Skip to main content
Version: v5

Hashing

A hash function is a constructor that converts one value to another. Incognia highly recommends generating your Account ID by applying a hash function to an internal identifier of yours.

Hash functions are not invertible (given the hashed value, it's not possible to produce the data that generated it). This is a security measure to ensure that your internal identifiers are not compromised even if Incognia's data are breached.

Best practices#

Incognia recommends using SHA-256 (Secure Hash Algorithm) hashing. It's a set of cryptographic hash functions designed by the United States National Security Agency (NSA). In this case, SHA-256 is a novel hash function computed with 32-bit words.

To ensure the best use of your generated IDs, Incognia recommends that they should be created in your backend service by applying a SHA-256 hash to an internal value that was set for a given user account. In case you need to β€˜revert’ the hashed value, you can store a map table on your infrastructure with proper access control. By doing this, you will be able to call our APIs using this hashed Account ID and map the response back to your internal identifier.

Here is an example of how to hash an ID if you have a Java backend service:

Gradle
implementation group: 'com.google.guava', name: 'guava', version: '30.1-jre'
Java
String myId = "myInternalId";String sha256hex = Hashing.sha256()  .hashString(myId, StandardCharsets.UTF_8)  .toString();