diff --git a/ykval-verify.php b/ykval-verify.php
index da2793f..c8e6d5e 100644
--- a/ykval-verify.php
+++ b/ykval-verify.php
@@ -258,8 +258,7 @@ if ($h != '')
 
 	$hmac = sign($a, $apiKey, $myLog);
 
-	// Compare it
-	if (!hash_equals($hmac, $h))
+	if (hash_equals($hmac, $h) === FALSE)
 	{
 		$myLog->log(LOG_DEBUG, "client hmac=$h, server hmac=$hmac");
 		sendResp(S_BAD_SIGNATURE, $myLog, $apiKey);