If I were building this I'd put a middle tier api layer between the sql server and the various clients. I think you'll get more expressiveness in the api design and therefore even dumber clients (a good goal). You should also have an easier time building a test harness and all the tests you'll want.
You'd abstract the encryption and similar stuff into the api, and it can either be handled there are delegated down to postgres (and as you point out you can change your strategy over time).
Getting the api design right is an important early goal for the project. That and quality tests..
Common middle tier api options are ruby, python, node.js, and Java.
Steve