Encryption explanation:
I used djfernet to encrypt Card.data. Because Card.data is a BinaryFile so we need configure data = EcryptedBinaryFile() in the Card object in models.py. For the key proper management, I still keep and used the SECRET_KEYS. The SECRET_KEYS is store in the settings.py. The settings.py need to be store in the secure location. Otherwise, the threat actor may know the key and decrypt the data. The key need to change periodically because it is easy to expose. When ecrypt the data, some functions of the website will not work properly such as use_card_view() so I change the way how we can access the data. Luckily, the django will automatically decrypt when we access the data, so it is not complicated to pull the data from database.