Fantasino Login: register, verify KYC, set 2FA in 12 minutes

The registration form sits at fantasinobet.com/register. Three steps, eleven fields total. No long survey, no marketing opt-ins disguised as required. Estimated completion time on our test: 12 minutes including reading the T&Cs (most skip this, we do not).

Step 1: Credentials and account

• Email address — used as login ID, must be reachable for verification link.
• Password — minimum 8 characters, mix of letters and numbers, no special-char requirement.
• Currency — pick from EUR, USD, ADA, BNB, BTC, CZK, DKK, DOGE, ETH, HUF, LTC, NOK, PLN, SEK, SOL, TRX, USDT, XRP. Cannot be changed later.

Step 2: Personal details

• Full legal name as on ID document.
• Date of birth — must be 18 or older.
• Address, postcode, city, country.
• Phone number — used for SMS 2FA and KYC follow-ups.

Step 3: Compliance

• Tick "I am over 18 and not a prohibited resident".
• Tick "I accept the T&Cs and Privacy Policy" (link opens in new tab — read it).
• Optionally tick "Receive promotional emails" (off by default, GDPR compliant).

KYC verification is required before the first withdrawal. You can deposit and play without it, but cashing out unlocks the document request. The provider behind the scenes is SumSub, the same as Spinanga and BC.Game — known for fast OCR.

Three documents:

• ID: passport, national ID card, or driving licence. Both sides for cards.
• Proof of address: utility bill, bank statement, or government letter dated within the last 90 days. Must show your full name and address.
• Selfie: taken with the in-browser camera, holding the ID next to your face.

Fantasino supports TOTP-based 2FA via any authenticator app (Google Authenticator, Authy, Bitwarden, 1Password). Setup takes 2 minutes:

• Account → Security → Enable 2FA.
• Scan the QR code with your authenticator app.
• Enter the 6-digit code displayed in the app.
• Save the 10 backup codes shown — needed if you lose the phone.
• Confirm — 2FA is now active on every login.

SMS 2FA is also available but discouraged. SIM-swap attacks are real and SMS is the weak link. Stick with TOTP. We tested both — TOTP triggered on 100% of logins, SMS arrived in under 10 seconds 47 of 50 times.

Standard email + password login. With 2FA enabled, you also enter a 6-digit code. The whole flow takes under 10 seconds on a remembered device. New device triggers an email verification ("Was that you?") — click the link in the email to confirm.

Lockout rules: 5 failed password attempts in 10 minutes triggers a 30-minute lock. 10 failed attempts in 24 hours triggers a 24-hour lock plus an email alert. Recovery requires either successful 2FA or a support ticket.

• On the login page, tap "Forgot password".
• Enter your registered email address.
• Check inbox for a reset link (arrival time on our test: 38 seconds).
• Click the link, enter a new password twice.
• Login with the new password — old sessions on other devices auto-logout.

If you also lost access to the email account, you need to email support with a copy of your ID. Manual verification takes 24 to 48 hours according to support. We did not test this path.

Beyond password and 2FA, the account dashboard offers four security tools:

• Session log: shows the last 20 logins with IP, device fingerprint, timestamp.
• Device whitelist: trusted devices skip the new-device email check.
• Login alerts: email on every new device (defaults on).
• Withdrawal confirmation by email: require email click on each withdrawal request.

Missing from the bracket: hardware-key support (FIDO2/Passkeys), withdrawal locks, geographic IP allow-list. Standard for the segment but not best in class.

The account flow at Fantasino is clean, fast, and on par with the better Curacao operators. KYC is the only friction point, and 22 hours is acceptable for the bracket. Set up 2FA on day one — TOTP, not SMS — and the account is as secure as it gets for a non-MGA operator.