In a major push for transparency in India’s railway ticketing system, the government has deactivated over 3.03 crore suspicious user IDs in 2025 alone. Railway Minister Ashwini Vaishnaw shared this update in Parliament on Friday, highlighting how advanced security measures are safeguarding genuine passengers.
The minister revealed these figures while responding to a question in the Rajya Sabha. Aadhaar-based authentication, multi-layered cyber defenses, and robust anti-fraud mechanisms have been key to blocking malicious activities. This has ensured seamless booking experiences for real users amid rising online threats.
Over the past six months up to December 2025, the e-ticketing system thwarted a staggering 6,043 crore malicious bot requests. Additionally, 376 complaints related to 3.99 lakh suspicious bookings were logged on the National Cyber Crime Portal. In 2025, authorities blocked 12,819 dubious email domains to curb fraud.
To tackle misuse in Tatkal bookings, Aadhaar-linked one-time password (OTP) verification has been rolled out for online Tatkal tickets. This instant identity check is crucial given the time-sensitive nature of these quotas, preventing scalpers from snapping up seats.
Vaishnaw detailed several application-level security controls, including multi-tier CAPTCHA systems to fend off scripting, brute-force attacks, and DDoS assaults. The Open Web Application Security Project (OWASP) guidelines have been implemented to address vulnerabilities.
Enhancing system performance, Indian Railways deployed a Content Delivery Network (CDN) to offload static content and reduce direct traffic on the booking website. Anti-bot solutions like AKAMAI further filter out illegal users, minimizing malicious attempts and prioritizing legitimate travelers.
These comprehensive steps underscore the government’s commitment to a fair, secure, and efficient ticketing ecosystem, benefiting millions of daily commuters across the nation.