Your Savings Group Data is Secure with DreamSave

DreamSave Security Principles

How DreamSave Keeps Group and Member Data Secure

DreamStart Labs, Inc. is committed to protecting the security of our users and being a proactive advocate for consumer protection. For more details about our approach to data privacy, see the  DreamStart Labs Data Privacy Policy

Six Key Security Principles

Our DreamSave solution for savings groups features a  “secure-by-design” architecture that incorporates best-in-class security technology and processes into every aspect of the product infrastructure. This strategy is based on six key security principles
  1. Full Member Transparency. When groups use DreamSave, there is no way for officers to tamper with records, modify policies, conduct side deals, or make any other modification to group settings without the full group being notified.
  2. Protect Every Layer. Every layer of the DreamSave system (apps, users, networks, compute engines, storage systems, servers) will include separate layers of best-in-class security protection so there are no weak links in the chain.
  3. Verify Every InteractionNo user or service will be allowed to access any portion of the DreamSave system without being fully validated and authenticated first. This is essential to the design of any modern mobile solution that involves interactions between human users (members, groups, administrators, support, developers) and automated computer processes (apps, networks, storage, etc.).
  4. Use Proven Open SystemsThe underlying infrastructure of DreamSave will be based on proven components that are open, transparent, and widely available for extensive public scrutiny wherever possible. This approach, which makes extensive use of open-source software, helps ensure that security vulnerabilities in the underlying infrastructure are discovered and fixed quickly by security experts worldwide. Apps that rely on closed, proprietary infrastructure are far more vulnerable to compromise.
  5. Assign Minimum PrivilegesAny user or process in the DreamSave system will have the minimum privileges required to perform its authorized responsibilities, and no more. This design principle provides separation of duties and helps ensure that no user, administrator, or automated service has the right to access unauthorized data or perform unauthorized tasks.
  6. Record Everything. Every activity performed anywhere in the DreamSave system, either by a human user or automated service, will be fully logged, recorded, and stored for as long as it serves a purpose for users. This helps ensure no compromise can occur without being detected and leaves a detailed audit trail for security and compliance purposes. 

Security Implementation 

The DreamSave system reflects these key principles in multiple ways, including the following:

  • User Notification. Any financial transactions or changes to a group’s settings will trigger a notification to members to ensure transparency and trust.

  • End-to-End Encryption. User data transmitted over the network during backup, synchronization, and data collection is encrypted using bank-grade AES 128-bit encryption technology (for perspective, this encryption method would take the world’s fastest supercomputer an estimated 885 quadrillion years to break1 ).

  • Authentication. All data sources are verified to ensure that only valid transmissions between the DreamSave app and the DreamSave cloud are authorized.

  • Data Integrity. The data itself is verified on both ends to ensure that it has not been tampered with or altered in any way while in transit. We maintain data changes using an Event Sourcing Model, which stores past actions in a log. This log keeps track of each action taken on the data, ensuring data integrity and security. It allows us to analyze past events and understand the data's history, making our system more reliable and secure.

  • Attack Prevention. The network infrastructure includes multiple layers of protection to defend against denial-of-service, spoofing, man-in-the-middle, and other similar attacks. These layers include SSL/TLS and Application Firewall. 

  • Infrastructure Security. DreamSave is built on the Google Cloud Platform, proven at scale in the world’s most rigorously tested environments. Data transmissions must pass through multiple layers of firewalls, virtual machine container security, and certificate-based service authentication. Identities, users, and services are strongly authenticated with multiple factors.

  • Data Loss Prevention. DreamSave user data is stored in secure databases. Data is replicated across two redundant clusters in separate security zones to provide robust fault tolerance, failover, and disaster recovery protection.

  • Security Audits. The DreamSave cloud infrastructure is audited regularly to validate firewall ports, user accounts, and permissions. All activities leave an unalterable audit trail in detailed security logs to ensure full transparency.

Data retention and deletion

DreamStart Labs aims to only retain data necessary to support the effective use of the DreamSave app and to tailor user experiences or assistance required from our support team. The need to retain data varies widely with the type of data and the purpose for which it was collected. DreamStart Labs strives to ensure that data is only retained for the period necessary to fulfill the purpose for which it was collected and is fully deleted when no longer required. The need to retain certain information is also mandated by the U.S. Data Protection Act of 1998, Freedom of Information Act of 2000, Fair and Accurate Credit Transactions Act of 2003, Personal Information Protection and Electronic Documents Act in Canada, Gramm-Leach-Bliley Actmay, as well as European Union’s GDPR.2  

For more details about our approach to data retention and deletion, see the “DreamStart Labs Data Privacy Policy”. 

Contact Information

For additional questions about DreamSave security, contact us at:

DreamStart Labs, Inc., 2907 Shelter Island Dr., Suite 105 San Diego, CA 92106, USA .

Copyright © 2024 DreamSave Security Overview - All Rights Reserved.


1 A Complete Guide to AES Encryption,, February 2019

2 General Data Protection Regulation (GDPR) Rules for Businesses and Organisations (2024)

    • Related Articles

    • DreamStart Labs Data Privacy Policy

      DreamStart Labs Commits to Protecting Your Privacy DreamStart Labs, Inc. is committed to protecting the privacy of our users and being a proactive advocate for consumer protection. Our data privacy policy is based on the European Union’s General Data ...
    • DreamStart Labs End User License Agreement (EULA)

      DreamStart Labs Terms and Conditions for Users Before registering for a DreamSave account, users must review the agreement below that explains DreamStart Labs' terms of use. Here is the full agreement: Agreement Summary DreamStart Labs is giving you ...
    • DreamSave And SMS Notifications

      DreamSave Messages Can Replace Passbooks The DreamSave app helps savings groups grow faster by making it easy to keep records, achieve financial goals, and build credit history. But DreamSave was also designed to send SMS receipts and notifications ...
    • The amount of data and storage DreamSave needs to run optimally

      Although DreamSave is designed to work both online and offline, there are a few elements that will need an internet connection such as regular updates, backup of user data or other services running in the background. We have carried out some rigorous ...
    • Editing Records from the Last Meeting

      We'll guide you on how to edit records from the last meeting in DreamSave. Whether it's a correction in a member's shares, or any other adjustments, you can make necessary changes easily as a bookkeeper. Start by logging into your DreamSave App and ...