Indian Railways has strengthened its ticket reservation system with multiple cybersecurity upgrades and new verification measures aimed at curbing misuse and improving access to genuine passengers. According to information shared by Railway Minister Ashwini Vaishnaw in the Lok Sabha on Thursday, the reservation platform now operates with enhanced security protocols, stricter user verification and expanded Aadhaar-based systems for Tatkal booking.
Since January 2025, Indian Railways has deactivated about 3.02 crore suspicious user IDs following extensive revalidation of accounts. To prevent automated or illegal ticket bookings, anti-bot solutions such as AKAMAI have been deployed, helping filter out non-genuine users and improve booking access for regular passengers.
To check misuse in Tatkal bookings, Aadhaar-based one-time password (OTP) verification has been introduced in phases. The system is already operational in 322 trains for online Tatkal bookings and in 211 trains at reservation counters. As a result, confirmed Tatkal ticket availability time has increased significantly – by about 65% in the 322 trains using online OTP verification and by 95% in 96 popular trains, reflecting the impact of the wider security measures.
Railways has also filed complaints on the National Cyber Crime Portal regarding suspiciously booked PNRs.
The ticketing system’s cybersecurity framework is supported by multiple protective layers including network firewalls, intrusion prevention systems, and web application firewalls. The reservation system is hosted at a dedicated, access-controlled data centre secured through CCTV surveillance and end-to-end encryption. The data centre is certified under IS0 27001 standards.
To enhance threat monitoring, RailTel Corporation of India Ltd. provides cyber threat intelligence services such as deep and dark web surveillance, digital risk protection and takedown support. Regular audits of the reservation platform are carried out by CERT-In – empanelled agencies, while CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC) continuously monitor ticketing-related internet traffic.
The Minister added that suggestions and requests from passengers and public representatives are regularly reviewed at various levels of the Railways system, and appropriate action is taken as part of an ongoing process.
