New Delhi, Feb 13 Railways Minister Ashwini Vaishnaw on Friday informed the Parliament that Aadhaar-based authentication, multi-layer cybersecurity, and anti-fraud measures led to the deactivation of 3.03 crore suspicious user IDs in train ticket booking in 2025, ensuring seamless booking for genuine users.
In a reply to a question in the Rajya Sabha, the minister said that 60.43 billion (6,043 crore) on malicious bot requests were blocked in six months (till December 2025), protecting the integrity of the e-ticketing system.
According to the minister, 376 complaints have been lodged on the National Cyber Crime Portal, pertaining to 3.99 lakh suspicious bookings, and 12,819 suspicious email domains have been blocked in 2025.
According to the minister, to curb misuse and improve fairness in Tatkal bookings, Aadhaar-based one-time password (OTP) verification for online Tatkal ticket booking has been introduced.
Aadhaar authentication provides instantaneous verification of user uniqueness, which is critical considering the time-sensitive nature of Tatkal ticket booking.
"Several application-level security controls have been implemented, including CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) mechanism deployed at multiple levels to avoid scripting, Brute-Force Attack and also DDoS (Distributed Denial of Service) attacks," the minister added.
He added that several security measures have also been applied for handling the OWASP (Open Web Application Security Project) for application security vulnerability.
Further, to optimise system performance, Indian Railways has implemented a Content Delivery Network (CDN) to offload static content and reduce direct traffic on the internet ticket booking website system.
The minister said that anti-bot solutions such as AKAMAI are deployed to filter non-genuine users, which helps in mitigating malicious /suspicious attempts on the internet ticket booking website system and ensures smooth booking for genuine passengers.
This helps in checking malicious traffic, he added.
The entire ICT (Infrastructure and Communication Technologies) infrastructure has been deployed in high availability mode to minimise failures. The system is protected by industry-standard state-of-the-art and data centre-grade network and security equipment consisting of network firewalls, network intrusion prevention systems, application delivery controllers and web application firewalls.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor