en
Client Data Protection

Client Data Protection

StreetLoans is designed so core operations remain on the user's Android device. This guide explains security controls and realistic protection limits.

Local storage

The app stores customers, loans, payments, partial payments, late fees, and business profiles in the local database inside Android private app storage. Protection also depends on device lock, Android permissions, and operating system updates.

Protected backups

New backups use the SLB2 format with AES-256-CBC and HMAC-SHA256. The HMAC is verified before decryption to detect files that were modified, damaged, or protected with a wrong key.

Follow the Backups Guide to create, export, and restore backups. Once exported, store the file in a safe destination such as Google Drive or a protected computer. Only Google Drive on Android is documented for optional cloud backup at this stage.

Field security practices

  1. Configure a strong PIN, pattern, or biometric lock on the phone.

  2. Keep Android and StreetLoans updated.

  3. Do not share credentials with customers, borrowers, or unauthorized collectors.

  4. Lock the phone after each collection.

  5. Use strong passwords for exported backups.

Bluetooth Ticket PrintingSubscription & Plans