@AyeshK - Some years ago I discovered that one of the UK's largest payment providers wasn't even using MD5 for their payment verification
hashes sent to the merchant — they were generating a string based on the transaction details and
encrypting it by adding the characters of the (equal length)
key of the merchant modulo 26.