From Jakarta to Bandung, raja win678.com stays with you where service is offered.

raja win678.com Account Security - Android & iOS Mobile Casino App

A player logs into our raja win678.com platform on their Android phone, places a wager on a Liga 1 fixture, and later requests a withdrawal to their DANA wallet. Before we process that withdrawal, we verify the account holder's identity and confirm the transaction matches their history. This entire flow — from login to payout — is protected by multiple layers of encryption, verification, and fraud detection.

Open an account
raja win678.com featured game showcase

Account Security

Live and
Category
Live Table / Card
RTP
high
high

Our Account Security covers the systems we use to keep your login credentials safe, protect your payment information, prevent unauthorised access, and handle your personal data during KYC verification. We explain how two-factor authentication works, how to reset your password, what happens during deposit and withdrawal review, and how we handle data on both Android and iOS devices.

How we encrypt your login and protect your password

Every time you log into raja win678.com on your Android APK or iOS Safari browser, your username and password travel to our servers over an encrypted HTTPS connection. We do not store passwords in plain text; instead, we hash them using industry-standard cryptographic algorithms. When you enter your password, we hash it and compare it to our stored hash. If they match, we create a secure session token that remains valid for your current login.

Your session token expires when you log out or after a period of inactivity. If someone obtains your password, changing it immediately invalidates all active sessions on your account. You can force a logout of all devices by visiting our Account Settings and selecting "Log out everywhere" — this is useful if you suspect someone has gained access or if you have lost a device.

We strongly recommend choosing a password with at least 12 characters, including uppercase, lowercase, numbers, and symbols. Our platform enforces minimum password strength at registration and during password resets. Avoid passwords that are common words, birthdates, or sequences. Never share your password via email, chat, or phone call — our team will never ask for it.

Secure login flow on raja win678.com showing password encryption and session creation
Your login credentials are encrypted in transit and hashed at rest

Key takeaways

  • HTTPS encryption protects all communication with our servers
  • Passwords are hashed using cryptographic standards
  • Session tokens expire automatically or when you log out
  • You can force logout of all devices if you suspect unauthorised access

Two-factor authentication and biometric login on mobile

We offer optional two-factor authentication (2FA) on our raja win678.com platform. When enabled, logging in requires your password plus a second verification method — either an SMS code sent to your registered phone number or an email code sent to your verified email address. This means even if someone obtains your password, they cannot access your account without also having access to your phone or email.

On Android and iOS, we also support biometric login — fingerprint or face recognition. After your initial login, you can enable biometric authentication in your Account Settings. Subsequent logins on that device use your fingerprint or face instead of your password. If you switch devices, lose your phone, or disable the device, you log in with your password and then re-enable biometric authentication on the new device.

Biometric data (fingerprints, face geometry) never leaves your device. We do not store or transmit biometric information to our servers. Instead, the device confirms your biometric locally and generates a token that your phone sends to us. This keeps your sensitive biometric data private while allowing fast, secure login.

  1. Enable two-factor authentication

    Go to Account Settings > Security and choose SMS or email verification for login attempts.

  2. Set up biometric login

    Navigate to Account Settings > Biometric Login and follow the on-screen prompts to register your fingerprint or face.

  3. Test your 2FA and biometric

    Log out, then log back in using both methods to confirm they work before relying on them.

KYC verification: how we confirm your identity

Before you can withdraw funds from our platform, we perform Know Your Customer (KYC) verification. This involves confirming your legal name, date of birth, national ID number, and address. You upload a photo of your national ID (KTP, driver's license, or passport) and a proof of address (recent utility bill, bank statement, or government letter).

We process KYC verification manually by our compliance team. Your uploads are encrypted and stored securely. We compare your uploaded ID photo to your account profile photo to ensure identity consistency. We also cross-reference your details against public records where available. Verification typically completes within 1-2 hours during business hours, though we process requests 24/7.

Your KYC information is encrypted and never shared with third parties except where required by law. We retain your verified identity for account recovery purposes — if you lose access to your phone or email, we can use your verified identity to help restore your account. We do not sell or market your personal data.

KYC verification process showing ID upload and identity confirmation on mobile
KYC verification happens once; your verified identity enables withdrawals
Note: Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their jurisdiction's applicable law.

Deposit and withdrawal security with DANAe-walletand bank transfers

When you deposit via mobile banking, local payment, online payment, e-wallet, mobile banking, or local payment, your payment app handles the transaction directly. We receive a confirmation from the payment processor; we do not see your payment credentials. Your balance updates instantly. When you use bank transfers via online payment, e-wallet, mobile banking, or local payment, your bank handles the transfer. We receive notification from the bank and verify the amount and sender. This verification window typically lasts 1-2 hours.

Withdrawals follow a different process. You request a payout to your registered payment method. Our system holds your withdrawal for review — we check your account history, recent deposits, and withdrawal frequency to flag suspicious patterns. A real person on our compliance team reviews your request. If everything looks normal, we approve and process the withdrawal. online payment and e-wallet transfers arrive within minutes; bank transfers typically complete by end of business day.

Large withdrawals may trigger additional verification. We may ask you to confirm your withdrawal via SMS code or email link. This prevents someone from initiating unauthorised payouts even if they gain temporary access to your account. We never ask for your password, PIN, or payment credentials during a withdrawal — any request for these is fraudulent.

Fraud detection and anomaly monitoring

Our systems monitor all account activity in real time. We flag unusual patterns like logins from new devices, deposits from new payment sources, rapid multiple login attempts, or unusually large withdrawals. When we detect anomalies, we may require additional verification before proceeding. This might be an SMS code, a re-authentication of your password, or a temporary account lock pending email verification.

If you attempt to log in from a new city or country, we send you an email asking you to confirm the login. You click a link in the email to approve, or you can deny the login and reset your password if it was unauthorised. This protects you from account takeover attempts where an attacker uses your credentials from a different location.

If you notice activity you did not initiate — deposits you did not make, withdrawals to accounts you did not set up, or logins from unfamiliar devices — contact our support team immediately. Report the fraudulent activity with as much detail as possible (date, time, payment method, location). We investigate, reverse fraudulent transactions where possible, and force a password reset to lock the attacker out.

Login verification from new device showing email confirmation flow
New device logins require email verification
Withdrawal review screen showing verification and fraud detection status
Large withdrawals may require additional verification
Account activity log showing login history and transaction timeline
Your activity log shows all logins and transactions for audit

Resetting your password and account recovery

If you forget your password, go to the login screen and tap "Forgot Password". We send a password-reset link to your registered email address. Click the link within 24 hours, and you are taken to a form where you set a new password. You must then log in with the new password on all your devices. Old sessions end automatically.

If you no longer have access to your registered email, contact our support team. We verify your identity using your KYC information and ask you security questions. Once verified, we can help you recover your account by changing your email address, sending a reset link to a new email, or resetting your password directly. This process typically takes 1-2 hours.

If your account is locked due to multiple failed login attempts, we unlock it after 24 hours or you can request an immediate unlock through the "Unlock Account" link on the login screen. We send you an unlock code via email; enter it, and you can try logging in again. If you are locked out repeatedly, we may flag your account for additional verification or temporarily restrict access to prevent brute-force attacks.

Data privacy and retention on Android and iOS

Your personal data — name, email, phone, national ID details, address, and payment information — is encrypted at rest on our servers. We use AES-256 encryption, the same standard used by banks and government agencies. Your data is backed up redundantly across multiple data centres so we never lose your account information due to hardware failure.

We do not sell or share your data with marketers or third-party advertisers. We share data only with financial institutions (banks, payment processors) to process your deposits and withdrawals, and with regulatory authorities when required by law. We retain your account data indefinitely while your account is active, and we securely delete it upon account closure.

On Android and iOS devices, we cache your session token locally so you stay logged in between app launches. We do not cache your password or payment details on your phone. If you lose your phone, your cached session expires after 30 days of inactivity. You can also force a remote logout through your Account Settings > Active Sessions to immediately end the session on any device.

Summary: Account Security at raja win678.com

Our platform protects your account through HTTPS encryption, password hashing, two-factor authentication, and biometric login on mobile. We verify your identity once via KYC during registration, then use that verification for all future withdrawals. Deposits and withdrawals go through fraud-detection systems that flag suspicious patterns and require additional verification when needed.

We monitor account activity 24/7 and alert you to logins from new locations. If you suspect fraud, you can reset your password immediately, and we can help you recover your account if you lose access. Your personal data is encrypted at rest and never shared except with payment processors or as required by law.

Our English-language support team is available via chat and email if you have questions about your account security or need help recovering access. Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their jurisdiction's applicable law.