delislot Account Security Mobile Live Casino & Sportsbook

Our security model layers three defenses: encrypted data transmission (TLS 1.3), tokenized payment storage, and real-time fraud detection. When you log in from a new device or location, we verify your identity before granting access. If someone attempts to change your password or withdrawal method, we send an immediate alert to your registered email and phone.

delislot Security Framework

Security on delislot operates at four levels: account access, data transmission, payment handling, and fraud monitoring. We encrypt all data traveling between your device and our servers using TLS 1.3 protocols. Your password is hashed with a cryptographic salt, so even our engineers cannot see it in plain text. Payment information—your DANA, e-wallet, mobile banking, or bank account numbers—is tokenized, meaning we store a reference code, not the actual account details.

Fraud detection runs continuously. Our systems flag unusual login patterns (new city, new device, rapid withdrawals), suspicious betting activity, and payment anomalies. If we detect a threat, we pause the action, notify you immediately, and ask you to verify your identity before proceeding. This may slow your withdrawal by a few minutes, but it prevents fraud that could cost hours or days to resolve.

Account security is not a feature you enable once and forget. It requires ongoing vigilance—strong passwords, regular checkups, and immediate action if something looks wrong.

We also conduct regular security audits and penetration testing. Third-party security firms test our infrastructure quarterly, looking for weaknesses before attackers find them. Any vulnerabilities are patched within days. We publish an annual security report detailing our practices and third-party audit results.

Security Tools and Setup

Password Strength and Recovery

Your password is your first line of defense. We require passwords to be at least 12 characters long and include uppercase, lowercase, numeric, and special characters. Weak passwords—like "12345678" or "password123"—are rejected outright. We also scan new passwords against databases of compromised credentials; if your password has appeared in a known breach, we ask you to choose a different one.

If you forget your password, tap "Forgot Password" on the login screen. We send a reset link to your registered email. Click the link, set a new password, and log in. The reset link is valid for 24 hours and can be used only once. If you don't receive the email within five minutes, check your spam folder or contact our support team. We never reset passwords over the phone or through chat without verifying your identity first.

Two-Factor Authentication (2FA)

Two-factor authentication adds a second verification step when you log in from a new device. After entering your password, we send a one-time code to your phone via SMS or to your email. Enter that code within five minutes to complete login. If someone steals your password, they still cannot access your account without this second factor.

We recommend enabling 2FA for all accounts. On delislot, you can set it up in two minutes: go to Account Security, tap "Enable Two-Factor Auth," choose SMS or email delivery, and confirm. The next time you log in from a different device, you'll receive a code. Keep your phone and email secure, and update your recovery email if you change email providers.

Login History and Device Management

Your Account Security page shows every login attempt for the past 90 days. Each entry displays the device type (iPhone, Android, Chrome, Safari), location (city and country), and timestamp. If you see a login from Jakarta when you're in Semarang, or from a device you don't recognize, you can immediately log out all other sessions and force a password reset. This takes effect instantly and prevents an attacker from accessing your account further.

We also track active sessions. If you log in on your phone and later on your desktop, both sessions remain active until you log out or they expire (after subject to verification of inactivity). You can see all active sessions and terminate any one of them without affecting the others. This is useful if you're sharing a device with family or if you suspect unauthorized access.

Payment Security and Withdrawal Protection

All payment information on delislot is handled using industry-standard tokenization. When you link a DANA, e-wallet, mobile banking, or bank account, we do not store the account number directly. Instead, we store a token—a unique reference—that our payment processor uses to execute transactions. If our database is ever compromised, attackers get tokens, not usable account numbers.

Withdrawals have additional protections. If you request a withdrawal to a payment method you added recently (within the last seven days), we require email or SMS verification before processing. If you change your default withdrawal method, we send you a notification and a four-hour grace period to cancel the change. This prevents an attacker from immediately switching your withdrawal address and draining your balance.

Token

A unique reference code that represents your payment account without exposing the actual account number.

TLS 1.3

The current standard encryption protocol for secure data transmission between your device and our servers.

Phishing

A social-engineering attack where attackers impersonate delislot in emails or SMS to steal your login credentials.

Session timeout

Automatic logout after subject to verification of inactivity to prevent unauthorized use of shared devices.

Identity Verification and KYC

Before your first withdrawal, we ask you to verify your identity. Upload a photo of your ID card (KTP), passport, or driver's license. We use automated verification to confirm the document is genuine and matches your registered name. Most verifications complete within one hour. If your upload is unclear, we ask you to resubmit.

This KYC (Know Your Customer) process protects both you and us. It prevents account takeovers—if someone steals your login, they cannot change the withdrawal address without passing KYC verification again. It also protects against money laundering and fraud, which keeps our platform safe for all users across Jakarta, Bandung, Medan, Surabaya, and Semarang.

Security Practices and What to Do If Compromised

Best Practices for Account Safety

Enable two-factor authentication immediately. The five-minute setup protects you from password theft, phishing, and SIM-swap attacks. Choose SMS if you have a reliable phone plan; choose email if you use a backup address that's harder to compromise than SMS.

Be cautious of phishing. delislot never emails you asking for your password, PIN, or payment details. If you receive an email claiming to be from delislot asking for login credentials, do not click the link—it's a phishing attempt. Instead, log in directly via the official app or website and check your Account Security page for alerts.

Avoid using delislot on public Wi-Fi without a VPN. Public networks are easy for attackers to monitor. Use a trusted VPN service if you log in from a café or airport, or wait until you're on a secure home network.

If Your Account Is Compromised

If you notice unusual login activity, a withdrawal you didn't authorize, or a changed password, act immediately. Open the app or website, go to Account Security, and select "Log Out All Sessions." This terminates every active session except the one you're using right now. Then reset your password and enable two-factor authentication if you haven't already.

Contact our support team through the in-app chat. We can review your transaction history, identify fraudulent withdrawals, and work with payment processors to reverse them if possible. During Idul Fitri, Idul Adha, Imlek, or Nyepi holidays, support response times may extend slightly, so act fast if you suspect fraud.

1. Create a strong, unique password

   Use at least 12 characters, mix uppercase and lowercase letters, numbers, and special characters. Never reuse passwords from other sites.

2. Enable two-factor authentication

   Go to Account Security and enable SMS or email verification. This adds a second layer of protection for logins from new devices.

3. Review your login history regularly

   Check your login history once a week. If you see unfamiliar devices or locations, log out all sessions and reset your password.

4. Keep your phone and email secure

   Use strong passwords for your email and phone accounts, enable 2FA on both, and keep your operating system updated with security patches.

Security During High-Traffic Periods

During Liga 1 or Piala AFF seasons, account activity spikes. Attackers know many users are distracted by matches and betting. If you're playing during these periods, take extra precautions: check your login history more frequently, avoid logging in on unfamiliar devices, and use a VPN on public Wi-Fi. Our fraud detection is aggressive during peak seasons, so a withdrawal might trigger additional verification steps—this is normal and protects your account.

Security on delislot is not negotiable. We invest in encryption, monitoring, and fraud detection to keep your account safe. But technology alone isn't enough—you must also practice good security habits: strong passwords, two-factor authentication, and regular reviews of your login history and payment methods.

If you have questions about your account security or need help after a breach, our support team is available through the in-app chat. We respond during standard business hours and can walk you through recovery steps, payment reversal, and account re-securing. Your security is our priority.