loket88 Platform your First Game Start.

loket88 Account Security Mobile Gaming Platform with Quick Login

loket88 protects your account through two-factor SMS verification, encrypted password storage, and biometric login on your phone. Every deposit via DANA, e-wallet, mobile banking, local payment, online payment, or e-wallet is recorded and verified against your KYC data before funds appear in your balance. Withdrawals pass through a review window where our compliance team confirms your identity and transaction history before sending your funds back to your registered payment method.

Open an account
loket88 featured game showcase

Account Security

and
Category
Live Table / Card
RTP
medium
high

This guide covers how we handle your personal data on loket88, what happens when you log in from a new device, how to reset your password safely, and why we ask for identity verification before your first withdrawal. We take account security seriously because your data — your phone number, email, payment methods, and betting history — deserves protection.

KYC Verification: Why we ask for your ID

Before you withdraw funds from loket88, we ask you to verify your identity with a government-issued ID. This is called Know Your Customer (KYC) verification, and it is a legal requirement for financial platforms in most jurisdictions. KYC confirms that you are who you claim to be and prevents fraud, money laundering, and unauthorized account access.

When you trigger your first withdrawal request, our system prompts you to upload two documents: a clear photo of your ID (passport, driver's license, or national ID card) and a selfie taken with the same document. Our automated system scans these images, verifies they match, and compares the face against your account photo. This process takes subject to verification on average, though complex cases may need manual review and can take up to one business day.

loket88 KYC identity verification screen showing ID upload and selfie capture
KYC verification on loket88 takes minutes — one ID photo and a selfie

What happens to your ID after verification

Once we verify your identity, we store your ID image and selfie in an encrypted vault. Your ID data is never shared with third parties unless required by law. If you want to delete your stored ID photos after successful verification, you can request this via our support team, and we will remove them within 30 days.

Info: Your KYC verification applies to your entire loket88 account, not just withdrawals. Once verified, all future deposits and withdrawals skip the ID upload step.

Two-Factor Authentication on loket88

When you log in to loket88 from a new device, we send a one-time code via SMS to your registered phone number. You enter this code on your new device, and your session activates. This two-step process prevents unauthorized access even if someone obtains your password.

On your regular device (the one you use daily), you can choose to skip the SMS code after the first login — this saves time when you open loket88 multiple times per day. However, if your phone is lost or you log in from an unfamiliar location, we re-enable SMS verification automatically as a security measure.

loket88 SMS two-factor code entry screen on mobile phone
SMS verification code arrives within seconds

We also offer authenticator apps (like Google Authenticator or Microsoft Authenticator) as an alternative to SMS codes. This option is more secure because authenticator codes generate locally on your phone — they cannot be intercepted via SMS. You enable authenticator in your loket88 account settings, scan a QR code with your authenticator app, and from that point onward, you enter a six-digit code from your app instead of waiting for an SMS.

If you lose access to your phone, you can use backup codes (which we generate and display during authenticator setup) to regain access to your account. Store these codes safely — in a password manager or a secure note — so you can retrieve them if needed.

Biometric and PIN lock on your phone

Our Android and iOS apps support biometric login: fingerprint or face recognition. Once you enable biometric login, you no longer need to enter your password every time you open our app. Your phone's biometric sensor confirms your identity, and you are logged in.

You can also set a PIN (a simple 4-6 digit code) specific to our app. This PIN protects your loket88 session even if your phone is already unlocked. Both biometric and PIN lock work together with two-factor SMS verification — if someone steals your phone and your password, they still cannot access your account without your fingerprint or PIN.

Password Reset and Account Recovery

If you forget your loket88 password, we send a secure reset link to your registered email. You click the link, set a new password, and log back in. This process takes two minutes. For security, your old password immediately becomes invalid — your account logs out on all devices until you log back in with your new password.

If you no longer have access to your registered email, contact our support team. We verify your identity by asking account details (such as your recent deposits or withdrawal amounts) and your phone number, then we update your email to a new address you provide. This recovery process protects your account from hijacking while still letting you regain access.

Never share your password: We never ask for your password via email, SMS, or phone. Any message requesting your password is a phishing scam — delete it and report it to our support team immediately.

Payment Method Security and Tokenization

When you add a payment method to loket88 — whether DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or a bank account (mobile banking, local payment, online payment, e-wallet) — we do not store your full card number, bank account number, or e-wallet credentials. Instead, we create a unique token that links to your payment method. Every time you deposit or withdraw, we use this token, not your actual payment details.

This tokenization means even if our servers are compromised, your payment credentials stay safe — attackers would only see tokens, which are useless without our token-generation keys (which are stored separately and encrypted). You can remove any payment method from your loket88 account anytime, and we delete its token immediately.

loket88 payment method management showing tokenized DANA and BCA accounts
Your payment methods on loket88 are tokenized — no full details stored

Withdrawal review windows and fraud detection

When you request a withdrawal on loket88, our compliance team reviews your account before processing it. This review window typically takes a few hours but may extend to one business day for large amounts or unusual activity. During this window, our system checks:

  • Your account was created more than 24 hours ago (to prevent immediate-cashout fraud)
  • Your KYC verification is complete and not flagged
  • Your withdrawal matches your recent deposit history (to detect money laundering)
  • Your login pattern is normal (same device, same location as usual activity)

If anything looks unusual, our team may contact you via SMS or email to verify the withdrawal is legitimate. Once approved, we send your funds to your chosen payment method. mobile banking, local payment, and online payment transfers complete within minutes; bank transfers may take 1–2 hours depending on your bank's processing window.

Session Management and Device Logout

Your loket88 account can be logged in on multiple devices at once — your phone, tablet, and desktop, for example. You can review all active sessions in your account settings and log out remotely from any device. This is useful if you suspect someone else has accessed your account or if you left loket88 logged in on a shared computer.

We automatically log you out after subject to verification of inactivity if you are on a public network (such as airport WiFi). On your personal network, your session persists longer so you do not have to keep re-entering your credentials. You can adjust these timeout settings in our mobile app preferences.

loket88 Security Features
  • Two-factor SMS or authenticator app verification
  • Biometric and PIN lock on mobile app
  • KYC identity verification before withdrawal
  • Tokenized payment methods — no full details stored
Your Responsibilities
  • Keep your password strong and unique — do not reuse it elsewhere
  • Never share your SMS codes or authenticator codes with anyone
  • Log out from shared devices and review active sessions regularly

How We Handle Your Account Data

Your data on loket88 — your name, email, phone number, payment methods, and betting history — is encrypted at rest and in transit. All communication between our app and our servers uses TLS 1.2 encryption, which means your data cannot be intercepted mid-transmission. We store your data on secure servers with restricted access; only authorized staff can view your information, and only when needed for compliance, support, or fraud prevention.

We retain your account data for seven years after you close your account, as required by anti-money-laundering regulations in most jurisdictions. After seven years, we delete it. If you request data deletion before that period, we can anonymize your data (remove your name and contact details) while keeping transaction records for regulatory purposes.

We never sell your personal data to third parties. The only exceptions are:

  • Your payment provider (e-wallet, mobile banking, local payment, etc.) when you deposit or withdraw — they need to verify your identity and process the transaction
  • Law enforcement or regulatory agencies, but only if legally required by a court order or government request
  • Our internal fraud-detection tools, which scan your account for suspicious activity and alert our compliance team if needed

Account Security on Mobile: Special Considerations

Mobile devices present unique security risks because they are portable and often connected to unsecured WiFi networks. On loket88, we minimize these risks by caching minimal sensitive data on your phone — your account balance and recent predictions are stored locally, but your password, SMS codes, and payment methods are never cached.

When using loket88 on public WiFi (at a café in Jakarta, airport in Surabaya, or mall in Bandung), we recommend using biometric or PIN login and avoiding withdrawals. Public WiFi networks are vulnerable to eavesdropping, and while our TLS encryption protects your data in transit, extra caution is prudent. If you must withdraw over public WiFi, ensure you are on a Virtual Private Network (VPN) or wait until you return to a trusted network.

Account Security on loket88: Your Complete Overview

loket88 protects your account through a layered security model: KYC identity verification before withdrawal, two-factor SMS or authenticator app verification on new devices, biometric or PIN login on your phone, and encrypted tokenization of your payment methods. Our compliance team reviews every withdrawal to detect fraud before your funds are sent. Your personal data is encrypted in storage and in transit, and we never share it with third parties except payment providers and legal authorities.

Your part in this security model is equally important. Use a strong, unique password; never share your SMS or authenticator codes; enable biometric login on your mobile app; and regularly review your active sessions. If you detect any suspicious activity — a login from an unfamiliar location, an unauthorized withdrawal attempt, or a phishing email — contact our support team immediately. We can freeze your account, reset your credentials, and investigate the incident.

Whether you access loket88 from Jakarta during Liga 1 season, from Medan during Idul Fitri, or from anywhere else in a supported jurisdiction, your account security travels with you. Our services are available only where local law permits. We encourage you to review our full security policy on our website before creating your account.