diff --git a/Classes/Service/RegisterService.php b/Classes/Service/RegisterService.php
index e4ffc4356590fae3642e5be93db211c335d5faef..fe0a7a3f86d03bab395cc7c62d3fc5bc9b000274 100644
--- a/Classes/Service/RegisterService.php
+++ b/Classes/Service/RegisterService.php
@@ -139,7 +139,16 @@ class RegisterService implements \TYPO3\CMS\Core\SingletonInterface {
 					continue;
 				}
 
-				// @TODO SECURITY CHECK WITH HASH
+				// get file name without folders
+				$pathAsArray = GeneralUtility::trimExplode('/', $pathToRegistrationFile);
+				$filename = $pathAsArray[\count($pathAsArray)-1];
+				$filenameWithoutHash = GeneralUtility::trimExplode('_', $filename)[1];
+				$hash = md5($GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . '|' . $filenameWithoutHash);
+				// if the filename doesnt start with the hash value, ignore it
+				if (strpos($filename, $hash) !== 0) {
+				   continue;
+				}
+
 				$configArray = (include $pathToRegistrationFile);
 
 				$extensionKey = $configArray['extension_key'];