Thats a good point, keeping the key safe is a challenge on its own. But if you can keep the key safe, then some encryption algorithms are considered impossible to crack.
Would it not be suitable to create a new voucher code at the time when it is issued, send it to the user, and store it hashed in the database? Then the only person who knows the voucher code is the user (assuming no spyware is installed, and the user hasn't shared the voucher code with anyone else), and the only way it can be checked to be valid is against your database. The actual original voucher code is not stored anywhere, and it destroyed after it is created. To check if a users voucher code is valid, you simply hash the voucher code they give you, compare it with the hashed codes in the database, and then you can find the row with data assosiated with that voucher code and determine if it is valid.
You need to use a strong hash though, some of the common ones have rainbow tables like I said before.