diff --git a/open_facebook/api.py b/open_facebook/api.py
index 8dd07090..57f9c95b 100644
--- a/open_facebook/api.py
+++ b/open_facebook/api.py
@@ -484,7 +484,9 @@ def parse_signed_data(cls, signed_request,
             expected_sig = hmac.new(smart_str(secret), msg=smart_str(payload),
                                     digestmod=hashlib.sha256).digest()
 
-        if not sig == expected_sig:
+        if (hasattr(hmac, 'compare_digest') and
+                not hmac.compare_digest(sig, expected_sig) or
+                sig != expected_sig):
             error_format = 'Signature %s didnt match the expected signature %s'
             error_message = error_format % (sig, expected_sig)
             send_warning(error_message)