring_id.$order_id); ?> ``` The string to be hashed is **21245-957123412,** which will generate the hash value of: * **a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f** ## **How to verify if the secure hash is correct** 1\. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay. 2\. For example, if the parameters received from senangPay are as in the PHP shown below: ```php $status_id = '1'; $order_id = '12'; $transaction_id = '14363538840'; $msg = 'Payment_was_successful'; $hash = hash(‘sha256’,$secret_key.$status_id.$order_id.$transaction_id.$msg); ?> ``` The string to be hashed is **21245-95711214363538840Payment\_was\_successful,** which will generate the hash value of: **24354422953c29bf4b822f6783bbaf64ef445623d6e8ea4ddc1582a29c03cda0** 3\. Compare the hash value that you have generated with the hash value sent from senangPay. If the values do not match, the data may have been tampered with. Please contact for further assistance.