We understand the importance of protecting the data you share with us, and make sure that your customer's data is safe, by providing you with a 'Secure Document Transfer’ feature in the platform which enables you to safely send and receive sensitive information rather than via alternatives such as email attachments.
However, If you are worried about giving us your historical customer data for data protection purposes, you can provide the list "pre-hashed". By performing a "one-way hash" on the historical customer email addresses, we can tell if a particular email address is in the list, but we are unable to see or ever discover the original email addresses.
To do this you will need a shared secret key which Mention Me will provide you with. If you wish to take this approach, please speak to your onboarding manager to find out the secret before continuing.
Once you have the secret, follow these steps for each email address:
- Lower case the email address
- Append the secret key provided by Mention Me
- Hash the combined email address and key using the SHA-256 hash algorithm
- Ensure the output hash is lower case
Testing the hashes
In order to confirm the hash is as expected, please hash a known email address (e.g. your own or your client success manager's), then use the 'Test Hashing' feature within the platform. You can then compare the hashes in the Mention Me platform and confirm the output matches as we expect.
Go to Settings > Tools > Test Hashing
Add the email address you have hashed, and the hash value you have created. The platform will confirm if the hash matches the email address. If the hash does not match, the platform will share with you the expected hashed value.
How to Hash emails
Examples on how to hash an email address using the secret provided by Mention Me are available in a selection of languages below. These examples are not definitive and may not suit your environment but should provide inspiration on how to do the hashing.
Pseudo-code
HashedEmail = LowerCase(SHA256Hash( Concatenate( LowerCase( [EMAIL] ), [KEY] ) ) ))
MySQL
SELECT SHA2(CONCAT(LOWER(u.email), SECRET), 256)
FROM user u;
T-SQL (MS SQL Server)
SELECT LOWER(
CONVERT(VARCHAR(200), HASHBYTES('SHA2_256',CONCAT(LOWER(u.email), SECRET)), 2)
)
FROM user u;
JavaScript
var crypto = require("crypto");
var input = email.toLowerCase() + secret;
var output = crypto.createHash("sha256").update(input).digest("hex");
console.log(output);