In the digital rush for a seat on steel tracks, invisible crowds now outnumber the real.
Billions Blocked, Bots Thwarted
Indian Railways denied access to over 60 billion attempts to its e-ticketing system out of 97.53 billion requests received in the last six months of 2025, allowing only 37.1 billion genuine booking attempts to proceed. The remaining requests were identified as bots and blocked.
The heaviest surge came in October 2025, a peak festive month, when 24.04 billion access attempts were recorded. Of these, nearly 17 billion were flagged as bot-generated and denied entry.
Railway Minister Ashwini Vaishnaw, in a written reply to the Upper House of Parliament, said multiple anti-fraud mechanisms have been deployed to prevent unauthorised access and ensure seamless booking for legitimate users.
Official data shows that in July 2025, 9.06 billion access requests were made, with 5.03 billion identified as bots. In August, 11.04 billion attempts were recorded, of which 5.07 billion were bots. September saw 19.04 billion requests, including 12.5 billion bot attempts. In November, 14.03 billion of 20.07 billion requests were blocked as bots, while December recorded 14.28 billion total attempts, 7.25 billion of which were automated.
Fortifying the Digital Gate
To counter fraudulent activity, the Railways blocked 12,819 suspicious email domains and lodged 376 complaints on the National Cyber Portal related to 3.99 lakh suspicious bookings in 2025. Continuous revalidation efforts led to the deactivation of over 3.03 crore suspicious user IDs during the year.
“The use of multiple protective layers, such as network firewalls, intrusion prevention systems, application delivery controls and web application firewall to safeguard the system against cyber threats are being used by the railway,” the Minister said.
To further protect genuine passengers, Aadhaar authentication has been made mandatory for Tatkal bookings. Vaishnaw added, “It helps in preventing the creation and operation of fake or unauthorised agent-controlled multiple user accounts by imposing a uniqueness constraint. This measure also acts as an effective safeguard against account multiplication and automated misuse, thereby ensuring fair allocation of Tatkal tickets”.
As travellers race for tickets, the Railways fights a quieter battle—guarding the gateway so real journeys can begin.
Summary
Indian Railways blocked over 60 billion bot-driven access attempts out of 97.53 billion e-ticketing requests in late 2025. October saw the highest surge, largely due to festive demand. Anti-fraud measures included domain blocking, cyber complaints, deactivating 3.03 crore IDs, and mandating Aadhaar authentication for Tatkal bookings to ensure fairness and system security.
