No, the tables would be on the server, the same as was already being done. Using a separate table makes it more future proof.
To access tables in server, you need to login into server.To login into server, you need postresql user name and password sent by client and thus stored in client computer.
It is possible to obtain this information from client computer and use it for unauthirized access to data.
Andrus.