New Delhi: Railway e-ticketing security measures led to the deactivation of 3.03 crore suspicious user IDs in 2025, while blocking 60.43 billion malicious bot requests in the last six months of the year.
Union Minister for Railways Shri Ashwini Vaishnaw shared the details in a reply in the Rajya Sabha on February 13. He said Indian Railways has strengthened cyber safeguards to prevent fraud in tatkal bookings and ensure fair access for genuine passengers.
To curb misuse, Railways introduced Aadhaar-based One-Time Password authentication for online tatkal ticket booking. This system verifies user uniqueness instantly and prevents creation of multiple fake or agent-controlled accounts.
Multi-layer cybersecurity and anti-fraud controls
Railway e-ticketing security includes application-level controls such as CAPTCHA, anti-brute force protection and DDoS mitigation systems. Authorities deployed anti-bot solutions like AKAMAI, along with Content Delivery Networks to filter malicious traffic and optimise system performance.
The ICT infrastructure operates in high-availability mode and uses firewalls, intrusion prevention systems and web application firewalls. Railways also engaged RailTel for deep-dark web monitoring and digital risk protection.
The system integrates with CERT-In for round-the-clock monitoring and threat awareness. Additionally, honeypot sensors under “Madhu-Sanjal” track attacker behaviour to improve defences.
Physically, the data centre at Chanakyapuri, New Delhi, remains secured with CCTV surveillance and restricted access. The facility holds ISO 27001 certification.
Administratively, authorities blocked 12,819 suspicious email domains in 2025 and lodged 376 complaints on the National Cyber Crime Portal involving 3.99 lakh suspicious bookings.
Between July and December 2025, Railways faced over 97.53 billion access requests. Of these, 60.43 billion were identified as bot traffic and denied entry. In December alone, 7.25 billion of 14.28 billion requests were bots.
Through layered security architecture and strict verification processes, Railway e-ticketing security continues to safeguard the booking platform and ensure seamless access for legitimate users.
