New Delhi: Train ticket booking, especially Tatkal or premium Tatkal category, may not be possible if users try to make online reservation through Virtual Private Servers (VPS).
After continuous monitoring to trace the use of illegal software for buying tickets online, the ministry has found that most of the brokers are using VPS to hide the Internet Protocol (IP) address for booking rail tickets, thereby It becomes difficult to track their native places. Therefore, the Ministry of Railways has asked the Indian Railway Catering and Tourism Corporation (IRCTC), the Ministry-owned rail ticket booking website and the Center for Railway Information Systems (CRIS) to specifically block the traffic coming through VPS from a special web service. has been suggested. Which pins Mumbai as the default IP address location to prevent brokerage activities.
CRIS designs, develops, implements and maintains most of the critical information systems of Indian Railways.
In addition to blocking foreign IP addresses, implementation of improved algorithms for implementing CAPTCHA (response test used to determine whether the user is human), disabling copy and paste option on IRCTC’s webpage To stop auto-filling of One Time Password (OTP) and limiting the time limit for filling passenger details are other recommendations to upgrade the portal sent in this first week.
The suggestion note sent to both the agencies further states that answers to security questions should not be predictable or answered by automation tools.
“Regular passengers/agents do not use VPS for booking. So blocking the traffic coming from VPS can restrict most brokerage activities… even developers are trying to integrate captcha solver into automation software. It is therefore requested to implement better algorithms for implementing CAPTCHA for effective working,” the note reads.
These suggestions have also been sent to the Computerization and Information System (C&IS) Division of Railways.
Ticket booking by illegal agents or touts has been a major issue for a long time and the Ministry keeps on taking measures to prevent such activities which also lead to financial loss. It had also deployed several checks to reduce them. An official said that the Railway Protection Force (RFP) conducts regular campaigns to look into the issue.
“Invalid Tatkal software developers have found ways to auto fill such OTPs by developing OTP reader applications that will read OTPs in mobile and communicate with the software and extensions installed in the computer, enabling faster submission of OTPs. It is therefore requested to restrict copy and paste option in IRCTC website and Android application…