How byd99 Protects Your Account
Account security on byd99 operates at multiple levels. First, we use SSL encryption (Transport Layer Security, or TLS 1.2+) for all communications between your device and our servers. This means every character you type—your password, your payment details, your betting selections—is encrypted in transit. Even if someone intercepts the data stream, they cannot read it without the encryption key.
Second, we hash and salt your password using industry-standard algorithms. Your actual password is never stored on our servers. Instead, we store a cryptographic hash—a mathematical fingerprint of your password. When you log in, we hash what you type and compare it to the stored hash. If they match, you are authenticated. If a breach were to occur and someone obtained our password database, they would have hashes, not passwords, and could not use them to access accounts.
Third, we enforce Know Your Customer (KYC) verification before you can withdraw funds. During account creation, you provide identification documents (national ID, passport, or similar). Our system verifies these documents and confirms you are who you claim to be. This prevents account takeover fraud and money laundering. It also protects you: if someone tries to withdraw your winnings to a different bank account, the withdrawal is blocked because the receiving account must match your verified identity.
Creating a Secure Password
Your password is your key to your byd99 account. If someone gains access to your password, they can log in, place bets, and withdraw your winnings. byd99 enforces a minimum password requirement: at least 8 characters, mixing uppercase, lowercase, numbers, and symbols. However, the stronger your password, the better your protection. A good strategy is to create a passphrase—a combination of unrelated words or a memorable sentence using initials and numbers. For example: "MyDog2024Loves$Roulette" is stronger than "Password123."
Never reuse a password from other platforms. If you use the same password for byd99, your email, your banking app, and a social network, a breach on any one platform could compromise all of them. Use a password manager (such as Bitwarden, 1Password, or similar) to generate and store unique, strong passwords for each account. Password managers are encrypted and far safer than writing passwords on paper or storing them in phone notes.
Two-Factor Authentication (2FA)
Two-factor authentication adds a second security layer to your byd99 account. After you enter your password, the system sends a code to your registered email or phone number. You must enter that code to complete login. This means even if someone knows your password, they cannot access your account without that second code. We recommend enabling 2FA on your byd99 account as soon as you register.
On byd99, 2FA codes are delivered via email or SMS, and they expire after a few minutes. Use them immediately. Do not share 2FA codes with anyone, even byd99 support staff. Our team will never ask for your 2FA code.
- Phishing
- Fraudulent emails or websites that mimic byd99 to steal your login credentials. Always verify the sender's email address and check the URL in your browser's address bar. byd99 emails come from official domains only.
- Man-in-the-middle (MITM)
- An attacker intercepts unencrypted traffic between you and byd99. SSL encryption prevents this. Always use HTTPS (look for the padlock icon in your browser) when accessing byd99.
- Session hijacking
- An attacker steals your active session token and logs in as you. byd99 sessions expire after inactivity and cannot be reused. Log out when finished, especially on shared devices.
Payment Method Security
When you add a payment method to byd99—DANA, e-wallet, mobile banking, local payment, online payment, or a bank account (e-wallet, mobile banking, local payment, online payment)—that information is encrypted and stored securely. byd99 does not store your full card number or bank account credentials. Instead, we use tokenization: a unique, encrypted token represents your payment method, and only that token is stored on our servers. When you deposit or withdraw, we use the token to instruct the payment processor, not the actual account details.
Deposits on byd99 are instant because we partner with established payment processors (e-wallet, mobile banking, etc.) who handle encryption and fraud detection. When you initiate a deposit, you are redirected to the payment provider's secure page. You complete the transaction there, and the provider confirms to byd99 that the transfer succeeded. At no point does byd99 directly access your payment account or credentials.
For withdrawals, funds flow to the payment method you verified during KYC. If you registered with a local payment account, withdrawals only go to that online payment account. You cannot withdraw to a different account or to someone else's wallet. This safeguard prevents theft; even if an attacker gains access to your account, they cannot redirect your winnings elsewhere.
Your security is our security. A breach on byd99 damages us as much as it harms you.
Recognizing and Avoiding Phishing
Phishing is the most common attack on gaming platforms. A scammer sends an email that looks like it comes from byd99, saying "Your account has been locked" or "Verify your payment method now" or "Claim your bonus," with a link. The link goes to a fake website that looks like byd99 but is actually under the attacker's control. You enter your credentials, and the attacker captures them. This is how accounts are compromised.
To avoid phishing, check the sender's email address. byd99 only sends emails from official domains (such as @byd99.app or an authorized partner domain). If the sender claims to be byd99 but the email address looks odd, it is probably phishing. Hover over links to see where they really go. If the URL does not match byd99's official domain, do not click it. Go directly to byd99 by typing the URL in your browser rather than clicking email links. If you receive a suspicious email claiming to be from byd99, forward it to our support team; we can investigate.
byd99 staff will never ask you for your password, 2FA code, or full payment details via email or chat. If someone claiming to represent us asks for these, it is a scam. Report it to our support team immediately.
Security Practices
- Use a unique, strong password for byd99
- Enable two-factor authentication (2FA)
- Log out after each session, especially on shared devices
- Verify email addresses and URLs before clicking links
- Keep your device and browser software updated
What Not to Do
- Never share your password or 2FA code
- Do not click email links; go directly to byd99 instead
- Do not use public Wi-Fi to access sensitive account functions
- Do not reuse passwords across multiple accounts
What to Do If You Suspect Unauthorized Access
If you notice unusual activity on your byd99 account—bets you did not place, withdrawals to an unfamiliar payment method, or your login from a location you do not recognize—take action immediately. First, change your password. Go to your account settings and set a new, unique password. This logs out all active sessions, including the attacker's. Second, check your 2FA settings; if the attacker changed them, reset them to your personal email or phone. Third, contact our support team through in-app chat or email and describe the suspicious activity.
Our support team can review your transaction history, identify fraudulent activity, and investigate. If funds were stolen, we can work with you and our payment processors to attempt recovery. While we cannot guarantee recovery in every case, unauthorized transactions are treated seriously and investigated thoroughly. Do not delay reporting; the faster we respond, the better our chances of preventing further damage.
If your identity is compromised—for example, someone uses your documents to open a byd99 account on another email—report it to us and to local authorities. We will investigate and take action to protect our platform and other users.
