Every e-invoice issued in Saudi Arabia carries a unique, non-repeating digital fingerprint, generated by one specific algorithm mandated by the Zakat, Tax and Customs Authority (ZATCA): SHA-256. This algorithm turns the invoice content, however long or short, into a fixed-length string of 256 bits that acts as a fingerprint that cannot be forged or reverse-engineered. If a single character in the invoice changes, the fingerprint changes entirely. This principle underpins the Cryptographic Stamp and the invoice-chaining series (PIH) in Phase Two of e-invoicing.
In this technical reference we focus specifically on the SHA-256 algorithm: what it is, why the Authority chose it over other options, how it is applied to the invoice to produce the hash value, and how that value is used inside the Cryptographic Stamp and the PIH chain. The general concept of hashing is covered in our standalone «Hashing» article, and the PIH field is detailed in our «PIH» reference. Here the focus is on the algorithm itself and its behavior on invoice data.
What is the SHA-256 algorithm?
SHA-256 stands for Secure Hash Algorithm 256-bit, and it is a member of the SHA-2 family developed by the U.S. National Security Agency and published by the National Institute of Standards and Technology (NIST) under the standard FIPS 180-4. Its job is to take any digital input, whether text, a file, or invoice content, and produce from it a single fixed-length value called the hash value, or hash.
The number 256 in the name refers to the output length: always 256 bits. This length does not change no matter how the input size changes. Whether you enter a single word or an invoice with a hundred line items, the output stays exactly 256 bits. This value is usually written in Hexadecimal as 64 characters, or in Base64 encoding in a shorter form used by the Authority inside the invoice.
Experts describe SHA-256 as a «one-way function». This means you can easily generate the fingerprint from the invoice, but you cannot recover the invoice from the fingerprint. This property is the core of its security value: the fingerprint proves the invoice has not changed, without revealing its content to anyone who holds the fingerprint alone.
SHA-256’s place in the SHA-2 family
SHA-256 is not an isolated algorithm, but one of the SHA-2 family that includes several functions differing in output length: SHA-224, SHA-256, SHA-384, and SHA-512. The number in each name indicates the number of output bits. The 256 version was chosen for e-invoicing because it balances security strength sufficient for decades to come with a reasonable data size that does not burden every invoice.
Internally, SHA-256 works by splitting the input into fixed-size blocks, then processing each block through a series of computational rounds that mix its data with an accumulating internal state. The accountant or developer does not need to trace these rounds manually, as approved software libraries execute them precisely. What matters is understanding the result: whatever the input, the process produces a single 256-bit value that represents it uniquely and is hard to forge.
This internal structure is the source of two properties together: determinism and reversal resistance. Determinism means that the same input produces the same fingerprint every time and on any device, which is an indispensable condition for two different parties to compute the same fingerprint and compare them during verification.
Input of any size
SHA-256 algorithm
256-bit fingerprint (64 characters)
256 bits: the fixed length and its practical meaning
The most distinctive feature of SHA-256 is the fixed output length of 256 bits. A bit is the smallest unit of information, taking the value 0 or 1. When we say the output is 256 bits, this means 256 consecutive binary digits. This fixed length gives the system important practical properties in the context of e-invoicing.
First, standardization. All invoice fingerprints in Saudi Arabia have the same length, which makes them easier to store, compare, and transfer between systems and with the Fatoora platform. The Authority does not need to deal with fingerprints of variable lengths, as the field dedicated to the fingerprint in the UBL 2.1 format has a size known in advance.
Second, the enormous number of possibilities. 256 bits means 2 raised to the power of 256 possible values. This number defies imagination: greater than the number of atoms in the observable universe by a wide margin. The vastness of this space is what makes the probability of two different invoices producing the same fingerprint practically close to zero. We will return to this point when discussing collision resistance.
Hexadecimal and Base64: two representations of the same fingerprint
The value produced by SHA-256 is essentially 256 bits, but humans and systems do not deal with raw bits directly. So the fingerprint is represented in two common ways:
- Hexadecimal (Hex) representation: Every 4 bits is represented by a single hexadecimal character from the set 0-9 and a-f. Since we have 256 bits, we get 64 characters. This is the most common representation in technical documentation.
- Base64 encoding: It converts the bits into a set of 64 characters that includes letters, numbers, and some symbols. The output is visually shorter than hexadecimal, and it is the encoding the Authority uses to embed the fingerprint and stamp inside invoice fields and inside the Quick Response (QR) code.
What matters is that both representations describe the same fingerprint. The difference is in form only, not in value. During verification, it is enough for both parties to agree on the encoding used.
A practical example: how the fingerprint changes by changing a single character
The clearest way to understand SHA-256’s behavior is to see what happens to the fingerprint at the smallest change in the input. Take the following text and pass it through the algorithm:
Now change just one digit: make the amount 101 instead of 100. Notice how the fingerprint changes entirely, not just part of it:
Although the difference between the two inputs is a single digit, the two fingerprints share no pattern at all. You cannot look at two fingerprints and infer how similar their inputs are. This property is called the «Avalanche Effect»: changing a single bit in the input flips, on average, half the bits of the output. This property is what makes tampering with the invoice immediately exposed, since any change, even to a decimal point, produces a completely different fingerprint that does not match the one registered with the Authority.
An important note for understanding the practical application: the values above are illustrative, meant only to demonstrate behavior. The actual fingerprint in the e-invoice is computed on the canonical XML representation of the invoice under the UBL 2.1 format after a specific Canonicalization process defined by the Authority, not on free text. The essence is the same: a fixed input produces a fixed fingerprint, and any difference in the input produces a different fingerprint.
| Input | Start of the fingerprint (SHA-256) |
|---|---|
| Invoice number 100 | a3f9c1… |
| Invoice number 101 | 7e02bd… |
| Result | Two completely different fingerprints |
Why did the Authority mandate the SHA-256 algorithm specifically?
The choice of SHA-256 was not arbitrary. Phase Two of e-invoicing required an algorithm that combines specific properties, and SHA-256 delivers all of them:
- A documented global standard: SHA-256 is approved by NIST under FIPS 180-4, and used in banks, digital certificates, the TLS protocol, and blockchains. Adopting it ensures Saudi systems are compatible with the global infrastructure of digital security.
- High collision resistance: The difficulty of finding two different invoices with the same fingerprint, which is an essential condition for preventing forgery.
- Performance efficiency: Computing the fingerprint is fast and does not burden invoicing systems even when processing thousands of invoices daily.
- A sufficient output length: 256 bits is an ideal balance between security and the volume of data stored in each invoice.
In short, the Authority wanted a fingerprint that cannot be forged, can be verified by any party, and is compatible with international standards. SHA-256 was the logical choice adopted by most e-invoicing systems around the world.
Collision resistance: the pillar of trust in the invoice
A collision in hashing science means that two different inputs produce the same fingerprint. In the invoicing context, a collision means a forger could create an invoice with different content but carrying the fingerprint of a legitimate invoice. If that were easily possible, the whole system would collapse.
The strength of SHA-256 is that finding a deliberate collision in it is impractical with current computing resources. The number of possible fingerprints is 2 to the power of 256, a space so vast that attempting to find two invoices with the same fingerprint through random trial would take times exceeding the age of the universe. No practical collision on SHA-256 has been recorded to date, unlike older algorithms such as MD5 and SHA-1, which were broken and for which producing a collision became possible, which is why they were excluded from serious security use.
This resistance is what gives the invoice fingerprint its legal value. When an invoice fingerprint is registered with the Authority, it becomes proof that this specific invoice, with exactly this content, was issued at this time. Any attempt to modify it later produces a different fingerprint that exposes the tampering.
| Criterion | SHA-256 | Older algorithms (MD5/SHA-1) |
|---|---|---|
| Fingerprint length | 256 bits | Shorter |
| Collision resistance | Strong | Broken |
| Use in Saudi e-invoicing | Approved | Not used |
How is SHA-256 applied to the invoice to produce the fingerprint?
To understand the algorithm’s role in the e-invoice, follow the path the invoice takes inside the invoicing system before it is sent to the Fatoora platform:
- Building the invoice in XML format: The system produces a structured representation of the invoice under the UBL 2.1 format that includes seller and buyer data, line items, value-added tax, and totals.
- Canonicalization: A specific canonicalization is applied to the XML to remove any formal differences that do not affect the content, so that the same input always produces the same fingerprint regardless of whitespace formatting.
- Computing the fingerprint: The canonicalized version is passed through SHA-256, producing a 256-bit hash value that represents the entire invoice content.
- The Cryptographic Stamp: This fingerprint is used with the private key of the CSID certificate issued by the Authority to produce a digital signature that proves the issuer’s identity and binds it to the invoice.
- Embedding in the invoice and in the QR code: The fingerprint and stamp are embedded inside the invoice and inside the printed Quick Response code, to enable verification later.
The difference between the fingerprint and the stamp is important. The fingerprint (Hash) is the output of SHA-256 on the invoice content, proving the integrity of the content. The Cryptographic Stamp is a digital signature built on the fingerprint using a private key, proving identity in addition to integrity. SHA-256 is the fundamental building block in both.
From the fingerprint to the PIH chain
SHA-256’s function does not stop at a single invoice. Every new invoice includes a PIH field, short for Previous Invoice Hash, that is the fingerprint of the previous invoice in the sequence. This forms an interlinked chain: the first invoice’s fingerprint enters into the computation of the second, the second’s into the third, and so on.
The effect of this linkage is that any modification or deletion of an invoice in the middle of the chain breaks the entire sequence, because the fingerprint of the modified invoice will not match what the next invoice points to. In this way the SHA-256 algorithm turns from a mere fingerprint for a single invoice into a guarantor of the integrity of the entire invoice ledger. The details of the PIH field and the mechanism for building the chain are detailed in our standalone «PIH» reference.
Invoices signed and stamped automatically with no technical complexity
Qoyod handles the SHA-256 fingerprint computation, building the Cryptographic Stamp, and managing the PIH chain for every invoice automatically, so your invoices are issued compliant with Phase Two of e-invoicing without any manual intervention.
Steps to verify an invoice fingerprint
The real value of the fingerprint appears at verification. Any party holding the original invoice can recompute its fingerprint and compare it with the registered fingerprint, without needing a secret key. The verification process proceeds as follows:
- Take the invoice under verification: The same XML representation on which the fingerprint was originally computed is extracted, after the approved canonicalization.
- Recompute the fingerprint: The invoice is passed through SHA-256 again, producing a new hash value.
- Comparison: The recomputed fingerprint is compared with the fingerprint registered with the Authority or embedded in the invoice.
- The verdict: If the two fingerprints match, the invoice has not changed since it was issued. If they differ, a modification, however slight, has occurred, and the invoice is not trustworthy.
The simplicity and strength of this process together are the secret behind adopting SHA-256. You do not need to trust an intermediary party, but rather mathematics itself. Any attempt to change an amount, date, or name in the invoice exposes itself as soon as the fingerprint is recomputed, because the output will not match the registered one. This is what makes the invoice ledger linked by the PIH chain a record that is hard to tamper with without detection.
This differs from the general concept of hashing used in other contexts such as storing passwords or verifying file downloads. In e-invoicing, an identity dimension is added to the fingerprint via the Cryptographic Stamp, and a sequencing dimension via the PIH chain, so the fingerprint becomes part of an integrated system rather than a mere standalone verification number. We cover the concept of hashing in its general form, separate from the invoice, in our standalone «Hashing» reference.
SHA-256 inside the Quick Response (QR) code
In the simplified tax invoice aimed at individuals (B2C), a QR code is printed that contains the basic invoice data in addition to the Cryptographic Stamp built on the SHA-256 fingerprint. Anyone can scan the code via the Authority’s app to verify that the invoice was issued by an approved entity and that its content has not changed.
The QR code content is encoded in TLV (Tag-Length-Value) format, and the stamp value is embedded in it in Base64 encoding. Here the benefit of SHA-256’s fixed length appears again: the fingerprint size is known and controlled, so the QR code does not bloat in a way that hinders printing or scanning it.
What does this mean practically for the business and the accountant?
The SHA-256 algorithm may seem like a technical topic far from the accountant’s daily concerns, but its practical effects are direct on every business subject to Phase Two of e-invoicing:
- Protection from disputes: The fingerprint is digital proof of the invoice content and the time it was issued. In any commercial dispute or audit, the fingerprint proves the invoice was not modified after it was issued.
- Integrity of records before the Authority: The interlinked chain of fingerprints makes your invoice ledger a coherent record. Deleting or modifying an invoice breaks the chain and is exposed during review, which protects you from accusations of tampering as long as you comply with the system.
- No technical expertise required: You are not required to understand the mathematics behind the algorithm nor to compute it. Your responsibility is to use an invoicing system compliant with the Authority’s requirements that handles this process on your behalf.
- Choosing the right system is the most important decision: Since the fingerprint, stamp, and PIH chain are computed automatically, the quality of the invoicing system you choose determines how smoothly you comply with the Authority and how free you are from invoice rejection at clearance.
In other words, the SHA-256 algorithm shifts the burden of proving integrity from fallible human trust to mathematical certainty. This shift is what makes e-invoicing in Saudi Arabia a trustworthy system, and makes choosing an accounting system compatible with it a decision that protects your business in the long term.
Common mistakes in understanding SHA-256
When working with digital fingerprints, some misconceptions recur. Clarifying them avoids application errors:
- Hashing is not encryption: Encryption is a reversible process; you can decrypt the encrypted with the correct key. Hashing is one-way; the input cannot be recovered from the fingerprint. Confusing the two concepts is a recurring mistake.
- The fingerprint does not hide data: The function of SHA-256 is to prove integrity, not confidentiality. Do not rely on it to hide the invoice content, as it does not encrypt it.
- The output length is fixed, not variable: Always 256 bits, regardless of the input size. The belief that larger invoices produce longer fingerprints is incorrect.
- Encoding is not the algorithm: Hex and Base64 are two ways of displaying the same fingerprint, not two different algorithms. A difference in form does not mean a difference in value.
Why is SHA-256 expected to remain a standard for years to come?
Some businesses raise a legitimate question: as long as older algorithms such as MD5 and SHA-1 have been broken, will SHA-256 one day be broken too? The answer requires understanding the difference between the algorithms. MD5 and SHA-1 were broken due to the discovery of structural vulnerabilities in them that allowed manufacturing deliberate collisions with reasonable resources. SHA-256, however, is built on a stronger structure and a larger output length, and no practical vulnerability has been discovered in it to date despite years of intensive analysis worldwide.
Today the infrastructure of the internet, banks, cryptocurrencies, and security certificates relies on it. This wide reliance means any weakness in it would be catastrophic globally, which is why it is under constant monitoring and analysis. So far it holds strongly, and it is expected to remain a secure standard for decades, which makes the Authority’s choice of it a far-sighted decision that ensures the stability of the invoicing system without the frequent need to change the standard.
But if a need to upgrade arises in the distant future, the system is designed to accommodate the evolution of standards through later versions of the invoicing specifications. A business using a continuously updated system moves automatically to any new standard without a technical burden on it, which is an additional reason to choose an invoicing system that keeps pace with the Authority’s updates as they happen.
How Qoyod helps you with the invoice stamped by SHA-256
The accountant or business owner does not need to compute the fingerprint manually nor to understand the details of the algorithm to issue a compliant invoice. This is what the Qoyod system handles automatically:
- Computing the SHA-256 fingerprint automatically: Qoyod generates the XML representation of the invoice under the UBL 2.1 format and computes its fingerprint without any manual step from you.
- The Cryptographic Stamp and CSID certificate management: Qoyod manages the Cryptographic Stamp certificate (CSID) and builds the digital signature for every invoice automatically.
- The PIH chain preserved: Qoyod keeps the chain linking invoice fingerprints and updates the PIH field for every new invoice automatically.
- Compliance with Phase Two: Your invoices are issued signed, stamped, encoded with a QR code, and compliant with the requirements of Phase Two e-invoicing.
- Integration with the Fatoora platform: Qoyod integrates with the Fatoora platform to send B2B invoices for real-time clearance, and to send B2C invoices for reporting within 24 hours.
In this way a complex algorithm turns into a transparent step that happens behind the scenes, so you focus on your work while Qoyod handles the technical side. You can learn more via Qoyod’s e-invoicing software, and review the reference on the XML format for the e-invoice andthe invoice counter value ICV within the technical documentation collection.
Frequently asked questions
What is the output length of the SHA-256 algorithm?
The output is always 256 bits, whatever the input size. It is usually written as 64 hexadecimal characters, or in a shorter form in Base64 encoding inside the invoice.
Can the invoice content be recovered from its fingerprint?
No. SHA-256 is a one-way function. You can generate the fingerprint from the invoice, but the process cannot be reversed to extract the invoice from the fingerprint.
Why does the fingerprint change entirely when a single character is modified?
Because of the Avalanche Effect: changing a single bit in the input flips, on average, half the bits of the output, producing a completely different fingerprint that exposes any tampering.
What is the difference between the fingerprint (Hash) and the Cryptographic Stamp?
The fingerprint is the output of SHA-256 on the invoice content and proves the integrity of the content. The stamp is a digital signature built on the fingerprint with a private key and proves the issuer’s identity in addition to integrity.
Is hashing a type of encryption?
No. Encryption is reversible with the correct key, whereas hashing is one-way and cannot be reversed. The function of SHA-256 is to prove integrity, not to hide data.
Does Qoyod compute the SHA-256 fingerprint automatically?
Yes. Qoyod generates the invoice representation in UBL 2.1 format, computes the fingerprint, builds the Cryptographic Stamp, and manages the PIH chain automatically for every invoice compliant with Phase Two.