New Delhi, Dec 11: To curb misuse and improve fairness, Aadhaar-based OTP verification for online Tatkal ticket booking is now operational in 322 trains, and due to this, the confirmed Tatkal ticket availability time has increased by about 65 per cent in these trains, the Parliament was informed on Thursday.
Aadhaar-based OTP for Tatkal bookings at reservation counters has also been introduced in a phased manner, now implemented in 211 trains (as of December 4). As a result, the confirmed Tatkal ticket availability time has increased in about 95 per cent of the 96 popular trains, Railways Minister Ashwini Vaishnaw told the Lok Sabha in a written reply to a question.
The minister also informed that rigorous revalidation and verification of user accounts have been done.
“About 3.02 crore suspicious user IDs have been deactivated since January 2025. Anti-bot solutions such as AKAMAI are deployed to filter non-genuine users and ensure smooth booking for legitimate passengers,” he mentioned.
Complaints have also been filed on the National Cyber Crime Portal for suspiciously booked PNRs, the minister added.
Vaishnaw informed about the use of multiple protective layers such as network firewalls, intrusion prevention systems, application delivery controllers and web application firewalls, which safeguard the system against cyber threats.
The system is hosted in a dedicated, access-controlled data centre, secured through CCTV surveillance and end-to-end encryption. The data centre is certified under ISO 27001 Information Security Management System (ISMS) standards.
“To further strengthen its cyber security posture, RailTel Corporation of India Ltd. provides comprehensive cyber threat intelligence services, including take-down services, threat monitoring, deep and dark web surveillance and digital risk protection. These services offer proactive and actionable insights into emerging cyber threats and enable improved incident response,” said the minister.
Regular security audits of the reservation system are also carried out by CERT-In-empanelled Information Security Audit Agencies.
Moreover, internet traffic related to the ticketing system is continuously monitored by CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC) to detect and prevent cyberattacks.
