Aadhaar-based authentication, multi-layer cybersecurity lead to deactivation of 3.03 cr suspicious user IDs in 2025: Railways

New Delhi [India], February 13 (ANI): The reservation ticket booking system of Indian Railways has implemented the following measures to prevent auto-filling of forms by hacking tools, curb fraud in Tatkal ticketing bookings through the internet, and safeguard the system from cyberattacks.
According to the Ministry of Railways, to curb misuse and improve fairness in Tatkal bookings, Aadhaar-based One-Time Password (OTP) verification for online Tatkal ticket booking has been introduced.
Under this technique, Aadhaar authentication provides instantaneous verification of user uniqueness, which is critical considering the time-sensitive nature of Tatkal ticket booking.
It helps prevent the creation and operation of fake or unauthorised, agent-controlled, multiple-user accounts by enforcing a uniqueness constraint. This measure serves as an effective safeguard against account proliferation and automated misuse, thereby ensuring a fair allocation of Tatkal tickets. It has contributed to improved ticket availability for genuine passengers and enhanced transparency in the online Tatkal booking system.
Several application-level security controls have been implemented, including a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) mechanism deployed at multiple levels to prevent scripting, Brute-Force Attacks, and DDoS (Distributed Denial of Service) attacks.
Several security measures have also been implemented to address OWASP (Open Web Application Security Project) application security vulnerabilities.
To optimise system performance, Indian Railways has implemented a Content Delivery Network (CDN) to offload static content and reduce direct traffic on its internet ticket-booking website.
Furthermore, Anti-bot solutions, such as Akamai, are deployed to filter non-genuine users, thereby mitigating malicious /suspicious attempts on the internet ticket-booking website and ensuring smooth booking for genuine passengers. This helps in checking malicious traffic.
According to the Ministry of Railways, the entire ICT (Information and Communication Technologies) infrastructure has been deployed in a high-availability mode to minimise failures.
The system is protected by industry-standard, state-of-the-art, data centre-grade network and security equipment, including network firewalls, network intrusion prevention systems, application delivery controllers, and web application firewalls.
The system is also protected from volume-based DDoS (Distributed Denial of Service) attacks with an ISP (Internet Service Provider) layer, DDoS Detection and Mitigation Services through multiple ISPs with aggregated DDoS mitigation capacity of nearly 30 Gbps.
Enterprise-level Content Delivery Network (CDN), anti-bot, secure DNS, and Web Application Firewall (WAF) services, which enhance security, improve customer experience, reduce web traffic load, optimise resources, and mitigate threats, have been deployed.
For comprehensive cyber threat intelligence services, RailTel has been engaged to undertake Deep-Dark Web Monitoring, Digital Risk Protection and improve incident response.
The system is hosted in a captive data centre in Chanakyapuri, New Delhi, with CCTV surveillance and restricted physical access. The facility is ISO 27001 (ISMS) certified.
It is also integrated with CERT-In TSAP (Threat & Situational Awareness Projects) for round-the-clock monitoring of security incidents and events.
The system has been integrated with CERT-In's "Madhu-Sanjal", wherein CERT-In has deployed the honeypot sensor for monitoring the attacker behaviours, suspicious events/intrusion attempts and learning their tactics and improving defence against cyber threats.
The Ministry of Railways stated that the on-premises security team monitors the system's security logs to detect and mitigate security incidents.
Several anti-fraud measures have been implemented to prevent unauthorised access and ensure seamless booking for legitimate users.
According to the Ministry of Railways, approximately 3.03 crore suspicious user IDs were deactivated in 2025.
Regular security audits of the reservation system are conducted by CERT-In-empanelled Information Security Audit Agencies. Moreover, internet traffic related to the ticketing system is continuously monitored by CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC) to detect and prevent cyber attacks.
Additionally, 376 complaints have been lodged on the National Cyber Crime Portal pertaining to 3.99 lakh suspicious bookings. Moreover, 12819 suspicious email domains were blocked in 2025. (ANI)