IRCTC deactivates 3.02 crore suspicious user IDs in less than 12 months: What triggered this massive clean-up?

Indian Railways is taking some tough actions to curb the menace of suspicious user IDs. As part of this effort, it has deactivated a whopping 3.02 crore suspicious user IDs since January 2025, as stated by Ashwini Vaishnaw, the minister of Information & Broadcasting and Electronics & Information Technology, in Parliament on Thursday (December 11, 2024).

Fraudsters use automated bots and software programmes to create fake profiles to book Tatkal train tickets and resell them at high rates. This creates a problem for genuine ticket seekers who struggle to secure a Tatkal ticket and travel on their intended date.

Here are some additional steps that Railways is taking to combat the issue of suspicious user IDs-

Deploying anti-bot solutions software

Vaishnaw says that his ministry is implimenting anti-bot technologies like AKAMAI to filter out fake users and ensure a hassle-free train ticket booking experience for genuine passengers.

Also Read: 8th Pay Commission from January 1, 2026? Here’s a big update on salary and pension hike as the issue was raised in Parliament

OTP for booking Tatkal tickets online and offline

To tackle the misuse of tatkal bookings, the government has introduced an Aadhaar-based One-Time Password (OTP) verification method for online tatkal ticket booking in a phased manner, the minister said in reply to a question in Lok Sabha. As of December 4, 2015, the OTP method was operational for 322 trains. Thanks to these initiatives, the availability of confirmed tatkal tickets has improved in about 65% of these 322 trains, according to Vaishnaw.

In addition, the Ministry has also introduced an Aadhaar-based OTP system for tatkal bookings at reservation counters. The measures that were introduces in a phased manner, had been implemented in 211 trains as of December 4, 2025.

Complaints filed on portal to identify suspiciously booked PNRs

Vaishnaw says that complaints have been filed on the National Cyber Crime Portal for suspiciously booked PNRs of train ticket.

Use of multiple protective layers

In order to safeguard the Railways’ system from cyber threats, the department is using multiple protective layers such as network firewalls, intrusion prevention systems, application delivery controllers and web applications. The system is hosted in a dedicated data centre with controlled access, secured by CCTV surveillance and end-to-end encryption.

Regular audits of reservation systems

Vaishnaw mentions that regular security audits of the reservation system are conducted by CERT-In-empanelled information security audit agencies.Additionally, internet traffic related to the ticketing system is continuously monitored by CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC) to detect and prevent cyber attacks, according to Vaishnaw.