Train tickets: Over 3 crore suspicious user IDs deactivated, 60,000 crore malicious bots blocked, says Ashwini Vaishnaw
New Delhi, Feb 13
Railways Minister Ashwini Vaishnaw on Friday informed the Parliament that Aadhaar-based authentication, multi-layer cybersecurity, and anti-fraud measures led to the deactivation of 3.03 crore suspicious user IDs in train ticket booking in 2025, ensuring seamless booking for genuine users.
In a reply to a question in the Rajya Sabha, the minister said that 60.43 billion (6,043 crore) on malicious bot requests were blocked in six months (till December 2025), protecting the integrity of the e-ticketing system.
According to the minister, 376 complaints have been lodged on the National Cyber Crime Portal, pertaining to 3.99 lakh suspicious bookings, and 12,819 suspicious email domains have been blocked in 2025.
According to the minister, to curb misuse and improve fairness in Tatkal bookings, Aadhaar-based one-time password (OTP) verification for online Tatkal ticket booking has been introduced.
Aadhaar authentication provides instantaneous verification of user uniqueness, which is critical considering the time-sensitive nature of Tatkal ticket booking.
"Several application-level security controls have been implemented, including CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) mechanism deployed at multiple levels to avoid scripting, Brute-Force Attack and also DDoS (Distributed Denial of Service) attacks," the minister added.
He added that several security measures have also been applied for handling the OWASP (Open Web Application Security Project) for application security vulnerability.
Further, to optimise system performance, Indian Railways has implemented a Content Delivery Network (CDN) to offload static content and reduce direct traffic on the internet ticket booking website system.
The minister said that anti-bot solutions such as AKAMAI are deployed to filter non-genuine users, which helps in mitigating malicious /suspicious attempts on the internet ticket booking website system and ensures smooth booking for genuine passengers.
This helps in checking malicious traffic, he added.
The entire ICT (Infrastructure and Communication Technologies) infrastructure has been deployed in high availability mode to minimise failures. The system is protected by industry-standard state-of-the-art and data centre-grade network and security equipment consisting of network firewalls, network intrusion prevention systems, application delivery controllers and web application firewalls.
— IANS
Reader Comments
While the numbers are impressive, I hope the system doesn't become too cumbersome for senior citizens or those not tech-savvy. My father still finds the IRCTC website confusing. Security is important, but so is user-friendliness.
60,000 crore bot attempts blocked! That's insane. It shows the scale of the problem. These touts and agents were running a parallel industry. Good job by the ministry for taking concrete tech measures. The CDN implementation should speed things up.
As someone who travels frequently for work between Delhi and Mumbai, I've faced the Tatkal rush. If this Aadhaar OTP system works as intended, it will be a game-changer. Fairness should be the priority. Let's see how it performs during the next holiday season.
The tech details are reassuring – firewalls, intrusion prevention, AKAMAI. It's like fortifying a digital fortress. But the real test is on the ground. Will the common man actually get a confirmed ticket now? Hope so! 🤞
A respectful criticism: While blocking bots is great, what about the 3.99 lakh suspicious bookings? Only 376 complaints lodged? The enforcement and legal action against the actual people/agents behind this needs to be equally strong. Deterrence is key.
A