The reservation ticket booking system of Indian Railways is a robust and highly secure IT platform equipped with industry-standard, state-of-the-art cyber security controls. Indian Railways has taken several measures to enhance performance of reservation system and availability of regular/tatkal tickets. These measures include following:

1. Rigorous revalidation and verification of user accounts have been done. About 3.02 cr suspicious user IDs have been deactivated since January 2025.

2. Anti-bot solutions such as AKAMAI are deployed to filter non-genuine users and ensure smooth booking for legitimate passengers.

3. To curb misuse and improve fairness in tatkal bookings, Aadhaar-based One-Time Password (OTP) verification for online tatkal ticket booking has been introduced in a phased manner. It is already operational in 322 trains as on 04.12.2025. Due to the above steps, the confirmed tatkal ticket availability time has increased in about 65% of the abovementioned 322 trains.

4. Aadhaar-based OTP for tatkal bookings at reservation counters has also been introduced in a phased manner and it is implemented in 211 trains as on 04.12.2025.

5. As a result of these and other measures, the confirmed tatkal ticket availability time has increased in about 95% of the 96 popular trains.

6. Complaints have been filed on the National Cyber Crime Portal for suspiciously booked PNRs.

7. Use of multiple protective layers such as network firewalls, intrusion prevention systems, application delivery controllers and web application firewalls which safeguard the system against cyber threats. The system is hosted in a dedicated, access-controlled Data Centre, secured through CCTV surveillance and end-to-end encryption. The Data Centre is certified under ISO 27001 Information Security Management System (ISMS) standards.

To further strengthen cyber security posture, RailTel Corporation of India Ltd. provides comprehensive cyber threat intelligence services, including take-down services, threat monitoring, deep and dark web surveillance and digital risk protection. These services offer proactive and actionable insights into emerging cyber threats and enable improved incident response.

8. Regular security audits of the reservation system are carried out by CERT-In-empanelled Information Security Audit Agencies.  Moreover, internet   traffic  related   to   the   ticketing    system   is   continuously monitored by CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC) to detect and prevent cyber attacks.

Further, Requests/ suggestions/ representations, both formal and informal, are received from public representatives/organizations/rail users etc. at various levels including Railway Board, Zonal Railways, Divisional Office etc. As receipt of such requests/ suggestions/representation is a continuous and dynamic process, centralized compendium of such requests is not maintained. However, these are examined and action as found feasible and justified is taken from time to time, which is an on-going process.

This information was provided by the Union Minister for Railways, Information & Broadcasting and Electronics & Information Technology, Shri Ashwini Vaishnaw, in a written reply to a question in Lok Sabha.

*****

Dharmendra Tewari/ Dr. Nayan Solanki/ Manik Sharma