Currently we use django-aesfield to provide encryption on key fields. We’d recommend more levels of database encryption or file system encryption.
The encryption uses AES to do this.
- buyers email
- sellers secret
- bango signature
The keys per field are mapped in settings. See Setup for more.
- buyers pin
- buyers new pin
All requests use OAuth 1.1 which signs the header using a secret key. Requests must be signed with that key or be rejected.