diff --git a/htdocs/paypal/lib/paypal.lib.php b/htdocs/paypal/lib/paypal.lib.php
index f64133e18ff..a64017513c9 100755
--- a/htdocs/paypal/lib/paypal.lib.php
+++ b/htdocs/paypal/lib/paypal.lib.php
@@ -185,8 +185,8 @@ function getPaypalPaymentUrl($mode,$type,$ref='',$amount='9.99',$freetag='your_f
             else
             {
                 $out.='&securekey='.($mode?'<font color="#666666">':'');
-                if ($mode == 1) $out.="md5('".$conf->global->PAYPAL_SECURITY_TOKEN."'+order_ref)";
-                if ($mode == 0) $out.= md5($conf->global->PAYPAL_SECURITY_TOKEN.$ref);
+                if ($mode == 1) $out.="hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + order + order_ref)";
+                if ($mode == 0) $out.= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'order' . $ref, 2);
                 $out.=($mode?'</font>':'');
             }
         }
@@ -203,8 +203,8 @@ function getPaypalPaymentUrl($mode,$type,$ref='',$amount='9.99',$freetag='your_f
             else
             {
                 $out.='&securekey='.($mode?'<font color="#666666">':'');
-                if ($mode == 1) $out.="md5('".$conf->global->PAYPAL_SECURITY_TOKEN."'+invoice_ref)";
-                if ($mode == 0) $out.= md5($conf->global->PAYPAL_SECURITY_TOKEN.$ref);
+                if ($mode == 1) $out.="hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + invoice + invoice_ref)";
+                if ($mode == 0) $out.= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'invoice' . $ref, 2);
                 $out.=($mode?'</font>':'');
             }
         }
@@ -221,8 +221,8 @@ function getPaypalPaymentUrl($mode,$type,$ref='',$amount='9.99',$freetag='your_f
             else
             {
                 $out.='&securekey='.($mode?'<font color="#666666">':'');
-                if ($mode == 1) $out.="md5('".$conf->global->PAYPAL_SECURITY_TOKEN."'+contractline_ref)";
-                if ($mode == 0) $out.= md5($conf->global->PAYPAL_SECURITY_TOKEN.$ref);
+                if ($mode == 1) $out.="hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + contactline + contractline_ref)";
+                if ($mode == 0) $out.= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'contractline' . $ref, 2);
                 $out.=($mode?'</font>':'');
             }
         }
@@ -239,8 +239,8 @@ function getPaypalPaymentUrl($mode,$type,$ref='',$amount='9.99',$freetag='your_f
             else
             {
                 $out.='&securekey='.($mode?'<font color="#666666">':'');
-                if ($mode == 1) $out.="md5('".$conf->global->PAYPAL_SECURITY_TOKEN."'+member_ref)";
-                if ($mode == 0) $out.= md5($conf->global->PAYPAL_SECURITY_TOKEN.$ref);
+                if ($mode == 1) $out.="hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + membersubscription + member_ref)";
+                if ($mode == 0) $out.= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'membersubscription' . $ref, 2);
                 $out.=($mode?'</font>':'');
             }
         }
diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php
index 065de28665d..1f896426b74 100755
--- a/htdocs/public/paypal/newpayment.php
+++ b/htdocs/public/paypal/newpayment.php
@@ -144,8 +144,8 @@ if (! empty($conf->global->PAYPAL_SECURITY_TOKEN))
 {
     if (! empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE))
     {
-	    if ($REF) $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . $REF);    // REF always defined if SOURCE is defined
-	    else $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN);
+	    if ($SOURCE && $REF) $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . $SOURCE . $REF, 2);    // Use the source in the hash to avoid duplicates if the references are identical
+	    else $token = dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
     }
     else
     {