diff --git a/lib/postgresql.js b/lib/postgresql.js
index b4c62baf..99acc3f5 100644
--- a/lib/postgresql.js
+++ b/lib/postgresql.js
@@ -573,6 +573,17 @@ PostgreSQL.prototype.buildWhere = function(model, where) {
   return whereClause;
 };
 
+PostgreSQL.prototype.getEncryptionFields = function(modelDefinition) {
+  if(modelDefinition 
+    && modelDefinition.settings 
+    && modelDefinition.settings.mixins 
+    && modelDefinition.settings.mixins.Encryption 
+    && modelDefinition.settings.mixins.Encryption.fields){
+      return modelDefinition.settings.mixins.Encryption.fields
+    }
+  return []
+}
+
 /**
  * @private
  * @param model
@@ -591,6 +602,7 @@ PostgreSQL.prototype._buildWhere = function(model, where) {
   const self = this;
   const props = self.getModelDefinition(model).properties;
 
+  const encryptedFields = this.getEncryptionFields(this.getModelDefinition(model))
   const whereStmts = [];
   for (const key in where) {
     const stmt = new ParameterizedSQL('', []);
@@ -631,7 +643,18 @@ PostgreSQL.prototype._buildWhere = function(model, where) {
     }
     // eslint-disable one-var
     let expression = where[key];
-    const columnName = self.columnEscaped(model, key);
+    let columnName = self.columnEscaped(model, key);
+    if(encryptedFields.includes(key)){
+      columnName = `convert_from(
+        decrypt_iv(
+          DECODE(${key},'hex')::bytea,
+          decode('${process.env.ENCRYPTION_HEX_KEY}','hex')::bytea,
+          decode('${process.env.ENCRYPTION_HEX_IV}','hex')::bytea, 
+          'aes'
+        ),
+        'utf8'
+      )`
+    }
     // eslint-enable one-var
     if (expression === null || expression === undefined) {
       stmt.merge(columnName + ' IS NULL');
diff --git a/package.json b/package.json
index 5ec04904..d3acbd36 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "loopback-connector-postgresql",
-  "version": "3.9.1",
+  "version": "3.10.0",
   "description": "Loopback PostgreSQL Connector",
   "engines": {
     "node": ">=8"