Secure by Design
Bank-grade encryption, passwordless authentication, row-level database security, and no dependency on big-tech platforms.
Bank detail encryption
Member bank account numbers and sort codes are encrypted at rest using AES-256-GCM — the same standard used by financial institutions. The encryption key is stored separately from the database, so even direct access to the database file yields nothing readable. Keys are held in your configuration file, on your infrastructure, under your control.
This is not an optional add-on. Bank detail encryption is built into the data layer and applies to every member record.
Passwordless magic-link authentication
The member portal uses magic-link authentication. Members enter their email address, receive a short-lived link, and click it to sign in. There is no password database to breach, no password reuse vulnerability, and nothing to phish in the traditional sense. Each link expires after a single use.
Administrator access to the desktop application uses a separate credential system with bcrypt-hashed passwords and account lockout after repeated failures.
Each society's data is completely separate
When multiple societies share the same server, their data is kept apart not just by convention in the software, but by a rule built into the database itself. The database will simply refuse to show one society's records to another — it is not something that can be overridden by a software bug or a misconfiguration.
In practice, this means that even in a shared hosted environment, there is no realistic path by which your members' data could be seen by another organisation using the same system.
Full multi-tenancy
Multiple societies can share a single database server and application deployment without any risk of data crossing between them. Each society has a separate schema with its own RLS policy. Administrators only ever see their own society's data; there is no shared view across tenants.
No big-tech dependency
CBSMembers has no dependency on Microsoft Azure, AWS, Google Cloud, or any proprietary SaaS platform. The application stack is entirely open source: PostgreSQL for the database, MinIO for document storage, and standard SMTP for email. You are not locked in to any vendor's pricing, terms, or data residency decisions.
If you self-host, your data lives on your infrastructure, in your jurisdiction, under your terms. If you use our hosted service, it runs on a dedicated Linux server — not a hyperscaler's managed platform with opaque sub-processors.
You control what you store
CBSMembers stores what you put in it. There is no telemetry, no usage reporting, and no data sent to Stockwood CBS or anywhere else from the desktop application. The only outbound connections the app makes are to your own database and storage servers.