Hashing is a form of one-way encryption, meaning once data is hashed, there is no way back to its raw form. If the data is “hashed” using the same method, it will always produce the same result, allowing you to safely transfer data to advertising platforms (like Meta) while lowering the risk to your users of exposing their unencrypted personal details.
Thirty-One Circles can take unencrypted data and complete the hashing step for you, or for email addresses, you can provide already hashed data. If you choose to send hashed email data to the platform, you must follow the steps below, as it is impossible to fix (or indeed know if it has been done correctly) once hashed.
We recommend that you perform the hashing step only if you are confident the correct normalisation steps have been conducted. If they are not your data will have an extremely low match rate.
For emails:
- Lowercase all characters in the email
- Remove all surrounding whitespace
- DO NOT add any form of “salt” to the email string
- Use a SHA256 algorithm to perform the hash.
After hashing we recommend you perform a quick check that the “hashed email” is exactly 64 characters long.
To test your hashing is correct check that “TEST@test.com ” produces “f660ab912ec121d1b1e928a0bb4bc61b15f5ad44d5efdc4e1c92a25e99b8e44a”
For phone numbers:
As advertising platforms require hashed phone numbers in two different (but very similar) formats it is necessary to provide hashed phone numbers in both format 1 and 2 below:
Format 1
- Ensure the raw phone number includes country code (44 for the UK)
- Remove all surrounding whitespace
- Remove all leading zeros
- Remove any symbols – such as leading + sign.
Format 2
- Ensure the raw phone number includes the country code (44 for the UK)
- Remove all surrounding whitespace
- Remove all leading zeros
- Ensure the phone number starts with a + sign.
Like with hashed emails, after hashing we recommend you perform a quick check that the “hashed phone number” is exactly 64 characters long.